SecBSD/src
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

sync with OpenBSD -current

Browse source
This commit is contained in:
purplerain 2023-11-20 02:38:22 +00:00
parent a7acbdeab0
commit c22b8a6120
Signed by: purplerain
GPG key ID: F42C07F07E2E35B7
202 changed files with 3004 additions and 4921 deletions
Download patch file Download diff file Expand all files Collapse all files

33
lib/libcrypto/man/ASN1_TIME_set.3
View file

@ -1,4 +1,4 @@
.\" $OpenBSD: ASN1_TIME_set.3,v 1.20 2023/11/13 12:46:07 beck Exp $
.\" $OpenBSD: ASN1_TIME_set.3,v 1.21 2023/11/16 14:20:49 tb Exp $
.\" full merge up to: OpenSSL 3d0f1cb9 Jul 11 03:01:24 2017 +0800
.\" selective merge up to: OpenSSL 24a535ea Sep 22 13:14:20 2020 +0100
.\"
@ -68,7 +68,7 @@
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
.\" OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.Dd $Mdocdate: November 13 2023 $
.Dd $Mdocdate: November 16 2023 $
.Dt ASN1_TIME_SET 3
.Os
.Sh NAME
@ -94,9 +94,9 @@
.Nm ASN1_TIME_cmp_time_t ,
.Nm ASN1_UTCTIME_cmp_time_t ,
.Nm ASN1_TIME_compare ,
.Nm ASN1_TIME_to_generalizedtime
.Nm OPENSSL_gmtime,
.Nm OPENSSL_timegm,
.Nm ASN1_TIME_to_generalizedtime ,
.Nm OPENSSL_gmtime ,
.Nm OPENSSL_timegm
.Nd ASN.1 Time functions
.Sh SYNOPSIS
.In openssl/asn1.h
@ -516,6 +516,19 @@ and
functions act only on that specific time format, while the
.Vt ASN1_TIME
functions operate on either format.
.Pp
.Fn OPENSSL_gmtime
converts a time_t value in
.Fa time
to a struct tm in
.Fa out_tm
and also returns the struct passed in on success.
.Pp
.Fn OPENSSL_timegm
converts a time structure in UTC time in
.Fa tm
to a time_t value in
.Fa out_time .
.Sh RETURN VALUES
.Fn ASN1_TIME_set ,
.Fn ASN1_UTCTIME_set ,
@ -576,21 +589,11 @@ is later than
or \-2 on error.
.Pp
.Fn OPENSSL_timegm
converts a time structure in UTC time in
.Fa tm
to a time_t value in
.Fa out_time
.Fn OPENSSL_timegm
returns 1 for success or 0 for failure.
It can fail if the time is not representable in a time_t,
or falls outside the range allowed in RFC 5280 times.
.Pp
.Fn OPENSSL_gmtime
converts a time_t value in
.Fa time
to a struct tm in
.Fa out_tm
.Fn OPENSSL_gmtime
returns
.Fa out_tm
on success or NULL for failure.

9
lib/libcrypto/man/BIO_ctrl.3
View file

@ -1,4 +1,4 @@
.\" $OpenBSD: BIO_ctrl.3,v 1.24 2023/07/26 20:01:04 tb Exp $
.\" $OpenBSD: BIO_ctrl.3,v 1.25 2023/11/16 20:19:23 schwarze Exp $
.\" full merge up to: OpenSSL 24a535eaf Tue Sep 22 13:14:20 2020 +0100
.\" selective merge up to: OpenSSL 0c5bc96f Tue Mar 15 13:57:22 2022 +0000
.\"
@ -66,7 +66,7 @@
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
.\" OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.Dd $Mdocdate: July 26 2023 $
.Dd $Mdocdate: November 16 2023 $
.Dt BIO_CTRL 3
.Os
.Sh NAME
@ -307,11 +307,6 @@ and
return a
.Vt size_t
type and are functions.
.Fn BIO_pending
and
.Fn BIO_wpending
are macros which call
.Fn BIO_ctrl .
.Pp
.Fn BIO_set_info_callback
installs the function pointer

15
lib/libcrypto/man/BIO_get_data.3
View file

@ -1,4 +1,4 @@
.\" $OpenBSD: BIO_get_data.3,v 1.7 2022/12/19 14:40:14 schwarze Exp $
.\" $OpenBSD: BIO_get_data.3,v 1.8 2023/11/16 20:27:43 schwarze Exp $
.\" full merge up to: OpenSSL 24a535ea Sep 22 13:14:20 2020 +0100
.\"
.\" This file is a derived work.
@ -65,7 +65,7 @@
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
.\" OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.Dd $Mdocdate: December 19 2022 $
.Dd $Mdocdate: November 16 2023 $
.Dt BIO_GET_DATA 3
.Os
.Sh NAME
@ -204,7 +204,7 @@ Application programs usually call macros like those documented in
rather than calling
.Fn BIO_test_flags
directly.
Flag bits correspond to accessor functions as follows:
Flag bits correspond to accessor macros as follows:
.Pp
.Bl -tag -width BIO_FLAGS_SHOULD_RETRY -compact
.It Dv BIO_FLAGS_READ
@ -319,6 +319,15 @@ object, call
and
.Xr BIO_get_close 3
instead.
.Pp
.Fn BIO_get_flags ,
.Fn BIO_set_retry_read ,
.Fn BIO_set_retry_write ,
.Fn BIO_set_retry_special ,
.Fn BIO_clear_retry_flags ,
and
.Fn BIO_get_retry_flags
are implemented as macros.
.Sh RETURN VALUES
.Fn BIO_get_data
returns a pointer to the implementation specific custom data associated

17
lib/libcrypto/man/BIO_get_ex_new_index.3
View file

@ -1,4 +1,4 @@
.\" $OpenBSD: BIO_get_ex_new_index.3,v 1.14 2023/07/21 04:39:49 tb Exp $
.\" $OpenBSD: BIO_get_ex_new_index.3,v 1.17 2023/11/19 10:26:36 tb Exp $
.\" full merge up to: OpenSSL 61f805c1 Jan 16 01:01:46 2018 +0800
.\"
.\" This file was written by Rich Salz <rsalz@akamai.com>.
@ -48,7 +48,7 @@
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
.\" OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.Dd $Mdocdate: July 21 2023 $
.Dd $Mdocdate: November 19 2023 $
.Dt BIO_GET_EX_NEW_INDEX 3
.Os
.Sh NAME
@ -57,9 +57,6 @@
.Nm BIO_get_ex_data ,
.Nm BIO_set_app_data ,
.Nm BIO_get_app_data ,
.Nm ENGINE_get_ex_new_index ,
.Nm ENGINE_set_ex_data ,
.Nm ENGINE_get_ex_data ,
.Nm UI_get_ex_new_index ,
.Nm UI_set_ex_data ,
.Nm UI_get_ex_data ,
@ -72,7 +69,6 @@
.Nd application-specific data
.Sh SYNOPSIS
.In openssl/bio.h
.In openssl/engine.h
.In openssl/ui.h
.In openssl/x509.h
.In openssl/ec.h
@ -126,21 +122,21 @@ with the correct index value.
.Fn TYPE_set_ex_data
is a function that calls
.Xr CRYPTO_set_ex_data 3
with an offset into the opaque exdata part of the
with an offset into the opaque ex_data part of the
.Vt TYPE
object.
.Pp
.Fn TYPE_get_ex_data
is a function that calls
.Xr CRYPTO_get_ex_data 3
with an offset into the opaque exdata part of the
with an offset into the opaque ex_data part of the
.Vt TYPE
object.
.Pp
.Fn TYPE_set_app_data
and
.Fn TYPE_get_app_data
are deprecated wrappers that call
are deprecated wrapper macros that call
.Fn TYPE_set_ex_data
and
.Fn TYPE_get_ex_data
@ -187,9 +183,6 @@ and
first appeared in OpenSSL 0.9.5 and have been available since
.Ox 2.7 .
.Pp
.Fn ENGINE_get_ex_new_index ,
.Fn ENGINE_set_ex_data ,
.Fn ENGINE_get_ex_data ,
.Fn UI_get_ex_new_index ,
.Fn UI_set_ex_data ,
and

6
lib/libcrypto/man/BIO_s_fd.3
View file

@ -1,4 +1,4 @@
.\" $OpenBSD: BIO_s_fd.3,v 1.12 2023/04/29 12:04:54 schwarze Exp $
.\" $OpenBSD: BIO_s_fd.3,v 1.13 2023/11/16 20:19:23 schwarze Exp $
.\" full merge up to: OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400
.\"
.\" This file is a derived work.
@ -65,7 +65,7 @@
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
.\" OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.Dd $Mdocdate: April 29 2023 $
.Dd $Mdocdate: November 16 2023 $
.Dt BIO_S_FD 3
.Os
.Sh NAME
@ -147,7 +147,6 @@ to
.Fa fd
and the close flag to
.Fa close_flag .
It is currently implemented as a macro.
.Pp
.Fn BIO_get_fd
places the file descriptor in
@ -155,7 +154,6 @@ places the file descriptor in
if it is not
.Dv NULL
and also returns the file descriptor.
It is currently implemented as a macro.
.Pp
.Fn BIO_new_fd
returns a file descriptor BIO using

10
lib/libcrypto/man/BIO_s_file.3
View file

@ -1,4 +1,4 @@
.\" $OpenBSD: BIO_s_file.3,v 1.16 2023/05/01 07:04:38 jsg Exp $
.\" $OpenBSD: BIO_s_file.3,v 1.17 2023/11/16 20:19:23 schwarze Exp $
.\" full merge up to: OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400
.\" selective merge up to: OpenSSL 1212818e Sep 11 13:22:14 2018 +0100
.\"
@ -66,7 +66,7 @@
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
.\" OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.Dd $Mdocdate: May 1 2023 $
.Dd $Mdocdate: November 16 2023 $
.Dt BIO_S_FILE 3
.Os
.Sh NAME
@ -196,14 +196,12 @@ sets the file pointer of a file BIO to
.Fa flags
has the same meaning as in
.Fn BIO_new_fp .
.Fn BIO_set_fp
is a macro.
.Pp
.Fn BIO_get_fp
retrieves the file pointer of a file BIO, it is a macro.
retrieves the file pointer of a file BIO.
.Pp
.Xr BIO_seek 3
is a macro that sets the position pointer to
sets the position pointer to
.Fa offset
bytes from the start of file.
.Pp

8
lib/libcrypto/man/BIO_s_mem.3
View file

@ -1,4 +1,4 @@
.\" $OpenBSD: BIO_s_mem.3,v 1.18 2023/04/29 12:04:54 schwarze Exp $
.\" $OpenBSD: BIO_s_mem.3,v 1.19 2023/11/16 20:19:23 schwarze Exp $
.\" full merge up to: OpenSSL 8711efb4 Mon Apr 20 11:33:12 2009 +0000
.\" selective merge up to: OpenSSL 36359cec Mar 7 14:37:23 2018 +0100
.\"
@ -49,7 +49,7 @@
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
.\" OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.Dd $Mdocdate: April 29 2023 $
.Dd $Mdocdate: November 16 2023 $
.Dt BIO_S_MEM 3
.Os
.Sh NAME
@ -158,7 +158,6 @@ sets
.Pf * Fa pp
to a pointer to the start of the memory BIO's data
and returns the total amount of data available.
It is implemented as a macro.
.Pp
.Fn BIO_set_mem_buf
sets the internal BUF_MEM structure to
@ -171,15 +170,12 @@ should be either
.Dv BIO_CLOSE
or
.Dv BIO_NOCLOSE .
.Fn BIO_set_mem_buf
is a macro.
.Pp
.Fn BIO_get_mem_ptr
places the underlying
.Vt BUF_MEM
structure in
.Pf * Fa pp .
It is a macro.
.Pp
.Fn BIO_new_mem_buf
creates a memory BIO using

14
lib/libcrypto/man/CONF_modules_load_file.3
View file

@ -1,4 +1,4 @@
.\" $OpenBSD: CONF_modules_load_file.3,v 1.11 2023/07/21 10:46:54 tb Exp $
.\" $OpenBSD: CONF_modules_load_file.3,v 1.14 2023/11/19 20:58:07 tb Exp $
.\" full merge up to: e9b77246 Jan 20 19:58:49 2017 +0100
.\" selective merge up to: d090fc00 Feb 26 13:11:10 2019 +0800
.\"
@ -66,7 +66,7 @@
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
.\" OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.Dd $Mdocdate: July 21 2023 $
.Dd $Mdocdate: November 19 2023 $
.Dt CONF_MODULES_LOAD_FILE 3
.Os
.Sh NAME
@ -222,7 +222,6 @@ Load custom configuration file and section instead of the standard one,
only print warnings on error, missing configuration file ignored:
.Bd -literal
OPENSSL_no_config();
ENGINE_load_builtin_engines();
OPENSSL_load_builtin_modules();
if (CONF_modules_load_file("/something/app.cnf", "myapp",
CONF_MFLAGS_IGNORE_MISSING_FILE) <= 0) {
@ -234,12 +233,10 @@ if (CONF_modules_load_file("/something/app.cnf", "myapp",
In the previous example, the call to
.Xr OPENSSL_no_config 3
is required first to suppress automatic loading
of the standard configuration file, and the calls to
.Xr ENGINE_load_builtin_engines 3
and
of the standard configuration file, and the call to
.Xr OPENSSL_load_builtin_modules 3
are needed so that the configuration of builtin modules and engines
is also loaded in addition to the configuration of
is needed so that the configuration of builtin modules
is loaded in addition to the configuration of
.Qq myapp .
.Pp
Load and parse configuration file manually, custom error handling:
@ -270,7 +267,6 @@ if (fp == NULL) {
.Ed
.Sh SEE ALSO
.Xr CONF_modules_free 3 ,
.Xr ENGINE_load_builtin_engines 3 ,
.Xr ERR 3 ,
.Xr OPENSSL_config 3 ,
.Xr OPENSSL_load_builtin_modules 3

14
lib/libcrypto/man/DES_set_key.3
View file

@ -1,4 +1,4 @@
.\" $OpenBSD: DES_set_key.3,v 1.15 2022/03/31 17:27:16 naddy Exp $
.\" $OpenBSD: DES_set_key.3,v 1.16 2023/11/16 20:27:43 schwarze Exp $
.\" full merge up to:
.\" OpenSSL man3/DES_random_key 521738e9 Oct 5 14:58:30 2018 -0400
.\"
@ -115,7 +115,7 @@
.\" copied and put under another distribution licence
.\" [including the GNU Public Licence.]
.\"
.Dd $Mdocdate: March 31 2022 $
.Dd $Mdocdate: November 16 2023 $
.Dt DES_SET_KEY 3
.Os
.Sh NAME
@ -599,10 +599,11 @@ then update ivec and num.
num contains "how far" we are though ivec.
If this does not make much sense, read more about CFB mode of DES.
.Pp
The
.Fn DES_ede3_cfb64_encrypt
and
function and the
.Fn DES_ede2_cfb64_encrypt
is the same as
macro are the same as
.Fn DES_cfb64_encrypt
except that Triple-DES is used.
.Pp
@ -625,10 +626,11 @@ is the same as
.Fn DES_cfb64_encrypt
using Output Feed Back mode.
.Pp
The
.Fn DES_ede3_ofb64_encrypt
and
function and the
.Fn DES_ede2_ofb64_encrypt
is the same as
macro are the same as
.Fn DES_ofb64_encrypt ,
using Triple-DES.
.Pp

40
lib/libcrypto/man/DH_set_method.3
View file

@ -1,4 +1,4 @@
.\" $OpenBSD: DH_set_method.3,v 1.8 2022/01/15 23:38:50 jsg Exp $
.\" $OpenBSD: DH_set_method.3,v 1.9 2023/11/19 10:34:26 tb Exp $
.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
.\"
.\" This file was written by Ulf Moeller <ulf@openssl.org>.
@ -48,7 +48,7 @@
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
.\" OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.Dd $Mdocdate: January 15 2022 $
.Dd $Mdocdate: November 19 2023 $
.Dt DH_SET_METHOD 3
.Os
.Sh NAME
@ -98,16 +98,9 @@ selects
as the default method for all
.Vt DH
structures created later.
If any
.Vt ENGINE
was registered with
.Xr ENGINE_register_DH 3
that can be successfully initialized, it overrides the default.
.Pp
.Fn DH_get_default_method
returns a pointer to the current default method,
even if it is actually overridden by an
.Vt ENGINE .
returns a pointer to the current default method.
.Pp
.Fn DH_set_method
selects
@ -118,17 +111,12 @@ This replaces the
.Vt DH_METHOD
used by the
.Fa dh
key and if the previous method was supplied by an
.Vt ENGINE ,
.Xr ENGINE_finish 3
is called on it.
key.
It is possible to have
.Vt DH
keys that only work with certain
.Vt DH_METHOD
implementations (e.g. from an
.Vt ENGINE
module that supports embedded hardware-protected keys),
implementations,
and in such cases attempting to change the
.Vt DH_METHOD
for the key can have unexpected results.
@ -136,17 +124,10 @@ for the key can have unexpected results.
.Fn DH_new_method
allocates and initializes a
.Vt DH
structure so that
structure.
The
.Fa engine
is used for the DH operations.
If
.Fa engine
is
.Dv NULL ,
.Xr ENGINE_get_default_DH 3
is used.
If that returns
.Dv NULL ,
argument is ignored and
the default method controlled by
.Fn DH_set_default_method
is used.
@ -202,10 +183,7 @@ and sets an error code that can be obtained by
if the allocation fails.
Otherwise it returns a pointer to the newly allocated structure.
.Sh SEE ALSO
.Xr DH_new 3 ,
.Xr ENGINE_get_default_DH 3 ,
.Xr ENGINE_register_DH 3 ,
.Xr ENGINE_set_default_DH 3
.Xr DH_new 3
.Sh HISTORY
.Fn DH_set_default_method ,
.Fn DH_get_default_method ,

40
lib/libcrypto/man/DSA_set_method.3
View file

@ -1,4 +1,4 @@
.\" $OpenBSD: DSA_set_method.3,v 1.10 2022/01/15 23:38:50 jsg Exp $
.\" $OpenBSD: DSA_set_method.3,v 1.11 2023/11/19 10:34:26 tb Exp $
.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
.\"
.\" This file was written by Ulf Moeller <ulf@openssl.org>.
@ -48,7 +48,7 @@
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
.\" OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.Dd $Mdocdate: January 15 2022 $
.Dd $Mdocdate: November 19 2023 $
.Dt DSA_SET_METHOD 3
.Os
.Sh NAME
@ -93,16 +93,9 @@ selects
as the default method for all
.Vt DSA
structures created later.
If any
.Vt ENGINE
was registered with
.Xr ENGINE_register_DSA 3
that can be successfully initialized, it overrides the default.
.Pp
.Fn DSA_get_default_method
returns a pointer to the current default method,
even if it is actually overridden by an
.Vt ENGINE .
returns a pointer to the current default method.
.Pp
.Fn DSA_set_method
selects
@ -111,15 +104,10 @@ to perform all operations using the key
.Fa dsa .
This replaces the
.Vt DSA_METHOD
used by the DSA key and if the previous method was supplied by an
.Vt ENGINE ,
.Xr ENGINE_finish 3
is called on it.
used by the DSA key.
It is possible to have DSA keys that only work with certain
.Vt DSA_METHOD
implementations (e.g. from an
.Vt ENGINE
module that supports embedded hardware-protected keys),
implementations,
and in such cases attempting to change the
.Vt DSA_METHOD
for the key can have unexpected results.
@ -127,17 +115,10 @@ for the key can have unexpected results.
.Fn DSA_new_method
allocates and initializes a
.Vt DSA
structure so that
structure.
The
.Fa engine
is used for the DSA operations.
If
.Fa engine
is
.Dv NULL ,
.Xr ENGINE_get_default_DSA 3
is used.
If that returns
.Dv NULL ,
argument is ignored and
the default method controlled by
.Fn DSA_set_default_method
is used.
@ -206,10 +187,7 @@ if the allocation fails.
Otherwise it returns a pointer to the newly allocated structure.
.Sh SEE ALSO
.Xr DSA_meth_new 3 ,
.Xr DSA_new 3 ,
.Xr ENGINE_get_default_DSA 3 ,
.Xr ENGINE_register_DSA 3 ,
.Xr ENGINE_set_default_DSA 3
.Xr DSA_new 3
.Sh HISTORY
.Fn DSA_set_default_method ,
.Fn DSA_get_default_method ,

243
lib/libcrypto/man/ENGINE_add.3
View file

@ -1,243 +0,0 @@
.\" $OpenBSD: ENGINE_add.3,v 1.3 2018/04/18 03:39:22 schwarze Exp $
.\" content checked up to: OpenSSL 1f13ad31 Dec 25 17:50:39 2017 +0800
.\"
.\" Copyright (c) 2018 Ingo Schwarze <schwarze@openbsd.org>
.\"
.\" Permission to use, copy, modify, and distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" copyright notice and this permission notice appear in all copies.
.\"
.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\"
.Dd $Mdocdate: April 18 2018 $
.Dt ENGINE_ADD 3
.Os
.Sh NAME
.Nm ENGINE_add ,
.Nm ENGINE_set_id ,
.Nm ENGINE_get_id ,
.Nm ENGINE_set_name ,
.Nm ENGINE_get_name ,
.Nm ENGINE_remove ,
.Nm ENGINE_cleanup ,
.Nm ENGINE_get_first ,
.Nm ENGINE_get_last ,
.Nm ENGINE_get_next ,
.Nm ENGINE_get_prev ,
.Nm ENGINE_by_id
.Nd maintain a global list of ENGINE objects
.Sh SYNOPSIS
.In openssl/engine.h
.Ft int
.Fo ENGINE_add
.Fa "ENGINE *e"
.Fc
.Ft int
.Fo ENGINE_set_id
.Fa "ENGINE *e"
.Fa "const char *id"
.Fc
.Ft const char *
.Fo ENGINE_get_id
.Fa "const ENGINE *e"
.Fc
.Ft int
.Fo ENGINE_set_name
.Fa "ENGINE *e"
.Fa "const char *name"
.Fc
.Ft const char *
.Fo ENGINE_get_name
.Fa "const ENGINE *e"
.Fc
.Ft int
.Fo ENGINE_remove
.Fa "ENGINE *e"
.Fc
.Ft void
.Fn ENGINE_cleanup void
.Ft ENGINE *
.Fn ENGINE_get_first void
.Ft ENGINE *
.Fn ENGINE_get_last void
.Ft ENGINE *
.Fo ENGINE_get_next
.Fa "ENGINE *e"
.Fc
.Ft ENGINE *
.Fo ENGINE_get_prev
.Fa "ENGINE *e"
.Fc
.Ft ENGINE *
.Fo ENGINE_by_id
.Fa "const char *id"
.Fc
.Sh DESCRIPTION
The crypto library maintains a global list of
.Vt ENGINE
objects.
.Pp
.Fn ENGINE_add
appends
.Fa e
to the end of the list
and increments its structural reference count by 1.
A unique identifier and a name of
.Fa e
have to be set with
.Fn ENGINE_set_id
and
.Fn ENGINE_set_name
before calling this function.
.Fn ENGINE_add
fails if the list already contains an
.Vt ENGINE
with the same identifier.
.Pp
.Fn ENGINE_remove
removes
.Fa e
from the list.
If successful, it calls
.Xr ENGINE_free 3
on
.Fa e .
.Pp
.Fn ENGINE_cleanup
calls
.Xr ENGINE_finish 3
on all
.Vt ENGINE
objects that were selected as default engines, for example using the
functions documented in the
.Xr ENGINE_set_default 3
and
.Xr ENGINE_get_default_RSA 3
manual pages, and it calls
.Fn ENGINE_remove
on all
.Vt ENGINE
objects that were added to the global list with
.Fn ENGINE_add .
Calling this function is required at the end of each program using
.Fn ENGINE_add ,
even if no engines are explicitly registered or used.
.Pp
.Fn ENGINE_get_first
and
.Fn ENGINE_get_last
provide access to the first and last
.Vt ENGINE
object on the list, respectively.
Unless the list is empty, they increment the structural reference
count of the retrieved object by 1.
.Pp
.Fn ENGINE_get_next
and
.Fn ENGINE_get_prev
support iteration of the list.
They always call
.Xr ENGINE_free 3
on
.Fa e .
Unless the end of the list is reached, they increment the structural
reference count of the retrieved object by 1.
.Pp
.Fn ENGINE_by_id
searches the list for an
.Vt ENGINE
object with a matching
.Fa id .
If found, it increments the structural reference count of the
retrieved object by 1.
If
.Dv ENGINE_FLAGS_BY_ID_COPY
was set on
.Fa e
with
.Xr ENGINE_set_flags 3 ,
it returns a shallow copy of the object rather than incrementing
the reference count and returning a pointer to the original.
.Sh RETURN VALUES
.Fn ENGINE_add ,
.Fn ENGINE_set_id ,
.Fn ENGINE_set_name ,
and
.Fn ENGINE_remove
return 1 on success or 0 on error.
.Fn ENGINE_set_id
and
.Fn ENGINE_set_name
can only fail if the supplied
.Fa id
or
.Fa name
is
.Dv NULL .
.Pp
.Fn ENGINE_get_id
and
.Fn ENGINE_get_name
return a pointer to an internal string
representing the identifier and the name of
.Fa e ,
respectively.
.Pp
.Fn ENGINE_get_first
and
.Fn ENGINE_get_last
return an
.Vt ENGINE
object or
.Dv NULL
if the list is empty.
.Pp
.Fn ENGINE_get_next
and
.Fn ENGINE_get_prev
return an
.Vt ENGINE
object or
.Dv NULL
when the end of the list is reached.
.Pp
.Fn ENGINE_by_id
returns an
.Vt ENGINE
object or
.Dv NULL
if no matching object is found.
.Sh SEE ALSO
.Xr ENGINE_get_default_RSA 3 ,
.Xr ENGINE_init 3 ,
.Xr ENGINE_new 3 ,
.Xr ENGINE_register_all_RSA 3 ,
.Xr ENGINE_register_RSA 3 ,
.Xr ENGINE_set_default 3 ,
.Xr ENGINE_set_flags 3 ,
.Xr ENGINE_unregister_RSA 3
.Sh HISTORY
.Fn ENGINE_add ,
.Fn ENGINE_set_id ,
.Fn ENGINE_get_id ,
.Fn ENGINE_set_name ,
.Fn ENGINE_get_name ,
.Fn ENGINE_remove ,
.Fn ENGINE_get_first ,
.Fn ENGINE_get_last ,
.Fn ENGINE_get_next ,
.Fn ENGINE_get_prev ,
and
.Fn ENGINE_by_id
first appeared in OpenSSL 0.9.7 and have been available since
.Ox 2.9 .
.Pp
.Fn ENGINE_cleanup
first appeared in OpenSSL 0.9.7 and has been available since
.Ox 3.2 .

470
lib/libcrypto/man/ENGINE_ctrl.3
View file

@ -1,470 +0,0 @@
.\" $OpenBSD: ENGINE_ctrl.3,v 1.5 2022/01/15 23:38:50 jsg Exp $
.\" content checked up to:
.\" OpenSSL ENGINE_add 1f13ad31 Dec 25 17:50:39 2017 +0800
.\"
.\" Copyright (c) 2018 Ingo Schwarze <schwarze@openbsd.org>
.\"
.\" Permission to use, copy, modify, and distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" copyright notice and this permission notice appear in all copies.
.\"
.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\"
.Dd $Mdocdate: January 15 2022 $
.Dt ENGINE_CTRL 3
.Os
.Sh NAME
.Nm ENGINE_ctrl ,
.Nm ENGINE_cmd_is_executable ,
.Nm ENGINE_ctrl_cmd ,
.Nm ENGINE_ctrl_cmd_string ,
.Nm ENGINE_set_ctrl_function ,
.Nm ENGINE_get_ctrl_function ,
.Nm ENGINE_set_cmd_defns ,
.Nm ENGINE_get_cmd_defns
.Nd control commands for ENGINE objects
.Sh SYNOPSIS
.In openssl/engine.h
.Ft int
.Fo ENGINE_ctrl
.Fa "ENGINE *e"
.Fa "int cmd"
.Fa "long i"
.Fa "void *p"
.Fa "void (*f)(void)"
.Fc
.Ft int
.Fo ENGINE_cmd_is_executable
.Fa "ENGINE *e"
.Fa "int cmd"
.Fc
.Ft int
.Fo ENGINE_ctrl_cmd
.Fa "ENGINE *e"
.Fa "const char *cmd_name"
.Fa "long i"
.Fa "void *p"
.Fa "void (*f)(void)"
.Fa "int cmd_optional"
.Fc
.Ft int
.Fo ENGINE_ctrl_cmd_string
.Fa "ENGINE *e"
.Fa "const char *cmd_name"
.Fa "const char *arg"
.Fa "int cmd_optional"
.Fc
.Ft typedef int
.Fo (*ENGINE_CTRL_FUNC_PTR)
.Fa "ENGINE *e"
.Fa "int cmd"
.Fa "long i"
.Fa "void *p"
.Fa "void (*f)(void)"
.Fc
.Ft int
.Fo ENGINE_set_ctrl_function
.Fa "ENGINE *e"
.Fa "ENGINE_CTRL_FUNC_PTR ctrl_f"
.Fc
.Ft ENGINE_CTRL_FUNC_PTR
.Fo ENGINE_get_ctrl_function
.Fa "const ENGINE *e"
.Fc
.Ft int
.Fo ENGINE_set_cmd_defns
.Fa "ENGINE *e"
.Fa "const ENGINE_CMD_DEFN *defns"
.Fc
.Ft const ENGINE_CMD_DEFN *
.Fo ENGINE_get_cmd_defns
.Fa "const ENGINE *e"
.Fc
.Sh DESCRIPTION
.Fn ENGINE_ctrl
calls the built-in or user-defined
.Fa cmd
for the engine
.Fa e ,
passing the arguments
.Fa i
and
.Fa p .
.Pp
User-defined commands can be used before
.Xr ENGINE_init 3
to provide data required for initialization
or at any time to modify the behaviour of an engine.
.Pp
Most built-in commands operate on user-defined commands installed with
.Fn ENGINE_set_cmd_defns ,
either using the
.Fa p
argument to indicate the user-defined command with the command name
.Fa cmd_name
or using the
.Fa i
argument to indicate the user-defined command with the command number
.Fa cmd_num .
The
.Fa cmd
arguments to call the built-in commands are as follows:
.Bl -tag -width Ds
.It Dv ENGINE_CTRL_GET_CMD_FLAGS
Return the
.Fa cmd_flags
of the user-defined command with the number
.Fa i ,
or a number less than or equal to 0 if an error occurs or
the command number does not exist.
A return value of 0 indicates failure if
.Fa e
is
.Dv NULL
or has a reference count of 0, or success if
.Fa e
is valid.
.It Dv ENGINE_CTRL_GET_CMD_FROM_NAME
Return the positive command number
of the user-defined command with the name
.Fa p ,
or a number less than or equal to 0 if an error occurs or no
matching name is found.
.It Dv ENGINE_CTRL_GET_DESC_FROM_CMD
Copy the description of the user-defined command with the number
.Fa i
into the buffer
.Fa p
and NUL-terminate it.
It is the responsibility of the caller to make sure that the buffer
.Fa p
is large enough, either by calling
.Dv ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
first or using knowledge about the array passed to
.Fn ENGINE_set_cmd_defns .
The return value is the number of bytes written
.Em including
the terminating NUL byte, or a number less than or equal to 0
if an error occurs.
.It Dv ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
Return the length in bytes
.Em excluding
the terminating NUL byte
of the description of the user-defined command with the number
.Fa i ,
or a number less than or equal to 0 if an error occurs.
A return value of 0 indicates failure if
.Fa e
is
.Dv NULL
or has a reference count of 0, or success if
.Fa e
is valid.
.It Dv ENGINE_CTRL_GET_FIRST_CMD_TYPE
Return the positive command number
of the first user-defined command installed with
.Fn ENGINE_set_cmd_defns
or a number less than or equal to 0 if an error occurs or no
user-defined command has been installed.
.It Dv ENGINE_CTRL_GET_NAME_FROM_CMD
Copy the name of the user-defined command with the number
.Fa i
into the buffer
.Fa p
and NUL-terminate it.
It is the responsibility of the caller to make sure that the buffer
.Fa p
is large enough, either by calling
.Dv ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
first or using knowledge about the array passed to
.Fn ENGINE_set_cmd_defns .
The return value is the number of bytes written
.Em including
the terminating NUL byte, or a number less than or equal to 0
if an error occurs.
.It Dv ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
Return the length in bytes
.Em excluding
the terminating NULL byte
of the name of the user-defined command with the number
.Fa i ,
or a number less than or equal to 0 if an error occurs.
A return value of 0 indicates failure if
.Fa e
is
.Dv NULL
or has a reference count of 0, or success if
.Fa e
is valid.
.It Dv ENGINE_CTRL_GET_NEXT_CMD_TYPE
Return the positive command number of the next user-defined command
after the user-defined command with the number
.Fa i ,
or a number less than or equal to 0 if an error occurs or if
.Fa i
is the last user-defined command.
Together with
.Dv ENGINE_CTRL_GET_FIRST_CMD_TYPE ,
this can be used to iterate the user-defined commands installed with
.Fn ENGINE_set_cmd_defns .
.It Dv ENGINE_CTRL_HAS_CTRL_FUNCTION
Return 1 if
.Fa e
has its own
.Fa ctrl_f
installed with
.Fn ENGINE_set_ctrl_function
or 0 otherwise.
.El
.Pp
.Fn ENGINE_ctrl_cmd
translates the
.Fa cmd_name
of a user-defined command to a
.Fa cmd
number and calls
.Fn ENGINE_ctrl
on it.
If
.Fa cmd_optional
is non-zero, lack of a
.Fa ctrl_f
in
.Fa e
and translation failure with
.Dv ENGINE_CTRL_GET_CMD_FROM_NAME
are considered success, and the command has no effect.
Otherwise, these problems cause
.Fn ENGINE_ctrl_cmd
to fail.
.Pp
Neither
.Fn ENGINE_ctrl
nor
.Fn ENGINE_ctrl_cmd
ever call the
.Fa f
callback, but merely pass it on as an argument to the engine-specific
.Fa ctrl_f
control function.
It is up to
.Fa ctrl_f
how to use it, or alternatively to ignore it as well.
.Pp
.Fn ENGINE_ctrl_cmd_string
translates the
.Fa cmd_name
of a user-defined command to a
.Fa cmd
number.
If that command has the
.Dv ENGINE_CMD_FLAG_NO_INPUT
flag set,
.Fa arg
must be
.Dv NULL
and
.Fn ENGINE_ctrl
is called with
.Fa i
set to 0 and
.Fa p
set to
.Dv NULL .
Otherwise,
.Fa arg
must not be
.Dv NULL .
If the command accepts string input,
.Fa i
is set to 0 and
.Fa arg
is passed as the
.Fa p
argument to
.Fn ENGINE_ctrl .
Otherwise,
.Fa arg
is converted with
.Xr strtol 3
and passed as the
.Fa i
argument to
.Fn ENGINE_ctrl ,
setting
.Fa p
to
.Dv NULL .
.Pp
.Fn ENGINE_set_ctrl_function
installs
.Fa ctrl_f
as the engine-specific control function for
.Fa e .
Future calls to
.Fn ENGINE_ctrl
will call that function, passing on their arguments unchanged, if the
.Fa cmd
is not built-in to the library or if the
.Dv ENGINE_FLAGS_MANUAL_CMD_CTRL
flag is set in
.Fa e .
Let the
.Fa ctrl_f
return positive values on success or negative values on failure.
Avoid return values of 0 because they cause dangerous ambiguity.
In particular,
.Fn ENGINE_ctrl_cmd
and
.Fn ENGINE_ctrl_cmd_string
cannot be used with user-defined commands
that may return 0 on success.
.Pp
.Fn ENGINE_set_cmd_defns
install an array of command definitions in
.Fa e .
.Pp
The structure
.Vt ENGINE_CMD_DEFN
has the following fields:
.Bl -tag -width Ds
.It Fa "unsigned int cmd_num"
A positive, unique, monotonically increasing command number.
Avoid using numbers below
.Dv ENGINE_CMD_BASE .
.It Fa "const char *cmd_name"
The unique name of the command.
.It Fa "const char *cmd_desc"
A short description of the command.
.It Fa "unsigned int cmd_flags"
The bitwise OR of zero or more of the following flags:
.Bl -tag -width Ds
.It Dv ENGINE_CMD_FLAG_NUMERIC
The command uses
.Fa i .
.It Dv ENGINE_CMD_FLAG_STRING
The command uses
.Fa p .
.It Dv ENGINE_CMD_FLAG_NO_INPUT
The command neither uses
.Fa i
nor
.Fa p .
.It Dv ENGINE_CMD_FLAG_INTERNAL
This flag has no effect and is only provided for compatibility.
.El
.El
.Pp
The last element of
.Fa defns
does not specify a command, but must have a
.Fa cmd_num
of 0 and a
.Fa cmd_name
of
.Dv NULL
to indicate the end of the array.
.Sh RETURN VALUES
For
.Fn ENGINE_ctrl ,
positive return values indicate success and negative return values
indicate failure.
The meaning of a zero return value depends on the particular
.Fa cmd
and may indicate both success and failure, which is pathetic.
.Pp
Regardless of the
.Fa cmd ,
.Fn ENGINE_ctrl
returns 0 if
.Fa e
is
.Dv NULL
or has a reference count of 0.
This is quite unfortunate for commands like
.Dv ENGINE_CTRL_GET_CMD_FLAGS
where 0 may indicate success, so make sure
.Fa e
is valid before issuing a control command.
.Pp
For built-in commands except
.Dv ENGINE_CTRL_HAS_CTRL_FUNCTION ,
.Fn ENGINE_ctrl
returns \-1 if
.Dv ENGINE_FLAGS_MANUAL_CMD_CTRL
is set but no
.Fa ctrl_f
has been installed with
.Fn ENGINE_set_ctrl_function .
.Pp
For commands that are not built in,
.Fn ENGINE_ctrl
returns 0 if no
.Fa ctrl_f
has been installed with
.Fn ENGINE_set_ctrl_function .
.Pp
.Fn ENGINE_cmd_is_executable
returns 1 if the user-defined
.Fa cmd
is executable and has at least one of the flags
.Dv ENGINE_CMD_FLAG_NUMERIC ,
.Dv ENGINE_CMD_FLAG_STRING ,
and
.Dv ENGINE_CMD_FLAG_NO_INPUT
set, or 0 otherwise.
.Pp
.Fn ENGINE_ctrl_cmd
and
.Fn ENGINE_ctrl_cmd_string
return 1 on success or 0 on error.
.Pp
.Fn ENGINE_set_ctrl_function
and
.Fn ENGINE_set_cmd_defns
always return 1.
.Pp
.Fn ENGINE_get_ctrl_function
returns a pointer to the function
.Fa ctrl_f
installed with
.Fn ENGINE_set_ctrl_function ,
or
.Dv NULL
if none has been installed.
.Pp
.Fn ENGINE_get_cmd_defns
returns the array of command definitions installed in
.Fa e
or
.Dv NULL
if none is installed.
.Sh SEE ALSO
.Xr ENGINE_add 3 ,
.Xr ENGINE_init 3 ,
.Xr ENGINE_new 3 ,
.Xr ENGINE_register_RSA 3 ,
.Xr ENGINE_set_flags 3 ,
.Xr ENGINE_set_RSA 3
.Sh HISTORY
.Fn ENGINE_ctrl ,
.Fn ENGINE_set_ctrl_function ,
and
.Fn ENGINE_get_ctrl_function
first appeared in OpenSSL 0.9.7 and have been available since
.Ox 2.9 .
.Pp
.Fn ENGINE_cmd_is_executable ,
.Fn ENGINE_ctrl_cmd ,
.Fn ENGINE_ctrl_cmd_string ,
.Fn ENGINE_set_cmd_defns ,
and
.Fn ENGINE_get_cmd_defns
first appeared in OpenSSL 0.9.7 and have been available since
.Ox 3.2 .

151
lib/libcrypto/man/ENGINE_get_default_RSA.3
View file

@ -1,151 +0,0 @@
.\" $OpenBSD: ENGINE_get_default_RSA.3,v 1.4 2023/07/21 04:35:36 tb Exp $
.\" content checked up to:
.\" OpenSSL ENGINE_add 1f13ad31 Dec 25 17:50:39 2017 +0800
.\"
.\" Copyright (c) 2018 Ingo Schwarze <schwarze@openbsd.org>
.\"
.\" Permission to use, copy, modify, and distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" copyright notice and this permission notice appear in all copies.
.\"
.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\"
.Dd $Mdocdate: July 21 2023 $
.Dt ENGINE_GET_DEFAULT_RSA 3
.Os
.Sh NAME
.Nm ENGINE_get_default_RSA ,
.Nm ENGINE_get_default_DSA ,
.Nm ENGINE_get_default_EC ,
.Nm ENGINE_get_default_DH ,
.Nm ENGINE_get_default_RAND ,
.Nm ENGINE_get_cipher_engine ,
.Nm ENGINE_get_digest_engine ,
.Nm ENGINE_set_table_flags ,
.Nm ENGINE_get_table_flags
.Nd retrieve the default ENGINE for an algorithm
.Sh SYNOPSIS
.In openssl/engine.h
.Ft ENGINE *
.Fn ENGINE_get_default_RSA void
.Ft ENGINE *
.Fn ENGINE_get_default_DSA void
.Ft ENGINE *
.Fn ENGINE_get_default_EC void
.Ft ENGINE *
.Fn ENGINE_get_default_DH void
.Ft ENGINE *
.Fn ENGINE_get_default_RAND void
.Ft ENGINE *
.Fo ENGINE_get_cipher_engine
.Fa "int nid"
.Fc
.Ft ENGINE *
.Fo ENGINE_get_digest_engine
.Fa "int nid"
.Fc
.Ft void
.Fo ENGINE_set_table_flags
.Fa "unsigned int flags"
.Fc
.Ft unsigned int
.Fn ENGINE_get_table_flags void
.Sh DESCRIPTION
These functions retrieve the current default
.Vt ENGINE
implementing the respective algorithm.
.Pp
If a default engine was previously selected,
.Xr ENGINE_init 3
is called on it again and it is used.
Otherwise, these functions inspect the engines registered
with the functions documented in
.Xr ENGINE_register_RSA 3
in the order of the table for the respective algorithm.
If an inspected engine is already successfully initialized,
.Xr ENGINE_init 3
is called on it again and it is used as the new default.
Otherwise, unless the global flag
.Dv ENGINE_TABLE_FLAG_NOINIT
is set,
.Xr ENGINE_init 3
is tried on it.
If it succeeds, that engine is used as the new default.
If it fails or if
.Dv ENGINE_TABLE_FLAG_NOINIT
is set, inspection continues with the next engine.
.Pp
The global flag can be set by calling
.Fn ENGINE_set_table_flags
with an argument of
.Dv ENGINE_TABLE_FLAG_NOINIT
or cleared by calling it with an argument of 0.
By default, the flag is not set.
.Pp
While all the other functions operate on exactly one algorithm,
.Fn ENGINE_get_cipher_engine
and
.Fn ENGINE_get_digest_engine
are special in so far as they can handle multiple algorithms,
identified by the given
.Fa nid .
The default engine is remembered separately for each algorithm.
.Pp
Application programs rarely need to call these functions because
they are called automatically when needed, in particular from
.Xr RSA_new 3 ,
.Xr DSA_new 3 ,
.Xr EC_KEY_new 3 ,
.Xr DH_new 3 ,
.Xr EVP_CipherInit_ex 3 ,
and
.Xr EVP_DigestInit_ex 3 .
.Sh RETURN VALUES
These functions return a functional reference to an
.Vt ENGINE
object or
.Dv NULL
on failure, in particular when no engine implementing the algorithm
is available, when
.Xr ENGINE_init 3
fails for all implementations,
or when insufficient memory is available.
Even when these functions fail, the application may still be able
to use the algorithm in question because the built-in implementation
is used in that case, if one is available.
.Pp
.Fn ENGINE_get_table_flags
returns
.Dv ENGINE_TABLE_FLAG_NOINIT
if the global flag is set or 0 otherwise.
.Sh SEE ALSO
.Xr ENGINE_init 3 ,
.Xr ENGINE_new 3 ,
.Xr ENGINE_register_RSA 3 ,
.Xr ENGINE_set_default 3
.Sh HISTORY
.Fn ENGINE_get_default_RSA ,
.Fn ENGINE_get_default_DSA ,
.Fn ENGINE_get_default_DH ,
and
.Fn ENGINE_get_default_RAND
first appeared in OpenSSL 0.9.7 and have been available since
.Ox 2.9 .
.Pp
.Fn ENGINE_get_cipher_engine ,
.Fn ENGINE_get_digest_engine ,
.Fn ENGINE_set_table_flags ,
and
.Fn ENGINE_get_table_flags
first appeared in OpenSSL 0.9.7 and have been available since
.Ox 3.2 .
.Pp
.Fn ENGINE_get_default_EC
first appeared in OpenSSL 1.1.0 and has been available since
.Ox 6.5 .

134
lib/libcrypto/man/ENGINE_init.3
View file

@ -1,134 +0,0 @@
.\" $OpenBSD: ENGINE_init.3,v 1.2 2018/04/18 03:39:22 schwarze Exp $
.\" Copyright (c) 2018 Ingo Schwarze <schwarze@openbsd.org>
.\"
.\" Permission to use, copy, modify, and distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" copyright notice and this permission notice appear in all copies.
.\"
.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\"
.Dd $Mdocdate: April 18 2018 $
.Dt ENGINE_INIT 3
.Os
.Sh NAME
.Nm ENGINE_init ,
.Nm ENGINE_finish ,
.Nm ENGINE_set_init_function ,
.Nm ENGINE_set_finish_function ,
.Nm ENGINE_get_init_function ,
.Nm ENGINE_get_finish_function
.Nd initialize ENGINE objects
.Sh SYNOPSIS
.In openssl/engine.h
.Ft int
.Fo ENGINE_init
.Fa "ENGINE *e"
.Fc
.Ft int
.Fo ENGINE_finish
.Fa "ENGINE *e"
.Fc
.Ft typedef int
.Fo (*ENGINE_GEN_INT_FUNC_PTR)
.Fa "ENGINE *e"
.Fc
.Ft int
.Fo ENGINE_set_init_function
.Fa "ENGINE *e"
.Fa "ENGINE_GEN_INT_FUNC_PTR init_f"
.Fc
.Ft int
.Fo ENGINE_set_finish_function
.Fa "ENGINE *e"
.Fa "ENGINE_GEN_INT_FUNC_PTR finish_f"
.Fc
.Ft ENGINE_GEN_INT_FUNC_PTR
.Fo ENGINE_get_init_function
.Fa "const ENGINE *e"
.Fc
.Ft ENGINE_GEN_INT_FUNC_PTR
.Fo ENGINE_get_finish_function
.Fa "const ENGINE *e"
.Fc
.Sh DESCRIPTION
.Fn ENGINE_init
initializes
.Fa e
by calling the
.Fa init_f
previously installed with
.Fn ENGINE_set_init_function ,
if any.
In case of success, it also increments both the structural
and the functional reference count by 1.
If no
.Fa init_f
was installed,
.Fn ENGINE_init
always succeeds.
Calling
.Fn ENGINE_init
again after it already succeeded always succeeds, but has no effect
except that it increments both the structural and the functional
reference count by 1.
.Pp
.Fn ENGINE_finish
decrements the functional reference count by 1.
When it reaches 0, it calls the
.Fa finish_f
previously installed with
.Fn ENGINE_set_finish_function ,
if any.
If no
.Fa finish_f
was installed,
.Fn ENGINE_finish
always succeeds.
Unless
.Fa finish_f
fails,
.Fn ENGINE_finish
also calls
.Xr ENGINE_free 3 .
.Pp
.Fn ENGINE_init
is internally called by the functions documented in the
.Xr ENGINE_get_default_RSA 3
manual page.
.Sh RETURN VALUES
.Fn ENGINE_init
and
.Fn ENGINE_finish
return 1 on success or 0 on error.
.Pp
.Fn ENGINE_set_init_function
and
.Fn ENGINE_set_finish_function
always return 1.
.Pp
.Fn ENGINE_get_init_function
and
.Fn ENGINE_get_finish_function
return a function pointer to the respective callback, or
.Dv NULL
if none is installed.
.Sh SEE ALSO
.Xr ENGINE_add 3 ,
.Xr ENGINE_ctrl 3 ,
.Xr ENGINE_get_default_RSA 3 ,
.Xr ENGINE_new 3 ,
.Xr ENGINE_register_RSA 3 ,
.Xr ENGINE_set_default 3 ,
.Xr ENGINE_set_flags 3 ,
.Xr ENGINE_set_RSA 3 ,
.Xr ENGINE_unregister_RSA 3
.Sh HISTORY
These functions first appeared in OpenSSL 0.9.7
and have been available since
.Ox 2.9 .

276
lib/libcrypto/man/ENGINE_new.3
View file

@ -1,7 +1,6 @@
.\" $OpenBSD: ENGINE_new.3,v 1.5 2021/03/12 05:18:00 jsg Exp $
.\" content checked up to:
.\" OpenSSL ENGINE_add 1f13ad31 Dec 25 17:50:39 2017 +0800
.\" $OpenBSD: ENGINE_new.3,v 1.10 2023/11/19 21:13:47 tb Exp $
.\"
.\" Copyright (c) 2023 Theo Buehler <tb@openbsd.org>
.\" Copyright (c) 2018 Ingo Schwarze <schwarze@openbsd.org>
.\"
.\" Permission to use, copy, modify, and distribute this software for any
@ -16,175 +15,160 @@
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\"
.Dd $Mdocdate: March 12 2021 $
.Dd $Mdocdate: November 19 2023 $
.Dt ENGINE_NEW 3
.Os
.Sh NAME
.Nm ENGINE_new ,
.Nm ENGINE_up_ref ,
.Nm ENGINE_free ,
.Nm ENGINE_set_destroy_function ,
.Nm ENGINE_get_destroy_function
.Nd create and destroy ENGINE objects
.Nm ENGINE_init ,
.Nm ENGINE_finish ,
.Nm ENGINE_ctrl_cmd ,
.Nm ENGINE_ctrl_cmd_string ,
.Nm ENGINE_by_id ,
.Nm ENGINE_get_id ,
.Nm ENGINE_get_name ,
.Nm ENGINE_set_default ,
.Nm ENGINE_get_default_RSA ,
.Nm ENGINE_set_default_RSA ,
.Nm ENGINE_load_private_key ,
.Nm ENGINE_load_public_key ,
.Nm ENGINE_load_builtin_engines ,
.Nm ENGINE_load_dynamic ,
.Nm ENGINE_load_openssl ,
.Nm ENGINE_register_all_complete ,
.Nm ENGINE_cleanup
.Nd ENGINE stub functions
.Sh SYNOPSIS
.In openssl/engine.h
.Ft ENGINE *
.Fn ENGINE_new void
.Ft int
.Fo ENGINE_up_ref
.Fa "ENGINE *e"
.Fc
.Ft int
.Fo ENGINE_free
.Fa "ENGINE *e"
.Fc
.Ft typedef int
.Fo (*ENGINE_GEN_INT_FUNC_PTR)
.Fa "ENGINE *e"
.Fa "ENGINE *engine"
.Fc
.Ft int
.Fo ENGINE_set_destroy_function
.Fa "ENGINE *e"
.Fa "ENGINE_GEN_INT_FUNC_PTR destroy_f"
.Fn ENGINE_init "ENGINE *engine"
.Ft int
.Fn ENGINE_finish "ENGINE *engine"
.Ft int
.Fo ENGINE_ctrl_cmd
.Fa "ENGINE *engine"
.Fa "const char *cmd_name"
.Fa "long i"
.Fa "void *p"
.Fa "void (*f)(void)"
.Fa "int cmd_optional"
.Fc
.Ft ENGINE_GEN_INT_FUNC_PTR
.Fo ENGINE_get_destroy_function
.Fa "const ENGINE *e"
.Ft int
.Fo ENGINE_ctrl_cmd_string
.Fa "ENGINE *engine"
.Fa "const char *cmd_name"
.Fa "const char *arg"
.Fa "int cmd_optional"
.Fc
.Ft ENGINE *
.Fn ENGINE_by_id "const char *id"
.Ft const char *
.Fn ENGINE_get_id "const ENGINE *engine"
.Ft const char *
.Fn ENGINE_get_name "const ENGINE *engine"
.Ft int
.Fn ENGINE_set_default "ENGINE *engine" "unsigned int flags"
.Ft ENGINE *
.Fn ENGINE_get_default_RSA "ENGINE *engine"
.Ft int
.Fn ENGINE_set_default_RSA "ENGINE *engine"
.Ft EVP_PKEY *
.Fo ENGINE_load_private_key
.Fa "ENGINE *engine"
.Fa "const char *key_id"
.Fa "UI_METHOD *ui_method"
.Fa "void *callback_data"
.Fc
.Ft EVP_PKEY *
.Fo ENGINE_load_public_key
.Fa "ENGINE *engine"
.Fa "const char *key_id"
.Fa "UI_METHOD *ui_method"
.Fa "void *callback_data"
.Fc
.Ft void
.Fn ENGINE_load_builtin_engines "void"
.Ft void
.Fn ENGINE_load_dynamic "void"
.Ft void
.Fn ENGINE_load_openssl "void"
.Ft int
.Fn ENGINE_register_all_complete "void"
.Ft void
.Fn ENGINE_cleanup "void"
.Sh DESCRIPTION
.Vt ENGINE
objects can be used to provide alternative implementations of
cryptographic algorithms, to support additional algorithms, to
support cryptographic hardware, and to switch among alternative
implementations of algorithms at run time.
LibreSSL generally avoids engines and prefers providing
cryptographic functionality in the crypto library itself.
objects used to provide alternative implementations of
cryptographic algorithms, for example using specialized hardware.
LibreSSL no longer supports this feature.
.Pp
.Fn ENGINE_new
allocates and initializes an empty
All functions in this manual ignore all their arguments and
do nothing except return failure if possible.
They are provided only to avoid patching software that expects
.Vt ENGINE
object and sets its structural reference count to 1
and its functional reference count to 0.
For more information about the functional reference count, see the
.Xr ENGINE_init 3
manual page.
.Pp
Many functions increment the structural reference count by 1
when successful.
Some of them, including
.Xr ENGINE_get_first 3 ,
.Xr ENGINE_get_last 3 ,
.Xr ENGINE_get_next 3 ,
.Xr ENGINE_get_prev 3 ,
and
.Xr ENGINE_by_id 3 ,
do so because they return a structural reference to the user.
Other functions, including
.Xr ENGINE_add 3 ,
.Xr ENGINE_init 3 ,
.Xr ENGINE_get_cipher_engine 3 ,
.Xr ENGINE_get_digest_engine 3 ,
and the
.Xr ENGINE_get_default_RSA 3
and
.Xr ENGINE_set_default 3
families of functions
do so when they store a structural reference internally.
.Pp
.Fn ENGINE_up_ref
explicitly increment the structural reference count by 1.
.Pp
.Fn ENGINE_free
decrements the structural reference count by 1,
and if it reaches 0, the optional
.Fa destroy_f
previously installed with
.Fn ENGINE_set_destroy_function
is called, if one is installed, and both the memory used internally by
.Fa e
and
.Fa e
itself are freed.
If
.Fa e
is a
.Dv NULL
pointer, no action occurs.
.Pp
Many functions internally call the equivalent of
.Fn ENGINE_free .
Some of them, including
.Xr ENGINE_get_next 3
and
.Xr ENGINE_get_prev 3 ,
thus invalidate the structural reference passed in by the user.
Other functions, including
.Xr ENGINE_finish 3 ,
.Xr ENGINE_remove 3 ,
and the
.Xr ENGINE_set_default 3
family of functions
do so when an internally stored structural reference is no longer needed.
.Pp
.Fn ENGINE_set_destroy_function
installs a callback function that will be called by
.Fn ENGINE_free ,
but only when
.Fa e
actually gets destroyed,
not when only its reference count gets decremented.
The value returned from the
.Fa destroy_f
will be ignored.
support to be available.
.Sh RETURN VALUES
.Fn ENGINE_new
returns a structural reference to the new
.Vt ENGINE
object or
.Dv NULL
if an error occurs.
.Pp
.Fn ENGINE_up_ref
returns 0 if
.Fa e
is
.Dv NULL
and 1 otherwise.
.Pp
.Fn ENGINE_free
.Fn ENGINE_new ,
.Fn ENGINE_by_id ,
.Fn ENGINE_get_default_RSA ,
.Fn ENGINE_load_private_key ,
and
.Fn ENGINE_set_destroy_function
always return 1.
.Fn ENGINE_load_public_key
always return
.Dv NULL .
.Pp
.Fn ENGINE_get_destroy_function
returns a function pointer to the callback, or
.Dv NULL
if none is installed.
.Fn ENGINE_free ,
.Fn ENGINE_init ,
.Fn ENGINE_finish ,
.Fn ENGINE_ctrl_cmd ,
.Fn ENGINE_ctrl_cmd_string ,
.Fn ENGINE_set_default ,
.Fn ENGINE_set_default_RSA ,
and
.Fn ENGINE_register_all_complete
always return 0.
.Pp
.Fn ENGINE_get_id
and
.Fn ENGINE_get_name
always return the constant empty string.
.Sh SEE ALSO
.Xr crypto 3 ,
.Xr ENGINE_add 3 ,
.Xr ENGINE_ctrl 3 ,
.Xr ENGINE_get_default_RSA 3 ,
.Xr ENGINE_init 3 ,
.Xr ENGINE_register_all_RSA 3 ,
.Xr ENGINE_register_RSA 3 ,
.Xr ENGINE_set_default 3 ,
.Xr ENGINE_set_flags 3 ,
.Xr ENGINE_set_RSA 3 ,
.Xr ENGINE_unregister_RSA 3
.Xr crypto 3
.Sh HISTORY
.Fn ENGINE_new
.Fn ENGINE_new ,
.Fn ENGINE_free ,
.Fn ENGINE_init ,
.Fn ENGINE_finish ,
.Fn ENGINE_by_id ,
.Fn ENGINE_get_id ,
.Fn ENGINE_get_name ,
.Fn ENGINE_set_default ,
.Fn ENGINE_get_default_RSA ,
.Fn ENGINE_set_default_RSA ,
.Fn ENGINE_load_private_key ,
and
.Fn ENGINE_free
first appeared in OpenSSL 0.9.7 and have been available since
.Fn ENGINE_load_public_key
first appeared in OpenSSL 0.9.7
and have been available since
.Ox 2.9 .
.Pp
.Fn ENGINE_set_destroy_function
.Fn ENGINE_ctrl_cmd ,
.Fn ENGINE_ctrl_cmd_string ,
.Fn ENGINE_load_builtin_engines ,
.Fn ENGINE_load_openssl ,
.Fn ENGINE_register_all_complete ,
and
.Fn ENGINE_get_destroy_function
first appeared in OpenSSL 0.9.7 and have been available since
.Ox 3.2 .
.Pp
.Fn ENGINE_up_ref
first appeared in OpenSSL 0.9.7 and has been available since
.Fn ENGINE_cleanup
first appeared in OpenSSL 0.9.7
and have been available since
.Ox 3.4 .
.Pp
All these functions were turned into stubs in
.Ox 7.4 .

142
lib/libcrypto/man/ENGINE_register_RSA.3
View file

@ -1,142 +0,0 @@
.\" $OpenBSD: ENGINE_register_RSA.3,v 1.2 2018/04/18 03:39:22 schwarze Exp $
.\" content checked up to:
.\" OpenSSL ENGINE_add 1f13ad31 Dec 25 17:50:39 2017 +0800
.\"
.\" Copyright (c) 2018 Ingo Schwarze <schwarze@openbsd.org>
.\"
.\" Permission to use, copy, modify, and distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" copyright notice and this permission notice appear in all copies.
.\"
.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\"
.Dd $Mdocdate: April 18 2018 $
.Dt ENGINE_REGISTER_RSA 3
.Os
.Sh NAME
.Nm ENGINE_register_RSA ,
.Nm ENGINE_register_DSA ,
.Nm ENGINE_register_ECDH ,
.Nm ENGINE_register_ECDSA ,
.Nm ENGINE_register_DH ,
.Nm ENGINE_register_RAND ,
.Nm ENGINE_register_STORE ,
.Nm ENGINE_register_ciphers ,
.Nm ENGINE_register_digests ,
.Nm ENGINE_register_complete
.Nd register an ENGINE as implementing an algorithm
.Sh SYNOPSIS
.In openssl/engine.h
.Ft int
.Fo ENGINE_register_RSA
.Fa "ENGINE *e"
.Fc
.Ft int
.Fo ENGINE_register_DSA
.Fa "ENGINE *e"
.Fc
.Ft int
.Fo ENGINE_register_ECDH
.Fa "ENGINE *e"
.Fc
.Ft int
.Fo ENGINE_register_ECDSA
.Fa "ENGINE *e"
.Fc
.Ft int
.Fo ENGINE_register_DH
.Fa "ENGINE *e"
.Fc
.Ft int
.Fo ENGINE_register_RAND
.Fa "ENGINE *e"
.Fc
.Ft int
.Fo ENGINE_register_STORE
.Fa "ENGINE *e"
.Fc
.Ft int
.Fo ENGINE_register_ciphers
.Fa "ENGINE *e"
.Fc
.Ft int
.Fo ENGINE_register_digests
.Fa "ENGINE *e"
.Fc
.Ft int
.Fo ENGINE_register_complete
.Fa "ENGINE *e"
.Fc
.Sh DESCRIPTION
In addition to the global table described in
.Xr ENGINE_add 3 ,
the crypto library maintains several tables containing references to
.Vt ENGINE
objects implementing one specific cryptographic algorithm.
.Pp
The functions listed in the present manual page append
.Fa e
to the end of the table for the respective algorithm.
.Pp
If
.Fa e
does not contain a method for the requested algorithm,
these functions succeed without having any effect.
.Pp
If
.Fa e
is already registered for the given algorithm,
they move it to the end of the respective table.
.Pp
.Fn ENGINE_register_ciphers
and
.Fn ENGINE_register_digests
are special in so far as an engine may implement
more than one cipher or more than one digest.
In that case,
.Fa e
is registered for all the ciphers or digests it implements.
.Pp
.Fn ENGINE_register_complete
registers
.Fa e
for all algorithms it implements by calling all the other functions.
.Sh RETURN VALUES
These functions return 1 on success or 0 on error.
They only fail if insufficient memory is available.
.Sh SEE ALSO
.Xr ENGINE_add 3 ,
.Xr ENGINE_get_default_RSA 3 ,
.Xr ENGINE_init 3 ,
.Xr ENGINE_new 3 ,
.Xr ENGINE_register_all_RSA 3 ,
.Xr ENGINE_set_default 3 ,
.Xr ENGINE_set_RSA 3 ,
.Xr ENGINE_unregister_RSA 3
.Sh HISTORY
.Fn ENGINE_register_RSA ,
.Fn ENGINE_register_DSA ,
.Fn ENGINE_register_DH ,
.Fn ENGINE_register_RAND ,
.Fn ENGINE_register_ciphers ,
.Fn ENGINE_register_digests ,
and
.Fn ENGINE_register_complete
first appeared in OpenSSL 0.9.7 and have been available since
.Ox 3.2 .
.Pp
.Fn ENGINE_register_ECDH ,
.Fn ENGINE_register_ECDSA ,
and
.Fn ENGINE_register_STORE
first appeared in OpenSSL 0.9.8 and have been available since
.Ox 4.5 .
.Sh BUGS
.Fn ENGINE_register_complete
ignores all errors, even memory allocation failure, and always returns 1.

123
lib/libcrypto/man/ENGINE_register_all_RSA.3
View file

@ -1,123 +0,0 @@
.\" $OpenBSD: ENGINE_register_all_RSA.3,v 1.3 2018/04/18 03:39:22 schwarze Exp $
.\" content checked up to:
.\" OpenSSL ENGINE_add 1f13ad31 Dec 25 17:50:39 2017 +0800
.\"
.\" Copyright (c) 2018 Ingo Schwarze <schwarze@openbsd.org>
.\"
.\" Permission to use, copy, modify, and distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" copyright notice and this permission notice appear in all copies.
.\"
.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\"
.Dd $Mdocdate: April 18 2018 $
.Dt ENGINE_REGISTER_ALL_RSA 3
.Os
.Sh NAME
.Nm ENGINE_register_all_RSA ,
.Nm ENGINE_register_all_DSA ,
.Nm ENGINE_register_all_ECDH ,
.Nm ENGINE_register_all_ECDSA ,
.Nm ENGINE_register_all_DH ,
.Nm ENGINE_register_all_RAND ,
.Nm ENGINE_register_all_STORE ,
.Nm ENGINE_register_all_ciphers ,
.Nm ENGINE_register_all_digests ,
.Nm ENGINE_register_all_complete ,
.Nm ENGINE_load_builtin_engines ,
.Nm ENGINE_load_dynamic
.Nd register all engines as implementing an algorithm
.Sh SYNOPSIS
.In openssl/engine.h
.Ft void
.Fn ENGINE_register_all_RSA void
.Ft void
.Fn ENGINE_register_all_DSA void
.Ft void
.Fn ENGINE_register_all_ECDH void
.Ft void
.Fn ENGINE_register_all_ECDSA void
.Ft void
.Fn ENGINE_register_all_DH void
.Ft void
.Fn ENGINE_register_all_RAND void
.Ft void
.Fn ENGINE_register_all_STORE void
.Ft void
.Fn ENGINE_register_all_ciphers void
.Ft void
.Fn ENGINE_register_all_digests void
.Ft int
.Fn ENGINE_register_all_complete void
.Ft void
.Fn ENGINE_load_builtin_engines void
.Ft void
.Fn ENGINE_load_dynamic void
.Sh DESCRIPTION
These functions loop over all the
.Vt ENGINE
objects contained in the global table described in the
.Xr ENGINE_add 3
manual page.
They register each object for the respective algorithm
by calling the corresponding function described in
.Xr ENGINE_register_RSA 3 .
.Pp
.Fn ENGINE_register_all_complete
calls
.Fn ENGINE_register_complete
in this way, except that it skips those
.Vt ENGINE
objects that have the
.Dv ENGINE_FLAGS_NO_REGISTER_ALL
flag set with
.Xr ENGINE_set_flags 3 .
.Pp
.Fn ENGINE_load_builtin_engines
calls
.Xr OPENSSL_init_crypto 3
with no options, loads any built-in engines
that are enabled by default, and calls
.Fn ENGINE_register_all_complete .
Currently, LibreSSL does not provide any engines.
.Sy GOST
and
.Sy aesni
support is provided by the crypto library itself
and does not require any engines, not even built-in ones.
.Pp
.Fn ENGINE_load_dynamic
has no effect and is only provided for compatibility.
.Sh SEE ALSO
.Xr ENGINE_add 3 ,
.Xr ENGINE_new 3 ,
.Xr ENGINE_register_RSA 3 ,
.Xr ENGINE_set_flags 3 ,
.Xr OPENSSL_config 3 ,
.Xr OPENSSL_init_crypto 3
.Sh HISTORY
.Fn ENGINE_register_all_RSA ,
.Fn ENGINE_register_all_DSA ,
.Fn ENGINE_register_all_DH ,
.Fn ENGINE_register_all_RAND ,
.Fn ENGINE_register_all_ciphers ,
.Fn ENGINE_register_all_digests ,
.Fn ENGINE_register_all_complete ,
.Fn ENGINE_load_builtin_engines ,
and
.Fn ENGINE_load_dynamic
first appeared in OpenSSL 0.9.7 and have been available since
.Ox 3.2 .
.Pp
.Fn ENGINE_register_all_ECDH ,
.Fn ENGINE_register_all_ECDSA ,
and
.Fn ENGINE_register_all_STORE
first appeared in OpenSSL 0.9.8 and have been available since
.Ox 4.5 .

317
lib/libcrypto/man/ENGINE_set_RSA.3
View file

@ -1,317 +0,0 @@
.\" $OpenBSD: ENGINE_set_RSA.3,v 1.7 2023/07/21 04:29:27 tb Exp $
.\" content checked up to:
.\" OpenSSL ENGINE_add 1f13ad31 Dec 25 17:50:39 2017 +0800
.\"
.\" Copyright (c) 2018 Ingo Schwarze <schwarze@openbsd.org>
.\"
.\" Permission to use, copy, modify, and distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" copyright notice and this permission notice appear in all copies.
.\"
.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\"
.Dd $Mdocdate: July 21 2023 $
.Dt ENGINE_SET_RSA 3
.Os
.Sh NAME
.Nm ENGINE_set_RSA ,
.Nm ENGINE_get_RSA ,
.Nm ENGINE_set_DSA ,
.Nm ENGINE_get_DSA ,
.Nm ENGINE_set_EC ,
.Nm ENGINE_get_EC ,
.Nm ENGINE_set_DH ,
.Nm ENGINE_get_DH ,
.Nm ENGINE_set_RAND ,
.Nm ENGINE_get_RAND ,
.Nm ENGINE_set_STORE ,
.Nm ENGINE_get_STORE ,
.Nm ENGINE_set_ciphers ,
.Nm ENGINE_get_ciphers ,
.Nm ENGINE_get_cipher ,
.Nm ENGINE_set_digests ,
.Nm ENGINE_get_digests ,
.Nm ENGINE_get_digest
.Nd install and retrieve function tables of crypto engines
.Sh SYNOPSIS
.In openssl/engine.h
.Ft int
.Fo ENGINE_set_RSA
.Fa "ENGINE *e"
.Fa "const RSA_METHOD *rsa_meth"
.Fc
.Ft const RSA_METHOD *
.Fo ENGINE_get_RSA
.Fa "const ENGINE *e"
.Fc
.Ft int
.Fo ENGINE_set_DSA
.Fa "ENGINE *e"
.Fa "const DSA_METHOD *dsa_meth"
.Fc
.Ft const DSA_METHOD *
.Fo ENGINE_get_DSA
.Fa "const ENGINE *e"
.Fc
.Ft int
.Fo ENGINE_set_EC
.Fa "ENGINE *e"
.Fa "const EC_KEY_METHOD *ec_meth"
.Fc
.Ft const EC_KEY_METHOD *
.Fo ENGINE_get_EC
.Fa "const ENGINE *e"
.Fc
.Ft int
.Fo ENGINE_set_DH
.Fa "ENGINE *e"
.Fa "const DH_METHOD *dh_meth"
.Fc
.Ft const DH_METHOD *
.Fo ENGINE_get_DH
.Fa "const ENGINE *e"
.Fc
.Ft int
.Fo ENGINE_set_RAND
.Fa "ENGINE *e"
.Fa "const RAND_METHOD *rand_meth"
.Fc
.Ft const RAND_METHOD *
.Fo ENGINE_get_RAND
.Fa "const ENGINE *e"
.Fc
.Ft int
.Fo ENGINE_set_STORE
.Fa "ENGINE *e"
.Fa "const STORE_METHOD *rand_meth"
.Fc
.Ft const STORE_METHOD *
.Fo ENGINE_get_STORE
.Fa "const ENGINE *e"
.Fc
.Ft typedef int
.Fo (*ENGINE_CIPHERS_PTR)
.Fa "ENGINE *e"
.Fa "const EVP_CIPHER **impl"
.Fa "const int **nids"
.Fa "int nid"
.Fc
.Ft int
.Fo ENGINE_set_ciphers
.Fa "ENGINE *e"
.Fa "ENGINE_CIPHERS_PTR f"
.Fc
.Ft ENGINE_CIPHERS_PTR
.Fo ENGINE_get_ciphers
.Fa "const ENGINE *e"
.Fc
.Ft const EVP_CIPHER *
.Fo ENGINE_get_cipher
.Fa "ENGINE *e"
.Fa "int nid"
.Fc
.Ft typedef int
.Fo (*ENGINE_DIGESTS_PTR)
.Fa "ENGINE *e"
.Fa "const EVP_MD **impl"
.Fa "const int **nids"
.Fa "int nid"
.Fc
.Ft int
.Fo ENGINE_set_digests
.Fa "ENGINE *e"
.Fa "ENGINE_DIGESTS_PTR f"
.Fc
.Ft ENGINE_DIGESTS_PTR
.Fo ENGINE_get_digests
.Fa "const ENGINE *e"
.Fc
.Ft const EVP_MD *
.Fo ENGINE_get_digest
.Fa "ENGINE *e"
.Fa "int nid"
.Fc
.Sh DESCRIPTION
The
.Fn ENGINE_set_*
functions install a table of function pointers
implementing the respective algorithm in
.Fa e .
Partial information about the various method objects is available from
.Xr RSA_meth_new 3 ,
.Xr RSA_get_default_method 3 ,
.Xr DSA_meth_new 3 ,
.Xr DSA_get_default_method 3 ,
.Xr EC_KEY_get_default_method 3 ,
.Xr DH_get_default_method 3 ,
.Xr RAND_get_rand_method 3 ,
.Xr EVP_get_cipherbynid 3 ,
and
.Xr EVP_get_digestbynid 3 .
.Vt STORE_METHOD
is an incomplete type, and the pointers to it are not used for anything.
For complete descriptions of these types,
refer to the respective header files.
.Pp
The functions described in the
.Xr ENGINE_register_RSA 3
and
.Xr ENGINE_set_default 3
manual pages only have an effect after function pointers
were installed using the functions described here.
.Pp
.Fn ENGINE_set_ciphers
and
.Fn ENGINE_set_digests
are special in so far as the
.Vt ENGINE
structure does not provide fields to store function pointers
implementing ciphers or digests.
Instead, these two functions only install a callback to
retrieve implementations.
Where the pointers to the implementations are stored internally,
how they get initialized, and how the
.Vt ENGINE_CIPHERS_PTR
and
.Vt ENGINE_DIGESTS_PTR
callbacks retrieve them
is up to the implementation of each individual engine.
.Pp
If the
.Vt ENGINE_CIPHERS_PTR
and
.Vt ENGINE_DIGESTS_PTR
callbacks are called with a non-zero
.Fa nid ,
they retrieve the implementation of that cipher or digest,
respectively.
In this case, a
.Dv NULL
pointer can be passed as the
.Fa nids
argument.
.Fn ENGINE_get_cipher
and
.Fn ENGINE_get_digest
call the callbacks installed in
.Fa e
in this way.
.Pp
If 0 is passed as the
.Fa nid
argument, an internal pointer
to the array of implementations available in
.Fa e
is returned in
.Pf * Fa impl ,
and an internal pointer
to the array of corresponding identifiers in
.Pf * Fa nids .
The return value of the callback indicates
the number of implementations returned.
.Pp
The
.Fn ENGINE_get_*
functions retrieve the previously installed function tables.
They are used when constructing basic cryptographic objects
as shown in the following table:
.Bl -column "ENGINE_get_digestMM"
.It Accessor: Ta Called by:
.It Fn ENGINE_get_RSA Ta Xr RSA_new_method 3 , Xr RSA_new 3
.It Fn ENGINE_get_DSA Ta Xr DSA_new_method 3 , Xr DSA_new 3
.It Fn ENGINE_get_EC Ta Xr EC_KEY_new_method 3 , Xr EC_KEY_new 3 ,
.Xr EC_KEY_new_by_curve_name 3
.It Fn ENGINE_get_DH Ta Xr DH_new_method 3 , Xr DH_new 3
.It Fn ENGINE_get_RAND Ta unused
.It Fn ENGINE_get_STORE Ta unused
.It Fn ENGINE_get_cipher Ta Xr EVP_CipherInit_ex 3
.It Fn ENGINE_get_digest Ta Xr EVP_DigestInit_ex 3
.El
.Sh RETURN VALUES
The
.Fn ENGINE_set_*
functions return 1 on success or 0 on error.
Currently, they cannot fail.
.Pp
The
.Fn ENGINE_get_*
functions return a method object for the respective algorithm, or
.Dv NULL
if none is installed.
.Pp
.Fn ENGINE_get_ciphers
and
.Fn ENGINE_get_digests
return a function pointer to the respective callback, or
.Dv NULL
if none is installed.
.Pp
.Fn ENGINE_get_cipher
returns an
.Vt EVP_CIPHER
object implementing the cipher
.Fa nid
or
.Dv NULL
if
.Fa e
does not implement that cipher.
.Pp
.Fn ENGINE_get_digest
returns an
.Vt EVP_MD
object implementing the digest
.Fa nid
or
.Dv NULL
if
.Fa e
does not implement that digest.
.Sh SEE ALSO
.Xr DSA_new 3 ,
.Xr ENGINE_ctrl 3 ,
.Xr ENGINE_new 3 ,
.Xr ENGINE_register_RSA 3 ,
.Xr ENGINE_set_default 3 ,
.Xr ENGINE_set_flags 3 ,
.Xr EVP_DigestInit 3 ,
.Xr EVP_EncryptInit 3 ,
.Xr RSA_new 3
.Sh HISTORY
.Fn ENGINE_set_RSA ,
.Fn ENGINE_get_RSA ,
.Fn ENGINE_set_DSA ,
.Fn ENGINE_get_DSA ,
.Fn ENGINE_set_DH ,
.Fn ENGINE_get_DH ,
.Fn ENGINE_set_RAND ,
.Fn ENGINE_get_RAND ,
first appeared in OpenSSL 0.9.7 and have been available since
.Ox 2.9 .
.Pp
.Fn ENGINE_set_ciphers ,
.Fn ENGINE_get_ciphers ,
.Fn ENGINE_get_cipher ,
.Fn ENGINE_set_digests ,
.Fn ENGINE_get_digests ,
and
.Fn ENGINE_get_digest
first appeared in OpenSSL 0.9.7 and have been available since
.Ox 3.2 .
.Pp
.Fn ENGINE_set_STORE
and
.Fn ENGINE_get_STORE
first appeared in OpenSSL 0.9.8 and have been available since
.Ox 4.5 .
.Fn ENGINE_set_EC
and
.Fn ENGINE_get_EC
first appeared in OpenSSL 1.1.0 and have been available since
.Ox 6.5 .

186
lib/libcrypto/man/ENGINE_set_default.3
View file

@ -1,186 +0,0 @@
.\" $OpenBSD: ENGINE_set_default.3,v 1.4 2019/06/03 14:43:15 schwarze Exp $
.\" content checked up to:
.\" OpenSSL ENGINE_add 1f13ad31 Dec 25 17:50:39 2017 +0800
.\"
.\" Copyright (c) 2018 Ingo Schwarze <schwarze@openbsd.org>
.\"
.\" Permission to use, copy, modify, and distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" copyright notice and this permission notice appear in all copies.
.\"
.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\"
.Dd $Mdocdate: June 3 2019 $
.Dt ENGINE 3
.Os
.Sh NAME
.Nm ENGINE_set_default ,
.Nm ENGINE_set_default_string ,
.Nm ENGINE_set_default_RSA ,
.Nm ENGINE_set_default_DSA ,
.Nm ENGINE_set_default_ECDH ,
.Nm ENGINE_set_default_ECDSA ,
.Nm ENGINE_set_default_DH ,
.Nm ENGINE_set_default_RAND ,
.Nm ENGINE_set_default_ciphers ,
.Nm ENGINE_set_default_digests
.Nd register an ENGINE as the default for an algorithm
.Sh SYNOPSIS
.In openssl/engine.h
.Ft int
.Fo ENGINE_set_default_RSA
.Fa "ENGINE *e"
.Fc
.Ft int
.Fo ENGINE_set_default_DSA
.Fa "ENGINE *e"
.Fc
.Ft int
.Fo ENGINE_set_default_ECDH
.Fa "ENGINE *e"
.Fc
.Ft int
.Fo ENGINE_set_default_ECDSA
.Fa "ENGINE *e"
.Fc
.Ft int
.Fo ENGINE_set_default_DH
.Fa "ENGINE *e"
.Fc
.Ft int
.Fo ENGINE_set_default_RAND
.Fa "ENGINE *e"
.Fc
.Ft int
.Fo ENGINE_set_default_ciphers
.Fa "ENGINE *e"
.Fc
.Ft int
.Fo ENGINE_set_default_digests
.Fa "ENGINE *e"
.Fc
.Ft int
.Fo ENGINE_set_default
.Fa "ENGINE *e"
.Fa "unsigned int flags"
.Fc
.Ft int
.Fo ENGINE_set_default_string
.Fa "ENGINE *e"
.Fa "const char *list"
.Fc
.Sh DESCRIPTION
These functions register
.Fa e
as implementing the respective algorithm
like the functions described in the
.Xr ENGINE_register_RSA 3
manual page do it.
In addition, they call
.Xr ENGINE_init 3
on
.Fa e
and select
.Fa e
as the default implementation of the respective algorithm to be
returned by the functions described in
.Xr ENGINE_get_default_RSA 3
in the future.
If another engine was previously selected
as the default implementation of the respective algorithm,
.Xr ENGINE_finish 3
is called on that previous engine.
.Pp
If
.Fa e
implements more than one cipher or digest,
.Fn ENGINE_set_default_ciphers
and
.Fn ENGINE_set_default_digests
register and select it for all these ciphers and digests, respectively.
.Pp
.Fn ENGINE_set_default
registers
.Fa e
as the default implementation of all algorithms specified by the
.Fa flags
by calling the appropriate ones among the other functions.
Algorithms can be selected by combining any number of the
following constants with bitwise OR:
.Dv ENGINE_METHOD_ALL ,
.Dv ENGINE_METHOD_RSA ,
.Dv ENGINE_METHOD_DSA ,
.Dv ENGINE_METHOD_ECDH ,
.Dv ENGINE_METHOD_ECDSA ,
.Dv ENGINE_METHOD_DH ,
.Dv ENGINE_METHOD_RAND ,
.Dv ENGINE_METHOD_CIPHERS ,
.Dv ENGINE_METHOD_DIGESTS ,
.Dv ENGINE_METHOD_PKEY_METHS ,
and
.Dv ENGINE_METHOD_PKEY_ASN1_METHS .
.Pp
.Fn ENGINE_set_default_string
is similar except that it selects the algorithms according to the string
.Fa def_list ,
which contains an arbitrary number of comma-separated keywords from
the following list: ALL, RSA, DSA, ECDH, ECDSA, DH, RAND, CIPHERS,
DIGESTS, PKEY_CRYPTO, PKEY_ASN1, and PKEY.
PKEY_CRYPTO corresponds to
.Dv ENGINE_METHOD_PKEY_METHS ,
PKEY_ASN1 to
.Dv ENGINE_METHOD_PKEY_ASN1_METHS ,
and PKEY selects both.
.Sh RETURN VALUES
These functions return 1 on success or 0 on error.
They fail if
.Xr ENGINE_init 3
fails or if insufficient memory is available.
.Sh SEE ALSO
.Xr ENGINE_get_default_RSA 3 ,
.Xr ENGINE_init 3 ,
.Xr ENGINE_new 3 ,
.Xr ENGINE_register_RSA 3 ,
.Xr ENGINE_set_RSA 3 ,
.Xr ENGINE_unregister_RSA 3
.Sh HISTORY
.Fn ENGINE_set_default ,
.Fn ENGINE_set_default_RSA ,
.Fn ENGINE_set_default_DSA ,
.Fn ENGINE_set_default_DH ,
and
.Fn ENGINE_set_default_RAND
first appeared in OpenSSL 0.9.7 and have been available since
.Ox 2.9 .
.Pp
.Fn ENGINE_set_default_string ,
.Fn ENGINE_set_default_ciphers ,
and
.Fn ENGINE_set_default_digests
first appeared in OpenSSL 0.9.7 and have been available since
.Ox 3.2 .
.Pp
.Fn ENGINE_set_default_ECDH
and
.Fn ENGINE_set_default_ECDSA
first appeared in OpenSSL 0.9.8 and have been available since
.Ox 4.5 .
.Sh CAVEATS
Failure of
.Xr ENGINE_finish 3
is ignored.
.Sh BUGS
Even when
.Fn ENGINE_set_default
or
.Fn ENGINE_set_default_string
fail, they typically still register
.Fa e
for some algorithms, but usually not for all it could be registered
for by calling the individual functions.

92
lib/libcrypto/man/ENGINE_set_flags.3
View file

@ -1,92 +0,0 @@
.\" $OpenBSD: ENGINE_set_flags.3,v 1.2 2018/04/18 03:39:22 schwarze Exp $
.\" content checked up to:
.\" OpenSSL ENGINE_add 1f13ad31 Dec 25 17:50:39 2017 +0800
.\"
.\" Copyright (c) 2018 Ingo Schwarze <schwarze@openbsd.org>
.\"
.\" Permission to use, copy, modify, and distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" copyright notice and this permission notice appear in all copies.
.\"
.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\"
.Dd $Mdocdate: April 18 2018 $
.Dt ENGINE_SET_FLAGS 3
.Os
.Sh NAME
.Nm ENGINE_set_flags ,
.Nm ENGINE_get_flags
.Nd modify the behaviour of an ENGINE object
.Sh SYNOPSIS
.In openssl/engine.h
.Ft int
.Fo ENGINE_set_flags
.Fa "ENGINE *e"
.Fa "int flags"
.Fc
.Ft int
.Fo ENGINE_get_flags
.Fa "const ENGINE *e"
.Fc
.Sh DESCRIPTION
.Fn ENGINE_set_flags
sets the flags attribute of
.Fa e
to the new
.Fa flags .
The previous state of the flags attribute is overwritten.
Flags that were previously set are cleared
unless they are also present in the new
.Fa flags .
.Pp
The
.Fa flags
argument can be the bitwise OR of zero or more
of the following constants:
.Bl -tag -width Ds
.It Dv ENGINE_FLAGS_BY_ID_COPY
.Xr ENGINE_by_id 3
returns a shallow copy of the
.Vt ENGINE
object it found rather than incrementing the reference count
and returning a pointer to the original.
.It Dv ENGINE_FLAGS_MANUAL_CMD_CTRL
.Xr ENGINE_ctrl 3
lets the function installed with
.Xr ENGINE_set_ctrl_function 3
handle all commands except
.Dv ENGINE_CTRL_HAS_CTRL_FUNCTION ,
even the builtin commands.
.It Dv ENGINE_FLAGS_NO_REGISTER_ALL
.Xr ENGINE_register_all_complete 3
skips
.Fa e .
.El
.Sh RETURN VALUES
.Fn ENGINE_set_flags
always returns 1.
.Pp
.Fn ENGINE_get_flags
returns the
.Fa flags
attribute of
.Fa e .
.Sh SEE ALSO
.Xr ENGINE_by_id 3 ,
.Xr ENGINE_ctrl 3 ,
.Xr ENGINE_init 3 ,
.Xr ENGINE_new 3 ,
.Xr ENGINE_register_all_complete 3 ,
.Xr ENGINE_set_RSA 3
.Sh HISTORY
.Fn ENGINE_set_flags
and
.Fn ENGINE_get_flags
first appeared in OpenSSL 0.9.7 and have been available since
.Ox 3.2 .

119
lib/libcrypto/man/ENGINE_unregister_RSA.3
View file

@ -1,119 +0,0 @@
.\" $OpenBSD: ENGINE_unregister_RSA.3,v 1.3 2018/04/18 03:39:22 schwarze Exp $
.\" content checked up to:
.\" OpenSSL ENGINE_add 1f13ad31 Dec 25 17:50:39 2017 +0800
.\"
.\" Copyright (c) 2018 Ingo Schwarze <schwarze@openbsd.org>
.\"
.\" Permission to use, copy, modify, and distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" copyright notice and this permission notice appear in all copies.
.\"
.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\"
.Dd $Mdocdate: April 18 2018 $
.Dt ENGINE_UNREGISTER_RSA 3
.Os
.Sh NAME
.Nm ENGINE_unregister_RSA ,
.Nm ENGINE_unregister_DSA ,
.Nm ENGINE_unregister_ECDH ,
.Nm ENGINE_unregister_ECDSA ,
.Nm ENGINE_unregister_DH ,
.Nm ENGINE_unregister_RAND ,
.Nm ENGINE_unregister_STORE ,
.Nm ENGINE_unregister_ciphers ,
.Nm ENGINE_unregister_digests
.Nd revoke the registration of an ENGINE object
.Sh SYNOPSIS
.In openssl/engine.h
.Ft void
.Fo ENGINE_unregister_RSA
.Fa "ENGINE *e"
.Fc
.Ft void
.Fo ENGINE_unregister_DSA
.Fa "ENGINE *e"
.Fc
.Ft void
.Fo ENGINE_unregister_ECDH
.Fa "ENGINE *e"
.Fc
.Ft void
.Fo ENGINE_unregister_ECDSA
.Fa "ENGINE *e"
.Fc
.Ft void
.Fo ENGINE_unregister_DH
.Fa "ENGINE *e"
.Fc
.Ft void
.Fo ENGINE_unregister_RAND
.Fa "ENGINE *e"
.Fc
.Ft void
.Fo ENGINE_unregister_STORE
.Fa "ENGINE *e"
.Fc
.Ft void
.Fo ENGINE_unregister_ciphers
.Fa "ENGINE *e"
.Fc
.Ft void
.Fo ENGINE_unregister_digests
.Fa "ENGINE *e"
.Fc
.Sh DESCRIPTION
These functions remove
.Fa e
from the list of
.Vt ENGINE
objects that were previously registered for the respective algorithm
with the functions described in
.Xr ENGINE_register_RSA 3 .
.Pp
If
.Fa e
is currently used as the default engine for the algorithm
as described in the
.Fn ENGINE_set_default 3
and
.Fn ENGINE_get_default_RSA 3
manual pages,
.Xr ENGINE_finish 3
is also called.
.Pp
.Fn ENGINE_unregister_ciphers
and
.Fn ENGINE_unregister_digests
unregister
.Fa e
for all ciphers or digests, respectively.
.Sh SEE ALSO
.Xr ENGINE_cleanup 3 ,
.Xr ENGINE_finish 3 ,
.Xr ENGINE_new 3 ,
.Xr ENGINE_register_RSA 3 ,
.Xr ENGINE_set_default 3
.Sh HISTORY
.Fn ENGINE_unregister_RSA ,
.Fn ENGINE_unregister_DSA ,
.Fn ENGINE_unregister_DH ,
.Fn ENGINE_unregister_RAND ,
.Fn ENGINE_unregister_ciphers ,
and
.Fn ENGINE_unregister_digests
first appeared in OpenSSL 0.9.7 and have been available since
.Ox 3.2 .
.Pp
.Fn ENGINE_unregister_ECDH ,
.Fn ENGINE_unregister_ECDSA ,
and
.Fn ENGINE_unregister_STORE
first appeared in OpenSSL 0.9.8 and have been available since
.Ox 4.5 .

7
lib/libcrypto/man/EVP_OpenInit.3
View file

@ -1,4 +1,4 @@
.\" $OpenBSD: EVP_OpenInit.3,v 1.8 2019/06/07 20:46:25 schwarze Exp $
.\" $OpenBSD: EVP_OpenInit.3,v 1.9 2023/11/16 20:27:43 schwarze Exp $
.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
.\"
.\" This file was written by Dr. Stephen Henson <steve@openssl.org>.
@ -48,7 +48,7 @@
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
.\" OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.Dd $Mdocdate: June 7 2019 $
.Dd $Mdocdate: November 16 2023 $
.Dt EVP_OPENINIT 3
.Os
.Sh NAME
@ -131,6 +131,9 @@ parameter is a variable length cipher then the key length will be set to
the value of the recovered key length.
If the cipher is a fixed length cipher then the recovered key length
must match the fixed cipher length.
.Pp
.Fn EVP_OpenUpdate
is implemented as a macro.
.Sh RETURN VALUES
.Fn EVP_OpenInit
returns 0 on error or a non-zero integer (actually the recovered secret

10
lib/libcrypto/man/EVP_PKEY_encrypt.3
View file

@ -1,4 +1,4 @@
.\" $OpenBSD: EVP_PKEY_encrypt.3,v 1.8 2023/05/14 09:29:37 tb Exp $
.\" $OpenBSD: EVP_PKEY_encrypt.3,v 1.9 2023/11/19 10:09:27 tb Exp $
.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
.\"
.\" This file was written by Dr. Stephen Henson <steve@openssl.org>.
@ -49,7 +49,7 @@
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
.\" OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.Dd $Mdocdate: May 14 2023 $
.Dd $Mdocdate: November 19 2023 $
.Dt EVP_PKEY_ENCRYPT 3
.Os
.Sh NAME
@ -138,17 +138,15 @@ to start with the default OpenSSL RSA implementation:
.Bd -literal -offset indent
#include <openssl/evp.h>
#include <openssl/rsa.h>
#include <openssl/engine.h>
EVP_PKEY_CTX *ctx;
ENGINE *eng;
unsigned char *out, *in;
size_t outlen, inlen;
EVP_PKEY *key;
/* NB: assumes eng, key in, inlen are already set up
/* NB: assumes that key, in, inlen are already set up
* and that key is an RSA public key
*/
ctx = EVP_PKEY_CTX_new(key, eng);
ctx = EVP_PKEY_CTX_new(key, NULL);
if (!ctx)
/* Error occurred */
if (EVP_PKEY_encrypt_init(ctx) <= 0)

7
lib/libcrypto/man/EVP_SealInit.3
View file

@ -1,4 +1,4 @@
.\" $OpenBSD: EVP_SealInit.3,v 1.8 2019/06/07 20:46:25 schwarze Exp $
.\" $OpenBSD: EVP_SealInit.3,v 1.9 2023/11/16 20:27:43 schwarze Exp $
.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
.\"
.\" This file was written by Dr. Stephen Henson <steve@openssl.org>.
@ -49,7 +49,7 @@
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
.\" OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.Dd $Mdocdate: June 7 2019 $
.Dd $Mdocdate: November 16 2023 $
.Dt EVP_SEALINIT 3
.Os
.Sh NAME
@ -162,6 +162,9 @@ set to 0 and (after setting any cipher parameters) it should be called
again with
.Fa type
set to NULL.
.Pp
.Fn EVP_SealUpdate
is implemented as a macro.
.Sh RETURN VALUES
.Fn EVP_SealInit
returns 0 on error or

10
lib/libcrypto/man/EVP_SignInit.3
View file

@ -1,4 +1,4 @@
.\" $OpenBSD: EVP_SignInit.3,v 1.16 2022/07/13 19:10:40 schwarze Exp $
.\" $OpenBSD: EVP_SignInit.3,v 1.17 2023/11/16 20:27:43 schwarze Exp $
.\" full merge up to: OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
.\" selective merge up to: OpenSSL 79b49fb0 Mar 20 10:03:10 2018 +1000
.\"
@ -50,7 +50,7 @@
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
.\" OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.Dd $Mdocdate: July 13 2022 $
.Dd $Mdocdate: November 16 2023 $
.Dt EVP_SIGNINIT 3
.Os
.Sh NAME
@ -157,6 +157,12 @@ Since only a copy of the digest context is ever finalized, the context
must be cleaned up after use by calling
.Xr EVP_MD_CTX_free 3
or a memory leak will occur.
.Pp
.Fn EVP_SignInit_ex ,
.Fn EVP_SignUpdate ,
and
.Fn EVP_SignInit
are implemented as macros.
.Sh RETURN VALUES
.Fn EVP_SignInit_ex ,
.Fn EVP_SignUpdate ,

10
lib/libcrypto/man/EVP_VerifyInit.3
View file

@ -1,4 +1,4 @@
.\" $OpenBSD: EVP_VerifyInit.3,v 1.10 2019/06/10 14:58:48 schwarze Exp $
.\" $OpenBSD: EVP_VerifyInit.3,v 1.11 2023/11/16 20:27:43 schwarze Exp $
.\" full merge up to: OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
.\" selective merge up to: OpenSSL 79b49fb0 Mar 20 10:03:10 2018 +1000
.\"
@ -50,7 +50,7 @@
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
.\" OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.Dd $Mdocdate: June 10 2019 $
.Dd $Mdocdate: November 16 2023 $
.Dt EVP_VERIFYINIT 3
.Os
.Sh NAME
@ -147,6 +147,12 @@ Since only a copy of the digest context is ever finalized, the context
must be cleaned up after use by calling
.Xr EVP_MD_CTX_free 3 ,
or a memory leak will occur.
.Pp
.Fn EVP_VerifyInit_ex ,
.Fn EVP_VerifyUpdate ,
and
.Fn EVP_VerifyInit
are implemented as macros.
.Sh RETURN VALUES
.Fn EVP_VerifyInit_ex
and

7
lib/libcrypto/man/EVP_aes_128_cbc.3
View file

@ -1,4 +1,4 @@
.\" $OpenBSD: EVP_aes_128_cbc.3,v 1.4 2020/06/24 18:15:00 jmc Exp $
.\" $OpenBSD: EVP_aes_128_cbc.3,v 1.5 2023/11/16 20:27:43 schwarze Exp $
.\" selective merge up to: OpenSSL 7c6d372a Nov 20 13:20:01 2018 +0000
.\"
.\" This file was written by Ronald Tse <ronald.tse@ribose.com>
@ -48,7 +48,7 @@
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
.\" OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.Dd $Mdocdate: June 24 2020 $
.Dd $Mdocdate: November 16 2023 $
.Dt EVP_AES_128_CBC 3
.Os
.Sh NAME
@ -205,7 +205,8 @@ are aliases for
.Fn EVP_aes_128_cfb128 ,
.Fn EVP_aes_192_cfb128 ,
and
.Fn EVP_aes_256_cfb128 .
.Fn EVP_aes_256_cfb128 ,
implemented as macros.
.Pp
.Fn EVP_aes_128_cbc_hmac_sha1
and

7
lib/libcrypto/man/EVP_sm4_cbc.3
View file

@ -1,4 +1,4 @@
.\" $OpenBSD: EVP_sm4_cbc.3,v 1.1 2019/03/18 05:56:24 schwarze Exp $
.\" $OpenBSD: EVP_sm4_cbc.3,v 1.2 2023/11/16 20:27:43 schwarze Exp $
.\" full merge up to: OpenSSL 87103969 Oct 1 14:11:57 2018 -0700
.\"
.\" Copyright (c) 2017 Ribose Inc
@ -18,7 +18,7 @@
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\"
.Dd $Mdocdate: March 18 2019 $
.Dd $Mdocdate: November 16 2023 $
.Dt EVP_SM4_CBC 3
.Os
.Sh NAME
@ -53,7 +53,8 @@ bits.
.Pp
.Fn EVP_sm4_cfb
is an alias for
.Fn EVP_sm4_cfb128 .
.Fn EVP_sm4_cfb128 ,
implemented as a macro.
.Pp
With an argument of
.Qq sm4

12
lib/libcrypto/man/Makefile
View file

@ -1,4 +1,4 @@
# $OpenBSD: Makefile,v 1.276 2023/09/29 08:57:49 tb Exp $
# $OpenBSD: Makefile,v 1.277 2023/11/19 10:36:14 tb Exp $
.include <bsd.own.mk>
@ -140,17 +140,7 @@ MAN= \
EC_KEY_new.3 \
EC_POINT_add.3 \
EC_POINT_new.3 \
ENGINE_add.3 \
ENGINE_ctrl.3 \
ENGINE_get_default_RSA.3 \
ENGINE_init.3 \
ENGINE_new.3 \
ENGINE_register_RSA.3 \
ENGINE_register_all_RSA.3 \
ENGINE_set_RSA.3 \
ENGINE_set_default.3 \
ENGINE_set_flags.3 \
ENGINE_unregister_RSA.3 \
ERR.3 \
ERR_GET_LIB.3 \
ERR_asprintf_error_data.3 \

6
lib/libcrypto/man/OPENSSL_VERSION_NUMBER.3
View file

@ -1,4 +1,4 @@
.\" $OpenBSD: OPENSSL_VERSION_NUMBER.3,v 1.12 2019/06/06 01:06:58 schwarze Exp $
.\" $OpenBSD: OPENSSL_VERSION_NUMBER.3,v 1.13 2023/11/16 20:17:04 schwarze Exp $
.\" full merge up to: OpenSSL 1f13ad31 Dec 25 17:50:39 2017 +0800
.\"
.\" This file is a derived work.
@ -68,7 +68,7 @@
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
.\" OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.Dd $Mdocdate: June 6 2019 $
.Dd $Mdocdate: November 16 2023 $
.Dt OPENSSL_VERSION_NUMBER 3
.Os
.Sh NAME
@ -217,7 +217,7 @@ is an alias for
and
.Fn SSLeay
for
.Dv OpenSSL_version_num .
.Fn OpenSSL_version_num .
The legacy function
.Fn SSLeay_version
is similar to

9
lib/libcrypto/man/OPENSSL_config.3
View file

@ -1,4 +1,4 @@
.\" $OpenBSD: OPENSSL_config.3,v 1.15 2019/06/14 13:41:31 schwarze Exp $
.\" $OpenBSD: OPENSSL_config.3,v 1.16 2023/11/19 21:01:27 tb Exp $
.\" full merge up to: OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
.\"
.\" This file is a derived work.
@ -65,7 +65,7 @@
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
.\" OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.Dd $Mdocdate: June 14 2019 $
.Dd $Mdocdate: November 19 2023 $
.Dt OPENSSL_CONFIG 3
.Os
.Sh NAME
@ -117,10 +117,9 @@ To use a non-standard configuration file, refer to
Internally,
.Fn OPENSSL_config
calls
.Xr OPENSSL_init_crypto 3 ,
.Xr OPENSSL_load_builtin_modules 3 ,
.Xr OPENSSL_init_crypto 3
and
.Xr ENGINE_load_builtin_engines 3 .
.Xr OPENSSL_load_builtin_modules 3 .
.Pp
If an application is compiled with the preprocessor symbol
.Dv OPENSSL_LOAD_CONF

10
lib/libcrypto/man/OPENSSL_load_builtin_modules.3
View file

@ -1,4 +1,4 @@
.\" $OpenBSD: OPENSSL_load_builtin_modules.3,v 1.6 2019/06/14 13:41:31 schwarze Exp $
.\" $OpenBSD: OPENSSL_load_builtin_modules.3,v 1.7 2023/11/19 20:59:00 tb Exp $
.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
.\"
.\" This file was written by Dr. Stephen Henson <steve@openssl.org>.
@ -48,13 +48,12 @@
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
.\" OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.Dd $Mdocdate: June 14 2019 $
.Dd $Mdocdate: November 19 2023 $
.Dt OPENSSL_LOAD_BUILTIN_MODULES 3
.Os
.Sh NAME
.Nm OPENSSL_load_builtin_modules ,
.Nm ASN1_add_oid_module ,
.Nm ENGINE_add_conf_module
.Nd add standard configuration modules
.Sh SYNOPSIS
.In openssl/conf.h
@ -62,8 +61,6 @@
.Fn OPENSSL_load_builtin_modules void
.Ft void
.Fn ASN1_add_oid_module void
.Ft void
.Fn ENGINE_add_conf_module void
.Sh DESCRIPTION
The function
.Fn OPENSSL_load_builtin_modules
@ -74,9 +71,6 @@ They can then be used by the OpenSSL configuration code.
.Fn ASN1_add_oid_module
adds just the ASN.1 OBJECT module.
.Pp
.Fn ENGINE_add_conf_module
adds just the ENGINE configuration module.
.Pp
If the simple configuration function
.Xr OPENSSL_config 3
is called then

8
lib/libcrypto/man/OPENSSL_malloc.3
View file

@ -1,4 +1,4 @@
.\" $OpenBSD: OPENSSL_malloc.3,v 1.10 2022/11/06 18:31:15 tb Exp $
.\" $OpenBSD: OPENSSL_malloc.3,v 1.11 2023/11/16 20:27:43 schwarze Exp $
.\"
.\" Copyright (c) 2016 Ingo Schwarze <schwarze@openbsd.org>
.\"
@ -14,7 +14,7 @@
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\"
.Dd $Mdocdate: November 6 2022 $
.Dd $Mdocdate: November 16 2023 $
.Dt OPENSSL_MALLOC 3
.Os
.Sh NAME
@ -83,6 +83,10 @@ standard
and
.Xr strdup 3
functions.
.Pp
The four
.Fn OPENSSL_*
functions are implemented as macros.
.Sh RETURN VALUES
These functions return the same type and value as the corresponding
standard functions.

9
lib/libcrypto/man/OpenSSL_add_all_algorithms.3
View file

@ -1,4 +1,4 @@
.\" $OpenBSD: OpenSSL_add_all_algorithms.3,v 1.14 2023/09/10 14:39:58 schwarze Exp $
.\" $OpenBSD: OpenSSL_add_all_algorithms.3,v 1.15 2023/11/16 20:27:43 schwarze Exp $
.\" full merge up to: OpenSSL b3696a55 Sep 2 09:35:50 2017 -0400
.\"
.\" This file was written by Dr. Stephen Henson <steve@openssl.org>.
@ -48,7 +48,7 @@
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
.\" OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.Dd $Mdocdate: September 10 2023 $
.Dd $Mdocdate: November 16 2023 $
.Dt OPENSSL_ADD_ALL_ALGORITHMS 3
.Os
.Sh NAME
@ -117,6 +117,11 @@ including any that are unrelated to the EVP library.
.Fn SSLeay_add_all_algorithms
is a deprecated alias for
.Fn OpenSSL_add_all_algorithms .
.Pp
.Fn OpenSSL_add_all_algorithms
and
.Fn SSLeay_add_all_algorithms
are implemented as macros.
.Sh SEE ALSO
.Xr evp 3 ,
.Xr EVP_add_cipher 3 ,

25
lib/libcrypto/man/RSA_check_key.3
View file

@ -1,4 +1,4 @@
.\" $OpenBSD: RSA_check_key.3,v 1.9 2023/05/01 07:28:11 tb Exp $
.\" $OpenBSD: RSA_check_key.3,v 1.10 2023/11/19 21:06:15 tb Exp $
.\" OpenSSL 6859cf74 Sep 25 13:33:28 2002 +0000
.\"
.\" This file was written by Ulf Moeller <ulf@openssl.org> and
@ -49,7 +49,7 @@
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
.\" OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.Dd $Mdocdate: May 1 2023 $
.Dd $Mdocdate: November 19 2023 $
.Dt RSA_CHECK_KEY 3
.Os
.Sh NAME
@ -92,27 +92,6 @@ key structure must contain all the private key data too.
Therefore, it cannot be used with any arbitrary
.Vt RSA
key object, even if it is otherwise fit for regular RSA operation.
.Pp
Unlike most other RSA functions, this function does
.Sy not
work transparently with any underlying
.Vt ENGINE
implementation because it uses the key data in the
.Vt RSA
structure directly.
An
.Vt ENGINE
implementation can override the way key data is stored and handled,
and can even provide support for HSM keys - in which case the
.Vt RSA
structure may contain
.Sy no
key data at all!
If the
.Vt ENGINE
in question is only being used for acceleration or analysis purposes,
then in all likelihood the RSA key data is complete and untouched,
but this can't be assumed in the general case.
.Sh RETURN VALUES
.Fn RSA_check_key
returns 1 if

6
lib/libcrypto/man/RSA_get_ex_new_index.3
View file

@ -1,4 +1,4 @@
.\" $OpenBSD: RSA_get_ex_new_index.3,v 1.12 2023/09/18 14:49:43 schwarze Exp $
.\" $OpenBSD: RSA_get_ex_new_index.3,v 1.13 2023/11/19 21:08:04 tb Exp $
.\"
.\" Copyright (c) 2023 Ingo Schwarze <schwarze@openbsd.org>
.\"
@ -14,7 +14,7 @@
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\"
.Dd $Mdocdate: September 18 2023 $
.Dd $Mdocdate: November 19 2023 $
.Dt RSA_GET_EX_NEW_INDEX 3
.Os
.Sh NAME
@ -47,7 +47,7 @@
The following parent objects can have application specific data called
.Dq ex_data
attached to them:
.Vt BIO , DH , DSA , EC_KEY , ENGINE , RSA ,
.Vt BIO , DH , DSA , EC_KEY , RSA ,
.Vt SSL , SSL_CTX , SSL_SESSION , UI , X509 , X509_STORE ,
and
.Vt X509_STORE_CTX .

20
lib/libcrypto/man/RSA_new.3
View file

@ -1,4 +1,4 @@
.\" $OpenBSD: RSA_new.3,v 1.17 2022/07/13 21:51:35 schwarze Exp $
.\" $OpenBSD: RSA_new.3,v 1.18 2023/11/19 21:03:22 tb Exp $
.\" full merge up to:
.\" OpenSSL doc/man3/RSA_new.pod e9b77246 Jan 20 19:58:49 2017 +0100
.\" OpenSSL doc/crypto/rsa.pod 35d2e327 Jun 3 16:19:49 2016 -0400 (final)
@ -67,7 +67,7 @@
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
.\" OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.Dd $Mdocdate: July 13 2022 $
.Dd $Mdocdate: November 19 2023 $
.Dt RSA_NEW 3
.Os
.Sh NAME
@ -128,12 +128,8 @@ decrements the reference count by 1.
If it reaches 0, it calls the optional
.Fa finish
function set up with
.Xr RSA_meth_set_finish 3 ,
calls
.Xr ENGINE_finish 3
if
.Fa rsa
uses an engine, and frees the
.Xr RSA_meth_set_finish 3
and frees the
.Vt RSA
structure and its components.
The key is erased before the memory is returned to the system.
@ -185,12 +181,8 @@ values are available.
.Pp
Note that RSA keys may use non-standard
.Vt RSA_METHOD
implementations, either directly or by the use of
.Vt ENGINE
modules.
In some cases (e.g. an
.Vt ENGINE
providing support for hardware-embedded keys), these
implementations.
In some cases, these
.Vt BIGNUM
values will not be used by the implementation or may be used for
alternative data storage.

44
lib/libcrypto/man/RSA_set_method.3
View file

@ -1,4 +1,4 @@
.\" $OpenBSD: RSA_set_method.3,v 1.17 2023/05/14 09:33:19 tb Exp $
.\" $OpenBSD: RSA_set_method.3,v 1.18 2023/11/19 10:34:26 tb Exp $
.\" OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400
.\"
.\" This file was written by Ulf Moeller <ulf@openssl.org>
@ -50,7 +50,7 @@
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
.\" OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.Dd $Mdocdate: May 14 2023 $
.Dd $Mdocdate: November 19 2023 $
.Dt RSA_SET_METHOD 3
.Os
.Sh NAME
@ -105,16 +105,9 @@ selects
as the default method for all
.Vt RSA
structures created later.
If any
.Vt ENGINE
was registered with
.Xr ENGINE_register_RSA 3
that can be successfully initialized, it overrides the default.
.Pp
.Fn RSA_get_default_method
returns a pointer to the current default method,
even if it is actually overridden by an
.Vt ENGINE .
returns a pointer to the current default method.
.Pp
.Fn RSA_set_method
selects
@ -127,10 +120,7 @@ used by the RSA key, calling the
.Fa finish
function set up with
.Xr RSA_meth_set_finish 3
if any, and if the previous method was supplied by an
.Vt ENGINE ,
.Xr ENGINE_finish 3
is called on it.
if any.
If
.Fa meth
contains an
@ -142,9 +132,7 @@ that function is called just before returning from
.Pp
It is possible to have RSA keys that only work with certain
.Vt RSA_METHOD
implementations (e.g. from an
.Vt ENGINE
module that supports embedded hardware-protected keys),
implementations,
and in such cases attempting to change the
.Vt RSA_METHOD
for the key can have unexpected results.
@ -154,12 +142,6 @@ returns a pointer to the
.Vt RSA_METHOD
being used by
.Fa rsa .
This method may or may not be supplied by an
.Vt ENGINE
implementation but if it is, the return value can only be guaranteed
to be valid as long as the RSA key itself is valid and does not
have its implementation changed by
.Fn RSA_set_method .
.Pp
The misleadingly named function
.Fn RSA_flags
@ -178,17 +160,10 @@ section for more details.
.Fn RSA_new_method
allocates and initializes an
.Vt RSA
structure so that
structure.
The
.Fa engine
is used for the RSA operations.
If
.Fa engine
is
.Dv NULL ,
.Xr ENGINE_get_default_RSA 3
is used.
If that returns
.Dv NULL ,
argument is ignored and
the default method controlled by
.Fn RSA_set_default_method
is used.
@ -224,9 +199,6 @@ and sets an error code that can be obtained by
if the allocation fails.
Otherwise it returns a pointer to the newly allocated structure.
.Sh SEE ALSO
.Xr ENGINE_get_default_RSA 3 ,
.Xr ENGINE_register_RSA 3 ,
.Xr ENGINE_set_default_RSA 3 ,
.Xr RSA_meth_new 3 ,
.Xr RSA_new 3
.Sh HISTORY

6
lib/libcrypto/man/X509_STORE_get_by_subject.3
View file

@ -1,4 +1,4 @@
.\" $OpenBSD: X509_STORE_get_by_subject.3,v 1.4 2023/08/10 14:15:16 schwarze Exp $
.\" $OpenBSD: X509_STORE_get_by_subject.3,v 1.5 2023/11/16 20:27:43 schwarze Exp $
.\"
.\" Copyright (c) 2021, 2023 Ingo Schwarze <schwarze@openbsd.org>
.\"
@ -14,7 +14,7 @@
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\"
.Dd $Mdocdate: August 10 2023 $
.Dd $Mdocdate: November 16 2023 $
.Dt X509_STORE_GET_BY_SUBJECT 3
.Os
.Sh NAME
@ -160,7 +160,7 @@ encourage checking of validity times, CAs with a valid time are
preferred, but if no matching CA has a valid time, one with an
invalid time is accepted anyway.
.Pp
The following are deprecated aliases:
The following are deprecated aliases implemented as macros:
.Bl -column X509_STORE_get_by_subject F X509_STORE_CTX_get_by_subject
.It Fn X509_STORE_get_by_subject Ta for Ta Fn X509_STORE_CTX_get_by_subject
.It Fn X509_STORE_get1_certs Ta for Ta Fn X509_STORE_CTX_get1_certs

6
lib/libcrypto/man/X509_STORE_set1_param.3
View file

@ -1,4 +1,4 @@
.\" $OpenBSD: X509_STORE_set1_param.3,v 1.19 2021/10/18 18:20:39 schwarze Exp $
.\" $OpenBSD: X509_STORE_set1_param.3,v 1.20 2023/11/16 20:27:43 schwarze Exp $
.\" content checked up to:
.\" OpenSSL man3/X509_STORE_add_cert b0edda11 Mar 20 13:00:17 2018 +0000
.\" OpenSSL man3/X509_STORE_get0_param e90fc053 Jul 15 09:39:45 2017 -0400
@ -17,7 +17,7 @@
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\"
.Dd $Mdocdate: October 18 2021 $
.Dd $Mdocdate: November 16 2023 $
.Dt X509_STORE_SET1_PARAM 3
.Os
.Sh NAME
@ -145,6 +145,8 @@ Their usage is identical to that of
.Xr RSA_set_ex_data 3 ,
and
.Xr RSA_get_ex_data 3 .
.Fn X509_STORE_get_ex_new_index
is implemented as a macro.
.Sh RETURN VALUES
.Fn X509_STORE_set1_param ,
.Fn X509_STORE_set_purpose ,

317
lib/libcrypto/man/bn_dump.3
View file

@ -1,4 +1,4 @@
.\" $OpenBSD: bn_dump.3,v 1.8 2023/01/20 12:16:46 jsing Exp $
.\" $OpenBSD: bn_dump.3,v 1.9 2023/11/16 18:10:19 schwarze Exp $
.\" full merge up to:
.\" OpenSSL crypto/bn/README.pod aebb9aac Jul 19 09:27:53 2016 -0400
.\"
@ -50,7 +50,7 @@
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
.\" OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.Dd $Mdocdate: January 20 2023 $
.Dd $Mdocdate: November 16 2023 $
.Dt BN_DUMP 3
.Os
.Sh NAME
@ -64,28 +64,12 @@
.Nm bn_mul_comba8 ,
.Nm bn_sqr_comba4 ,
.Nm bn_sqr_comba8 ,
.Nm bn_cmp_words ,
.Nm bn_mul_normal ,
.Nm bn_mul_recursive ,
.Nm bn_mul_part_recursive ,
.Nm bn_sqr_normal ,
.Nm bn_sqr_recursive ,
.Nm bn_expand ,
.Nm bn_wexpand ,
.Nm bn_expand2 ,
.Nm bn_fix_top ,
.Nm bn_check_top ,
.Nm bn_print ,
.Nm bn_dump ,
.Nm bn_set_max ,
.Nm bn_set_high ,
.Nm bn_set_low ,
.Nm mul ,
.Nm mul_add ,
.Nm sqr
.Nm bn_wexpand
.Nd BIGNUM library internal functions
.Sh SYNOPSIS
.In openssl/bn.h
.Fd #include "bn_local.h"
.Ft BN_ULONG
.Fo bn_mul_words
.Fa "BN_ULONG *rp"
@ -148,12 +132,6 @@
.Fa "BN_ULONG *r"
.Fa "BN_ULONG *a"
.Fc
.Ft int
.Fo bn_cmp_words
.Fa "BN_ULONG *a"
.Fa "BN_ULONG *b"
.Fa "int n"
.Fc
.Ft void
.Fo bn_mul_normal
.Fa "BN_ULONG *r"
@ -162,60 +140,6 @@
.Fa "BN_ULONG *b"
.Fa "int nb"
.Fc
.Ft void
.Fo bn_mul_recursive
.Fa "BN_ULONG *r"
.Fa "BN_ULONG *a"
.Fa "BN_ULONG *b"
.Fa "int n2"
.Fa "int dna"
.Fa "int dnb"
.Fa "BN_ULONG *tmp"
.Fc
.Ft void
.Fo bn_mul_part_recursive
.Fa "BN_ULONG *r"
.Fa "BN_ULONG *a"
.Fa "BN_ULONG *b"
.Fa "int n"
.Fa "int tna"
.Fa "int tnb"
.Fa "BN_ULONG *tmp"
.Fc
.Ft void
.Fo bn_sqr_normal
.Fa "BN_ULONG *r"
.Fa "BN_ULONG *a"
.Fa "int n"
.Fa "BN_ULONG *tmp"
.Fc
.Ft void
.Fo bn_sqr_recursive
.Fa "BN_ULONG *r"
.Fa "BN_ULONG *a"
.Fa "int n2"
.Fa "BN_ULONG *tmp"
.Fc
.Ft void
.Fo mul
.Fa "BN_ULONG r"
.Fa "BN_ULONG a"
.Fa "BN_ULONG w"
.Fa "BN_ULONG c"
.Fc
.Ft void
.Fo mul_add
.Fa "BN_ULONG r"
.Fa "BN_ULONG a"
.Fa "BN_ULONG w"
.Fa "BN_ULONG c"
.Fc
.Ft void
.Fo sqr
.Fa "BN_ULONG r0"
.Fa "BN_ULONG r1"
.Fa "BN_ULONG a"
.Fc
.Ft BIGNUM *
.Fo bn_expand
.Fa "BIGNUM *a"
@ -226,46 +150,8 @@
.Fa "BIGNUM *a"
.Fa "int n"
.Fc
.Ft BIGNUM *
.Fo bn_expand2
.Fa "BIGNUM *a"
.Fa "int n"
.Fc
.Ft void
.Fo bn_fix_top
.Fa "BIGNUM *a"
.Fc
.Ft void
.Fo bn_check_top
.Fa "BIGNUM *a"
.Fc
.Ft void
.Fo bn_print
.Fa "BIGNUM *a"
.Fc
.Ft void
.Fo bn_dump
.Fa "BN_ULONG *d"
.Fa "int n"
.Fc
.Ft void
.Fo bn_set_max
.Fa "BIGNUM *a"
.Fc
.Ft void
.Fo bn_set_high
.Fa "BIGNUM *r"
.Fa "BIGNUM *a"
.Fa "int n"
.Fc
.Ft void
.Fo bn_set_low
.Fa "BIGNUM *r"
.Fa "BIGNUM *a"
.Fa "int n"
.Fc
.Sh DESCRIPTION
This page documents the internal functions used by the OpenSSL
This page documents some internal functions used by the
.Vt BIGNUM
implementation.
They are described here to facilitate debugging and extending the
@ -327,16 +213,12 @@ is a bit field of flags which are defined in
.In openssl/bn.h .
The flags begin with
.Dv BN_FLG_ .
The macros
.Fn BN_set_flags b n
The functions
.Xr BN_set_flags 3
and
.Fn BN_get_flags b n
exist to enable or fetch flag(s)
.Fa n
from a
.Vt BIGNUM
structure
.Fa b .
.Xr BN_get_flags 3
enable or inspect
.Fa flags .
.Pp
Various routines in this library require the use of temporary
.Vt BIGNUM
@ -488,18 +370,6 @@ and the 16 word array
.Pp
The following functions are implemented in C:
.Pp
.Fn bn_cmp_words a b n
operates on the
.Fa n
word arrays
.Fa a
and
.Fa b .
It returns 1, 0 and -1 if
.Fa a
is greater than, equal and less than
.Fa b .
.Pp
.Fn bn_mul_normal r a na b nb
operates on the
.Fa na
@ -518,103 +388,15 @@ It computes
and places the result in
.Fa r .
.Pp
.Fn bn_mul_recursive r a b n2 dna dnb t
operates on the word arrays
.Fa a
and
.Fa b
of length
.Fa n2 Ns + Ns Fa dna
and
.Fa n2 Ns + Ns Fa dnb
.Pf ( Fa dna
and
.Fa dnb
are currently allowed to be 0 or negative) and the
.Pf 2* Fa n2
word arrays
.Fa r
and
.Sy t .
.Fa n2
must be a power of 2.
It computes
.Fa a Ns * Ns Fa b
and places the result in
.Fa r .
.Pp
.Fn bn_mul_part_recursive r a b n tna tnb tmp
operates on the word arrays
.Fa a
and
.Fa b
of length
.Fa n Ns + Ns Fa tna
and
.Fa n Ns + Ns Fa tnb
and the
.Pf 4* Fa n
word arrays
.Fa r
and
.Fa tmp .
.Pp
.Xr BN_mul 3
calls
.Fn bn_mul_normal ,
or an optimized implementation if the factors have the same size:
.Fn bn_mul_comba4
if both factors are 4 words long,
.Fn bn_mul_comba8
is used if they are 8 words long,
.Fn bn_mul_recursive
if they are larger than
.Dv BN_MULL_SIZE_NORMAL
and the size is an exact multiple of the word size, and
.Fn bn_mul_part_recursive
for others that are larger than
.Dv BN_MULL_SIZE_NORMAL .
.Pp
.Fn bn_sqr_normal r a n tmp
operates on the
.Fa n
word array
.Fa a
and the
.Pf 2* Fa n
word arrays
.Fa tmp
and
.Fa r .
.Pp
The implementations use the following macros which, depending on the
architecture, may use
.Vt long long
C operations or inline assembler.
They are defined in
.Pa bn_lcl.h .
.Pp
.Fn mul r a w c
computes
.Fa w Ns * Ns Fa a Ns + Ns Fa c
and places the low word of the result in
.Fa r
and the high word in
.Fa c .
.Pp
.Fn mul_add r a w c
computes
.Fa w Ns * Ns Fa a Ns + Ns Fa r Ns + Ns Fa c
and places the low word of the result in
.Fa r
and the high word in
.Fa c .
.Pp
.Fn sqr r0 r1 a
computes
.Fa a Ns * Ns Fa a
and places the low word of the result in
.Fa r0
and the high word in
.Fa r1 .
if both factors are 8 words long,
or
.Fn bn_mul_normal
otherwise.
.Ss Size changes
.Fn bn_expand
ensures that
@ -628,71 +410,6 @@ ensures that
has enough space for an
.Fa n
word number.
If the number has to be expanded, both macros call
.Fn bn_expand2 ,
which allocates a new
.Fa d
array and copies the data.
They return
.Dv NULL
on error,
.Fa b
otherwise.
.Pp
The
.Fn bn_fix_top
macro reduces
.Fa a Ns -> Ns Fa top
to point to the most significant non-zero word plus one when
.Fa a
has shrunk.
.Ss Debugging
.Fn bn_check_top
verifies that
.Ql ((a)-\(ratop \(ra= 0 && (a)-\(ratop \(la= (a)-\(radmax) .
A violation will cause the program to abort.
.Pp
.Fn bn_print
prints
.Fa a
to
.Dv stderr .
.Fn bn_dump
prints
.Fa n
words at
.Fa d
(in reverse order, i.e.\&
most significant word first) to
.Dv stderr .
.Pp
.Fn bn_set_max
makes
.Fa a
a static number with a
.Fa dmax
of its current size.
This is used by
.Fn bn_set_low
and
.Fn bn_set_high
to make
.Fa r
a read-only
.Vt BIGNUM
that contains the
.Fa n
low or high words of
.Fa a .
.Pp
If
.Dv BN_DEBUG
is not defined,
.Fn bn_check_top ,
.Fn bn_print ,
.Fn bn_dump
and
.Fn bn_set_max
are defined as empty macros.
They return 0 on error or 1 otherwise.
.Sh SEE ALSO
.Xr BN_new 3

30
lib/libcrypto/man/evp.3
View file

@ -1,4 +1,4 @@
.\" $OpenBSD: evp.3,v 1.24 2023/09/09 14:39:09 schwarze Exp $
.\" $OpenBSD: evp.3,v 1.25 2023/11/19 10:25:28 tb Exp $
.\" full merge up to: OpenSSL man7/evp 24a535ea Sep 22 13:14:20 2020 +0100
.\"
.\" This file was written by Ulf Moeller <ulf@openssl.org>,
@ -51,7 +51,7 @@
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
.\" OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.Dd $Mdocdate: September 9 2023 $
.Dd $Mdocdate: November 19 2023 $
.Dt EVP 3
.Os
.Sh NAME
@ -156,30 +156,6 @@ example, PBKDF2 from PCKS#5).
The
.Xr EVP_EncodeInit 3
family of functions provides base64 encoding and decoding.
.Pp
All the symmetric algorithms (ciphers), digests and asymmetric
algorithms (public key algorithms) can be replaced by
.Vt ENGINE
modules providing alternative implementations; see
.Xr ENGINE_register_RSA 3
and the related manual pages for more information.
If
.Vt ENGINE
implementations of ciphers or digests are registered as defaults,
then the various EVP functions will automatically use those
implementations in preference to built in software implementations.
.Pp
Although low-level algorithm specific functions exist for many
algorithms, their use is discouraged.
They cannot be used with an
.Vt ENGINE ,
and
.Vt ENGINE
versions of new algorithms cannot be accessed using the low-level
functions.
Using them also makes code harder to adapt to new algorithms, some
options are not cleanly supported at the low level, and some
operations are more efficient using the high-level interfaces.
.Sh SEE ALSO
.Xr ASN1_item_digest 3 ,
.Xr ASN1_item_sign 3 ,
@ -191,8 +167,6 @@ operations are more efficient using the high-level interfaces.
.Xr crypto 3 ,
.Xr d2i_PKCS8PrivateKey_bio 3 ,
.Xr d2i_PrivateKey 3 ,
.Xr ENGINE_get_cipher 3 ,
.Xr ENGINE_register_RSA 3 ,
.Xr EVP_add_cipher 3 ,
.Xr EVP_AEAD_CTX_init 3 ,
.Xr EVP_aes_128_cbc 3 ,

108
lib/libcrypto/man/openssl.cnf.5
View file

@ -1,4 +1,4 @@
.\" $OpenBSD: openssl.cnf.5,v 1.9 2023/10/21 14:05:49 tb Exp $
.\" $OpenBSD: openssl.cnf.5,v 1.10 2023/11/19 10:23:53 tb Exp $
.\" full merge up to: OpenSSL man5/config b53338cb Feb 28 12:30:28 2017 +0100
.\" selective merge up to: OpenSSL a8c5ed81 Jul 18 13:57:25 2017 -0400
.\"
@ -50,7 +50,7 @@
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
.\" OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.Dd $Mdocdate: October 21 2023 $
.Dd $Mdocdate: November 19 2023 $
.Dt OPENSSL.CNF 5
.Os
.Sh NAME
@ -192,13 +192,9 @@ openssl_conf = openssl_init
[openssl_init]
oid_section = new_oids
engines = engine_section
[new_oids]
\&... new oids here ...
[engine_section]
\&... engine stuff here ...
.Ed
.Pp
The features of each configuration module are described below.
@ -228,106 +224,6 @@ comma and the numerical OID form.
For example:
.Pp
.Dl shortName = some object long name, 1.2.3.4
.Ss Engine Configuration Module
This ENGINE configuration module has the name
.Ic engines .
The value of this variable points to a section containing further ENGINE
configuration information.
.Pp
The section pointed to by
.Ic engines
is a table of engine names (though see
.Ic engine_id
below) and further sections containing configuration information
specific to each ENGINE.
.Pp
Each ENGINE specific section is used to set default algorithms, load
dynamic ENGINEs, perform initialization and send ctrls.
The actual operation performed depends on the command
name which is the name of the name value pair.
The currently supported commands are listed below.
.Pp
For example:
.Bd -literal -offset indent
[engine_section]
# Configure ENGINE named "foo"
foo = foo_section
# Configure ENGINE named "bar"
bar = bar_section
[foo_section]
\&... foo ENGINE specific commands ...
[bar_section]
\&... "bar" ENGINE specific commands ...
.Ed
.Pp
The command
.Ic engine_id
is used to give the ENGINE name.
If used, this command must be first.
For example:
.Bd -literal -offset indent
[engine_section]
# This would normally handle an ENGINE named "foo"
foo = foo_section
[foo_section]
# Override default name and use "myfoo" instead.
engine_id = myfoo
.Ed
.Pp
The command
.Ic dynamic_path
loads and adds an ENGINE from the given path.
It is equivalent to sending the ctrls
.Sy SO_PATH
with the path argument followed by
.Sy LIST_ADD
with value 2 and
.Sy LOAD
to the dynamic ENGINE.
If this is not the required behaviour then alternative ctrls can be sent
directly to the dynamic ENGINE using ctrl commands.
.Pp
The command
.Ic init
determines whether to initialize the ENGINE.
If the value is 0, the ENGINE will not be initialized.
If it is 1, an attempt is made to initialized the ENGINE immediately.
If the
.Ic init
command is not present, then an attempt will be made to initialize
the ENGINE after all commands in its section have been processed.
.Pp
The command
.Ic default_algorithms
sets the default algorithms an ENGINE will supply using the functions
.Xr ENGINE_set_default_string 3 .
.Pp
If the name matches none of the above command names, it is assumed
to be a ctrl command which is sent to the ENGINE.
The value of the command is the argument to the ctrl command.
If the value is the string
.Cm EMPTY ,
then no value is sent to the command.
.Pp
For example:
.Bd -literal -offset indent
[engine_section]
# Configure ENGINE named "foo"
foo = foo_section
[foo_section]
# Load engine from DSO
dynamic_path = /some/path/fooengine.so
# A foo specific ctrl.
some_ctrl = some_value
# Another ctrl that doesn't take a value.
other_ctrl = EMPTY
# Supply all default algorithms
default_algorithms = ALL
.Ed
.Sh FILES
.Bl -tag -width /etc/ssl/openssl.cnf -compact
.It Pa /etc/ssl/openssl.cnf