upstream/opnsense-src
1
0
Fork 0
mirror of https://github.com/opnsense/src.git synced 2026-06-11 01:30:30 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

openssl: Import version 3.5.1

Browse source 
Migrate to OpenSSL 3.5 in advance of FreeBSD 15.0. OpenSSL 3.0 will be
EOL after 2026-09-07.

Approved by:	philip (mentor)
Sponsored by:	Alpha-Omega Beach Cleaning Project
Sponsored by:	The FreeBSD Foundation
Differential revision:	https://reviews.freebsd.org/D51613
This commit is contained in:
Pierre Pronchery 2025-07-11 23:57:10 +02:00
parent e7be843b4a
commit 4757b351ea
1039 changed files with 168555 additions and 99130 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
ObsoleteFiles.inc
View file

@ -152,6 +152,15 @@ OLD_FILES+=usr/share/flua/yaml.lua
# 20250615: don't install man page for absent function
OLD_FILES+=usr/share/man/man9/vm_map_simplify_entry.9.gz
# 20250615: OpenSSL 3.5.0
OLD_LIBS+=lib/libcrypto.so.30
OLD_FILES+=usr/include/openssl/asn1_mac.h
OLD_LIBS+=usr/lib/libssl.so.30
OLD_FILES+=usr/share/man/man3/TS_VERIFY_CTX_set_certs.3
OLD_FILES+=usr/share/man/man7/crypto.7
OLD_FILES+=usr/share/man/man7/migration_guide.7
OLD_FILES+=usr/share/man/man7/ssl.7
# 20250521: don't install zoneinfo version
OLD_FILES+=usr/share/zoneinfo/version

383
crypto/openssl/apps/CA.pl Executable file
View file

@ -0,0 +1,383 @@
#!/usr/local/bin/perl
# Copyright 2000-2025 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the Apache License 2.0 (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
# in the file LICENSE in the source distribution or at
# https://www.openssl.org/source/license.html
#
# Wrapper around the ca to make it easier to use
#
# WARNING: do not edit!
# Generated by Makefile from apps/CA.pl.in
use strict;
use warnings;
my $verbose = 1;
my @OPENSSL_CMDS = ("req", "ca", "pkcs12", "x509", "verify");
my $openssl = $ENV{'OPENSSL'} // "openssl";
$ENV{'OPENSSL'} = $openssl;
my @openssl = split_val($openssl);
my $OPENSSL_CONFIG = $ENV{"OPENSSL_CONFIG"} // "";
my @OPENSSL_CONFIG = split_val($OPENSSL_CONFIG);
# Command invocations.
my @REQ = (@openssl, "req", @OPENSSL_CONFIG);
my @CA = (@openssl, "ca", @OPENSSL_CONFIG);
my @VERIFY = (@openssl, "verify");
my @X509 = (@openssl, "x509");
my @PKCS12 = (@openssl, "pkcs12");
# Default values for various configuration settings.
my $CATOP = "./demoCA";
my $CAKEY = "cakey.pem";
my $CAREQ = "careq.pem";
my $CACERT = "cacert.pem";
my $CACRL = "crl.pem";
my @DAYS = qw(-days 365);
my @CADAYS = qw(-days 1095); # 3 years
my @EXTENSIONS = qw(-extensions v3_ca);
my @POLICY = qw(-policy policy_anything);
my $NEWKEY = "newkey.pem";
my $NEWREQ = "newreq.pem";
my $NEWCERT = "newcert.pem";
my $NEWP12 = "newcert.p12";
# Commandline parsing
my %EXTRA;
my $WHAT = shift @ARGV // "";
@ARGV = parse_extra(@ARGV);
my $RET = 0;
sub split_val {
return split_val_win32(@_) if ($^O eq 'MSWin32');
my ($val) = @_;
my (@ret, @frag);
# Skip leading whitespace
$val =~ m{\A[ \t]*}ogc;
# Unix shell-compatible split
#
# Handles backslash escapes outside quotes and
# in double-quoted strings. Parameter and
# command-substitution is silently ignored.
# Bare newlines outside quotes and (trailing) backslashes are disallowed.
while (1) {
last if (pos($val) == length($val));
# The first char is never a SPACE or TAB. Possible matches are:
# 1. Ordinary string fragment
# 2. Single-quoted string
# 3. Double-quoted string
# 4. Backslash escape
# 5. Bare backlash or newline (rejected)
#
if ($val =~ m{\G([^'" \t\n\\]+)}ogc) {
# Ordinary string
push @frag, $1;
} elsif ($val =~ m{\G'([^']*)'}ogc) {
# Single-quoted string
push @frag, $1;
} elsif ($val =~ m{\G"}ogc) {
# Double-quoted string
push @frag, "";
while (1) {
last if ($val =~ m{\G"}ogc);
if ($val =~ m{\G([^"\\]+)}ogcs) {
# literals
push @frag, $1;
} elsif ($val =~ m{\G.(["\`\$\\])}ogc) {
# backslash-escaped special
push @frag, $1;
} elsif ($val =~ m{\G.(.)}ogcs) {
# backslashed non-special
push @frag, "\\$1" unless $1 eq "\n";
} else {
die sprintf("Malformed quoted string: %s\n", $val);
}
}
} elsif ($val =~ m{\G\\(.)}ogc) {
# Backslash is unconditional escape outside quoted strings
push @frag, $1 unless $1 eq "\n";
} else {
die sprintf("Bare backslash or newline in: '%s'\n", $val);
}
# Done if at SPACE, TAB or end, otherwise continue current fragment
#
next unless ($val =~ m{\G(?:[ \t]+|\z)}ogcs);
push @ret, join("", splice(@frag)) if (@frag > 0);
}
# Handle final fragment
push @ret, join("", splice(@frag)) if (@frag > 0);
return @ret;
}
sub split_val_win32 {
my ($val) = @_;
my (@ret, @frag);
# Skip leading whitespace
$val =~ m{\A[ \t]*}ogc;
# Windows-compatible split
# See: "Parsing C++ command-line arguments" in:
# https://learn.microsoft.com/en-us/cpp/cpp/main-function-command-line-args?view=msvc-170
#
# Backslashes are special only when followed by a double-quote
# Pairs of double-quotes make a single double-quote.
# Closing double-quotes may be omitted.
while (1) {
last if (pos($val) == length($val));
# The first char is never a SPACE or TAB.
# 1. Ordinary string fragment
# 2. Double-quoted string
# 3. Backslashes preceding a double-quote
# 4. Literal backslashes
# 5. Bare newline (rejected)
#
if ($val =~ m{\G([^" \t\n\\]+)}ogc) {
# Ordinary string
push @frag, $1;
} elsif ($val =~ m{\G"}ogc) {
# Double-quoted string
push @frag, "";
while (1) {
if ($val =~ m{\G("+)}ogc) {
# Two double-quotes make one literal double-quote
my $l = length($1);
push @frag, q{"} x int($l/2) if ($l > 1);
next if ($l % 2 == 0);
last;
}
if ($val =~ m{\G([^"\\]+)}ogc) {
push @frag, $1;
} elsif ($val =~ m{\G((?>[\\]+))(?=")}ogc) {
# Backslashes before a double-quote are escapes
my $l = length($1);
push @frag, q{\\} x int($l / 2);
if ($l % 2 == 1) {
++pos($val);
push @frag, q{"};
}
} elsif ($val =~ m{\G((?:(?>[\\]+)[^"\\]+)+)}ogc) {
# Backslashes not before a double-quote are not special
push @frag, $1;
} else {
# Tolerate missing closing double-quote
last;
}
}
} elsif ($val =~ m{\G((?>[\\]+))(?=")}ogc) {
my $l = length($1);
push @frag, q{\\} x int($l / 2);
if ($l % 2 == 1) {
++pos($val);
push @frag, q{"};
}
} elsif ($val =~ m{\G([\\]+)}ogc) {
# Backslashes not before a double-quote are not special
push @frag, $1;
} else {
die sprintf("Bare newline in: '%s'\n", $val);
}
# Done if at SPACE, TAB or end, otherwise continue current fragment
#
next unless ($val =~ m{\G(?:[ \t]+|\z)}ogcs);
push @ret, join("", splice(@frag)) if (@frag > 0);
}
# Handle final fragment
push @ret, join("", splice(@frag)) if (@frag);
return @ret;
}
# Split out "-extra-CMD value", and return new |@ARGV|. Fill in
# |EXTRA{CMD}| with list of values.
sub parse_extra
{
my @args;
foreach ( @OPENSSL_CMDS ) {
$EXTRA{$_} = [];
}
while (@_) {
my $arg = shift(@_);
if ( $arg !~ m{^-extra-(\w+)$} ) {
push @args, split_val($arg);
next;
}
$arg = $1;
die "Unknown \"-extra-${arg}\" option, exiting\n"
unless grep { $arg eq $_ } @OPENSSL_CMDS;
die "Missing \"-extra-${arg}\" option value, exiting\n"
unless (@_ > 0);
push @{$EXTRA{$arg}}, split_val(shift(@_));
}
return @args;
}
# See if reason for a CRL entry is valid; exit if not.
sub crl_reason_ok
{
my $r = shift;
if ($r eq 'unspecified' || $r eq 'keyCompromise'
|| $r eq 'CACompromise' || $r eq 'affiliationChanged'
|| $r eq 'superseded' || $r eq 'cessationOfOperation'
|| $r eq 'certificateHold' || $r eq 'removeFromCRL') {
return 1;
}
print STDERR "Invalid CRL reason; must be one of:\n";
print STDERR " unspecified, keyCompromise, CACompromise,\n";
print STDERR " affiliationChanged, superseded, cessationOfOperation\n";
print STDERR " certificateHold, removeFromCRL";
exit 1;
}
# Copy a PEM-format file; return like exit status (zero means ok)
sub copy_pemfile
{
my ($infile, $outfile, $bound) = @_;
my $found = 0;
open IN, $infile || die "Cannot open $infile, $!";
open OUT, ">$outfile" || die "Cannot write to $outfile, $!";
while (<IN>) {
$found = 1 if /^-----BEGIN.*$bound/;
print OUT $_ if $found;
$found = 2, last if /^-----END.*$bound/;
}
close IN;
close OUT;
return $found == 2 ? 0 : 1;
}
# Wrapper around system; useful for debugging. Returns just the exit status
sub run
{
my ($cmd, @args) = @_;
print "====\n$cmd @args\n" if $verbose;
my $status = system {$cmd} $cmd, @args;
print "==> $status\n====\n" if $verbose;
return $status >> 8;
}
if ( $WHAT =~ /^(-\?|-h|-help)$/ ) {
print STDERR <<EOF;
Usage:
CA.pl -newcert | -newreq | -newreq-nodes | -xsign | -sign | -signCA | -signcert | -crl | -newca [-extra-cmd parameter]
CA.pl -pkcs12 [certname]
CA.pl -verify certfile ...
CA.pl -revoke certfile [reason]
EOF
exit 0;
}
if ($WHAT eq '-newcert' ) {
# create a certificate
$RET = run(@REQ, qw(-new -x509 -keyout), $NEWKEY, "-out", $NEWCERT, @DAYS, @{$EXTRA{req}});
print "Cert is in $NEWCERT, private key is in $NEWKEY\n" if $RET == 0;
} elsif ($WHAT eq '-precert' ) {
# create a pre-certificate
$RET = run(@REQ, qw(-x509 -precert -keyout), $NEWKEY, "-out", $NEWCERT, @DAYS, @{$EXTRA{req}});
print "Pre-cert is in $NEWCERT, private key is in $NEWKEY\n" if $RET == 0;
} elsif ($WHAT =~ /^\-newreq(\-nodes)?$/ ) {
# create a certificate request
$RET = run(@REQ, "-new", (defined $1 ? ($1,) : ()), "-keyout", $NEWKEY, "-out", $NEWREQ, @{$EXTRA{req}});
print "Request is in $NEWREQ, private key is in $NEWKEY\n" if $RET == 0;
} elsif ($WHAT eq '-newca' ) {
# create the directory hierarchy
my @dirs = ( "${CATOP}", "${CATOP}/certs", "${CATOP}/crl",
"${CATOP}/newcerts", "${CATOP}/private" );
die "${CATOP}/index.txt exists.\nRemove old sub-tree to proceed,"
if -f "${CATOP}/index.txt";
die "${CATOP}/serial exists.\nRemove old sub-tree to proceed,"
if -f "${CATOP}/serial";
foreach my $d ( @dirs ) {
if ( -d $d ) {
warn "Directory $d exists" if -d $d;
} else {
mkdir $d or die "Can't mkdir $d, $!";
}
}
open OUT, ">${CATOP}/index.txt";
close OUT;
open OUT, ">${CATOP}/crlnumber";
print OUT "01\n";
close OUT;
# ask user for existing CA certificate
print "CA certificate filename (or enter to create)\n";
my $FILE;
$FILE = "" unless defined($FILE = <STDIN>);
$FILE =~ s{\R$}{};
if ($FILE ne "") {
copy_pemfile($FILE,"${CATOP}/private/$CAKEY", "PRIVATE");
copy_pemfile($FILE,"${CATOP}/$CACERT", "CERTIFICATE");
} else {
print "Making CA certificate ...\n";
$RET = run(@REQ, qw(-new -keyout), "${CATOP}/private/$CAKEY",
"-out", "${CATOP}/$CAREQ", @{$EXTRA{req}});
$RET = run(@CA, qw(-create_serial -out), "${CATOP}/$CACERT", @CADAYS,
qw(-batch -keyfile), "${CATOP}/private/$CAKEY", "-selfsign",
@EXTENSIONS, "-infiles", "${CATOP}/$CAREQ", @{$EXTRA{ca}})
if $RET == 0;
print "CA certificate is in ${CATOP}/$CACERT\n" if $RET == 0;
}
} elsif ($WHAT eq '-pkcs12' ) {
my $cname = $ARGV[0];
$cname = "My Certificate" unless defined $cname;
$RET = run(@PKCS12, "-in", $NEWCERT, "-inkey", $NEWKEY,
"-certfile", "${CATOP}/$CACERT", "-out", $NEWP12,
qw(-export -name), $cname, @{$EXTRA{pkcs12}});
print "PKCS#12 file is in $NEWP12\n" if $RET == 0;
} elsif ($WHAT eq '-xsign' ) {
$RET = run(@CA, @POLICY, "-infiles", $NEWREQ, @{$EXTRA{ca}});
} elsif ($WHAT eq '-sign' ) {
$RET = run(@CA, @POLICY, "-out", $NEWCERT,
"-infiles", $NEWREQ, @{$EXTRA{ca}});
print "Signed certificate is in $NEWCERT\n" if $RET == 0;
} elsif ($WHAT eq '-signCA' ) {
$RET = run(@CA, @POLICY, "-out", $NEWCERT, @EXTENSIONS,
"-infiles", $NEWREQ, @{$EXTRA{ca}});
print "Signed CA certificate is in $NEWCERT\n" if $RET == 0;
} elsif ($WHAT eq '-signcert' ) {
$RET = run(@X509, qw(-x509toreq -in), $NEWREQ, "-signkey", $NEWREQ,
qw(-out tmp.pem), @{$EXTRA{x509}});
$RET = run(@CA, @POLICY, "-out", $NEWCERT,
qw(-infiles tmp.pem), @{$EXTRA{ca}}) if $RET == 0;
print "Signed certificate is in $NEWCERT\n" if $RET == 0;
} elsif ($WHAT eq '-verify' ) {
my @files = @ARGV ? @ARGV : ( $NEWCERT );
foreach my $file (@files) {
my $status = run(@VERIFY, "-CAfile", "${CATOP}/$CACERT", $file, @{$EXTRA{verify}});
$RET = $status if $status != 0;
}
} elsif ($WHAT eq '-crl' ) {
$RET = run(@CA, qw(-gencrl -out), "${CATOP}/crl/$CACRL", @{$EXTRA{ca}});
print "Generated CRL is in ${CATOP}/crl/$CACRL\n" if $RET == 0;
} elsif ($WHAT eq '-revoke' ) {
my $cname = $ARGV[0];
if (!defined $cname) {
print "Certificate filename is required; reason optional.\n";
exit 1;
}
my @reason;
@reason = ("-crl_reason", $ARGV[1])
if defined $ARGV[1] && crl_reason_ok($ARGV[1]);
$RET = run(@CA, "-revoke", $cname, @reason, @{$EXTRA{ca}});
} else {
print STDERR "Unknown arg \"$WHAT\"\n";
print STDERR "Use -help for help.\n";
exit 1;
}
exit $RET;

37882
crypto/openssl/configdata.pm Executable file
View file

File diff suppressed because it is too large Load diff

3366
crypto/openssl/crypto/params_idx.c Normal file
View file

File diff suppressed because it is too large Load diff

20
crypto/openssl/include/crypto/bn_conf.h
View file

@ -1,10 +1,9 @@
/* $FreeBSD$ */
/* WARNING: do not edit! */
/* Generated by Makefile from include/crypto/bn_conf.h.in */
/*
* Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
@ -12,6 +11,7 @@
#ifndef OSSL_CRYPTO_BN_CONF_H
# define OSSL_CRYPTO_BN_CONF_H
# pragma once
/*
* The contents of this file are not used in the UEFI build, as
@ -22,16 +22,8 @@
/* Should we define BN_DIV2W here? */
/* Only one for the following should be defined */
# if __SIZEOF_LONG__ == 8
# define SIXTY_FOUR_BIT_LONG
# undef SIXTY_FOUR_BIT
# undef THIRTY_TWO_BIT
# elif __SIZEOF_LONG__ == 4
# undef SIXTY_FOUR_BIT_LONG
# undef SIXTY_FOUR_BIT
# define THIRTY_TWO_BIT
# else
# error Unsupported size of long
# endif
#define SIXTY_FOUR_BIT_LONG
#undef SIXTY_FOUR_BIT
#undef THIRTY_TWO_BIT
#endif

1
crypto/openssl/include/crypto/dso_conf.h
View file

@ -1,4 +1,3 @@
/* $FreeBSD$ */
/* WARNING: do not edit! */
/* Generated by Makefile from include/crypto/dso_conf.h.in */
/*

469
crypto/openssl/include/internal/param_names.h Normal file
View file

@ -0,0 +1,469 @@
/*
* WARNING: do not edit!
* Generated by Makefile from include/internal/param_names.h.in
*
* Copyright 2023 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
int ossl_param_find_pidx(const char *s);
/* Parameter name definitions - generated by util/perl/OpenSSL/paramnames.pm */
#define NUM_PIDX 346
#define PIDX_ALG_PARAM_ALGORITHM_ID 0
#define PIDX_ALG_PARAM_ALGORITHM_ID_PARAMS 1
#define PIDX_ALG_PARAM_CIPHER 2
#define PIDX_ALG_PARAM_DIGEST 3
#define PIDX_ALG_PARAM_ENGINE 4
#define PIDX_ALG_PARAM_FIPS_APPROVED_INDICATOR 5
#define PIDX_ALG_PARAM_MAC 6
#define PIDX_ALG_PARAM_PROPERTIES 7
#define PIDX_ASYM_CIPHER_PARAM_DIGEST PIDX_PKEY_PARAM_DIGEST
#define PIDX_ASYM_CIPHER_PARAM_ENGINE PIDX_PKEY_PARAM_ENGINE
#define PIDX_ASYM_CIPHER_PARAM_FIPS_APPROVED_INDICATOR PIDX_ALG_PARAM_FIPS_APPROVED_INDICATOR
#define PIDX_ASYM_CIPHER_PARAM_FIPS_KEY_CHECK PIDX_PKEY_PARAM_FIPS_KEY_CHECK
#define PIDX_ASYM_CIPHER_PARAM_FIPS_RSA_PKCS15_PAD_DISABLED PIDX_PROV_PARAM_RSA_PKCS15_PAD_DISABLED
#define PIDX_ASYM_CIPHER_PARAM_IMPLICIT_REJECTION 8
#define PIDX_ASYM_CIPHER_PARAM_MGF1_DIGEST PIDX_PKEY_PARAM_MGF1_DIGEST
#define PIDX_ASYM_CIPHER_PARAM_MGF1_DIGEST_PROPS PIDX_PKEY_PARAM_MGF1_PROPERTIES
#define PIDX_ASYM_CIPHER_PARAM_OAEP_DIGEST PIDX_ALG_PARAM_DIGEST
#define PIDX_ASYM_CIPHER_PARAM_OAEP_DIGEST_PROPS 9
#define PIDX_ASYM_CIPHER_PARAM_OAEP_LABEL 10
#define PIDX_ASYM_CIPHER_PARAM_PAD_MODE PIDX_PKEY_PARAM_PAD_MODE
#define PIDX_ASYM_CIPHER_PARAM_PROPERTIES PIDX_PKEY_PARAM_PROPERTIES
#define PIDX_ASYM_CIPHER_PARAM_TLS_CLIENT_VERSION 11
#define PIDX_ASYM_CIPHER_PARAM_TLS_NEGOTIATED_VERSION 12
#define PIDX_CAPABILITY_TLS_GROUP_ALG 13
#define PIDX_CAPABILITY_TLS_GROUP_ID 14
#define PIDX_CAPABILITY_TLS_GROUP_IS_KEM 15
#define PIDX_CAPABILITY_TLS_GROUP_MAX_DTLS 16
#define PIDX_CAPABILITY_TLS_GROUP_MAX_TLS 17
#define PIDX_CAPABILITY_TLS_GROUP_MIN_DTLS 18
#define PIDX_CAPABILITY_TLS_GROUP_MIN_TLS 19
#define PIDX_CAPABILITY_TLS_GROUP_NAME 20
#define PIDX_CAPABILITY_TLS_GROUP_NAME_INTERNAL 21
#define PIDX_CAPABILITY_TLS_GROUP_SECURITY_BITS 22
#define PIDX_CAPABILITY_TLS_SIGALG_CODE_POINT 23
#define PIDX_CAPABILITY_TLS_SIGALG_HASH_NAME 24
#define PIDX_CAPABILITY_TLS_SIGALG_HASH_OID 25
#define PIDX_CAPABILITY_TLS_SIGALG_IANA_NAME 26
#define PIDX_CAPABILITY_TLS_SIGALG_KEYTYPE 27
#define PIDX_CAPABILITY_TLS_SIGALG_KEYTYPE_OID 28
#define PIDX_CAPABILITY_TLS_SIGALG_MAX_DTLS 16
#define PIDX_CAPABILITY_TLS_SIGALG_MAX_TLS 17
#define PIDX_CAPABILITY_TLS_SIGALG_MIN_DTLS 18
#define PIDX_CAPABILITY_TLS_SIGALG_MIN_TLS 19
#define PIDX_CAPABILITY_TLS_SIGALG_NAME 29
#define PIDX_CAPABILITY_TLS_SIGALG_OID 30
#define PIDX_CAPABILITY_TLS_SIGALG_SECURITY_BITS 31
#define PIDX_CAPABILITY_TLS_SIGALG_SIG_NAME 32
#define PIDX_CAPABILITY_TLS_SIGALG_SIG_OID 33
#define PIDX_CIPHER_PARAM_AEAD 34
#define PIDX_CIPHER_PARAM_AEAD_IVLEN PIDX_CIPHER_PARAM_IVLEN
#define PIDX_CIPHER_PARAM_AEAD_IV_GENERATED 35
#define PIDX_CIPHER_PARAM_AEAD_MAC_KEY 36
#define PIDX_CIPHER_PARAM_AEAD_TAG 37
#define PIDX_CIPHER_PARAM_AEAD_TAGLEN 38
#define PIDX_CIPHER_PARAM_AEAD_TLS1_AAD 39
#define PIDX_CIPHER_PARAM_AEAD_TLS1_AAD_PAD 40
#define PIDX_CIPHER_PARAM_AEAD_TLS1_GET_IV_GEN 41
#define PIDX_CIPHER_PARAM_AEAD_TLS1_IV_FIXED 42
#define PIDX_CIPHER_PARAM_AEAD_TLS1_SET_IV_INV 43
#define PIDX_CIPHER_PARAM_ALGORITHM_ID PIDX_ALG_PARAM_ALGORITHM_ID
#define PIDX_CIPHER_PARAM_ALGORITHM_ID_PARAMS PIDX_ALG_PARAM_ALGORITHM_ID_PARAMS
#define PIDX_CIPHER_PARAM_ALGORITHM_ID_PARAMS_OLD 44
#define PIDX_CIPHER_PARAM_BLOCK_SIZE 45
#define PIDX_CIPHER_PARAM_CTS 46
#define PIDX_CIPHER_PARAM_CTS_MODE 47
#define PIDX_CIPHER_PARAM_CUSTOM_IV 48
#define PIDX_CIPHER_PARAM_DECRYPT_ONLY 49
#define PIDX_CIPHER_PARAM_FIPS_APPROVED_INDICATOR PIDX_ALG_PARAM_FIPS_APPROVED_INDICATOR
#define PIDX_CIPHER_PARAM_FIPS_ENCRYPT_CHECK 50
#define PIDX_CIPHER_PARAM_HAS_RAND_KEY 51
#define PIDX_CIPHER_PARAM_IV 52
#define PIDX_CIPHER_PARAM_IVLEN 53
#define PIDX_CIPHER_PARAM_KEYLEN 54
#define PIDX_CIPHER_PARAM_MODE 55
#define PIDX_CIPHER_PARAM_NUM 56
#define PIDX_CIPHER_PARAM_PADDING 57
#define PIDX_CIPHER_PARAM_PIPELINE_AEAD_TAG 58
#define PIDX_CIPHER_PARAM_RANDOM_KEY 59
#define PIDX_CIPHER_PARAM_RC2_KEYBITS 60
#define PIDX_CIPHER_PARAM_ROUNDS 61
#define PIDX_CIPHER_PARAM_SPEED 62
#define PIDX_CIPHER_PARAM_TLS1_MULTIBLOCK 63
#define PIDX_CIPHER_PARAM_TLS1_MULTIBLOCK_AAD 64
#define PIDX_CIPHER_PARAM_TLS1_MULTIBLOCK_AAD_PACKLEN 65
#define PIDX_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC 66
#define PIDX_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC_IN 67
#define PIDX_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC_LEN 68
#define PIDX_CIPHER_PARAM_TLS1_MULTIBLOCK_INTERLEAVE 69
#define PIDX_CIPHER_PARAM_TLS1_MULTIBLOCK_MAX_BUFSIZE 70
#define PIDX_CIPHER_PARAM_TLS1_MULTIBLOCK_MAX_SEND_FRAGMENT 71
#define PIDX_CIPHER_PARAM_TLS_MAC 72
#define PIDX_CIPHER_PARAM_TLS_MAC_SIZE 73
#define PIDX_CIPHER_PARAM_TLS_VERSION 74
#define PIDX_CIPHER_PARAM_UPDATED_IV 75
#define PIDX_CIPHER_PARAM_USE_BITS 76
#define PIDX_CIPHER_PARAM_XTS_STANDARD 77
#define PIDX_DECODER_PARAM_PROPERTIES PIDX_ALG_PARAM_PROPERTIES
#define PIDX_DIGEST_PARAM_ALGID_ABSENT 78
#define PIDX_DIGEST_PARAM_BLOCK_SIZE 45
#define PIDX_DIGEST_PARAM_MICALG 79
#define PIDX_DIGEST_PARAM_PAD_TYPE 80
#define PIDX_DIGEST_PARAM_SIZE 81
#define PIDX_DIGEST_PARAM_SSL3_MS 82
#define PIDX_DIGEST_PARAM_XOF 83
#define PIDX_DIGEST_PARAM_XOFLEN 84
#define PIDX_DRBG_PARAM_CIPHER PIDX_ALG_PARAM_CIPHER
#define PIDX_DRBG_PARAM_DIGEST PIDX_ALG_PARAM_DIGEST
#define PIDX_DRBG_PARAM_ENTROPY_REQUIRED 85
#define PIDX_DRBG_PARAM_FIPS_APPROVED_INDICATOR PIDX_ALG_PARAM_FIPS_APPROVED_INDICATOR
#define PIDX_DRBG_PARAM_FIPS_DIGEST_CHECK PIDX_PKEY_PARAM_FIPS_DIGEST_CHECK
#define PIDX_DRBG_PARAM_MAC PIDX_ALG_PARAM_MAC
#define PIDX_DRBG_PARAM_MAX_ADINLEN 86
#define PIDX_DRBG_PARAM_MAX_ENTROPYLEN 87
#define PIDX_DRBG_PARAM_MAX_LENGTH 88
#define PIDX_DRBG_PARAM_MAX_NONCELEN 89
#define PIDX_DRBG_PARAM_MAX_PERSLEN 90
#define PIDX_DRBG_PARAM_MIN_ENTROPYLEN 91
#define PIDX_DRBG_PARAM_MIN_LENGTH 92
#define PIDX_DRBG_PARAM_MIN_NONCELEN 93
#define PIDX_DRBG_PARAM_PREDICTION_RESISTANCE 94
#define PIDX_DRBG_PARAM_PROPERTIES PIDX_ALG_PARAM_PROPERTIES
#define PIDX_DRBG_PARAM_RANDOM_DATA 95
#define PIDX_DRBG_PARAM_RESEED_COUNTER 96
#define PIDX_DRBG_PARAM_RESEED_REQUESTS 97
#define PIDX_DRBG_PARAM_RESEED_TIME 98
#define PIDX_DRBG_PARAM_RESEED_TIME_INTERVAL 99
#define PIDX_DRBG_PARAM_SIZE 81
#define PIDX_DRBG_PARAM_USE_DF 100
#define PIDX_ENCODER_PARAM_CIPHER PIDX_ALG_PARAM_CIPHER
#define PIDX_ENCODER_PARAM_ENCRYPT_LEVEL 101
#define PIDX_ENCODER_PARAM_PROPERTIES PIDX_ALG_PARAM_PROPERTIES
#define PIDX_ENCODER_PARAM_SAVE_PARAMETERS 102
#define PIDX_EXCHANGE_PARAM_EC_ECDH_COFACTOR_MODE 103
#define PIDX_EXCHANGE_PARAM_FIPS_APPROVED_INDICATOR PIDX_ALG_PARAM_FIPS_APPROVED_INDICATOR
#define PIDX_EXCHANGE_PARAM_FIPS_DIGEST_CHECK PIDX_PKEY_PARAM_FIPS_DIGEST_CHECK
#define PIDX_EXCHANGE_PARAM_FIPS_ECDH_COFACTOR_CHECK PIDX_PROV_PARAM_ECDH_COFACTOR_CHECK
#define PIDX_EXCHANGE_PARAM_FIPS_KEY_CHECK PIDX_PKEY_PARAM_FIPS_KEY_CHECK
#define PIDX_EXCHANGE_PARAM_KDF_DIGEST 104
#define PIDX_EXCHANGE_PARAM_KDF_DIGEST_PROPS 105
#define PIDX_EXCHANGE_PARAM_KDF_OUTLEN 106
#define PIDX_EXCHANGE_PARAM_KDF_TYPE 107
#define PIDX_EXCHANGE_PARAM_KDF_UKM 108
#define PIDX_EXCHANGE_PARAM_PAD 109
#define PIDX_GEN_PARAM_ITERATION 110
#define PIDX_GEN_PARAM_POTENTIAL 111
#define PIDX_KDF_PARAM_ARGON2_AD 112
#define PIDX_KDF_PARAM_ARGON2_LANES 113
#define PIDX_KDF_PARAM_ARGON2_MEMCOST 114
#define PIDX_KDF_PARAM_ARGON2_VERSION 115
#define PIDX_KDF_PARAM_CEK_ALG 116
#define PIDX_KDF_PARAM_CIPHER PIDX_ALG_PARAM_CIPHER
#define PIDX_KDF_PARAM_CONSTANT 117
#define PIDX_KDF_PARAM_DATA 118
#define PIDX_KDF_PARAM_DIGEST PIDX_ALG_PARAM_DIGEST
#define PIDX_KDF_PARAM_EARLY_CLEAN 119
#define PIDX_KDF_PARAM_FIPS_APPROVED_INDICATOR PIDX_ALG_PARAM_FIPS_APPROVED_INDICATOR
#define PIDX_KDF_PARAM_FIPS_DIGEST_CHECK PIDX_PKEY_PARAM_FIPS_DIGEST_CHECK
#define PIDX_KDF_PARAM_FIPS_EMS_CHECK 120
#define PIDX_KDF_PARAM_FIPS_KEY_CHECK PIDX_PKEY_PARAM_FIPS_KEY_CHECK
#define PIDX_KDF_PARAM_HMACDRBG_ENTROPY 121
#define PIDX_KDF_PARAM_HMACDRBG_NONCE 122
#define PIDX_KDF_PARAM_INFO 123
#define PIDX_KDF_PARAM_ITER 124
#define PIDX_KDF_PARAM_KBKDF_R 125
#define PIDX_KDF_PARAM_KBKDF_USE_L 126
#define PIDX_KDF_PARAM_KBKDF_USE_SEPARATOR 127
#define PIDX_KDF_PARAM_KEY 128
#define PIDX_KDF_PARAM_LABEL 129
#define PIDX_KDF_PARAM_MAC PIDX_ALG_PARAM_MAC
#define PIDX_KDF_PARAM_MAC_SIZE 130
#define PIDX_KDF_PARAM_MODE 55
#define PIDX_KDF_PARAM_PASSWORD 131
#define PIDX_KDF_PARAM_PKCS12_ID 132
#define PIDX_KDF_PARAM_PKCS5 133
#define PIDX_KDF_PARAM_PREFIX 134
#define PIDX_KDF_PARAM_PROPERTIES PIDX_ALG_PARAM_PROPERTIES
#define PIDX_KDF_PARAM_SALT 135
#define PIDX_KDF_PARAM_SCRYPT_MAXMEM 136
#define PIDX_KDF_PARAM_SCRYPT_N 137
#define PIDX_KDF_PARAM_SCRYPT_P 138
#define PIDX_KDF_PARAM_SCRYPT_R 125
#define PIDX_KDF_PARAM_SECRET 139
#define PIDX_KDF_PARAM_SEED 140
#define PIDX_KDF_PARAM_SIZE 81
#define PIDX_KDF_PARAM_SSHKDF_SESSION_ID 141
#define PIDX_KDF_PARAM_SSHKDF_TYPE 142
#define PIDX_KDF_PARAM_SSHKDF_XCGHASH 143
#define PIDX_KDF_PARAM_THREADS 144
#define PIDX_KDF_PARAM_UKM 145
#define PIDX_KDF_PARAM_X942_ACVPINFO 146
#define PIDX_KDF_PARAM_X942_PARTYUINFO 147
#define PIDX_KDF_PARAM_X942_PARTYVINFO 148
#define PIDX_KDF_PARAM_X942_SUPP_PRIVINFO 149
#define PIDX_KDF_PARAM_X942_SUPP_PUBINFO 150
#define PIDX_KDF_PARAM_X942_USE_KEYBITS 151
#define PIDX_KEM_PARAM_FIPS_APPROVED_INDICATOR PIDX_ALG_PARAM_FIPS_APPROVED_INDICATOR
#define PIDX_KEM_PARAM_FIPS_KEY_CHECK PIDX_PKEY_PARAM_FIPS_KEY_CHECK
#define PIDX_KEM_PARAM_IKME 152
#define PIDX_KEM_PARAM_OPERATION 153
#define PIDX_LIBSSL_RECORD_LAYER_PARAM_BLOCK_PADDING 154
#define PIDX_LIBSSL_RECORD_LAYER_PARAM_HS_PADDING 155
#define PIDX_LIBSSL_RECORD_LAYER_PARAM_MAX_EARLY_DATA 156
#define PIDX_LIBSSL_RECORD_LAYER_PARAM_MAX_FRAG_LEN 157
#define PIDX_LIBSSL_RECORD_LAYER_PARAM_MODE 55
#define PIDX_LIBSSL_RECORD_LAYER_PARAM_OPTIONS 158
#define PIDX_LIBSSL_RECORD_LAYER_PARAM_READ_AHEAD 159
#define PIDX_LIBSSL_RECORD_LAYER_PARAM_STREAM_MAC 160
#define PIDX_LIBSSL_RECORD_LAYER_PARAM_TLSTREE 161
#define PIDX_LIBSSL_RECORD_LAYER_PARAM_USE_ETM 162
#define PIDX_LIBSSL_RECORD_LAYER_READ_BUFFER_LEN 163
#define PIDX_MAC_PARAM_BLOCK_SIZE 164
#define PIDX_MAC_PARAM_CIPHER PIDX_ALG_PARAM_CIPHER
#define PIDX_MAC_PARAM_CUSTOM 165
#define PIDX_MAC_PARAM_C_ROUNDS 166
#define PIDX_MAC_PARAM_DIGEST PIDX_ALG_PARAM_DIGEST
#define PIDX_MAC_PARAM_DIGEST_NOINIT 167
#define PIDX_MAC_PARAM_DIGEST_ONESHOT 168
#define PIDX_MAC_PARAM_D_ROUNDS 169
#define PIDX_MAC_PARAM_FIPS_APPROVED_INDICATOR PIDX_ALG_PARAM_FIPS_APPROVED_INDICATOR
#define PIDX_MAC_PARAM_FIPS_KEY_CHECK PIDX_PKEY_PARAM_FIPS_KEY_CHECK
#define PIDX_MAC_PARAM_FIPS_NO_SHORT_MAC PIDX_PROV_PARAM_NO_SHORT_MAC
#define PIDX_MAC_PARAM_IV 52
#define PIDX_MAC_PARAM_KEY 128
#define PIDX_MAC_PARAM_PROPERTIES PIDX_ALG_PARAM_PROPERTIES
#define PIDX_MAC_PARAM_SALT 135
#define PIDX_MAC_PARAM_SIZE 81
#define PIDX_MAC_PARAM_TLS_DATA_SIZE 170
#define PIDX_MAC_PARAM_XOF 83
#define PIDX_OBJECT_PARAM_DATA 118
#define PIDX_OBJECT_PARAM_DATA_STRUCTURE 171
#define PIDX_OBJECT_PARAM_DATA_TYPE 172
#define PIDX_OBJECT_PARAM_DESC 173
#define PIDX_OBJECT_PARAM_INPUT_TYPE 174
#define PIDX_OBJECT_PARAM_REFERENCE 175
#define PIDX_OBJECT_PARAM_TYPE 142
#define PIDX_PASSPHRASE_PARAM_INFO 123
#define PIDX_PKEY_PARAM_ALGORITHM_ID PIDX_ALG_PARAM_ALGORITHM_ID
#define PIDX_PKEY_PARAM_ALGORITHM_ID_PARAMS PIDX_ALG_PARAM_ALGORITHM_ID_PARAMS
#define PIDX_PKEY_PARAM_BITS 176
#define PIDX_PKEY_PARAM_CIPHER PIDX_ALG_PARAM_CIPHER
#define PIDX_PKEY_PARAM_DEFAULT_DIGEST 177
#define PIDX_PKEY_PARAM_DHKEM_IKM 178
#define PIDX_PKEY_PARAM_DH_GENERATOR 179
#define PIDX_PKEY_PARAM_DH_PRIV_LEN 180
#define PIDX_PKEY_PARAM_DIGEST PIDX_ALG_PARAM_DIGEST
#define PIDX_PKEY_PARAM_DIGEST_SIZE 181
#define PIDX_PKEY_PARAM_DIST_ID 182
#define PIDX_PKEY_PARAM_EC_A 183
#define PIDX_PKEY_PARAM_EC_B 184
#define PIDX_PKEY_PARAM_EC_CHAR2_M 185
#define PIDX_PKEY_PARAM_EC_CHAR2_PP_K1 186
#define PIDX_PKEY_PARAM_EC_CHAR2_PP_K2 187
#define PIDX_PKEY_PARAM_EC_CHAR2_PP_K3 188
#define PIDX_PKEY_PARAM_EC_CHAR2_TP_BASIS 189
#define PIDX_PKEY_PARAM_EC_CHAR2_TYPE 190
#define PIDX_PKEY_PARAM_EC_COFACTOR 191
#define PIDX_PKEY_PARAM_EC_DECODED_FROM_EXPLICIT_PARAMS 192
#define PIDX_PKEY_PARAM_EC_ENCODING 193
#define PIDX_PKEY_PARAM_EC_FIELD_TYPE 194
#define PIDX_PKEY_PARAM_EC_GENERATOR 195
#define PIDX_PKEY_PARAM_EC_GROUP_CHECK_TYPE 196
#define PIDX_PKEY_PARAM_EC_INCLUDE_PUBLIC 197
#define PIDX_PKEY_PARAM_EC_ORDER 198
#define PIDX_PKEY_PARAM_EC_P 138
#define PIDX_PKEY_PARAM_EC_POINT_CONVERSION_FORMAT 199
#define PIDX_PKEY_PARAM_EC_PUB_X 200
#define PIDX_PKEY_PARAM_EC_PUB_Y 201
#define PIDX_PKEY_PARAM_EC_SEED 140
#define PIDX_PKEY_PARAM_ENCODED_PUBLIC_KEY 202
#define PIDX_PKEY_PARAM_ENGINE PIDX_ALG_PARAM_ENGINE
#define PIDX_PKEY_PARAM_FFC_COFACTOR 203
#define PIDX_PKEY_PARAM_FFC_DIGEST PIDX_PKEY_PARAM_DIGEST
#define PIDX_PKEY_PARAM_FFC_DIGEST_PROPS PIDX_PKEY_PARAM_PROPERTIES
#define PIDX_PKEY_PARAM_FFC_G 204
#define PIDX_PKEY_PARAM_FFC_GINDEX 205
#define PIDX_PKEY_PARAM_FFC_H 206
#define PIDX_PKEY_PARAM_FFC_P 138
#define PIDX_PKEY_PARAM_FFC_PBITS 207
#define PIDX_PKEY_PARAM_FFC_PCOUNTER 208
#define PIDX_PKEY_PARAM_FFC_Q 209
#define PIDX_PKEY_PARAM_FFC_QBITS 210
#define PIDX_PKEY_PARAM_FFC_SEED 140
#define PIDX_PKEY_PARAM_FFC_TYPE 142
#define PIDX_PKEY_PARAM_FFC_VALIDATE_G 211
#define PIDX_PKEY_PARAM_FFC_VALIDATE_LEGACY 212
#define PIDX_PKEY_PARAM_FFC_VALIDATE_PQ 213
#define PIDX_PKEY_PARAM_FIPS_APPROVED_INDICATOR PIDX_ALG_PARAM_FIPS_APPROVED_INDICATOR
#define PIDX_PKEY_PARAM_FIPS_DIGEST_CHECK 214
#define PIDX_PKEY_PARAM_FIPS_KEY_CHECK 215
#define PIDX_PKEY_PARAM_FIPS_SIGN_CHECK 216
#define PIDX_PKEY_PARAM_GROUP_NAME 217
#define PIDX_PKEY_PARAM_IMPLICIT_REJECTION 8
#define PIDX_PKEY_PARAM_MANDATORY_DIGEST 218
#define PIDX_PKEY_PARAM_MASKGENFUNC 219
#define PIDX_PKEY_PARAM_MAX_SIZE 220
#define PIDX_PKEY_PARAM_MGF1_DIGEST 221
#define PIDX_PKEY_PARAM_MGF1_PROPERTIES 222
#define PIDX_PKEY_PARAM_ML_DSA_INPUT_FORMATS 223
#define PIDX_PKEY_PARAM_ML_DSA_OUTPUT_FORMATS 224
#define PIDX_PKEY_PARAM_ML_DSA_PREFER_SEED 225
#define PIDX_PKEY_PARAM_ML_DSA_RETAIN_SEED 226
#define PIDX_PKEY_PARAM_ML_DSA_SEED 140
#define PIDX_PKEY_PARAM_ML_KEM_IMPORT_PCT_TYPE 227
#define PIDX_PKEY_PARAM_ML_KEM_INPUT_FORMATS 228
#define PIDX_PKEY_PARAM_ML_KEM_OUTPUT_FORMATS 229
#define PIDX_PKEY_PARAM_ML_KEM_PREFER_SEED 230
#define PIDX_PKEY_PARAM_ML_KEM_RETAIN_SEED 231
#define PIDX_PKEY_PARAM_ML_KEM_SEED 140
#define PIDX_PKEY_PARAM_PAD_MODE 232
#define PIDX_PKEY_PARAM_PRIV_KEY 233
#define PIDX_PKEY_PARAM_PROPERTIES PIDX_ALG_PARAM_PROPERTIES
#define PIDX_PKEY_PARAM_PUB_KEY 234
#define PIDX_PKEY_PARAM_RSA_BITS PIDX_PKEY_PARAM_BITS
#define PIDX_PKEY_PARAM_RSA_COEFFICIENT 235
#define PIDX_PKEY_PARAM_RSA_COEFFICIENT1 236
#define PIDX_PKEY_PARAM_RSA_COEFFICIENT2 237
#define PIDX_PKEY_PARAM_RSA_COEFFICIENT3 238
#define PIDX_PKEY_PARAM_RSA_COEFFICIENT4 239
#define PIDX_PKEY_PARAM_RSA_COEFFICIENT5 240
#define PIDX_PKEY_PARAM_RSA_COEFFICIENT6 241
#define PIDX_PKEY_PARAM_RSA_COEFFICIENT7 242
#define PIDX_PKEY_PARAM_RSA_COEFFICIENT8 243
#define PIDX_PKEY_PARAM_RSA_COEFFICIENT9 244
#define PIDX_PKEY_PARAM_RSA_D 245
#define PIDX_PKEY_PARAM_RSA_DERIVE_FROM_PQ 246
#define PIDX_PKEY_PARAM_RSA_DIGEST PIDX_PKEY_PARAM_DIGEST
#define PIDX_PKEY_PARAM_RSA_DIGEST_PROPS PIDX_PKEY_PARAM_PROPERTIES
#define PIDX_PKEY_PARAM_RSA_E 247
#define PIDX_PKEY_PARAM_RSA_EXPONENT 248
#define PIDX_PKEY_PARAM_RSA_EXPONENT1 249
#define PIDX_PKEY_PARAM_RSA_EXPONENT10 250
#define PIDX_PKEY_PARAM_RSA_EXPONENT2 251
#define PIDX_PKEY_PARAM_RSA_EXPONENT3 252
#define PIDX_PKEY_PARAM_RSA_EXPONENT4 253
#define PIDX_PKEY_PARAM_RSA_EXPONENT5 254
#define PIDX_PKEY_PARAM_RSA_EXPONENT6 255
#define PIDX_PKEY_PARAM_RSA_EXPONENT7 256
#define PIDX_PKEY_PARAM_RSA_EXPONENT8 257
#define PIDX_PKEY_PARAM_RSA_EXPONENT9 258
#define PIDX_PKEY_PARAM_RSA_FACTOR 259
#define PIDX_PKEY_PARAM_RSA_FACTOR1 260
#define PIDX_PKEY_PARAM_RSA_FACTOR10 261
#define PIDX_PKEY_PARAM_RSA_FACTOR2 262
#define PIDX_PKEY_PARAM_RSA_FACTOR3 263
#define PIDX_PKEY_PARAM_RSA_FACTOR4 264
#define PIDX_PKEY_PARAM_RSA_FACTOR5 265
#define PIDX_PKEY_PARAM_RSA_FACTOR6 266
#define PIDX_PKEY_PARAM_RSA_FACTOR7 267
#define PIDX_PKEY_PARAM_RSA_FACTOR8 268
#define PIDX_PKEY_PARAM_RSA_FACTOR9 269
#define PIDX_PKEY_PARAM_RSA_MASKGENFUNC PIDX_PKEY_PARAM_MASKGENFUNC
#define PIDX_PKEY_PARAM_RSA_MGF1_DIGEST PIDX_PKEY_PARAM_MGF1_DIGEST
#define PIDX_PKEY_PARAM_RSA_N 137
#define PIDX_PKEY_PARAM_RSA_PRIMES 270
#define PIDX_PKEY_PARAM_RSA_PSS_SALTLEN 271
#define PIDX_PKEY_PARAM_RSA_TEST_P1 272
#define PIDX_PKEY_PARAM_RSA_TEST_P2 273
#define PIDX_PKEY_PARAM_RSA_TEST_Q1 274
#define PIDX_PKEY_PARAM_RSA_TEST_Q2 275
#define PIDX_PKEY_PARAM_RSA_TEST_XP 276
#define PIDX_PKEY_PARAM_RSA_TEST_XP1 277
#define PIDX_PKEY_PARAM_RSA_TEST_XP2 278
#define PIDX_PKEY_PARAM_RSA_TEST_XQ 279
#define PIDX_PKEY_PARAM_RSA_TEST_XQ1 280
#define PIDX_PKEY_PARAM_RSA_TEST_XQ2 281
#define PIDX_PKEY_PARAM_SECURITY_BITS 282
#define PIDX_PKEY_PARAM_SLH_DSA_SEED 140
#define PIDX_PKEY_PARAM_USE_COFACTOR_ECDH PIDX_PKEY_PARAM_USE_COFACTOR_FLAG
#define PIDX_PKEY_PARAM_USE_COFACTOR_FLAG 283
#define PIDX_PROV_PARAM_BUILDINFO 284
#define PIDX_PROV_PARAM_CORE_MODULE_FILENAME 285
#define PIDX_PROV_PARAM_CORE_PROV_NAME 286
#define PIDX_PROV_PARAM_CORE_VERSION 287
#define PIDX_PROV_PARAM_DRBG_TRUNC_DIGEST 288
#define PIDX_PROV_PARAM_DSA_SIGN_DISABLED 289
#define PIDX_PROV_PARAM_ECDH_COFACTOR_CHECK 290
#define PIDX_PROV_PARAM_HKDF_DIGEST_CHECK 291
#define PIDX_PROV_PARAM_HKDF_KEY_CHECK 292
#define PIDX_PROV_PARAM_HMAC_KEY_CHECK 293
#define PIDX_PROV_PARAM_KBKDF_KEY_CHECK 294
#define PIDX_PROV_PARAM_KMAC_KEY_CHECK 295
#define PIDX_PROV_PARAM_NAME 296
#define PIDX_PROV_PARAM_NO_SHORT_MAC 297
#define PIDX_PROV_PARAM_PBKDF2_LOWER_BOUND_CHECK 298
#define PIDX_PROV_PARAM_RSA_PKCS15_PAD_DISABLED 299
#define PIDX_PROV_PARAM_RSA_PSS_SALTLEN_CHECK 300
#define PIDX_PROV_PARAM_RSA_SIGN_X931_PAD_DISABLED 301
#define PIDX_PROV_PARAM_SECURITY_CHECKS 302
#define PIDX_PROV_PARAM_SELF_TEST_DESC 303
#define PIDX_PROV_PARAM_SELF_TEST_PHASE 304
#define PIDX_PROV_PARAM_SELF_TEST_TYPE 305
#define PIDX_PROV_PARAM_SIGNATURE_DIGEST_CHECK 306
#define PIDX_PROV_PARAM_SSHKDF_DIGEST_CHECK 307
#define PIDX_PROV_PARAM_SSHKDF_KEY_CHECK 308
#define PIDX_PROV_PARAM_SSKDF_DIGEST_CHECK 309
#define PIDX_PROV_PARAM_SSKDF_KEY_CHECK 310
#define PIDX_PROV_PARAM_STATUS 311
#define PIDX_PROV_PARAM_TDES_ENCRYPT_DISABLED 312
#define PIDX_PROV_PARAM_TLS13_KDF_DIGEST_CHECK 313
#define PIDX_PROV_PARAM_TLS13_KDF_KEY_CHECK 314
#define PIDX_PROV_PARAM_TLS1_PRF_DIGEST_CHECK 315
#define PIDX_PROV_PARAM_TLS1_PRF_EMS_CHECK 316
#define PIDX_PROV_PARAM_TLS1_PRF_KEY_CHECK 317
#define PIDX_PROV_PARAM_VERSION 115
#define PIDX_PROV_PARAM_X942KDF_KEY_CHECK 318
#define PIDX_PROV_PARAM_X963KDF_DIGEST_CHECK 319
#define PIDX_PROV_PARAM_X963KDF_KEY_CHECK 320
#define PIDX_RAND_PARAM_FIPS_APPROVED_INDICATOR PIDX_ALG_PARAM_FIPS_APPROVED_INDICATOR
#define PIDX_RAND_PARAM_GENERATE 321
#define PIDX_RAND_PARAM_MAX_REQUEST 322
#define PIDX_RAND_PARAM_STATE 323
#define PIDX_RAND_PARAM_STRENGTH 324
#define PIDX_RAND_PARAM_TEST_ENTROPY 325
#define PIDX_RAND_PARAM_TEST_NONCE 326
#define PIDX_SIGNATURE_PARAM_ADD_RANDOM 327
#define PIDX_SIGNATURE_PARAM_ALGORITHM_ID PIDX_PKEY_PARAM_ALGORITHM_ID
#define PIDX_SIGNATURE_PARAM_ALGORITHM_ID_PARAMS PIDX_PKEY_PARAM_ALGORITHM_ID_PARAMS
#define PIDX_SIGNATURE_PARAM_CONTEXT_STRING 328
#define PIDX_SIGNATURE_PARAM_DETERMINISTIC 329
#define PIDX_SIGNATURE_PARAM_DIGEST PIDX_PKEY_PARAM_DIGEST
#define PIDX_SIGNATURE_PARAM_DIGEST_SIZE PIDX_PKEY_PARAM_DIGEST_SIZE
#define PIDX_SIGNATURE_PARAM_FIPS_APPROVED_INDICATOR PIDX_ALG_PARAM_FIPS_APPROVED_INDICATOR
#define PIDX_SIGNATURE_PARAM_FIPS_DIGEST_CHECK PIDX_PKEY_PARAM_FIPS_DIGEST_CHECK
#define PIDX_SIGNATURE_PARAM_FIPS_KEY_CHECK PIDX_PKEY_PARAM_FIPS_KEY_CHECK
#define PIDX_SIGNATURE_PARAM_FIPS_RSA_PSS_SALTLEN_CHECK 300
#define PIDX_SIGNATURE_PARAM_FIPS_SIGN_CHECK PIDX_PKEY_PARAM_FIPS_SIGN_CHECK
#define PIDX_SIGNATURE_PARAM_FIPS_SIGN_X931_PAD_CHECK 330
#define PIDX_SIGNATURE_PARAM_FIPS_VERIFY_MESSAGE 331
#define PIDX_SIGNATURE_PARAM_INSTANCE 332
#define PIDX_SIGNATURE_PARAM_KAT 333
#define PIDX_SIGNATURE_PARAM_MESSAGE_ENCODING 334
#define PIDX_SIGNATURE_PARAM_MGF1_DIGEST PIDX_PKEY_PARAM_MGF1_DIGEST
#define PIDX_SIGNATURE_PARAM_MGF1_PROPERTIES PIDX_PKEY_PARAM_MGF1_PROPERTIES
#define PIDX_SIGNATURE_PARAM_MU 335
#define PIDX_SIGNATURE_PARAM_NONCE_TYPE 336
#define PIDX_SIGNATURE_PARAM_PAD_MODE PIDX_PKEY_PARAM_PAD_MODE
#define PIDX_SIGNATURE_PARAM_PROPERTIES PIDX_PKEY_PARAM_PROPERTIES
#define PIDX_SIGNATURE_PARAM_PSS_SALTLEN 271
#define PIDX_SIGNATURE_PARAM_SIGNATURE 337
#define PIDX_SIGNATURE_PARAM_TEST_ENTROPY 338
#define PIDX_SKEY_PARAM_KEY_LENGTH 339
#define PIDX_SKEY_PARAM_RAW_BYTES 340
#define PIDX_STORE_PARAM_ALIAS 341
#define PIDX_STORE_PARAM_DIGEST 3
#define PIDX_STORE_PARAM_EXPECT 342
#define PIDX_STORE_PARAM_FINGERPRINT 343
#define PIDX_STORE_PARAM_INPUT_TYPE 174
#define PIDX_STORE_PARAM_ISSUER 296
#define PIDX_STORE_PARAM_PROPERTIES 7
#define PIDX_STORE_PARAM_SERIAL 344
#define PIDX_STORE_PARAM_SUBJECT 345

38
crypto/openssl/include/openssl/asn1.h
View file

@ -2,7 +2,7 @@
* WARNING: do not edit!
* Generated by Makefile from include/openssl/asn1.h.in
*
* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -21,6 +21,9 @@
# define HEADER_ASN1_H
# endif
# ifndef OPENSSL_NO_STDIO
# include <stdio.h>
# endif
# include <time.h>
# include <openssl/e_os2.h>
# include <openssl/opensslconf.h>
@ -50,14 +53,14 @@ extern "C" {
# define V_ASN1_PRIMITIVE_TAG 0x1f
# define V_ASN1_PRIMATIVE_TAG /*compat*/ V_ASN1_PRIMITIVE_TAG
# define V_ASN1_APP_CHOOSE -2/* let the recipient choose */
# define V_ASN1_OTHER -3/* used in ASN1_TYPE */
# define V_ASN1_ANY -4/* used in ASN1 template code */
# define V_ASN1_APP_CHOOSE -2 /* let the recipient choose */
# define V_ASN1_OTHER -3 /* used in ASN1_TYPE */
# define V_ASN1_ANY -4 /* used in ASN1 template code */
# define V_ASN1_UNDEF -1
/* ASN.1 tag values */
# define V_ASN1_EOC 0
# define V_ASN1_BOOLEAN 1 /**/
# define V_ASN1_BOOLEAN 1
# define V_ASN1_INTEGER 2
# define V_ASN1_BIT_STRING 3
# define V_ASN1_OCTET_STRING 4
@ -70,19 +73,19 @@ extern "C" {
# define V_ASN1_UTF8STRING 12
# define V_ASN1_SEQUENCE 16
# define V_ASN1_SET 17
# define V_ASN1_NUMERICSTRING 18 /**/
# define V_ASN1_NUMERICSTRING 18
# define V_ASN1_PRINTABLESTRING 19
# define V_ASN1_T61STRING 20
# define V_ASN1_TELETEXSTRING 20/* alias */
# define V_ASN1_VIDEOTEXSTRING 21 /**/
# define V_ASN1_TELETEXSTRING 20 /* alias */
# define V_ASN1_VIDEOTEXSTRING 21
# define V_ASN1_IA5STRING 22
# define V_ASN1_UTCTIME 23
# define V_ASN1_GENERALIZEDTIME 24 /**/
# define V_ASN1_GRAPHICSTRING 25 /**/
# define V_ASN1_ISO64STRING 26 /**/
# define V_ASN1_VISIBLESTRING 26/* alias */
# define V_ASN1_GENERALSTRING 27 /**/
# define V_ASN1_UNIVERSALSTRING 28 /**/
# define V_ASN1_GENERALIZEDTIME 24
# define V_ASN1_GRAPHICSTRING 25
# define V_ASN1_ISO64STRING 26
# define V_ASN1_VISIBLESTRING 26 /* alias */
# define V_ASN1_GENERALSTRING 27
# define V_ASN1_UNIVERSALSTRING 28
# define V_ASN1_BMPSTRING 30
/*
@ -155,7 +158,7 @@ SKM_DEFINE_STACK_OF_INTERNAL(X509_ALGOR, X509_ALGOR, X509_ALGOR)
# define ASN1_STRING_FLAG_BITS_LEFT 0x08/* Set if 0x07 has bits left value */
# define ASN1_STRING_FLAG_BITS_LEFT 0x08 /* Set if 0x07 has bits left value */
/*
* This indicates that the ASN1_STRING is not a real value but just a place
* holder for the location where indefinite length constructed data should be
@ -275,7 +278,7 @@ typedef struct ASN1_TLC_st ASN1_TLC;
/* This is just an opaque pointer */
typedef struct ASN1_VALUE_st ASN1_VALUE;
/* Declare ASN1 functions: the implement macro in in asn1t.h */
/* Declare ASN1 functions: the implement macro is in asn1t.h */
/*
* The mysterious 'extern' that's passed to some macros is innocuous,
@ -368,6 +371,7 @@ typedef struct ASN1_VALUE_st ASN1_VALUE;
typedef void *d2i_of_void(void **, const unsigned char **, long);
typedef int i2d_of_void(const void *, unsigned char **);
typedef int OSSL_i2d_of_void_ctx(const void *, unsigned char **, void *vctx);
/*-
* The following macros and typedefs allow an ASN1_ITEM
@ -996,6 +1000,8 @@ int ASN1_TYPE_get_int_octetstring(const ASN1_TYPE *a, long *num,
unsigned char *data, int max_len);
void *ASN1_item_unpack(const ASN1_STRING *oct, const ASN1_ITEM *it);
void *ASN1_item_unpack_ex(const ASN1_STRING *oct, const ASN1_ITEM *it,
OSSL_LIB_CTX *libctx, const char *propq);
ASN1_STRING *ASN1_item_pack(void *obj, const ASN1_ITEM *it,
ASN1_OCTET_STRING **oct);

181
crypto/openssl/include/openssl/bio.h
View file

@ -2,7 +2,7 @@
* WARNING: do not edit!
* Generated by Makefile from include/openssl/bio.h.in
*
* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -67,8 +67,13 @@ extern "C" {
# define BIO_TYPE_DGRAM_SCTP (24|BIO_TYPE_SOURCE_SINK|BIO_TYPE_DESCRIPTOR)
# endif
# define BIO_TYPE_CORE_TO_PROV (25|BIO_TYPE_SOURCE_SINK)
# define BIO_TYPE_DGRAM_PAIR (26|BIO_TYPE_SOURCE_SINK)
# define BIO_TYPE_DGRAM_MEM (27|BIO_TYPE_SOURCE_SINK)
/* Custom type starting index returned by BIO_get_new_index() */
#define BIO_TYPE_START 128
/* Custom type maximum index that can be returned by BIO_get_new_index() */
#define BIO_TYPE_MASK 0xFF
/*
* BIO_FILENAME_READ|BIO_CLOSE to open or close on free.
@ -171,6 +176,31 @@ extern "C" {
# define BIO_CTRL_SET_INDENT 80
# define BIO_CTRL_GET_INDENT 81
# define BIO_CTRL_DGRAM_GET_LOCAL_ADDR_CAP 82
# define BIO_CTRL_DGRAM_GET_LOCAL_ADDR_ENABLE 83
# define BIO_CTRL_DGRAM_SET_LOCAL_ADDR_ENABLE 84
# define BIO_CTRL_DGRAM_GET_EFFECTIVE_CAPS 85
# define BIO_CTRL_DGRAM_GET_CAPS 86
# define BIO_CTRL_DGRAM_SET_CAPS 87
# define BIO_CTRL_DGRAM_GET_NO_TRUNC 88
# define BIO_CTRL_DGRAM_SET_NO_TRUNC 89
/*
* internal BIO:
* # define BIO_CTRL_SET_KTLS_TX_ZEROCOPY_SENDFILE 90
*/
# define BIO_CTRL_GET_RPOLL_DESCRIPTOR 91
# define BIO_CTRL_GET_WPOLL_DESCRIPTOR 92
# define BIO_CTRL_DGRAM_DETECT_PEER_ADDR 93
# define BIO_CTRL_DGRAM_SET0_LOCAL_ADDR 94
# define BIO_DGRAM_CAP_NONE 0U
# define BIO_DGRAM_CAP_HANDLES_SRC_ADDR (1U << 0)
# define BIO_DGRAM_CAP_HANDLES_DST_ADDR (1U << 1)
# define BIO_DGRAM_CAP_PROVIDES_SRC_ADDR (1U << 2)
# define BIO_DGRAM_CAP_PROVIDES_DST_ADDR (1U << 3)
# ifndef OPENSSL_NO_KTLS
# define BIO_get_ktls_send(b) \
(BIO_ctrl(b, BIO_CTRL_GET_KTLS_SEND, 0, NULL) > 0)
@ -208,7 +238,7 @@ extern "C" {
# define BIO_FLAGS_NONCLEAR_RST 0x400
# define BIO_FLAGS_IN_EOF 0x800
/* the BIO FLAGS values 0x1000 to 0x4000 are reserved for internal KTLS flags */
/* the BIO FLAGS values 0x1000 to 0x8000 are reserved for internal KTLS flags */
typedef union bio_addr_st BIO_ADDR;
typedef struct bio_addrinfo_st BIO_ADDRINFO;
@ -256,12 +286,14 @@ void BIO_clear_flags(BIO *b, int flags);
# define BIO_RR_ACCEPT 0x03
/* These are passed by the BIO callback */
# define BIO_CB_FREE 0x01
# define BIO_CB_READ 0x02
# define BIO_CB_WRITE 0x03
# define BIO_CB_PUTS 0x04
# define BIO_CB_GETS 0x05
# define BIO_CB_CTRL 0x06
# define BIO_CB_FREE 0x01
# define BIO_CB_READ 0x02
# define BIO_CB_WRITE 0x03
# define BIO_CB_PUTS 0x04
# define BIO_CB_GETS 0x05
# define BIO_CB_CTRL 0x06
# define BIO_CB_RECVMMSG 0x07
# define BIO_CB_SENDMMSG 0x08
/*
* The callback is called before and after the underling operation, The
@ -362,6 +394,36 @@ struct bio_dgram_sctp_prinfo {
};
# endif
/* BIO_sendmmsg/BIO_recvmmsg-related definitions */
typedef struct bio_msg_st {
void *data;
size_t data_len;
BIO_ADDR *peer, *local;
uint64_t flags;
} BIO_MSG;
typedef struct bio_mmsg_cb_args_st {
BIO_MSG *msg;
size_t stride, num_msg;
uint64_t flags;
size_t *msgs_processed;
} BIO_MMSG_CB_ARGS;
#define BIO_POLL_DESCRIPTOR_TYPE_NONE 0
#define BIO_POLL_DESCRIPTOR_TYPE_SOCK_FD 1
#define BIO_POLL_DESCRIPTOR_TYPE_SSL 2
#define BIO_POLL_DESCRIPTOR_CUSTOM_START 8192
typedef struct bio_poll_descriptor_st {
uint32_t type;
union {
int fd;
void *custom;
uintptr_t custom_ui;
SSL *ssl;
} value;
} BIO_POLL_DESCRIPTOR;
/*
* #define BIO_CONN_get_param_hostname BIO_ctrl
*/
@ -428,10 +490,17 @@ struct bio_dgram_sctp_prinfo {
# define BIO_C_SET_CONNECT_MODE 155
# define BIO_C_SET_TFO 156 /* like BIO_C_SET_NBIO */
# define BIO_C_SET_SOCK_TYPE 157
# define BIO_C_GET_SOCK_TYPE 158
# define BIO_C_GET_DGRAM_BIO 159
# define BIO_set_app_data(s,arg) BIO_set_ex_data(s,0,arg)
# define BIO_get_app_data(s) BIO_get_ex_data(s,0)
# define BIO_set_nbio(b,n) BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL)
# define BIO_set_nbio(b,n) BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL)
# define BIO_set_tfo(b,n) BIO_ctrl(b,BIO_C_SET_TFO,(n),NULL)
# ifndef OPENSSL_NO_SOCK
/* IP families we support, for BIO_s_connect() and BIO_s_accept() */
@ -452,7 +521,11 @@ struct bio_dgram_sctp_prinfo {
# define BIO_get_conn_port(b) ((const char *)BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,1))
# define BIO_get_conn_address(b) ((const BIO_ADDR *)BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,2))
# define BIO_get_conn_ip_family(b) BIO_ctrl(b,BIO_C_GET_CONNECT,3,NULL)
# define BIO_get_conn_mode(b) BIO_ctrl(b,BIO_C_GET_CONNECT,4,NULL)
# define BIO_set_conn_mode(b,n) BIO_ctrl(b,BIO_C_SET_CONNECT_MODE,(n),NULL)
# define BIO_set_sock_type(b,t) BIO_ctrl(b,BIO_C_SET_SOCK_TYPE,(t),NULL)
# define BIO_get_sock_type(b) BIO_ctrl(b,BIO_C_GET_SOCK_TYPE,0,NULL)
# define BIO_get0_dgram_bio(b, p) BIO_ctrl(b,BIO_C_GET_DGRAM_BIO,0,(void *)(BIO **)(p))
/* BIO_s_accept() */
# define BIO_set_accept_name(b,name) BIO_ctrl(b,BIO_C_SET_ACCEPT,0, \
@ -469,6 +542,7 @@ struct bio_dgram_sctp_prinfo {
(char *)(bio))
# define BIO_set_accept_ip_family(b,f) BIO_int_ctrl(b,BIO_C_SET_ACCEPT,4,f)
# define BIO_get_accept_ip_family(b) BIO_ctrl(b,BIO_C_GET_ACCEPT,4,NULL)
# define BIO_set_tfo_accept(b,n) BIO_ctrl(b,BIO_C_SET_ACCEPT,5,(n)?(void *)"a":NULL)
/* Aliases kept for backward compatibility */
# define BIO_BIND_NORMAL 0
@ -596,8 +670,32 @@ int BIO_ctrl_reset_read_request(BIO *b);
(int)BIO_ctrl(b, BIO_CTRL_DGRAM_GET_PEER, 0, (char *)(peer))
# define BIO_dgram_set_peer(b,peer) \
(int)BIO_ctrl(b, BIO_CTRL_DGRAM_SET_PEER, 0, (char *)(peer))
# define BIO_dgram_detect_peer_addr(b,peer) \
(int)BIO_ctrl(b, BIO_CTRL_DGRAM_DETECT_PEER_ADDR, 0, (char *)(peer))
# define BIO_dgram_get_mtu_overhead(b) \
(unsigned int)BIO_ctrl((b), BIO_CTRL_DGRAM_GET_MTU_OVERHEAD, 0, NULL)
# define BIO_dgram_get_local_addr_cap(b) \
(int)BIO_ctrl((b), BIO_CTRL_DGRAM_GET_LOCAL_ADDR_CAP, 0, NULL)
# define BIO_dgram_get_local_addr_enable(b, penable) \
(int)BIO_ctrl((b), BIO_CTRL_DGRAM_GET_LOCAL_ADDR_ENABLE, 0, (char *)(penable))
# define BIO_dgram_set_local_addr_enable(b, enable) \
(int)BIO_ctrl((b), BIO_CTRL_DGRAM_SET_LOCAL_ADDR_ENABLE, (enable), NULL)
# define BIO_dgram_get_effective_caps(b) \
(uint32_t)BIO_ctrl((b), BIO_CTRL_DGRAM_GET_EFFECTIVE_CAPS, 0, NULL)
# define BIO_dgram_get_caps(b) \
(uint32_t)BIO_ctrl((b), BIO_CTRL_DGRAM_GET_CAPS, 0, NULL)
# define BIO_dgram_set_caps(b, caps) \
(int)BIO_ctrl((b), BIO_CTRL_DGRAM_SET_CAPS, (long)(caps), NULL)
# define BIO_dgram_get_no_trunc(b) \
(unsigned int)BIO_ctrl((b), BIO_CTRL_DGRAM_GET_NO_TRUNC, 0, NULL)
# define BIO_dgram_set_no_trunc(b, enable) \
(int)BIO_ctrl((b), BIO_CTRL_DGRAM_SET_NO_TRUNC, (enable), NULL)
# define BIO_dgram_get_mtu(b) \
(unsigned int)BIO_ctrl((b), BIO_CTRL_DGRAM_GET_MTU, 0, NULL)
# define BIO_dgram_set_mtu(b, mtu) \
(int)BIO_ctrl((b), BIO_CTRL_DGRAM_SET_MTU, (mtu), NULL)
# define BIO_dgram_set0_local_addr(b, addr) \
(int)BIO_ctrl((b), BIO_CTRL_DGRAM_SET0_LOCAL_ADDR, 0, (addr))
/* ctrl macros for BIO_f_prefix */
# define BIO_set_prefix(b,p) BIO_ctrl((b), BIO_CTRL_SET_PREFIX, 0, (void *)(p))
@ -640,10 +738,18 @@ void BIO_vfree(BIO *a);
int BIO_up_ref(BIO *a);
int BIO_read(BIO *b, void *data, int dlen);
int BIO_read_ex(BIO *b, void *data, size_t dlen, size_t *readbytes);
__owur int BIO_recvmmsg(BIO *b, BIO_MSG *msg,
size_t stride, size_t num_msg, uint64_t flags,
size_t *msgs_processed);
int BIO_gets(BIO *bp, char *buf, int size);
int BIO_get_line(BIO *bio, char *buf, int size);
int BIO_write(BIO *b, const void *data, int dlen);
int BIO_write_ex(BIO *b, const void *data, size_t dlen, size_t *written);
__owur int BIO_sendmmsg(BIO *b, BIO_MSG *msg,
size_t stride, size_t num_msg, uint64_t flags,
size_t *msgs_processed);
__owur int BIO_get_rpoll_descriptor(BIO *b, BIO_POLL_DESCRIPTOR *desc);
__owur int BIO_get_wpoll_descriptor(BIO *b, BIO_POLL_DESCRIPTOR *desc);
int BIO_puts(BIO *bp, const char *buf);
int BIO_indent(BIO *b, int indent, int max);
long BIO_ctrl(BIO *bp, int cmd, long larg, void *parg);
@ -667,6 +773,9 @@ int BIO_nwrite0(BIO *bio, char **buf);
int BIO_nwrite(BIO *bio, char **buf, int num);
const BIO_METHOD *BIO_s_mem(void);
# ifndef OPENSSL_NO_DGRAM
const BIO_METHOD *BIO_s_dgram_mem(void);
# endif
const BIO_METHOD *BIO_s_secmem(void);
BIO *BIO_new_mem_buf(const void *buf, int len);
# ifndef OPENSSL_NO_SOCK
@ -686,6 +795,7 @@ const BIO_METHOD *BIO_f_nbio_test(void);
const BIO_METHOD *BIO_f_prefix(void);
const BIO_METHOD *BIO_s_core(void);
# ifndef OPENSSL_NO_DGRAM
const BIO_METHOD *BIO_s_dgram_pair(void);
const BIO_METHOD *BIO_s_datagram(void);
int BIO_dgram_non_fatal_error(int error);
BIO *BIO_new_dgram(int fd, int close_flag);
@ -704,6 +814,7 @@ int BIO_dgram_sctp_msg_waiting(BIO *b);
# ifndef OPENSSL_NO_SOCK
int BIO_sock_should_retry(int i);
int BIO_sock_non_fatal_error(int error);
int BIO_err_is_non_fatal(unsigned int errcode);
int BIO_socket_wait(int fd, int for_read, time_t max_time);
# endif
int BIO_wait(BIO *bio, time_t max_time, unsigned int nap_milliseconds);
@ -726,6 +837,8 @@ int BIO_hex_string(BIO *out, int indent, int width, const void *data,
# ifndef OPENSSL_NO_SOCK
BIO_ADDR *BIO_ADDR_new(void);
int BIO_ADDR_copy(BIO_ADDR *dst, const BIO_ADDR *src);
BIO_ADDR *BIO_ADDR_dup(const BIO_ADDR *ap);
int BIO_ADDR_rawmake(BIO_ADDR *ap, int family,
const void *where, size_t wherelen, unsigned short port);
void BIO_ADDR_free(BIO_ADDR *);
@ -788,6 +901,7 @@ int BIO_sock_info(int sock,
# define BIO_SOCK_KEEPALIVE 0x04
# define BIO_SOCK_NONBLOCK 0x08
# define BIO_SOCK_NODELAY 0x10
# define BIO_SOCK_TFO 0x20
int BIO_socket(int domain, int socktype, int protocol, int options);
int BIO_connect(int sock, const BIO_ADDR *addr, int options);
@ -805,6 +919,11 @@ BIO *BIO_new_fd(int fd, int close_flag);
int BIO_new_bio_pair(BIO **bio1, size_t writebuf1,
BIO **bio2, size_t writebuf2);
# ifndef OPENSSL_NO_DGRAM
int BIO_new_bio_dgram_pair(BIO **bio1, size_t writebuf1,
BIO **bio2, size_t writebuf2);
# endif
/*
* If successful, returns 1 and in *bio1, *bio2 two BIO pair endpoints.
* Otherwise returns 0 and sets *bio1 and *bio2 to NULL. Size 0 uses default
@ -849,38 +968,54 @@ ossl_bio__attr__((__format__(ossl_bio__printf__, 3, 0)));
BIO_METHOD *BIO_meth_new(int type, const char *name);
void BIO_meth_free(BIO_METHOD *biom);
int (*BIO_meth_get_write(const BIO_METHOD *biom)) (BIO *, const char *, int);
int (*BIO_meth_get_write_ex(const BIO_METHOD *biom)) (BIO *, const char *, size_t,
size_t *);
int BIO_meth_set_write(BIO_METHOD *biom,
int (*write) (BIO *, const char *, int));
int BIO_meth_set_write_ex(BIO_METHOD *biom,
int (*bwrite) (BIO *, const char *, size_t, size_t *));
int (*BIO_meth_get_read(const BIO_METHOD *biom)) (BIO *, char *, int);
int (*BIO_meth_get_read_ex(const BIO_METHOD *biom)) (BIO *, char *, size_t, size_t *);
int BIO_meth_set_sendmmsg(BIO_METHOD *biom,
int (*f) (BIO *, BIO_MSG *, size_t, size_t,
uint64_t, size_t *));
int BIO_meth_set_read(BIO_METHOD *biom,
int (*read) (BIO *, char *, int));
int BIO_meth_set_read_ex(BIO_METHOD *biom,
int (*bread) (BIO *, char *, size_t, size_t *));
int (*BIO_meth_get_puts(const BIO_METHOD *biom)) (BIO *, const char *);
int BIO_meth_set_recvmmsg(BIO_METHOD *biom,
int (*f) (BIO *, BIO_MSG *, size_t, size_t,
uint64_t, size_t *));
int BIO_meth_set_puts(BIO_METHOD *biom,
int (*puts) (BIO *, const char *));
int (*BIO_meth_get_gets(const BIO_METHOD *biom)) (BIO *, char *, int);
int BIO_meth_set_gets(BIO_METHOD *biom,
int (*gets) (BIO *, char *, int));
long (*BIO_meth_get_ctrl(const BIO_METHOD *biom)) (BIO *, int, long, void *);
int (*ossl_gets) (BIO *, char *, int));
int BIO_meth_set_ctrl(BIO_METHOD *biom,
long (*ctrl) (BIO *, int, long, void *));
int (*BIO_meth_get_create(const BIO_METHOD *bion)) (BIO *);
int BIO_meth_set_create(BIO_METHOD *biom, int (*create) (BIO *));
int (*BIO_meth_get_destroy(const BIO_METHOD *biom)) (BIO *);
int BIO_meth_set_destroy(BIO_METHOD *biom, int (*destroy) (BIO *));
long (*BIO_meth_get_callback_ctrl(const BIO_METHOD *biom))
(BIO *, int, BIO_info_cb *);
int BIO_meth_set_callback_ctrl(BIO_METHOD *biom,
long (*callback_ctrl) (BIO *, int,
BIO_info_cb *));
# ifndef OPENSSL_NO_DEPRECATED_3_5
OSSL_DEPRECATEDIN_3_5 int (*BIO_meth_get_write(const BIO_METHOD *biom)) (BIO *, const char *,
int);
OSSL_DEPRECATEDIN_3_5 int (*BIO_meth_get_write_ex(const BIO_METHOD *biom)) (BIO *, const char *,
size_t, size_t *);
OSSL_DEPRECATEDIN_3_5 int (*BIO_meth_get_sendmmsg(const BIO_METHOD *biom))(BIO *, BIO_MSG *,
size_t, size_t,
uint64_t, size_t *);
OSSL_DEPRECATEDIN_3_5 int (*BIO_meth_get_read(const BIO_METHOD *biom)) (BIO *, char *, int);
OSSL_DEPRECATEDIN_3_5 int (*BIO_meth_get_read_ex(const BIO_METHOD *biom)) (BIO *, char *,
size_t, size_t *);
OSSL_DEPRECATEDIN_3_5 int (*BIO_meth_get_recvmmsg(const BIO_METHOD *biom))(BIO *, BIO_MSG *,
size_t, size_t,
uint64_t, size_t *);
OSSL_DEPRECATEDIN_3_5 int (*BIO_meth_get_puts(const BIO_METHOD *biom)) (BIO *, const char *);
OSSL_DEPRECATEDIN_3_5 int (*BIO_meth_get_gets(const BIO_METHOD *biom)) (BIO *, char *, int);
OSSL_DEPRECATEDIN_3_5 long (*BIO_meth_get_ctrl(const BIO_METHOD *biom)) (BIO *, int,
long, void *);
OSSL_DEPRECATEDIN_3_5 int (*BIO_meth_get_create(const BIO_METHOD *bion)) (BIO *);
OSSL_DEPRECATEDIN_3_5 int (*BIO_meth_get_destroy(const BIO_METHOD *biom)) (BIO *);
OSSL_DEPRECATEDIN_3_5 long (*BIO_meth_get_callback_ctrl(const BIO_METHOD *biom)) (BIO *, int,
BIO_info_cb *);
# endif
# ifdef __cplusplus
}
# endif

144
crypto/openssl/include/openssl/cmp.h
View file

@ -2,7 +2,7 @@
* WARNING: do not edit!
* Generated by Makefile from include/openssl/cmp.h.in
*
* Copyright 2007-2023 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2007-2024 The OpenSSL Project Authors. All Rights Reserved.
* Copyright Nokia 2007-2019
* Copyright Siemens AG 2015-2019
*
@ -35,7 +35,9 @@
extern "C" {
# endif
# define OSSL_CMP_PVNO 2
# define OSSL_CMP_PVNO_2 2
# define OSSL_CMP_PVNO_3 3
# define OSSL_CMP_PVNO OSSL_CMP_PVNO_2 /* v2 is the default */
/*-
* PKIFailureInfo ::= BIT STRING {
@ -137,7 +139,6 @@ extern "C" {
# if OSSL_CMP_PKIFAILUREINFO_MAX_BIT_PATTERN > INT_MAX
# error CMP_PKIFAILUREINFO_MAX bit pattern does not fit in type int
# endif
typedef ASN1_BIT_STRING OSSL_CMP_PKIFAILUREINFO;
# define OSSL_CMP_CTX_FAILINFO_badAlg (1 << 0)
@ -203,8 +204,8 @@ typedef ASN1_BIT_STRING OSSL_CMP_PKIFAILUREINFO;
# define OSSL_CMP_PKISTATUS_revocationWarning 4
# define OSSL_CMP_PKISTATUS_revocationNotification 5
# define OSSL_CMP_PKISTATUS_keyUpdateWarning 6
typedef ASN1_INTEGER OSSL_CMP_PKISTATUS;
DECLARE_ASN1_ITEM(OSSL_CMP_PKISTATUS)
# define OSSL_CMP_CERTORENCCERT_CERTIFICATE 0
@ -274,6 +275,46 @@ SKM_DEFINE_STACK_OF_INTERNAL(OSSL_CMP_ITAV, OSSL_CMP_ITAV, OSSL_CMP_ITAV)
#define sk_OSSL_CMP_ITAV_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(OSSL_CMP_ITAV) *)OPENSSL_sk_deep_copy(ossl_check_const_OSSL_CMP_ITAV_sk_type(sk), ossl_check_OSSL_CMP_ITAV_copyfunc_type(copyfunc), ossl_check_OSSL_CMP_ITAV_freefunc_type(freefunc)))
#define sk_OSSL_CMP_ITAV_set_cmp_func(sk, cmp) ((sk_OSSL_CMP_ITAV_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_OSSL_CMP_ITAV_sk_type(sk), ossl_check_OSSL_CMP_ITAV_compfunc_type(cmp)))
typedef struct ossl_cmp_crlstatus_st OSSL_CMP_CRLSTATUS;
SKM_DEFINE_STACK_OF_INTERNAL(OSSL_CMP_CRLSTATUS, OSSL_CMP_CRLSTATUS, OSSL_CMP_CRLSTATUS)
#define sk_OSSL_CMP_CRLSTATUS_num(sk) OPENSSL_sk_num(ossl_check_const_OSSL_CMP_CRLSTATUS_sk_type(sk))
#define sk_OSSL_CMP_CRLSTATUS_value(sk, idx) ((OSSL_CMP_CRLSTATUS *)OPENSSL_sk_value(ossl_check_const_OSSL_CMP_CRLSTATUS_sk_type(sk), (idx)))
#define sk_OSSL_CMP_CRLSTATUS_new(cmp) ((STACK_OF(OSSL_CMP_CRLSTATUS) *)OPENSSL_sk_new(ossl_check_OSSL_CMP_CRLSTATUS_compfunc_type(cmp)))
#define sk_OSSL_CMP_CRLSTATUS_new_null() ((STACK_OF(OSSL_CMP_CRLSTATUS) *)OPENSSL_sk_new_null())
#define sk_OSSL_CMP_CRLSTATUS_new_reserve(cmp, n) ((STACK_OF(OSSL_CMP_CRLSTATUS) *)OPENSSL_sk_new_reserve(ossl_check_OSSL_CMP_CRLSTATUS_compfunc_type(cmp), (n)))
#define sk_OSSL_CMP_CRLSTATUS_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_OSSL_CMP_CRLSTATUS_sk_type(sk), (n))
#define sk_OSSL_CMP_CRLSTATUS_free(sk) OPENSSL_sk_free(ossl_check_OSSL_CMP_CRLSTATUS_sk_type(sk))
#define sk_OSSL_CMP_CRLSTATUS_zero(sk) OPENSSL_sk_zero(ossl_check_OSSL_CMP_CRLSTATUS_sk_type(sk))
#define sk_OSSL_CMP_CRLSTATUS_delete(sk, i) ((OSSL_CMP_CRLSTATUS *)OPENSSL_sk_delete(ossl_check_OSSL_CMP_CRLSTATUS_sk_type(sk), (i)))
#define sk_OSSL_CMP_CRLSTATUS_delete_ptr(sk, ptr) ((OSSL_CMP_CRLSTATUS *)OPENSSL_sk_delete_ptr(ossl_check_OSSL_CMP_CRLSTATUS_sk_type(sk), ossl_check_OSSL_CMP_CRLSTATUS_type(ptr)))
#define sk_OSSL_CMP_CRLSTATUS_push(sk, ptr) OPENSSL_sk_push(ossl_check_OSSL_CMP_CRLSTATUS_sk_type(sk), ossl_check_OSSL_CMP_CRLSTATUS_type(ptr))
#define sk_OSSL_CMP_CRLSTATUS_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_OSSL_CMP_CRLSTATUS_sk_type(sk), ossl_check_OSSL_CMP_CRLSTATUS_type(ptr))
#define sk_OSSL_CMP_CRLSTATUS_pop(sk) ((OSSL_CMP_CRLSTATUS *)OPENSSL_sk_pop(ossl_check_OSSL_CMP_CRLSTATUS_sk_type(sk)))
#define sk_OSSL_CMP_CRLSTATUS_shift(sk) ((OSSL_CMP_CRLSTATUS *)OPENSSL_sk_shift(ossl_check_OSSL_CMP_CRLSTATUS_sk_type(sk)))
#define sk_OSSL_CMP_CRLSTATUS_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_OSSL_CMP_CRLSTATUS_sk_type(sk),ossl_check_OSSL_CMP_CRLSTATUS_freefunc_type(freefunc))
#define sk_OSSL_CMP_CRLSTATUS_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_OSSL_CMP_CRLSTATUS_sk_type(sk), ossl_check_OSSL_CMP_CRLSTATUS_type(ptr), (idx))
#define sk_OSSL_CMP_CRLSTATUS_set(sk, idx, ptr) ((OSSL_CMP_CRLSTATUS *)OPENSSL_sk_set(ossl_check_OSSL_CMP_CRLSTATUS_sk_type(sk), (idx), ossl_check_OSSL_CMP_CRLSTATUS_type(ptr)))
#define sk_OSSL_CMP_CRLSTATUS_find(sk, ptr) OPENSSL_sk_find(ossl_check_OSSL_CMP_CRLSTATUS_sk_type(sk), ossl_check_OSSL_CMP_CRLSTATUS_type(ptr))
#define sk_OSSL_CMP_CRLSTATUS_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_OSSL_CMP_CRLSTATUS_sk_type(sk), ossl_check_OSSL_CMP_CRLSTATUS_type(ptr))
#define sk_OSSL_CMP_CRLSTATUS_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_OSSL_CMP_CRLSTATUS_sk_type(sk), ossl_check_OSSL_CMP_CRLSTATUS_type(ptr), pnum)
#define sk_OSSL_CMP_CRLSTATUS_sort(sk) OPENSSL_sk_sort(ossl_check_OSSL_CMP_CRLSTATUS_sk_type(sk))
#define sk_OSSL_CMP_CRLSTATUS_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_OSSL_CMP_CRLSTATUS_sk_type(sk))
#define sk_OSSL_CMP_CRLSTATUS_dup(sk) ((STACK_OF(OSSL_CMP_CRLSTATUS) *)OPENSSL_sk_dup(ossl_check_const_OSSL_CMP_CRLSTATUS_sk_type(sk)))
#define sk_OSSL_CMP_CRLSTATUS_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(OSSL_CMP_CRLSTATUS) *)OPENSSL_sk_deep_copy(ossl_check_const_OSSL_CMP_CRLSTATUS_sk_type(sk), ossl_check_OSSL_CMP_CRLSTATUS_copyfunc_type(copyfunc), ossl_check_OSSL_CMP_CRLSTATUS_freefunc_type(freefunc)))
#define sk_OSSL_CMP_CRLSTATUS_set_cmp_func(sk, cmp) ((sk_OSSL_CMP_CRLSTATUS_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_OSSL_CMP_CRLSTATUS_sk_type(sk), ossl_check_OSSL_CMP_CRLSTATUS_compfunc_type(cmp)))
typedef OSSL_CRMF_ATTRIBUTETYPEANDVALUE OSSL_CMP_ATAV;
# define OSSL_CMP_ATAV_free OSSL_CRMF_ATTRIBUTETYPEANDVALUE_free
typedef STACK_OF(OSSL_CRMF_ATTRIBUTETYPEANDVALUE) OSSL_CMP_ATAVS;
DECLARE_ASN1_FUNCTIONS(OSSL_CMP_ATAVS)
# define stack_st_OSSL_CMP_ATAV stack_st_OSSL_CRMF_ATTRIBUTETYPEANDVALUE
# define sk_OSSL_CMP_ATAV_num sk_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_num
# define sk_OSSL_CMP_ATAV_value sk_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_value
# define sk_OSSL_CMP_ATAV_push sk_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_push
# define sk_OSSL_CMP_ATAV_pop_free sk_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_pop_free
typedef struct ossl_cmp_revrepcontent_st OSSL_CMP_REVREPCONTENT;
typedef struct ossl_cmp_pkisi_st OSSL_CMP_PKISI;
DECLARE_ASN1_FUNCTIONS(OSSL_CMP_PKISI)
@ -375,21 +416,75 @@ void OSSL_CMP_ITAV_set0(OSSL_CMP_ITAV *itav, ASN1_OBJECT *type,
ASN1_TYPE *value);
ASN1_OBJECT *OSSL_CMP_ITAV_get0_type(const OSSL_CMP_ITAV *itav);
ASN1_TYPE *OSSL_CMP_ITAV_get0_value(const OSSL_CMP_ITAV *itav);
int OSSL_CMP_ITAV_push0_stack_item(STACK_OF(OSSL_CMP_ITAV) **itav_sk_p,
int OSSL_CMP_ITAV_push0_stack_item(STACK_OF(OSSL_CMP_ITAV) **sk_p,
OSSL_CMP_ITAV *itav);
void OSSL_CMP_ITAV_free(OSSL_CMP_ITAV *itav);
OSSL_CMP_ITAV *OSSL_CMP_ITAV_new0_certProfile(STACK_OF(ASN1_UTF8STRING)
*certProfile);
int OSSL_CMP_ITAV_get0_certProfile(const OSSL_CMP_ITAV *itav,
STACK_OF(ASN1_UTF8STRING) **out);
OSSL_CMP_ITAV *OSSL_CMP_ITAV_new_caCerts(const STACK_OF(X509) *caCerts);
int OSSL_CMP_ITAV_get0_caCerts(const OSSL_CMP_ITAV *itav, STACK_OF(X509) **out);
OSSL_CMP_ITAV *OSSL_CMP_ITAV_new_rootCaCert(const X509 *rootCaCert);
int OSSL_CMP_ITAV_get0_rootCaCert(const OSSL_CMP_ITAV *itav, X509 **out);
OSSL_CMP_ITAV *OSSL_CMP_ITAV_new_rootCaKeyUpdate(const X509 *newWithNew,
const X509 *newWithOld,
const X509 *oldWithNew);
int OSSL_CMP_ITAV_get0_rootCaKeyUpdate(const OSSL_CMP_ITAV *itav,
X509 **newWithNew,
X509 **newWithOld,
X509 **oldWithNew);
OSSL_CMP_CRLSTATUS *OSSL_CMP_CRLSTATUS_create(const X509_CRL *crl,
const X509 *cert, int only_DN);
OSSL_CMP_CRLSTATUS *OSSL_CMP_CRLSTATUS_new1(const DIST_POINT_NAME *dpn,
const GENERAL_NAMES *issuer,
const ASN1_TIME *thisUpdate);
int OSSL_CMP_CRLSTATUS_get0(const OSSL_CMP_CRLSTATUS *crlstatus,
DIST_POINT_NAME **dpn, GENERAL_NAMES **issuer,
ASN1_TIME **thisUpdate);
void OSSL_CMP_CRLSTATUS_free(OSSL_CMP_CRLSTATUS *crlstatus);
OSSL_CMP_ITAV
*OSSL_CMP_ITAV_new0_crlStatusList(STACK_OF(OSSL_CMP_CRLSTATUS) *crlStatusList);
int OSSL_CMP_ITAV_get0_crlStatusList(const OSSL_CMP_ITAV *itav,
STACK_OF(OSSL_CMP_CRLSTATUS) **out);
OSSL_CMP_ITAV *OSSL_CMP_ITAV_new_crls(const X509_CRL *crls);
int OSSL_CMP_ITAV_get0_crls(const OSSL_CMP_ITAV *it, STACK_OF(X509_CRL) **out);
OSSL_CMP_ITAV
*OSSL_CMP_ITAV_new0_certReqTemplate(OSSL_CRMF_CERTTEMPLATE *certTemplate,
OSSL_CMP_ATAVS *keySpec);
int OSSL_CMP_ITAV_get1_certReqTemplate(const OSSL_CMP_ITAV *itav,
OSSL_CRMF_CERTTEMPLATE **certTemplate,
OSSL_CMP_ATAVS **keySpec);
OSSL_CMP_ATAV *OSSL_CMP_ATAV_create(ASN1_OBJECT *type, ASN1_TYPE *value);
void OSSL_CMP_ATAV_set0(OSSL_CMP_ATAV *itav, ASN1_OBJECT *type,
ASN1_TYPE *value);
ASN1_OBJECT *OSSL_CMP_ATAV_get0_type(const OSSL_CMP_ATAV *itav);
ASN1_TYPE *OSSL_CMP_ATAV_get0_value(const OSSL_CMP_ATAV *itav);
OSSL_CMP_ATAV *OSSL_CMP_ATAV_new_algId(const X509_ALGOR *alg);
X509_ALGOR *OSSL_CMP_ATAV_get0_algId(const OSSL_CMP_ATAV *atav);
OSSL_CMP_ATAV *OSSL_CMP_ATAV_new_rsaKeyLen(int len);
int OSSL_CMP_ATAV_get_rsaKeyLen(const OSSL_CMP_ATAV *atav);
int OSSL_CMP_ATAV_push1(OSSL_CMP_ATAVS **sk_p, const OSSL_CMP_ATAV *atav);
void OSSL_CMP_MSG_free(OSSL_CMP_MSG *msg);
/* from cmp_ctx.c */
OSSL_CMP_CTX *OSSL_CMP_CTX_new(OSSL_LIB_CTX *libctx, const char *propq);
void OSSL_CMP_CTX_free(OSSL_CMP_CTX *ctx);
int OSSL_CMP_CTX_reinit(OSSL_CMP_CTX *ctx);
OSSL_LIB_CTX *OSSL_CMP_CTX_get0_libctx(const OSSL_CMP_CTX *ctx);
const char *OSSL_CMP_CTX_get0_propq(const OSSL_CMP_CTX *ctx);
/* CMP general options: */
# define OSSL_CMP_OPT_LOG_VERBOSITY 0
/* CMP transfer options: */
# define OSSL_CMP_OPT_KEEP_ALIVE 10
# define OSSL_CMP_OPT_MSG_TIMEOUT 11
# define OSSL_CMP_OPT_KEEP_ALIVE 10
# define OSSL_CMP_OPT_MSG_TIMEOUT 11
# define OSSL_CMP_OPT_TOTAL_TIMEOUT 12
# define OSSL_CMP_OPT_USE_TLS 13
/* CMP request options: */
# define OSSL_CMP_OPT_VALIDITY_DAYS 20
# define OSSL_CMP_OPT_SUBJECTALTNAME_NODEFAULT 21
@ -407,6 +502,7 @@ int OSSL_CMP_CTX_reinit(OSSL_CMP_CTX *ctx);
# define OSSL_CMP_OPT_DIGEST_ALGNID 34
# define OSSL_CMP_OPT_IGNORE_KEYUSAGE 35
# define OSSL_CMP_OPT_PERMIT_TA_IN_EXTRACERTS_FOR_IR 36
# define OSSL_CMP_OPT_NO_CACHE_EXTRACERTS 37
int OSSL_CMP_CTX_set_option(OSSL_CMP_CTX *ctx, int opt, int val);
int OSSL_CMP_CTX_get_option(const OSSL_CMP_CTX *ctx, int opt);
/* CMP-specific callback for logging and outputting the error queue: */
@ -420,9 +516,11 @@ int OSSL_CMP_CTX_set1_server(OSSL_CMP_CTX *ctx, const char *address);
int OSSL_CMP_CTX_set_serverPort(OSSL_CMP_CTX *ctx, int port);
int OSSL_CMP_CTX_set1_proxy(OSSL_CMP_CTX *ctx, const char *name);
int OSSL_CMP_CTX_set1_no_proxy(OSSL_CMP_CTX *ctx, const char *names);
# ifndef OPENSSL_NO_HTTP
int OSSL_CMP_CTX_set_http_cb(OSSL_CMP_CTX *ctx, OSSL_HTTP_bio_cb_t cb);
int OSSL_CMP_CTX_set_http_cb_arg(OSSL_CMP_CTX *ctx, void *arg);
void *OSSL_CMP_CTX_get_http_cb_arg(const OSSL_CMP_CTX *ctx);
# endif
typedef OSSL_CMP_MSG *(*OSSL_CMP_transfer_cb_t) (OSSL_CMP_CTX *ctx,
const OSSL_CMP_MSG *req);
int OSSL_CMP_CTX_set_transfer_cb(OSSL_CMP_CTX *ctx, OSSL_CMP_transfer_cb_t cb);
@ -432,7 +530,9 @@ void *OSSL_CMP_CTX_get_transfer_cb_arg(const OSSL_CMP_CTX *ctx);
int OSSL_CMP_CTX_set1_srvCert(OSSL_CMP_CTX *ctx, X509 *cert);
int OSSL_CMP_CTX_set1_expected_sender(OSSL_CMP_CTX *ctx, const X509_NAME *name);
int OSSL_CMP_CTX_set0_trustedStore(OSSL_CMP_CTX *ctx, X509_STORE *store);
# define OSSL_CMP_CTX_set0_trusted OSSL_CMP_CTX_set0_trustedStore
X509_STORE *OSSL_CMP_CTX_get0_trustedStore(const OSSL_CMP_CTX *ctx);
# define OSSL_CMP_CTX_get0_trusted OSSL_CMP_CTX_get0_trustedStore
int OSSL_CMP_CTX_set1_untrusted(OSSL_CMP_CTX *ctx, STACK_OF(X509) *certs);
STACK_OF(X509) *OSSL_CMP_CTX_get0_untrusted(const OSSL_CMP_CTX *ctx);
/* client authentication: */
@ -448,12 +548,15 @@ int OSSL_CMP_CTX_set1_secretValue(OSSL_CMP_CTX *ctx,
int OSSL_CMP_CTX_set1_recipient(OSSL_CMP_CTX *ctx, const X509_NAME *name);
int OSSL_CMP_CTX_push0_geninfo_ITAV(OSSL_CMP_CTX *ctx, OSSL_CMP_ITAV *itav);
int OSSL_CMP_CTX_reset_geninfo_ITAVs(OSSL_CMP_CTX *ctx);
STACK_OF(OSSL_CMP_ITAV)
*OSSL_CMP_CTX_get0_geninfo_ITAVs(const OSSL_CMP_CTX *ctx);
int OSSL_CMP_CTX_set1_extraCertsOut(OSSL_CMP_CTX *ctx,
STACK_OF(X509) *extraCertsOut);
/* certificate template: */
int OSSL_CMP_CTX_set0_newPkey(OSSL_CMP_CTX *ctx, int priv, EVP_PKEY *pkey);
EVP_PKEY *OSSL_CMP_CTX_get0_newPkey(const OSSL_CMP_CTX *ctx, int priv);
int OSSL_CMP_CTX_set1_issuer(OSSL_CMP_CTX *ctx, const X509_NAME *name);
int OSSL_CMP_CTX_set1_serialNumber(OSSL_CMP_CTX *ctx, const ASN1_INTEGER *sn);
int OSSL_CMP_CTX_set1_subjectName(OSSL_CMP_CTX *ctx, const X509_NAME *name);
int OSSL_CMP_CTX_push1_subjectAltName(OSSL_CMP_CTX *ctx,
const GENERAL_NAME *name);
@ -477,6 +580,7 @@ int OSSL_CMP_CTX_get_status(const OSSL_CMP_CTX *ctx);
OSSL_CMP_PKIFREETEXT *OSSL_CMP_CTX_get0_statusString(const OSSL_CMP_CTX *ctx);
int OSSL_CMP_CTX_get_failInfoCode(const OSSL_CMP_CTX *ctx);
# define OSSL_CMP_PKISI_BUFLEN 1024
X509 *OSSL_CMP_CTX_get0_validatedSrvCert(const OSSL_CMP_CTX *ctx);
X509 *OSSL_CMP_CTX_get0_newCert(const OSSL_CMP_CTX *ctx);
STACK_OF(X509) *OSSL_CMP_CTX_get1_newChain(const OSSL_CMP_CTX *ctx);
STACK_OF(X509) *OSSL_CMP_CTX_get1_caPubs(const OSSL_CMP_CTX *ctx);
@ -498,10 +602,13 @@ OSSL_CMP_STATUSINFO_new(int status, int fail_info, const char *text);
ASN1_OCTET_STRING *OSSL_CMP_HDR_get0_transactionID(const
OSSL_CMP_PKIHEADER *hdr);
ASN1_OCTET_STRING *OSSL_CMP_HDR_get0_recipNonce(const OSSL_CMP_PKIHEADER *hdr);
STACK_OF(OSSL_CMP_ITAV)
*OSSL_CMP_HDR_get0_geninfo_ITAVs(const OSSL_CMP_PKIHEADER *hdr);
/* from cmp_msg.c */
OSSL_CMP_PKIHEADER *OSSL_CMP_MSG_get0_header(const OSSL_CMP_MSG *msg);
int OSSL_CMP_MSG_get_bodytype(const OSSL_CMP_MSG *msg);
X509_PUBKEY *OSSL_CMP_MSG_get0_certreq_publickey(const OSSL_CMP_MSG *msg);
int OSSL_CMP_MSG_update_transactionID(OSSL_CMP_CTX *ctx, OSSL_CMP_MSG *msg);
int OSSL_CMP_MSG_update_recipNonce(OSSL_CMP_CTX *ctx, OSSL_CMP_MSG *msg);
OSSL_CRMF_MSG *OSSL_CMP_CTX_setup_CRM(OSSL_CMP_CTX *ctx, int for_KUR, int rid);
@ -517,8 +624,10 @@ int OSSL_CMP_validate_cert_path(const OSSL_CMP_CTX *ctx,
X509_STORE *trusted_store, X509 *cert);
/* from cmp_http.c */
# ifndef OPENSSL_NO_HTTP
OSSL_CMP_MSG *OSSL_CMP_MSG_http_perform(OSSL_CMP_CTX *ctx,
const OSSL_CMP_MSG *req);
# endif
/* from cmp_server.c */
typedef struct ossl_cmp_srv_ctx_st OSSL_CMP_SRV_CTX;
@ -561,6 +670,13 @@ int OSSL_CMP_SRV_CTX_init(OSSL_CMP_SRV_CTX *srv_ctx, void *custom_ctx,
OSSL_CMP_SRV_error_cb_t process_error,
OSSL_CMP_SRV_certConf_cb_t process_certConf,
OSSL_CMP_SRV_pollReq_cb_t process_pollReq);
typedef int (*OSSL_CMP_SRV_delayed_delivery_cb_t)(OSSL_CMP_SRV_CTX *srv_ctx,
const OSSL_CMP_MSG *req);
typedef int (*OSSL_CMP_SRV_clean_transaction_cb_t)(OSSL_CMP_SRV_CTX *srv_ctx,
const ASN1_OCTET_STRING *id);
int OSSL_CMP_SRV_CTX_init_trans(OSSL_CMP_SRV_CTX *srv_ctx,
OSSL_CMP_SRV_delayed_delivery_cb_t delay,
OSSL_CMP_SRV_clean_transaction_cb_t clean);
OSSL_CMP_CTX *OSSL_CMP_SRV_CTX_get0_cmp_ctx(const OSSL_CMP_SRV_CTX *srv_ctx);
void *OSSL_CMP_SRV_CTX_get0_custom_ctx(const OSSL_CMP_SRV_CTX *srv_ctx);
int OSSL_CMP_SRV_CTX_set_send_unprotected_errors(OSSL_CMP_SRV_CTX *srv_ctx,
@ -577,6 +693,8 @@ X509 *OSSL_CMP_exec_certreq(OSSL_CMP_CTX *ctx, int req_type,
# define OSSL_CMP_CR 2
# define OSSL_CMP_P10CR 4
# define OSSL_CMP_KUR 7
# define OSSL_CMP_GENM 21
# define OSSL_CMP_ERROR 23
# define OSSL_CMP_exec_IR_ses(ctx) \
OSSL_CMP_exec_certreq(ctx, OSSL_CMP_IR, NULL)
# define OSSL_CMP_exec_CR_ses(ctx) \
@ -590,6 +708,18 @@ int OSSL_CMP_try_certreq(OSSL_CMP_CTX *ctx, int req_type,
int OSSL_CMP_exec_RR_ses(OSSL_CMP_CTX *ctx);
STACK_OF(OSSL_CMP_ITAV) *OSSL_CMP_exec_GENM_ses(OSSL_CMP_CTX *ctx);
/* from cmp_genm.c */
int OSSL_CMP_get1_caCerts(OSSL_CMP_CTX *ctx, STACK_OF(X509) **out);
int OSSL_CMP_get1_rootCaKeyUpdate(OSSL_CMP_CTX *ctx,
const X509 *oldWithOld, X509 **newWithNew,
X509 **newWithOld, X509 **oldWithNew);
int OSSL_CMP_get1_crlUpdate(OSSL_CMP_CTX *ctx, const X509 *crlcert,
const X509_CRL *last_crl,
X509_CRL **crl);
int OSSL_CMP_get1_certReqTemplate(OSSL_CMP_CTX *ctx,
OSSL_CRMF_CERTTEMPLATE **certTemplate,
OSSL_CMP_ATAVS **keySpec);
# ifdef __cplusplus
}
# endif

38
crypto/openssl/include/openssl/cms.h
View file

@ -2,7 +2,7 @@
* WARNING: do not edit!
* Generated by Makefile from include/openssl/cms.h.in
*
* Copyright 2008-2021 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2008-2025 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -31,8 +31,10 @@
extern "C" {
# endif
typedef struct CMS_EnvelopedData_st CMS_EnvelopedData;
typedef struct CMS_ContentInfo_st CMS_ContentInfo;
typedef struct CMS_SignerInfo_st CMS_SignerInfo;
typedef struct CMS_SignedData_st CMS_SignedData;
typedef struct CMS_CertificateChoices CMS_CertificateChoices;
typedef struct CMS_RevocationInfoChoice_st CMS_RevocationInfoChoice;
typedef struct CMS_RecipientInfo_st CMS_RecipientInfo;
@ -147,10 +149,14 @@ SKM_DEFINE_STACK_OF_INTERNAL(CMS_RevocationInfoChoice, CMS_RevocationInfoChoice,
#define sk_CMS_RevocationInfoChoice_set_cmp_func(sk, cmp) ((sk_CMS_RevocationInfoChoice_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_CMS_RevocationInfoChoice_sk_type(sk), ossl_check_CMS_RevocationInfoChoice_compfunc_type(cmp)))
DECLARE_ASN1_ITEM(CMS_EnvelopedData)
DECLARE_ASN1_ALLOC_FUNCTIONS(CMS_SignedData)
DECLARE_ASN1_FUNCTIONS(CMS_ContentInfo)
DECLARE_ASN1_FUNCTIONS(CMS_ReceiptRequest)
DECLARE_ASN1_PRINT_FUNCTION(CMS_ContentInfo)
DECLARE_ASN1_DUP_FUNCTION(CMS_EnvelopedData)
CMS_ContentInfo *CMS_ContentInfo_new_ex(OSSL_LIB_CTX *libctx, const char *propq);
# define CMS_SIGNERINFO_ISSUER_SERIAL 0
@ -190,6 +196,7 @@ CMS_ContentInfo *CMS_ContentInfo_new_ex(OSSL_LIB_CTX *libctx, const char *propq)
# define CMS_ASCIICRLF 0x80000
# define CMS_CADES 0x100000
# define CMS_USE_ORIGINATOR_KEYID 0x200000
# define CMS_NO_SIGNING_TIME 0x400000
const ASN1_OBJECT *CMS_get0_type(const CMS_ContentInfo *cms);
@ -217,13 +224,16 @@ int SMIME_write_CMS(BIO *bio, CMS_ContentInfo *cms, BIO *data, int flags);
int CMS_final(CMS_ContentInfo *cms, BIO *data, BIO *dcont,
unsigned int flags);
int CMS_final_digest(CMS_ContentInfo *cms,
const unsigned char *md, unsigned int mdlen, BIO *dcont,
unsigned int flags);
CMS_ContentInfo *CMS_sign(X509 *signcert, EVP_PKEY *pkey,
STACK_OF(X509) *certs, BIO *data,
unsigned int flags);
CMS_ContentInfo *CMS_sign_ex(X509 *signcert, EVP_PKEY *pkey,
STACK_OF(X509) *certs, BIO *data,
unsigned int flags, OSSL_LIB_CTX *ctx,
unsigned int flags, OSSL_LIB_CTX *libctx,
const char *propq);
CMS_ContentInfo *CMS_sign_receipt(CMS_SignerInfo *si,
@ -233,27 +243,26 @@ CMS_ContentInfo *CMS_sign_receipt(CMS_SignerInfo *si,
int CMS_data(CMS_ContentInfo *cms, BIO *out, unsigned int flags);
CMS_ContentInfo *CMS_data_create(BIO *in, unsigned int flags);
CMS_ContentInfo *CMS_data_create_ex(BIO *in, unsigned int flags,
OSSL_LIB_CTX *ctx, const char *propq);
OSSL_LIB_CTX *libctx, const char *propq);
int CMS_digest_verify(CMS_ContentInfo *cms, BIO *dcont, BIO *out,
unsigned int flags);
CMS_ContentInfo *CMS_digest_create(BIO *in, const EVP_MD *md,
unsigned int flags);
CMS_ContentInfo *CMS_digest_create_ex(BIO *in, const EVP_MD *md,
unsigned int flags, OSSL_LIB_CTX *ctx,
unsigned int flags, OSSL_LIB_CTX *libctx,
const char *propq);
int CMS_EncryptedData_decrypt(CMS_ContentInfo *cms,
const unsigned char *key, size_t keylen,
BIO *dcont, BIO *out, unsigned int flags);
CMS_ContentInfo *CMS_EncryptedData_encrypt(BIO *in, const EVP_CIPHER *cipher,
const unsigned char *key,
size_t keylen, unsigned int flags);
CMS_ContentInfo *CMS_EncryptedData_encrypt_ex(BIO *in, const EVP_CIPHER *cipher,
const unsigned char *key,
size_t keylen, unsigned int flags,
OSSL_LIB_CTX *ctx,
OSSL_LIB_CTX *libctx,
const char *propq);
int CMS_EncryptedData_set1_key(CMS_ContentInfo *cms, const EVP_CIPHER *ciph,
@ -272,7 +281,7 @@ CMS_ContentInfo *CMS_encrypt(STACK_OF(X509) *certs, BIO *in,
const EVP_CIPHER *cipher, unsigned int flags);
CMS_ContentInfo *CMS_encrypt_ex(STACK_OF(X509) *certs, BIO *in,
const EVP_CIPHER *cipher, unsigned int flags,
OSSL_LIB_CTX *ctx, const char *propq);
OSSL_LIB_CTX *libctx, const char *propq);
int CMS_decrypt(CMS_ContentInfo *cms, EVP_PKEY *pkey, X509 *cert,
BIO *dcont, BIO *out, unsigned int flags);
@ -291,12 +300,16 @@ int CMS_RecipientInfo_type(CMS_RecipientInfo *ri);
EVP_PKEY_CTX *CMS_RecipientInfo_get0_pkey_ctx(CMS_RecipientInfo *ri);
CMS_ContentInfo *CMS_AuthEnvelopedData_create(const EVP_CIPHER *cipher);
CMS_ContentInfo *
CMS_AuthEnvelopedData_create_ex(const EVP_CIPHER *cipher, OSSL_LIB_CTX *ctx,
CMS_AuthEnvelopedData_create_ex(const EVP_CIPHER *cipher, OSSL_LIB_CTX *libctx,
const char *propq);
CMS_ContentInfo *CMS_EnvelopedData_create(const EVP_CIPHER *cipher);
CMS_ContentInfo *CMS_EnvelopedData_create_ex(const EVP_CIPHER *cipher,
OSSL_LIB_CTX *ctx,
OSSL_LIB_CTX *libctx,
const char *propq);
BIO *CMS_EnvelopedData_decrypt(CMS_EnvelopedData *env, BIO *detached_data,
EVP_PKEY *pkey, X509 *cert,
ASN1_OCTET_STRING *secret, unsigned int flags,
OSSL_LIB_CTX *libctx, const char *propq);
CMS_RecipientInfo *CMS_add1_recipient_cert(CMS_ContentInfo *cms,
X509 *recip, unsigned int flags);
@ -385,6 +398,11 @@ ASN1_OCTET_STRING *CMS_SignerInfo_get0_signature(CMS_SignerInfo *si);
int CMS_SignerInfo_sign(CMS_SignerInfo *si);
int CMS_SignerInfo_verify(CMS_SignerInfo *si);
int CMS_SignerInfo_verify_content(CMS_SignerInfo *si, BIO *chain);
BIO *CMS_SignedData_verify(CMS_SignedData *sd, BIO *detached_data,
STACK_OF(X509) *scerts, X509_STORE *store,
STACK_OF(X509) *extra, STACK_OF(X509_CRL) *crls,
unsigned int flags,
OSSL_LIB_CTX *libctx, const char *propq);
int CMS_add_smimecap(CMS_SignerInfo *si, STACK_OF(X509_ALGOR) *algs);
int CMS_add_simple_smimecap(STACK_OF(X509_ALGOR) **algs,
@ -441,7 +459,7 @@ CMS_ReceiptRequest *CMS_ReceiptRequest_create0_ex(
unsigned char *id, int idlen, int allorfirst,
STACK_OF(GENERAL_NAMES) *receiptList,
STACK_OF(GENERAL_NAMES) *receiptsTo,
OSSL_LIB_CTX *ctx);
OSSL_LIB_CTX *libctx);
int CMS_add1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest *rr);
void CMS_ReceiptRequest_get0_values(CMS_ReceiptRequest *rr,

98
crypto/openssl/include/openssl/comp.h Normal file
View file

@ -0,0 +1,98 @@
/*
* Copyright 2015-2024 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OPENSSL_COMP_H
# define OPENSSL_COMP_H
# pragma once
# include <openssl/macros.h>
# ifndef OPENSSL_NO_DEPRECATED_3_0
# define HEADER_COMP_H
# endif
# include <openssl/opensslconf.h>
# include <openssl/crypto.h>
# include <openssl/comperr.h>
# ifdef __cplusplus
extern "C" {
# endif
# ifndef OPENSSL_NO_COMP
COMP_CTX *COMP_CTX_new(COMP_METHOD *meth);
const COMP_METHOD *COMP_CTX_get_method(const COMP_CTX *ctx);
int COMP_CTX_get_type(const COMP_CTX* comp);
int COMP_get_type(const COMP_METHOD *meth);
const char *COMP_get_name(const COMP_METHOD *meth);
void COMP_CTX_free(COMP_CTX *ctx);
int COMP_compress_block(COMP_CTX *ctx, unsigned char *out, int olen,
unsigned char *in, int ilen);
int COMP_expand_block(COMP_CTX *ctx, unsigned char *out, int olen,
unsigned char *in, int ilen);
COMP_METHOD *COMP_zlib(void);
COMP_METHOD *COMP_zlib_oneshot(void);
COMP_METHOD *COMP_brotli(void);
COMP_METHOD *COMP_brotli_oneshot(void);
COMP_METHOD *COMP_zstd(void);
COMP_METHOD *COMP_zstd_oneshot(void);
# ifndef OPENSSL_NO_DEPRECATED_1_1_0
# define COMP_zlib_cleanup() while(0) continue
# endif
# ifdef OPENSSL_BIO_H
const BIO_METHOD *BIO_f_zlib(void);
const BIO_METHOD *BIO_f_brotli(void);
const BIO_METHOD *BIO_f_zstd(void);
# endif
# endif
typedef struct ssl_comp_st SSL_COMP;
SKM_DEFINE_STACK_OF_INTERNAL(SSL_COMP, SSL_COMP, SSL_COMP)
#define sk_SSL_COMP_num(sk) OPENSSL_sk_num(ossl_check_const_SSL_COMP_sk_type(sk))
#define sk_SSL_COMP_value(sk, idx) ((SSL_COMP *)OPENSSL_sk_value(ossl_check_const_SSL_COMP_sk_type(sk), (idx)))
#define sk_SSL_COMP_new(cmp) ((STACK_OF(SSL_COMP) *)OPENSSL_sk_new(ossl_check_SSL_COMP_compfunc_type(cmp)))
#define sk_SSL_COMP_new_null() ((STACK_OF(SSL_COMP) *)OPENSSL_sk_new_null())
#define sk_SSL_COMP_new_reserve(cmp, n) ((STACK_OF(SSL_COMP) *)OPENSSL_sk_new_reserve(ossl_check_SSL_COMP_compfunc_type(cmp), (n)))
#define sk_SSL_COMP_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_SSL_COMP_sk_type(sk), (n))
#define sk_SSL_COMP_free(sk) OPENSSL_sk_free(ossl_check_SSL_COMP_sk_type(sk))
#define sk_SSL_COMP_zero(sk) OPENSSL_sk_zero(ossl_check_SSL_COMP_sk_type(sk))
#define sk_SSL_COMP_delete(sk, i) ((SSL_COMP *)OPENSSL_sk_delete(ossl_check_SSL_COMP_sk_type(sk), (i)))
#define sk_SSL_COMP_delete_ptr(sk, ptr) ((SSL_COMP *)OPENSSL_sk_delete_ptr(ossl_check_SSL_COMP_sk_type(sk), ossl_check_SSL_COMP_type(ptr)))
#define sk_SSL_COMP_push(sk, ptr) OPENSSL_sk_push(ossl_check_SSL_COMP_sk_type(sk), ossl_check_SSL_COMP_type(ptr))
#define sk_SSL_COMP_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_SSL_COMP_sk_type(sk), ossl_check_SSL_COMP_type(ptr))
#define sk_SSL_COMP_pop(sk) ((SSL_COMP *)OPENSSL_sk_pop(ossl_check_SSL_COMP_sk_type(sk)))
#define sk_SSL_COMP_shift(sk) ((SSL_COMP *)OPENSSL_sk_shift(ossl_check_SSL_COMP_sk_type(sk)))
#define sk_SSL_COMP_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_SSL_COMP_sk_type(sk),ossl_check_SSL_COMP_freefunc_type(freefunc))
#define sk_SSL_COMP_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_SSL_COMP_sk_type(sk), ossl_check_SSL_COMP_type(ptr), (idx))
#define sk_SSL_COMP_set(sk, idx, ptr) ((SSL_COMP *)OPENSSL_sk_set(ossl_check_SSL_COMP_sk_type(sk), (idx), ossl_check_SSL_COMP_type(ptr)))
#define sk_SSL_COMP_find(sk, ptr) OPENSSL_sk_find(ossl_check_SSL_COMP_sk_type(sk), ossl_check_SSL_COMP_type(ptr))
#define sk_SSL_COMP_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_SSL_COMP_sk_type(sk), ossl_check_SSL_COMP_type(ptr))
#define sk_SSL_COMP_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_SSL_COMP_sk_type(sk), ossl_check_SSL_COMP_type(ptr), pnum)
#define sk_SSL_COMP_sort(sk) OPENSSL_sk_sort(ossl_check_SSL_COMP_sk_type(sk))
#define sk_SSL_COMP_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_SSL_COMP_sk_type(sk))
#define sk_SSL_COMP_dup(sk) ((STACK_OF(SSL_COMP) *)OPENSSL_sk_dup(ossl_check_const_SSL_COMP_sk_type(sk)))
#define sk_SSL_COMP_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(SSL_COMP) *)OPENSSL_sk_deep_copy(ossl_check_const_SSL_COMP_sk_type(sk), ossl_check_SSL_COMP_copyfunc_type(copyfunc), ossl_check_SSL_COMP_freefunc_type(freefunc)))
#define sk_SSL_COMP_set_cmp_func(sk, cmp) ((sk_SSL_COMP_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_SSL_COMP_sk_type(sk), ossl_check_SSL_COMP_compfunc_type(cmp)))
# ifdef __cplusplus
}
# endif
#endif

5
crypto/openssl/include/openssl/conf.h
View file

@ -27,6 +27,9 @@
# include <openssl/e_os2.h>
# include <openssl/types.h>
# include <openssl/conferr.h>
# ifndef OPENSSL_NO_STDIO
# include <stdio.h>
# endif
#ifdef __cplusplus
extern "C" {
@ -65,7 +68,7 @@ SKM_DEFINE_STACK_OF_INTERNAL(CONF_VALUE, CONF_VALUE, CONF_VALUE)
#define sk_CONF_VALUE_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(CONF_VALUE) *)OPENSSL_sk_deep_copy(ossl_check_const_CONF_VALUE_sk_type(sk), ossl_check_CONF_VALUE_copyfunc_type(copyfunc), ossl_check_CONF_VALUE_freefunc_type(freefunc)))
#define sk_CONF_VALUE_set_cmp_func(sk, cmp) ((sk_CONF_VALUE_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_CONF_VALUE_sk_type(sk), ossl_check_CONF_VALUE_compfunc_type(cmp)))
DEFINE_LHASH_OF_INTERNAL(CONF_VALUE);
#define lh_CONF_VALUE_new(hfn, cmp) ((LHASH_OF(CONF_VALUE) *)OPENSSL_LH_new(ossl_check_CONF_VALUE_lh_hashfunc_type(hfn), ossl_check_CONF_VALUE_lh_compfunc_type(cmp)))
#define lh_CONF_VALUE_new(hfn, cmp) ((LHASH_OF(CONF_VALUE) *)OPENSSL_LH_set_thunks(OPENSSL_LH_new(ossl_check_CONF_VALUE_lh_hashfunc_type(hfn), ossl_check_CONF_VALUE_lh_compfunc_type(cmp)), lh_CONF_VALUE_hash_thunk, lh_CONF_VALUE_comp_thunk, lh_CONF_VALUE_doall_thunk, lh_CONF_VALUE_doall_arg_thunk))
#define lh_CONF_VALUE_free(lh) OPENSSL_LH_free(ossl_check_CONF_VALUE_lh_type(lh))
#define lh_CONF_VALUE_flush(lh) OPENSSL_LH_flush(ossl_check_CONF_VALUE_lh_type(lh))
#define lh_CONF_VALUE_insert(lh, ptr) ((CONF_VALUE *)OPENSSL_LH_insert(ossl_check_CONF_VALUE_lh_type(lh), ossl_check_CONF_VALUE_lh_plain_type(ptr)))

80
crypto/openssl/include/openssl/configuration.h
View file

@ -27,7 +27,7 @@ extern "C" {
* OpenSSL was configured with the following options:
*/
# define OPENSSL_CONFIGURED_API 30000
# define OPENSSL_CONFIGURED_API 30500
# ifndef OPENSSL_RAND_SEED_OS
# define OPENSSL_RAND_SEED_OS
# endif
@ -43,16 +43,20 @@ extern "C" {
# ifndef OPENSSL_NO_ASAN
# define OPENSSL_NO_ASAN
# endif
# ifndef OPENSSL_NO_BROTLI
# define OPENSSL_NO_BROTLI
# endif
# ifndef OPENSSL_NO_BROTLI_DYNAMIC
# define OPENSSL_NO_BROTLI_DYNAMIC
# endif
# ifndef OPENSSL_NO_CRYPTO_MDEBUG
# define OPENSSL_NO_CRYPTO_MDEBUG
# endif
# ifndef OPENSSL_NO_CRYPTO_MDEBUG_BACKTRACE
# define OPENSSL_NO_CRYPTO_MDEBUG_BACKTRACE
# endif
# if !defined(__LP64__) || __BYTE_ORDER__ != __ORDER_LITTLE_ENDIAN__
# ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
# define OPENSSL_NO_EC_NISTP_64_GCC_128
# endif
# ifndef OPENSSL_NO_DEMOS
# define OPENSSL_NO_DEMOS
# endif
# ifndef OPENSSL_NO_EGD
# define OPENSSL_NO_EGD
@ -60,15 +64,30 @@ extern "C" {
# ifndef OPENSSL_NO_EXTERNAL_TESTS
# define OPENSSL_NO_EXTERNAL_TESTS
# endif
# ifndef OPENSSL_NO_FIPS_JITTER
# define OPENSSL_NO_FIPS_JITTER
# endif
# ifndef OPENSSL_NO_FUZZ_AFL
# define OPENSSL_NO_FUZZ_AFL
# endif
# ifndef OPENSSL_NO_FUZZ_LIBFUZZER
# define OPENSSL_NO_FUZZ_LIBFUZZER
# endif
# ifndef OPENSSL_NO_H3DEMO
# define OPENSSL_NO_H3DEMO
# endif
# ifndef OPENSSL_NO_HQINTEROP
# define OPENSSL_NO_HQINTEROP
# endif
# ifndef OPENSSL_NO_IDEA
# define OPENSSL_NO_IDEA
# endif
# ifndef OPENSSL_NO_JITTER
# define OPENSSL_NO_JITTER
# endif
# ifndef OPENSSL_NO_KTLS
# define OPENSSL_NO_KTLS
# endif
# ifndef OPENSSL_NO_MD2
# define OPENSSL_NO_MD2
# endif
@ -78,6 +97,9 @@ extern "C" {
# ifndef OPENSSL_NO_MSAN
# define OPENSSL_NO_MSAN
# endif
# ifndef OPENSSL_NO_PIE
# define OPENSSL_NO_PIE
# endif
# ifndef OPENSSL_NO_RC5
# define OPENSSL_NO_RC5
# endif
@ -96,6 +118,15 @@ extern "C" {
# ifndef OPENSSL_NO_SSL3_METHOD
# define OPENSSL_NO_SSL3_METHOD
# endif
# ifndef OPENSSL_NO_SSLKEYLOG
# define OPENSSL_NO_SSLKEYLOG
# endif
# ifndef OPENSSL_NO_TFO
# define OPENSSL_NO_TFO
# endif
# ifndef OPENSSL_NO_TLS_DEPRECATED_EC
# define OPENSSL_NO_TLS_DEPRECATED_EC
# endif
# ifndef OPENSSL_NO_TRACE
# define OPENSSL_NO_TRACE
# endif
@ -111,6 +142,21 @@ extern "C" {
# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
# define OPENSSL_NO_WEAK_SSL_CIPHERS
# endif
# ifndef OPENSSL_NO_WINSTORE
# define OPENSSL_NO_WINSTORE
# endif
# ifndef OPENSSL_NO_ZLIB
# define OPENSSL_NO_ZLIB
# endif
# ifndef OPENSSL_NO_ZLIB_DYNAMIC
# define OPENSSL_NO_ZLIB_DYNAMIC
# endif
# ifndef OPENSSL_NO_ZSTD
# define OPENSSL_NO_ZSTD
# endif
# ifndef OPENSSL_NO_ZSTD_DYNAMIC
# define OPENSSL_NO_ZSTD_DYNAMIC
# endif
# ifndef OPENSSL_NO_STATIC_ENGINE
# define OPENSSL_NO_STATIC_ENGINE
# endif
@ -123,25 +169,21 @@ extern "C" {
* The following are cipher-specific, but are part of the public API.
*/
# if !defined(OPENSSL_SYS_UEFI)
# if __SIZEOF_LONG__ == 8
# undef BN_LLONG
# undef BN_LLONG
/* Only one for the following should be defined */
# define SIXTY_FOUR_BIT_LONG
# undef SIXTY_FOUR_BIT
# undef THIRTY_TWO_BIT
# elif __SIZEOF_LONG__ == 4
# define BN_LLONG
/* Only one for the following should be defined */
# undef SIXTY_FOUR_BIT_LONG
# undef SIXTY_FOUR_BIT
# define THIRTY_TWO_BIT
# else
# error Unsupported size of long
# endif
# define SIXTY_FOUR_BIT_LONG
# undef SIXTY_FOUR_BIT
# undef THIRTY_TWO_BIT
# endif
# define RC4_INT unsigned int
# if defined(OPENSSL_NO_COMP) || (defined(OPENSSL_NO_BROTLI) && defined(OPENSSL_NO_ZSTD) && defined(OPENSSL_NO_ZLIB))
# define OPENSSL_NO_COMP_ALG
# else
# undef OPENSSL_NO_COMP_ALG
# endif
# ifdef __cplusplus
}
# endif

575
crypto/openssl/include/openssl/core_names.h Normal file
View file

@ -0,0 +1,575 @@
/*
* WARNING: do not edit!
* Generated by Makefile from include/openssl/core_names.h.in
*
* Copyright 2019-2025 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OPENSSL_CORE_NAMES_H
# define OPENSSL_CORE_NAMES_H
# pragma once
# ifdef __cplusplus
extern "C" {
# endif
/* OSSL_CIPHER_PARAM_CTS_MODE Values */
# define OSSL_CIPHER_CTS_MODE_CS1 "CS1"
# define OSSL_CIPHER_CTS_MODE_CS2 "CS2"
# define OSSL_CIPHER_CTS_MODE_CS3 "CS3"
/* Known CIPHER names (not a complete list) */
# define OSSL_CIPHER_NAME_AES_128_GCM_SIV "AES-128-GCM-SIV"
# define OSSL_CIPHER_NAME_AES_192_GCM_SIV "AES-192-GCM-SIV"
# define OSSL_CIPHER_NAME_AES_256_GCM_SIV "AES-256-GCM-SIV"
/* Known DIGEST names (not a complete list) */
# define OSSL_DIGEST_NAME_MD5 "MD5"
# define OSSL_DIGEST_NAME_MD5_SHA1 "MD5-SHA1"
# define OSSL_DIGEST_NAME_SHA1 "SHA1"
# define OSSL_DIGEST_NAME_SHA2_224 "SHA2-224"
# define OSSL_DIGEST_NAME_SHA2_256 "SHA2-256"
# define OSSL_DIGEST_NAME_SHA2_256_192 "SHA2-256/192"
# define OSSL_DIGEST_NAME_SHA2_384 "SHA2-384"
# define OSSL_DIGEST_NAME_SHA2_512 "SHA2-512"
# define OSSL_DIGEST_NAME_SHA2_512_224 "SHA2-512/224"
# define OSSL_DIGEST_NAME_SHA2_512_256 "SHA2-512/256"
# define OSSL_DIGEST_NAME_MD2 "MD2"
# define OSSL_DIGEST_NAME_MD4 "MD4"
# define OSSL_DIGEST_NAME_MDC2 "MDC2"
# define OSSL_DIGEST_NAME_RIPEMD160 "RIPEMD160"
# define OSSL_DIGEST_NAME_SHA3_224 "SHA3-224"
# define OSSL_DIGEST_NAME_SHA3_256 "SHA3-256"
# define OSSL_DIGEST_NAME_SHA3_384 "SHA3-384"
# define OSSL_DIGEST_NAME_SHA3_512 "SHA3-512"
# define OSSL_DIGEST_NAME_KECCAK_KMAC128 "KECCAK-KMAC-128"
# define OSSL_DIGEST_NAME_KECCAK_KMAC256 "KECCAK-KMAC-256"
# define OSSL_DIGEST_NAME_SM3 "SM3"
/* Known MAC names */
# define OSSL_MAC_NAME_BLAKE2BMAC "BLAKE2BMAC"
# define OSSL_MAC_NAME_BLAKE2SMAC "BLAKE2SMAC"
# define OSSL_MAC_NAME_CMAC "CMAC"
# define OSSL_MAC_NAME_GMAC "GMAC"
# define OSSL_MAC_NAME_HMAC "HMAC"
# define OSSL_MAC_NAME_KMAC128 "KMAC128"
# define OSSL_MAC_NAME_KMAC256 "KMAC256"
# define OSSL_MAC_NAME_POLY1305 "POLY1305"
# define OSSL_MAC_NAME_SIPHASH "SIPHASH"
/* Known KDF names */
# define OSSL_KDF_NAME_HKDF "HKDF"
# define OSSL_KDF_NAME_TLS1_3_KDF "TLS13-KDF"
# define OSSL_KDF_NAME_PBKDF1 "PBKDF1"
# define OSSL_KDF_NAME_PBKDF2 "PBKDF2"
# define OSSL_KDF_NAME_SCRYPT "SCRYPT"
# define OSSL_KDF_NAME_SSHKDF "SSHKDF"
# define OSSL_KDF_NAME_SSKDF "SSKDF"
# define OSSL_KDF_NAME_TLS1_PRF "TLS1-PRF"
# define OSSL_KDF_NAME_X942KDF_ASN1 "X942KDF-ASN1"
# define OSSL_KDF_NAME_X942KDF_CONCAT "X942KDF-CONCAT"
# define OSSL_KDF_NAME_X963KDF "X963KDF"
# define OSSL_KDF_NAME_KBKDF "KBKDF"
# define OSSL_KDF_NAME_KRB5KDF "KRB5KDF"
# define OSSL_KDF_NAME_HMACDRBGKDF "HMAC-DRBG-KDF"
/* RSA padding modes */
# define OSSL_PKEY_RSA_PAD_MODE_NONE "none"
# define OSSL_PKEY_RSA_PAD_MODE_PKCSV15 "pkcs1"
# define OSSL_PKEY_RSA_PAD_MODE_OAEP "oaep"
# define OSSL_PKEY_RSA_PAD_MODE_X931 "x931"
# define OSSL_PKEY_RSA_PAD_MODE_PSS "pss"
/* RSA pss padding salt length */
# define OSSL_PKEY_RSA_PSS_SALT_LEN_DIGEST "digest"
# define OSSL_PKEY_RSA_PSS_SALT_LEN_MAX "max"
# define OSSL_PKEY_RSA_PSS_SALT_LEN_AUTO "auto"
# define OSSL_PKEY_RSA_PSS_SALT_LEN_AUTO_DIGEST_MAX "auto-digestmax"
/* OSSL_PKEY_PARAM_EC_ENCODING values */
# define OSSL_PKEY_EC_ENCODING_EXPLICIT "explicit"
# define OSSL_PKEY_EC_ENCODING_GROUP "named_curve"
# define OSSL_PKEY_EC_POINT_CONVERSION_FORMAT_UNCOMPRESSED "uncompressed"
# define OSSL_PKEY_EC_POINT_CONVERSION_FORMAT_COMPRESSED "compressed"
# define OSSL_PKEY_EC_POINT_CONVERSION_FORMAT_HYBRID "hybrid"
# define OSSL_PKEY_EC_GROUP_CHECK_DEFAULT "default"
# define OSSL_PKEY_EC_GROUP_CHECK_NAMED "named"
# define OSSL_PKEY_EC_GROUP_CHECK_NAMED_NIST "named-nist"
/* PROV_SKEY well known key types */
# define OSSL_SKEY_TYPE_GENERIC "GENERIC-SECRET"
# define OSSL_SKEY_TYPE_AES "AES"
/* OSSL_KEM_PARAM_OPERATION values */
#define OSSL_KEM_PARAM_OPERATION_RSASVE "RSASVE"
#define OSSL_KEM_PARAM_OPERATION_DHKEM "DHKEM"
/* Provider configuration variables */
#define OSSL_PKEY_RETAIN_SEED "pkey_retain_seed"
/* Parameter name definitions - generated by util/perl/OpenSSL/paramnames.pm */
# define OSSL_ALG_PARAM_ALGORITHM_ID "algorithm-id"
# define OSSL_ALG_PARAM_ALGORITHM_ID_PARAMS "algorithm-id-params"
# define OSSL_ALG_PARAM_CIPHER "cipher"
# define OSSL_ALG_PARAM_DIGEST "digest"
# define OSSL_ALG_PARAM_ENGINE "engine"
# define OSSL_ALG_PARAM_FIPS_APPROVED_INDICATOR "fips-indicator"
# define OSSL_ALG_PARAM_MAC "mac"
# define OSSL_ALG_PARAM_PROPERTIES "properties"
# define OSSL_ASYM_CIPHER_PARAM_DIGEST OSSL_PKEY_PARAM_DIGEST
# define OSSL_ASYM_CIPHER_PARAM_ENGINE OSSL_PKEY_PARAM_ENGINE
# define OSSL_ASYM_CIPHER_PARAM_FIPS_APPROVED_INDICATOR OSSL_ALG_PARAM_FIPS_APPROVED_INDICATOR
# define OSSL_ASYM_CIPHER_PARAM_FIPS_KEY_CHECK OSSL_PKEY_PARAM_FIPS_KEY_CHECK
# define OSSL_ASYM_CIPHER_PARAM_FIPS_RSA_PKCS15_PAD_DISABLED OSSL_PROV_PARAM_RSA_PKCS15_PAD_DISABLED
# define OSSL_ASYM_CIPHER_PARAM_IMPLICIT_REJECTION "implicit-rejection"
# define OSSL_ASYM_CIPHER_PARAM_MGF1_DIGEST OSSL_PKEY_PARAM_MGF1_DIGEST
# define OSSL_ASYM_CIPHER_PARAM_MGF1_DIGEST_PROPS OSSL_PKEY_PARAM_MGF1_PROPERTIES
# define OSSL_ASYM_CIPHER_PARAM_OAEP_DIGEST OSSL_ALG_PARAM_DIGEST
# define OSSL_ASYM_CIPHER_PARAM_OAEP_DIGEST_PROPS "digest-props"
# define OSSL_ASYM_CIPHER_PARAM_OAEP_LABEL "oaep-label"
# define OSSL_ASYM_CIPHER_PARAM_PAD_MODE OSSL_PKEY_PARAM_PAD_MODE
# define OSSL_ASYM_CIPHER_PARAM_PROPERTIES OSSL_PKEY_PARAM_PROPERTIES
# define OSSL_ASYM_CIPHER_PARAM_TLS_CLIENT_VERSION "tls-client-version"
# define OSSL_ASYM_CIPHER_PARAM_TLS_NEGOTIATED_VERSION "tls-negotiated-version"
# define OSSL_CAPABILITY_TLS_GROUP_ALG "tls-group-alg"
# define OSSL_CAPABILITY_TLS_GROUP_ID "tls-group-id"
# define OSSL_CAPABILITY_TLS_GROUP_IS_KEM "tls-group-is-kem"
# define OSSL_CAPABILITY_TLS_GROUP_MAX_DTLS "tls-max-dtls"
# define OSSL_CAPABILITY_TLS_GROUP_MAX_TLS "tls-max-tls"
# define OSSL_CAPABILITY_TLS_GROUP_MIN_DTLS "tls-min-dtls"
# define OSSL_CAPABILITY_TLS_GROUP_MIN_TLS "tls-min-tls"
# define OSSL_CAPABILITY_TLS_GROUP_NAME "tls-group-name"
# define OSSL_CAPABILITY_TLS_GROUP_NAME_INTERNAL "tls-group-name-internal"
# define OSSL_CAPABILITY_TLS_GROUP_SECURITY_BITS "tls-group-sec-bits"
# define OSSL_CAPABILITY_TLS_SIGALG_CODE_POINT "tls-sigalg-code-point"
# define OSSL_CAPABILITY_TLS_SIGALG_HASH_NAME "tls-sigalg-hash-name"
# define OSSL_CAPABILITY_TLS_SIGALG_HASH_OID "tls-sigalg-hash-oid"
# define OSSL_CAPABILITY_TLS_SIGALG_IANA_NAME "tls-sigalg-iana-name"
# define OSSL_CAPABILITY_TLS_SIGALG_KEYTYPE "tls-sigalg-keytype"
# define OSSL_CAPABILITY_TLS_SIGALG_KEYTYPE_OID "tls-sigalg-keytype-oid"
# define OSSL_CAPABILITY_TLS_SIGALG_MAX_DTLS "tls-max-dtls"
# define OSSL_CAPABILITY_TLS_SIGALG_MAX_TLS "tls-max-tls"
# define OSSL_CAPABILITY_TLS_SIGALG_MIN_DTLS "tls-min-dtls"
# define OSSL_CAPABILITY_TLS_SIGALG_MIN_TLS "tls-min-tls"
# define OSSL_CAPABILITY_TLS_SIGALG_NAME "tls-sigalg-name"
# define OSSL_CAPABILITY_TLS_SIGALG_OID "tls-sigalg-oid"
# define OSSL_CAPABILITY_TLS_SIGALG_SECURITY_BITS "tls-sigalg-sec-bits"
# define OSSL_CAPABILITY_TLS_SIGALG_SIG_NAME "tls-sigalg-sig-name"
# define OSSL_CAPABILITY_TLS_SIGALG_SIG_OID "tls-sigalg-sig-oid"
# define OSSL_CIPHER_PARAM_AEAD "aead"
# define OSSL_CIPHER_PARAM_AEAD_IVLEN OSSL_CIPHER_PARAM_IVLEN
# define OSSL_CIPHER_PARAM_AEAD_IV_GENERATED "iv-generated"
# define OSSL_CIPHER_PARAM_AEAD_MAC_KEY "mackey"
# define OSSL_CIPHER_PARAM_AEAD_TAG "tag"
# define OSSL_CIPHER_PARAM_AEAD_TAGLEN "taglen"
# define OSSL_CIPHER_PARAM_AEAD_TLS1_AAD "tlsaad"
# define OSSL_CIPHER_PARAM_AEAD_TLS1_AAD_PAD "tlsaadpad"
# define OSSL_CIPHER_PARAM_AEAD_TLS1_GET_IV_GEN "tlsivgen"
# define OSSL_CIPHER_PARAM_AEAD_TLS1_IV_FIXED "tlsivfixed"
# define OSSL_CIPHER_PARAM_AEAD_TLS1_SET_IV_INV "tlsivinv"
# define OSSL_CIPHER_PARAM_ALGORITHM_ID OSSL_ALG_PARAM_ALGORITHM_ID
# define OSSL_CIPHER_PARAM_ALGORITHM_ID_PARAMS OSSL_ALG_PARAM_ALGORITHM_ID_PARAMS
# define OSSL_CIPHER_PARAM_ALGORITHM_ID_PARAMS_OLD "alg_id_param"
# define OSSL_CIPHER_PARAM_BLOCK_SIZE "blocksize"
# define OSSL_CIPHER_PARAM_CTS "cts"
# define OSSL_CIPHER_PARAM_CTS_MODE "cts_mode"
# define OSSL_CIPHER_PARAM_CUSTOM_IV "custom-iv"
# define OSSL_CIPHER_PARAM_DECRYPT_ONLY "decrypt-only"
# define OSSL_CIPHER_PARAM_FIPS_APPROVED_INDICATOR OSSL_ALG_PARAM_FIPS_APPROVED_INDICATOR
# define OSSL_CIPHER_PARAM_FIPS_ENCRYPT_CHECK "encrypt-check"
# define OSSL_CIPHER_PARAM_HAS_RAND_KEY "has-randkey"
# define OSSL_CIPHER_PARAM_IV "iv"
# define OSSL_CIPHER_PARAM_IVLEN "ivlen"
# define OSSL_CIPHER_PARAM_KEYLEN "keylen"
# define OSSL_CIPHER_PARAM_MODE "mode"
# define OSSL_CIPHER_PARAM_NUM "num"
# define OSSL_CIPHER_PARAM_PADDING "padding"
# define OSSL_CIPHER_PARAM_PIPELINE_AEAD_TAG "pipeline-tag"
# define OSSL_CIPHER_PARAM_RANDOM_KEY "randkey"
# define OSSL_CIPHER_PARAM_RC2_KEYBITS "keybits"
# define OSSL_CIPHER_PARAM_ROUNDS "rounds"
# define OSSL_CIPHER_PARAM_SPEED "speed"
# define OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK "tls-multi"
# define OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_AAD "tls1multi_aad"
# define OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_AAD_PACKLEN "tls1multi_aadpacklen"
# define OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC "tls1multi_enc"
# define OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC_IN "tls1multi_encin"
# define OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC_LEN "tls1multi_enclen"
# define OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_INTERLEAVE "tls1multi_interleave"
# define OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_MAX_BUFSIZE "tls1multi_maxbufsz"
# define OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_MAX_SEND_FRAGMENT "tls1multi_maxsndfrag"
# define OSSL_CIPHER_PARAM_TLS_MAC "tls-mac"
# define OSSL_CIPHER_PARAM_TLS_MAC_SIZE "tls-mac-size"
# define OSSL_CIPHER_PARAM_TLS_VERSION "tls-version"
# define OSSL_CIPHER_PARAM_UPDATED_IV "updated-iv"
# define OSSL_CIPHER_PARAM_USE_BITS "use-bits"
# define OSSL_CIPHER_PARAM_XTS_STANDARD "xts_standard"
# define OSSL_DECODER_PARAM_PROPERTIES OSSL_ALG_PARAM_PROPERTIES
# define OSSL_DIGEST_PARAM_ALGID_ABSENT "algid-absent"
# define OSSL_DIGEST_PARAM_BLOCK_SIZE "blocksize"
# define OSSL_DIGEST_PARAM_MICALG "micalg"
# define OSSL_DIGEST_PARAM_PAD_TYPE "pad-type"
# define OSSL_DIGEST_PARAM_SIZE "size"
# define OSSL_DIGEST_PARAM_SSL3_MS "ssl3-ms"
# define OSSL_DIGEST_PARAM_XOF "xof"
# define OSSL_DIGEST_PARAM_XOFLEN "xoflen"
# define OSSL_DRBG_PARAM_CIPHER OSSL_ALG_PARAM_CIPHER
# define OSSL_DRBG_PARAM_DIGEST OSSL_ALG_PARAM_DIGEST
# define OSSL_DRBG_PARAM_ENTROPY_REQUIRED "entropy_required"
# define OSSL_DRBG_PARAM_FIPS_APPROVED_INDICATOR OSSL_ALG_PARAM_FIPS_APPROVED_INDICATOR
# define OSSL_DRBG_PARAM_FIPS_DIGEST_CHECK OSSL_PKEY_PARAM_FIPS_DIGEST_CHECK
# define OSSL_DRBG_PARAM_MAC OSSL_ALG_PARAM_MAC
# define OSSL_DRBG_PARAM_MAX_ADINLEN "max_adinlen"
# define OSSL_DRBG_PARAM_MAX_ENTROPYLEN "max_entropylen"
# define OSSL_DRBG_PARAM_MAX_LENGTH "maxium_length"
# define OSSL_DRBG_PARAM_MAX_NONCELEN "max_noncelen"
# define OSSL_DRBG_PARAM_MAX_PERSLEN "max_perslen"
# define OSSL_DRBG_PARAM_MIN_ENTROPYLEN "min_entropylen"
# define OSSL_DRBG_PARAM_MIN_LENGTH "minium_length"
# define OSSL_DRBG_PARAM_MIN_NONCELEN "min_noncelen"
# define OSSL_DRBG_PARAM_PREDICTION_RESISTANCE "prediction_resistance"
# define OSSL_DRBG_PARAM_PROPERTIES OSSL_ALG_PARAM_PROPERTIES
# define OSSL_DRBG_PARAM_RANDOM_DATA "random_data"
# define OSSL_DRBG_PARAM_RESEED_COUNTER "reseed_counter"
# define OSSL_DRBG_PARAM_RESEED_REQUESTS "reseed_requests"
# define OSSL_DRBG_PARAM_RESEED_TIME "reseed_time"
# define OSSL_DRBG_PARAM_RESEED_TIME_INTERVAL "reseed_time_interval"
# define OSSL_DRBG_PARAM_SIZE "size"
# define OSSL_DRBG_PARAM_USE_DF "use_derivation_function"
# define OSSL_ENCODER_PARAM_CIPHER OSSL_ALG_PARAM_CIPHER
# define OSSL_ENCODER_PARAM_ENCRYPT_LEVEL "encrypt-level"
# define OSSL_ENCODER_PARAM_PROPERTIES OSSL_ALG_PARAM_PROPERTIES
# define OSSL_ENCODER_PARAM_SAVE_PARAMETERS "save-parameters"
# define OSSL_EXCHANGE_PARAM_EC_ECDH_COFACTOR_MODE "ecdh-cofactor-mode"
# define OSSL_EXCHANGE_PARAM_FIPS_APPROVED_INDICATOR OSSL_ALG_PARAM_FIPS_APPROVED_INDICATOR
# define OSSL_EXCHANGE_PARAM_FIPS_DIGEST_CHECK OSSL_PKEY_PARAM_FIPS_DIGEST_CHECK
# define OSSL_EXCHANGE_PARAM_FIPS_ECDH_COFACTOR_CHECK OSSL_PROV_PARAM_ECDH_COFACTOR_CHECK
# define OSSL_EXCHANGE_PARAM_FIPS_KEY_CHECK OSSL_PKEY_PARAM_FIPS_KEY_CHECK
# define OSSL_EXCHANGE_PARAM_KDF_DIGEST "kdf-digest"
# define OSSL_EXCHANGE_PARAM_KDF_DIGEST_PROPS "kdf-digest-props"
# define OSSL_EXCHANGE_PARAM_KDF_OUTLEN "kdf-outlen"
# define OSSL_EXCHANGE_PARAM_KDF_TYPE "kdf-type"
# define OSSL_EXCHANGE_PARAM_KDF_UKM "kdf-ukm"
# define OSSL_EXCHANGE_PARAM_PAD "pad"
# define OSSL_GEN_PARAM_ITERATION "iteration"
# define OSSL_GEN_PARAM_POTENTIAL "potential"
# define OSSL_KDF_PARAM_ARGON2_AD "ad"
# define OSSL_KDF_PARAM_ARGON2_LANES "lanes"
# define OSSL_KDF_PARAM_ARGON2_MEMCOST "memcost"
# define OSSL_KDF_PARAM_ARGON2_VERSION "version"
# define OSSL_KDF_PARAM_CEK_ALG "cekalg"
# define OSSL_KDF_PARAM_CIPHER OSSL_ALG_PARAM_CIPHER
# define OSSL_KDF_PARAM_CONSTANT "constant"
# define OSSL_KDF_PARAM_DATA "data"
# define OSSL_KDF_PARAM_DIGEST OSSL_ALG_PARAM_DIGEST
# define OSSL_KDF_PARAM_EARLY_CLEAN "early_clean"
# define OSSL_KDF_PARAM_FIPS_APPROVED_INDICATOR OSSL_ALG_PARAM_FIPS_APPROVED_INDICATOR
# define OSSL_KDF_PARAM_FIPS_DIGEST_CHECK OSSL_PKEY_PARAM_FIPS_DIGEST_CHECK
# define OSSL_KDF_PARAM_FIPS_EMS_CHECK "ems_check"
# define OSSL_KDF_PARAM_FIPS_KEY_CHECK OSSL_PKEY_PARAM_FIPS_KEY_CHECK
# define OSSL_KDF_PARAM_HMACDRBG_ENTROPY "entropy"
# define OSSL_KDF_PARAM_HMACDRBG_NONCE "nonce"
# define OSSL_KDF_PARAM_INFO "info"
# define OSSL_KDF_PARAM_ITER "iter"
# define OSSL_KDF_PARAM_KBKDF_R "r"
# define OSSL_KDF_PARAM_KBKDF_USE_L "use-l"
# define OSSL_KDF_PARAM_KBKDF_USE_SEPARATOR "use-separator"
# define OSSL_KDF_PARAM_KEY "key"
# define OSSL_KDF_PARAM_LABEL "label"
# define OSSL_KDF_PARAM_MAC OSSL_ALG_PARAM_MAC
# define OSSL_KDF_PARAM_MAC_SIZE "maclen"
# define OSSL_KDF_PARAM_MODE "mode"
# define OSSL_KDF_PARAM_PASSWORD "pass"
# define OSSL_KDF_PARAM_PKCS12_ID "id"
# define OSSL_KDF_PARAM_PKCS5 "pkcs5"
# define OSSL_KDF_PARAM_PREFIX "prefix"
# define OSSL_KDF_PARAM_PROPERTIES OSSL_ALG_PARAM_PROPERTIES
# define OSSL_KDF_PARAM_SALT "salt"
# define OSSL_KDF_PARAM_SCRYPT_MAXMEM "maxmem_bytes"
# define OSSL_KDF_PARAM_SCRYPT_N "n"
# define OSSL_KDF_PARAM_SCRYPT_P "p"
# define OSSL_KDF_PARAM_SCRYPT_R "r"
# define OSSL_KDF_PARAM_SECRET "secret"
# define OSSL_KDF_PARAM_SEED "seed"
# define OSSL_KDF_PARAM_SIZE "size"
# define OSSL_KDF_PARAM_SSHKDF_SESSION_ID "session_id"
# define OSSL_KDF_PARAM_SSHKDF_TYPE "type"
# define OSSL_KDF_PARAM_SSHKDF_XCGHASH "xcghash"
# define OSSL_KDF_PARAM_THREADS "threads"
# define OSSL_KDF_PARAM_UKM "ukm"
# define OSSL_KDF_PARAM_X942_ACVPINFO "acvp-info"
# define OSSL_KDF_PARAM_X942_PARTYUINFO "partyu-info"
# define OSSL_KDF_PARAM_X942_PARTYVINFO "partyv-info"
# define OSSL_KDF_PARAM_X942_SUPP_PRIVINFO "supp-privinfo"
# define OSSL_KDF_PARAM_X942_SUPP_PUBINFO "supp-pubinfo"
# define OSSL_KDF_PARAM_X942_USE_KEYBITS "use-keybits"
# define OSSL_KEM_PARAM_FIPS_APPROVED_INDICATOR OSSL_ALG_PARAM_FIPS_APPROVED_INDICATOR
# define OSSL_KEM_PARAM_FIPS_KEY_CHECK OSSL_PKEY_PARAM_FIPS_KEY_CHECK
# define OSSL_KEM_PARAM_IKME "ikme"
# define OSSL_KEM_PARAM_OPERATION "operation"
# define OSSL_LIBSSL_RECORD_LAYER_PARAM_BLOCK_PADDING "block_padding"
# define OSSL_LIBSSL_RECORD_LAYER_PARAM_HS_PADDING "hs_padding"
# define OSSL_LIBSSL_RECORD_LAYER_PARAM_MAX_EARLY_DATA "max_early_data"
# define OSSL_LIBSSL_RECORD_LAYER_PARAM_MAX_FRAG_LEN "max_frag_len"
# define OSSL_LIBSSL_RECORD_LAYER_PARAM_MODE "mode"
# define OSSL_LIBSSL_RECORD_LAYER_PARAM_OPTIONS "options"
# define OSSL_LIBSSL_RECORD_LAYER_PARAM_READ_AHEAD "read_ahead"
# define OSSL_LIBSSL_RECORD_LAYER_PARAM_STREAM_MAC "stream_mac"
# define OSSL_LIBSSL_RECORD_LAYER_PARAM_TLSTREE "tlstree"
# define OSSL_LIBSSL_RECORD_LAYER_PARAM_USE_ETM "use_etm"
# define OSSL_LIBSSL_RECORD_LAYER_READ_BUFFER_LEN "read_buffer_len"
# define OSSL_MAC_PARAM_BLOCK_SIZE "block-size"
# define OSSL_MAC_PARAM_CIPHER OSSL_ALG_PARAM_CIPHER
# define OSSL_MAC_PARAM_CUSTOM "custom"
# define OSSL_MAC_PARAM_C_ROUNDS "c-rounds"
# define OSSL_MAC_PARAM_DIGEST OSSL_ALG_PARAM_DIGEST
# define OSSL_MAC_PARAM_DIGEST_NOINIT "digest-noinit"
# define OSSL_MAC_PARAM_DIGEST_ONESHOT "digest-oneshot"
# define OSSL_MAC_PARAM_D_ROUNDS "d-rounds"
# define OSSL_MAC_PARAM_FIPS_APPROVED_INDICATOR OSSL_ALG_PARAM_FIPS_APPROVED_INDICATOR
# define OSSL_MAC_PARAM_FIPS_KEY_CHECK OSSL_PKEY_PARAM_FIPS_KEY_CHECK
# define OSSL_MAC_PARAM_FIPS_NO_SHORT_MAC OSSL_PROV_PARAM_NO_SHORT_MAC
# define OSSL_MAC_PARAM_IV "iv"
# define OSSL_MAC_PARAM_KEY "key"
# define OSSL_MAC_PARAM_PROPERTIES OSSL_ALG_PARAM_PROPERTIES
# define OSSL_MAC_PARAM_SALT "salt"
# define OSSL_MAC_PARAM_SIZE "size"
# define OSSL_MAC_PARAM_TLS_DATA_SIZE "tls-data-size"
# define OSSL_MAC_PARAM_XOF "xof"
# define OSSL_OBJECT_PARAM_DATA "data"
# define OSSL_OBJECT_PARAM_DATA_STRUCTURE "data-structure"
# define OSSL_OBJECT_PARAM_DATA_TYPE "data-type"
# define OSSL_OBJECT_PARAM_DESC "desc"
# define OSSL_OBJECT_PARAM_INPUT_TYPE "input-type"
# define OSSL_OBJECT_PARAM_REFERENCE "reference"
# define OSSL_OBJECT_PARAM_TYPE "type"
# define OSSL_PASSPHRASE_PARAM_INFO "info"
# define OSSL_PKEY_PARAM_ALGORITHM_ID OSSL_ALG_PARAM_ALGORITHM_ID
# define OSSL_PKEY_PARAM_ALGORITHM_ID_PARAMS OSSL_ALG_PARAM_ALGORITHM_ID_PARAMS
# define OSSL_PKEY_PARAM_BITS "bits"
# define OSSL_PKEY_PARAM_CIPHER OSSL_ALG_PARAM_CIPHER
# define OSSL_PKEY_PARAM_DEFAULT_DIGEST "default-digest"
# define OSSL_PKEY_PARAM_DHKEM_IKM "dhkem-ikm"
# define OSSL_PKEY_PARAM_DH_GENERATOR "safeprime-generator"
# define OSSL_PKEY_PARAM_DH_PRIV_LEN "priv_len"
# define OSSL_PKEY_PARAM_DIGEST OSSL_ALG_PARAM_DIGEST
# define OSSL_PKEY_PARAM_DIGEST_SIZE "digest-size"
# define OSSL_PKEY_PARAM_DIST_ID "distid"
# define OSSL_PKEY_PARAM_EC_A "a"
# define OSSL_PKEY_PARAM_EC_B "b"
# define OSSL_PKEY_PARAM_EC_CHAR2_M "m"
# define OSSL_PKEY_PARAM_EC_CHAR2_PP_K1 "k1"
# define OSSL_PKEY_PARAM_EC_CHAR2_PP_K2 "k2"
# define OSSL_PKEY_PARAM_EC_CHAR2_PP_K3 "k3"
# define OSSL_PKEY_PARAM_EC_CHAR2_TP_BASIS "tp"
# define OSSL_PKEY_PARAM_EC_CHAR2_TYPE "basis-type"
# define OSSL_PKEY_PARAM_EC_COFACTOR "cofactor"
# define OSSL_PKEY_PARAM_EC_DECODED_FROM_EXPLICIT_PARAMS "decoded-from-explicit"
# define OSSL_PKEY_PARAM_EC_ENCODING "encoding"
# define OSSL_PKEY_PARAM_EC_FIELD_TYPE "field-type"
# define OSSL_PKEY_PARAM_EC_GENERATOR "generator"
# define OSSL_PKEY_PARAM_EC_GROUP_CHECK_TYPE "group-check"
# define OSSL_PKEY_PARAM_EC_INCLUDE_PUBLIC "include-public"
# define OSSL_PKEY_PARAM_EC_ORDER "order"
# define OSSL_PKEY_PARAM_EC_P "p"
# define OSSL_PKEY_PARAM_EC_POINT_CONVERSION_FORMAT "point-format"
# define OSSL_PKEY_PARAM_EC_PUB_X "qx"
# define OSSL_PKEY_PARAM_EC_PUB_Y "qy"
# define OSSL_PKEY_PARAM_EC_SEED "seed"
# define OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY "encoded-pub-key"
# define OSSL_PKEY_PARAM_ENGINE OSSL_ALG_PARAM_ENGINE
# define OSSL_PKEY_PARAM_FFC_COFACTOR "j"
# define OSSL_PKEY_PARAM_FFC_DIGEST OSSL_PKEY_PARAM_DIGEST
# define OSSL_PKEY_PARAM_FFC_DIGEST_PROPS OSSL_PKEY_PARAM_PROPERTIES
# define OSSL_PKEY_PARAM_FFC_G "g"
# define OSSL_PKEY_PARAM_FFC_GINDEX "gindex"
# define OSSL_PKEY_PARAM_FFC_H "hindex"
# define OSSL_PKEY_PARAM_FFC_P "p"
# define OSSL_PKEY_PARAM_FFC_PBITS "pbits"
# define OSSL_PKEY_PARAM_FFC_PCOUNTER "pcounter"
# define OSSL_PKEY_PARAM_FFC_Q "q"
# define OSSL_PKEY_PARAM_FFC_QBITS "qbits"
# define OSSL_PKEY_PARAM_FFC_SEED "seed"
# define OSSL_PKEY_PARAM_FFC_TYPE "type"
# define OSSL_PKEY_PARAM_FFC_VALIDATE_G "validate-g"
# define OSSL_PKEY_PARAM_FFC_VALIDATE_LEGACY "validate-legacy"
# define OSSL_PKEY_PARAM_FFC_VALIDATE_PQ "validate-pq"
# define OSSL_PKEY_PARAM_FIPS_APPROVED_INDICATOR OSSL_ALG_PARAM_FIPS_APPROVED_INDICATOR
# define OSSL_PKEY_PARAM_FIPS_DIGEST_CHECK "digest-check"
# define OSSL_PKEY_PARAM_FIPS_KEY_CHECK "key-check"
# define OSSL_PKEY_PARAM_FIPS_SIGN_CHECK "sign-check"
# define OSSL_PKEY_PARAM_GROUP_NAME "group"
# define OSSL_PKEY_PARAM_IMPLICIT_REJECTION "implicit-rejection"
# define OSSL_PKEY_PARAM_MANDATORY_DIGEST "mandatory-digest"
# define OSSL_PKEY_PARAM_MASKGENFUNC "mgf"
# define OSSL_PKEY_PARAM_MAX_SIZE "max-size"
# define OSSL_PKEY_PARAM_MGF1_DIGEST "mgf1-digest"
# define OSSL_PKEY_PARAM_MGF1_PROPERTIES "mgf1-properties"
# define OSSL_PKEY_PARAM_ML_DSA_INPUT_FORMATS "ml-dsa.input_formats"
# define OSSL_PKEY_PARAM_ML_DSA_OUTPUT_FORMATS "ml-dsa.output_formats"
# define OSSL_PKEY_PARAM_ML_DSA_PREFER_SEED "ml-dsa.prefer_seed"
# define OSSL_PKEY_PARAM_ML_DSA_RETAIN_SEED "ml-dsa.retain_seed"
# define OSSL_PKEY_PARAM_ML_DSA_SEED "seed"
# define OSSL_PKEY_PARAM_ML_KEM_IMPORT_PCT_TYPE "ml-kem.import_pct_type"
# define OSSL_PKEY_PARAM_ML_KEM_INPUT_FORMATS "ml-kem.input_formats"
# define OSSL_PKEY_PARAM_ML_KEM_OUTPUT_FORMATS "ml-kem.output_formats"
# define OSSL_PKEY_PARAM_ML_KEM_PREFER_SEED "ml-kem.prefer_seed"
# define OSSL_PKEY_PARAM_ML_KEM_RETAIN_SEED "ml-kem.retain_seed"
# define OSSL_PKEY_PARAM_ML_KEM_SEED "seed"
# define OSSL_PKEY_PARAM_PAD_MODE "pad-mode"
# define OSSL_PKEY_PARAM_PRIV_KEY "priv"
# define OSSL_PKEY_PARAM_PROPERTIES OSSL_ALG_PARAM_PROPERTIES
# define OSSL_PKEY_PARAM_PUB_KEY "pub"
# define OSSL_PKEY_PARAM_RSA_BITS OSSL_PKEY_PARAM_BITS
# define OSSL_PKEY_PARAM_RSA_COEFFICIENT "rsa-coefficient"
# define OSSL_PKEY_PARAM_RSA_COEFFICIENT1 "rsa-coefficient1"
# define OSSL_PKEY_PARAM_RSA_COEFFICIENT2 "rsa-coefficient2"
# define OSSL_PKEY_PARAM_RSA_COEFFICIENT3 "rsa-coefficient3"
# define OSSL_PKEY_PARAM_RSA_COEFFICIENT4 "rsa-coefficient4"
# define OSSL_PKEY_PARAM_RSA_COEFFICIENT5 "rsa-coefficient5"
# define OSSL_PKEY_PARAM_RSA_COEFFICIENT6 "rsa-coefficient6"
# define OSSL_PKEY_PARAM_RSA_COEFFICIENT7 "rsa-coefficient7"
# define OSSL_PKEY_PARAM_RSA_COEFFICIENT8 "rsa-coefficient8"
# define OSSL_PKEY_PARAM_RSA_COEFFICIENT9 "rsa-coefficient9"
# define OSSL_PKEY_PARAM_RSA_D "d"
# define OSSL_PKEY_PARAM_RSA_DERIVE_FROM_PQ "rsa-derive-from-pq"
# define OSSL_PKEY_PARAM_RSA_DIGEST OSSL_PKEY_PARAM_DIGEST
# define OSSL_PKEY_PARAM_RSA_DIGEST_PROPS OSSL_PKEY_PARAM_PROPERTIES
# define OSSL_PKEY_PARAM_RSA_E "e"
# define OSSL_PKEY_PARAM_RSA_EXPONENT "rsa-exponent"
# define OSSL_PKEY_PARAM_RSA_EXPONENT1 "rsa-exponent1"
# define OSSL_PKEY_PARAM_RSA_EXPONENT10 "rsa-exponent10"
# define OSSL_PKEY_PARAM_RSA_EXPONENT2 "rsa-exponent2"
# define OSSL_PKEY_PARAM_RSA_EXPONENT3 "rsa-exponent3"
# define OSSL_PKEY_PARAM_RSA_EXPONENT4 "rsa-exponent4"
# define OSSL_PKEY_PARAM_RSA_EXPONENT5 "rsa-exponent5"
# define OSSL_PKEY_PARAM_RSA_EXPONENT6 "rsa-exponent6"
# define OSSL_PKEY_PARAM_RSA_EXPONENT7 "rsa-exponent7"
# define OSSL_PKEY_PARAM_RSA_EXPONENT8 "rsa-exponent8"
# define OSSL_PKEY_PARAM_RSA_EXPONENT9 "rsa-exponent9"
# define OSSL_PKEY_PARAM_RSA_FACTOR "rsa-factor"
# define OSSL_PKEY_PARAM_RSA_FACTOR1 "rsa-factor1"
# define OSSL_PKEY_PARAM_RSA_FACTOR10 "rsa-factor10"
# define OSSL_PKEY_PARAM_RSA_FACTOR2 "rsa-factor2"
# define OSSL_PKEY_PARAM_RSA_FACTOR3 "rsa-factor3"
# define OSSL_PKEY_PARAM_RSA_FACTOR4 "rsa-factor4"
# define OSSL_PKEY_PARAM_RSA_FACTOR5 "rsa-factor5"
# define OSSL_PKEY_PARAM_RSA_FACTOR6 "rsa-factor6"
# define OSSL_PKEY_PARAM_RSA_FACTOR7 "rsa-factor7"
# define OSSL_PKEY_PARAM_RSA_FACTOR8 "rsa-factor8"
# define OSSL_PKEY_PARAM_RSA_FACTOR9 "rsa-factor9"
# define OSSL_PKEY_PARAM_RSA_MASKGENFUNC OSSL_PKEY_PARAM_MASKGENFUNC
# define OSSL_PKEY_PARAM_RSA_MGF1_DIGEST OSSL_PKEY_PARAM_MGF1_DIGEST
# define OSSL_PKEY_PARAM_RSA_N "n"
# define OSSL_PKEY_PARAM_RSA_PRIMES "primes"
# define OSSL_PKEY_PARAM_RSA_PSS_SALTLEN "saltlen"
# define OSSL_PKEY_PARAM_RSA_TEST_P1 "p1"
# define OSSL_PKEY_PARAM_RSA_TEST_P2 "p2"
# define OSSL_PKEY_PARAM_RSA_TEST_Q1 "q1"
# define OSSL_PKEY_PARAM_RSA_TEST_Q2 "q2"
# define OSSL_PKEY_PARAM_RSA_TEST_XP "xp"
# define OSSL_PKEY_PARAM_RSA_TEST_XP1 "xp1"
# define OSSL_PKEY_PARAM_RSA_TEST_XP2 "xp2"
# define OSSL_PKEY_PARAM_RSA_TEST_XQ "xq"
# define OSSL_PKEY_PARAM_RSA_TEST_XQ1 "xq1"
# define OSSL_PKEY_PARAM_RSA_TEST_XQ2 "xq2"
# define OSSL_PKEY_PARAM_SECURITY_BITS "security-bits"
# define OSSL_PKEY_PARAM_SLH_DSA_SEED "seed"
# define OSSL_PKEY_PARAM_USE_COFACTOR_ECDH OSSL_PKEY_PARAM_USE_COFACTOR_FLAG
# define OSSL_PKEY_PARAM_USE_COFACTOR_FLAG "use-cofactor-flag"
# define OSSL_PROV_PARAM_BUILDINFO "buildinfo"
# define OSSL_PROV_PARAM_CORE_MODULE_FILENAME "module-filename"
# define OSSL_PROV_PARAM_CORE_PROV_NAME "provider-name"
# define OSSL_PROV_PARAM_CORE_VERSION "openssl-version"
# define OSSL_PROV_PARAM_DRBG_TRUNC_DIGEST "drbg-no-trunc-md"
# define OSSL_PROV_PARAM_DSA_SIGN_DISABLED "dsa-sign-disabled"
# define OSSL_PROV_PARAM_ECDH_COFACTOR_CHECK "ecdh-cofactor-check"
# define OSSL_PROV_PARAM_HKDF_DIGEST_CHECK "hkdf-digest-check"
# define OSSL_PROV_PARAM_HKDF_KEY_CHECK "hkdf-key-check"
# define OSSL_PROV_PARAM_HMAC_KEY_CHECK "hmac-key-check"
# define OSSL_PROV_PARAM_KBKDF_KEY_CHECK "kbkdf-key-check"
# define OSSL_PROV_PARAM_KMAC_KEY_CHECK "kmac-key-check"
# define OSSL_PROV_PARAM_NAME "name"
# define OSSL_PROV_PARAM_NO_SHORT_MAC "no-short-mac"
# define OSSL_PROV_PARAM_PBKDF2_LOWER_BOUND_CHECK "pbkdf2-lower-bound-check"
# define OSSL_PROV_PARAM_RSA_PKCS15_PAD_DISABLED "rsa-pkcs15-pad-disabled"
# define OSSL_PROV_PARAM_RSA_PSS_SALTLEN_CHECK "rsa-pss-saltlen-check"
# define OSSL_PROV_PARAM_RSA_SIGN_X931_PAD_DISABLED "rsa-sign-x931-pad-disabled"
# define OSSL_PROV_PARAM_SECURITY_CHECKS "security-checks"
# define OSSL_PROV_PARAM_SELF_TEST_DESC "st-desc"
# define OSSL_PROV_PARAM_SELF_TEST_PHASE "st-phase"
# define OSSL_PROV_PARAM_SELF_TEST_TYPE "st-type"
# define OSSL_PROV_PARAM_SIGNATURE_DIGEST_CHECK "signature-digest-check"
# define OSSL_PROV_PARAM_SSHKDF_DIGEST_CHECK "sshkdf-digest-check"
# define OSSL_PROV_PARAM_SSHKDF_KEY_CHECK "sshkdf-key-check"
# define OSSL_PROV_PARAM_SSKDF_DIGEST_CHECK "sskdf-digest-check"
# define OSSL_PROV_PARAM_SSKDF_KEY_CHECK "sskdf-key-check"
# define OSSL_PROV_PARAM_STATUS "status"
# define OSSL_PROV_PARAM_TDES_ENCRYPT_DISABLED "tdes-encrypt-disabled"
# define OSSL_PROV_PARAM_TLS13_KDF_DIGEST_CHECK "tls13-kdf-digest-check"
# define OSSL_PROV_PARAM_TLS13_KDF_KEY_CHECK "tls13-kdf-key-check"
# define OSSL_PROV_PARAM_TLS1_PRF_DIGEST_CHECK "tls1-prf-digest-check"
# define OSSL_PROV_PARAM_TLS1_PRF_EMS_CHECK "tls1-prf-ems-check"
# define OSSL_PROV_PARAM_TLS1_PRF_KEY_CHECK "tls1-prf-key-check"
# define OSSL_PROV_PARAM_VERSION "version"
# define OSSL_PROV_PARAM_X942KDF_KEY_CHECK "x942kdf-key-check"
# define OSSL_PROV_PARAM_X963KDF_DIGEST_CHECK "x963kdf-digest-check"
# define OSSL_PROV_PARAM_X963KDF_KEY_CHECK "x963kdf-key-check"
# define OSSL_RAND_PARAM_FIPS_APPROVED_INDICATOR OSSL_ALG_PARAM_FIPS_APPROVED_INDICATOR
# define OSSL_RAND_PARAM_GENERATE "generate"
# define OSSL_RAND_PARAM_MAX_REQUEST "max_request"
# define OSSL_RAND_PARAM_STATE "state"
# define OSSL_RAND_PARAM_STRENGTH "strength"
# define OSSL_RAND_PARAM_TEST_ENTROPY "test_entropy"
# define OSSL_RAND_PARAM_TEST_NONCE "test_nonce"
# define OSSL_SIGNATURE_PARAM_ADD_RANDOM "additional-random"
# define OSSL_SIGNATURE_PARAM_ALGORITHM_ID OSSL_PKEY_PARAM_ALGORITHM_ID
# define OSSL_SIGNATURE_PARAM_ALGORITHM_ID_PARAMS OSSL_PKEY_PARAM_ALGORITHM_ID_PARAMS
# define OSSL_SIGNATURE_PARAM_CONTEXT_STRING "context-string"
# define OSSL_SIGNATURE_PARAM_DETERMINISTIC "deterministic"
# define OSSL_SIGNATURE_PARAM_DIGEST OSSL_PKEY_PARAM_DIGEST
# define OSSL_SIGNATURE_PARAM_DIGEST_SIZE OSSL_PKEY_PARAM_DIGEST_SIZE
# define OSSL_SIGNATURE_PARAM_FIPS_APPROVED_INDICATOR OSSL_ALG_PARAM_FIPS_APPROVED_INDICATOR
# define OSSL_SIGNATURE_PARAM_FIPS_DIGEST_CHECK OSSL_PKEY_PARAM_FIPS_DIGEST_CHECK
# define OSSL_SIGNATURE_PARAM_FIPS_KEY_CHECK OSSL_PKEY_PARAM_FIPS_KEY_CHECK
# define OSSL_SIGNATURE_PARAM_FIPS_RSA_PSS_SALTLEN_CHECK "rsa-pss-saltlen-check"
# define OSSL_SIGNATURE_PARAM_FIPS_SIGN_CHECK OSSL_PKEY_PARAM_FIPS_SIGN_CHECK
# define OSSL_SIGNATURE_PARAM_FIPS_SIGN_X931_PAD_CHECK "sign-x931-pad-check"
# define OSSL_SIGNATURE_PARAM_FIPS_VERIFY_MESSAGE "verify-message"
# define OSSL_SIGNATURE_PARAM_INSTANCE "instance"
# define OSSL_SIGNATURE_PARAM_KAT "kat"
# define OSSL_SIGNATURE_PARAM_MESSAGE_ENCODING "message-encoding"
# define OSSL_SIGNATURE_PARAM_MGF1_DIGEST OSSL_PKEY_PARAM_MGF1_DIGEST
# define OSSL_SIGNATURE_PARAM_MGF1_PROPERTIES OSSL_PKEY_PARAM_MGF1_PROPERTIES
# define OSSL_SIGNATURE_PARAM_MU "mu"
# define OSSL_SIGNATURE_PARAM_NONCE_TYPE "nonce-type"
# define OSSL_SIGNATURE_PARAM_PAD_MODE OSSL_PKEY_PARAM_PAD_MODE
# define OSSL_SIGNATURE_PARAM_PROPERTIES OSSL_PKEY_PARAM_PROPERTIES
# define OSSL_SIGNATURE_PARAM_PSS_SALTLEN "saltlen"
# define OSSL_SIGNATURE_PARAM_SIGNATURE "signature"
# define OSSL_SIGNATURE_PARAM_TEST_ENTROPY "test-entropy"
# define OSSL_SKEY_PARAM_KEY_LENGTH "key-length"
# define OSSL_SKEY_PARAM_RAW_BYTES "raw-bytes"
# define OSSL_STORE_PARAM_ALIAS "alias"
# define OSSL_STORE_PARAM_DIGEST "digest"
# define OSSL_STORE_PARAM_EXPECT "expect"
# define OSSL_STORE_PARAM_FINGERPRINT "fingerprint"
# define OSSL_STORE_PARAM_INPUT_TYPE "input-type"
# define OSSL_STORE_PARAM_ISSUER "name"
# define OSSL_STORE_PARAM_PROPERTIES "properties"
# define OSSL_STORE_PARAM_SERIAL "serial"
# define OSSL_STORE_PARAM_SUBJECT "subject"
# ifdef __cplusplus
}
# endif
#endif

67
crypto/openssl/include/openssl/crmf.h
View file

@ -2,7 +2,7 @@
* WARNING: do not edit!
* Generated by Makefile from include/openssl/crmf.h.in
*
* Copyright 2007-2021 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2007-2025 The OpenSSL Project Authors. All Rights Reserved.
* Copyright Nokia 2007-2019
* Copyright Siemens AG 2015-2019
*
@ -26,6 +26,7 @@
# include <openssl/safestack.h>
# include <openssl/crmferr.h>
# include <openssl/x509v3.h> /* for GENERAL_NAME etc. */
# include <openssl/cms.h>
/* explicit #includes not strictly needed since implied by the above: */
# include <openssl/types.h>
@ -43,9 +44,12 @@ extern "C" {
# define OSSL_CRMF_SUBSEQUENTMESSAGE_ENCRCERT 0
# define OSSL_CRMF_SUBSEQUENTMESSAGE_CHALLENGERESP 1
typedef struct ossl_crmf_encryptedvalue_st OSSL_CRMF_ENCRYPTEDVALUE;
DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_ENCRYPTEDVALUE)
typedef struct ossl_crmf_encryptedkey_st OSSL_CRMF_ENCRYPTEDKEY;
DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_ENCRYPTEDKEY)
typedef struct ossl_crmf_msg_st OSSL_CRMF_MSG;
DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_MSG)
DECLARE_ASN1_DUP_FUNCTION(OSSL_CRMF_MSG)
@ -77,6 +81,36 @@ SKM_DEFINE_STACK_OF_INTERNAL(OSSL_CRMF_MSG, OSSL_CRMF_MSG, OSSL_CRMF_MSG)
#define sk_OSSL_CRMF_MSG_set_cmp_func(sk, cmp) ((sk_OSSL_CRMF_MSG_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_OSSL_CRMF_MSG_sk_type(sk), ossl_check_OSSL_CRMF_MSG_compfunc_type(cmp)))
typedef struct ossl_crmf_attributetypeandvalue_st OSSL_CRMF_ATTRIBUTETYPEANDVALUE;
void OSSL_CRMF_ATTRIBUTETYPEANDVALUE_free(OSSL_CRMF_ATTRIBUTETYPEANDVALUE *v);
DECLARE_ASN1_DUP_FUNCTION(OSSL_CRMF_ATTRIBUTETYPEANDVALUE)
SKM_DEFINE_STACK_OF_INTERNAL(OSSL_CRMF_ATTRIBUTETYPEANDVALUE, OSSL_CRMF_ATTRIBUTETYPEANDVALUE, OSSL_CRMF_ATTRIBUTETYPEANDVALUE)
#define sk_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_num(sk) OPENSSL_sk_num(ossl_check_const_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_sk_type(sk))
#define sk_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_value(sk, idx) ((OSSL_CRMF_ATTRIBUTETYPEANDVALUE *)OPENSSL_sk_value(ossl_check_const_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_sk_type(sk), (idx)))
#define sk_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_new(cmp) ((STACK_OF(OSSL_CRMF_ATTRIBUTETYPEANDVALUE) *)OPENSSL_sk_new(ossl_check_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_compfunc_type(cmp)))
#define sk_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_new_null() ((STACK_OF(OSSL_CRMF_ATTRIBUTETYPEANDVALUE) *)OPENSSL_sk_new_null())
#define sk_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_new_reserve(cmp, n) ((STACK_OF(OSSL_CRMF_ATTRIBUTETYPEANDVALUE) *)OPENSSL_sk_new_reserve(ossl_check_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_compfunc_type(cmp), (n)))
#define sk_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_sk_type(sk), (n))
#define sk_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_free(sk) OPENSSL_sk_free(ossl_check_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_sk_type(sk))
#define sk_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_zero(sk) OPENSSL_sk_zero(ossl_check_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_sk_type(sk))
#define sk_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_delete(sk, i) ((OSSL_CRMF_ATTRIBUTETYPEANDVALUE *)OPENSSL_sk_delete(ossl_check_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_sk_type(sk), (i)))
#define sk_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_delete_ptr(sk, ptr) ((OSSL_CRMF_ATTRIBUTETYPEANDVALUE *)OPENSSL_sk_delete_ptr(ossl_check_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_sk_type(sk), ossl_check_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_type(ptr)))
#define sk_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_push(sk, ptr) OPENSSL_sk_push(ossl_check_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_sk_type(sk), ossl_check_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_type(ptr))
#define sk_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_sk_type(sk), ossl_check_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_type(ptr))
#define sk_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_pop(sk) ((OSSL_CRMF_ATTRIBUTETYPEANDVALUE *)OPENSSL_sk_pop(ossl_check_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_sk_type(sk)))
#define sk_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_shift(sk) ((OSSL_CRMF_ATTRIBUTETYPEANDVALUE *)OPENSSL_sk_shift(ossl_check_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_sk_type(sk)))
#define sk_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_sk_type(sk),ossl_check_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_freefunc_type(freefunc))
#define sk_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_sk_type(sk), ossl_check_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_type(ptr), (idx))
#define sk_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_set(sk, idx, ptr) ((OSSL_CRMF_ATTRIBUTETYPEANDVALUE *)OPENSSL_sk_set(ossl_check_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_sk_type(sk), (idx), ossl_check_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_type(ptr)))
#define sk_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_find(sk, ptr) OPENSSL_sk_find(ossl_check_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_sk_type(sk), ossl_check_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_type(ptr))
#define sk_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_sk_type(sk), ossl_check_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_type(ptr))
#define sk_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_sk_type(sk), ossl_check_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_type(ptr), pnum)
#define sk_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_sort(sk) OPENSSL_sk_sort(ossl_check_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_sk_type(sk))
#define sk_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_sk_type(sk))
#define sk_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_dup(sk) ((STACK_OF(OSSL_CRMF_ATTRIBUTETYPEANDVALUE) *)OPENSSL_sk_dup(ossl_check_const_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_sk_type(sk)))
#define sk_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(OSSL_CRMF_ATTRIBUTETYPEANDVALUE) *)OPENSSL_sk_deep_copy(ossl_check_const_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_sk_type(sk), ossl_check_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_copyfunc_type(copyfunc), ossl_check_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_freefunc_type(freefunc)))
#define sk_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_set_cmp_func(sk, cmp) ((sk_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_sk_type(sk), ossl_check_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_compfunc_type(cmp)))
typedef struct ossl_crmf_pbmparameter_st OSSL_CRMF_PBMPARAMETER;
DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_PBMPARAMETER)
typedef struct ossl_crmf_poposigningkey_st OSSL_CRMF_POPOSIGNINGKEY;
@ -118,6 +152,7 @@ typedef struct ossl_crmf_singlepubinfo_st OSSL_CRMF_SINGLEPUBINFO;
DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_SINGLEPUBINFO)
typedef struct ossl_crmf_certtemplate_st OSSL_CRMF_CERTTEMPLATE;
DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_CERTTEMPLATE)
DECLARE_ASN1_DUP_FUNCTION(OSSL_CRMF_CERTTEMPLATE)
typedef STACK_OF(OSSL_CRMF_MSG) OSSL_CRMF_MSGS;
DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_MSGS)
@ -198,12 +233,14 @@ int OSSL_CRMF_MSGS_verify_popo(const OSSL_CRMF_MSGS *reqs,
int rid, int acceptRAVerified,
OSSL_LIB_CTX *libctx, const char *propq);
OSSL_CRMF_CERTTEMPLATE *OSSL_CRMF_MSG_get0_tmpl(const OSSL_CRMF_MSG *crm);
const ASN1_INTEGER
*OSSL_CRMF_CERTTEMPLATE_get0_serialNumber(const OSSL_CRMF_CERTTEMPLATE *tmpl);
X509_PUBKEY
*OSSL_CRMF_CERTTEMPLATE_get0_publicKey(const OSSL_CRMF_CERTTEMPLATE *tmpl);
const X509_NAME
*OSSL_CRMF_CERTTEMPLATE_get0_subject(const OSSL_CRMF_CERTTEMPLATE *tmpl);
const X509_NAME
*OSSL_CRMF_CERTTEMPLATE_get0_issuer(const OSSL_CRMF_CERTTEMPLATE *tmpl);
const ASN1_INTEGER
*OSSL_CRMF_CERTTEMPLATE_get0_serialNumber(const OSSL_CRMF_CERTTEMPLATE *tmpl);
X509_EXTENSIONS
*OSSL_CRMF_CERTTEMPLATE_get0_extensions(const OSSL_CRMF_CERTTEMPLATE *tmpl);
const X509_NAME
@ -215,10 +252,24 @@ int OSSL_CRMF_CERTTEMPLATE_fill(OSSL_CRMF_CERTTEMPLATE *tmpl,
const X509_NAME *subject,
const X509_NAME *issuer,
const ASN1_INTEGER *serial);
X509
*OSSL_CRMF_ENCRYPTEDVALUE_get1_encCert(const OSSL_CRMF_ENCRYPTEDVALUE *ecert,
OSSL_LIB_CTX *libctx, const char *propq,
EVP_PKEY *pkey);
X509 *OSSL_CRMF_ENCRYPTEDVALUE_get1_encCert(const OSSL_CRMF_ENCRYPTEDVALUE *ecert,
OSSL_LIB_CTX *libctx, const char *propq,
EVP_PKEY *pkey);
X509 *OSSL_CRMF_ENCRYPTEDKEY_get1_encCert(const OSSL_CRMF_ENCRYPTEDKEY *ecert,
OSSL_LIB_CTX *libctx, const char *propq,
EVP_PKEY *pkey, unsigned int flags);
unsigned char
*OSSL_CRMF_ENCRYPTEDVALUE_decrypt(const OSSL_CRMF_ENCRYPTEDVALUE *enc,
OSSL_LIB_CTX *libctx, const char *propq,
EVP_PKEY *pkey, int *outlen);
EVP_PKEY *OSSL_CRMF_ENCRYPTEDKEY_get1_pkey(const OSSL_CRMF_ENCRYPTEDKEY *encryptedKey,
X509_STORE *ts, STACK_OF(X509) *extra, EVP_PKEY *pkey,
X509 *cert, ASN1_OCTET_STRING *secret,
OSSL_LIB_CTX *libctx, const char *propq);
int OSSL_CRMF_MSG_centralkeygen_requested(const OSSL_CRMF_MSG *crm, const X509_REQ *p10cr);
# ifndef OPENSSL_NO_CMS
OSSL_CRMF_ENCRYPTEDKEY *OSSL_CRMF_ENCRYPTEDKEY_init_envdata(CMS_EnvelopedData *envdata);
# endif
# ifdef __cplusplus
}

41
crypto/openssl/include/openssl/crypto.h
View file

@ -2,7 +2,7 @@
* WARNING: do not edit!
* Generated by Makefile from include/openssl/crypto.h.in
*
* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
@ -85,9 +85,15 @@ int CRYPTO_THREAD_unlock(CRYPTO_RWLOCK *lock);
void CRYPTO_THREAD_lock_free(CRYPTO_RWLOCK *lock);
int CRYPTO_atomic_add(int *val, int amount, int *ret, CRYPTO_RWLOCK *lock);
int CRYPTO_atomic_add64(uint64_t *val, uint64_t op, uint64_t *ret,
CRYPTO_RWLOCK *lock);
int CRYPTO_atomic_and(uint64_t *val, uint64_t op, uint64_t *ret,
CRYPTO_RWLOCK *lock);
int CRYPTO_atomic_or(uint64_t *val, uint64_t op, uint64_t *ret,
CRYPTO_RWLOCK *lock);
int CRYPTO_atomic_load(uint64_t *val, uint64_t *ret, CRYPTO_RWLOCK *lock);
int CRYPTO_atomic_load_int(int *val, int *ret, CRYPTO_RWLOCK *lock);
int CRYPTO_atomic_store(uint64_t *dst, uint64_t val, CRYPTO_RWLOCK *lock);
/* No longer needed, so this is a no-op */
#define OPENSSL_malloc_init() while(0) continue
@ -96,6 +102,9 @@ int CRYPTO_atomic_load(uint64_t *val, uint64_t *ret, CRYPTO_RWLOCK *lock);
CRYPTO_malloc(num, OPENSSL_FILE, OPENSSL_LINE)
# define OPENSSL_zalloc(num) \
CRYPTO_zalloc(num, OPENSSL_FILE, OPENSSL_LINE)
# define OPENSSL_aligned_alloc(num, alignment, freeptr) \
CRYPTO_aligned_alloc(num, alignment, freeptr, \
OPENSSL_FILE, OPENSSL_LINE)
# define OPENSSL_realloc(addr, num) \
CRYPTO_realloc(addr, num, OPENSSL_FILE, OPENSSL_LINE)
# define OPENSSL_clear_realloc(addr, old_num, num) \
@ -124,6 +133,7 @@ int CRYPTO_atomic_load(uint64_t *val, uint64_t *ret, CRYPTO_RWLOCK *lock);
size_t OPENSSL_strlcpy(char *dst, const char *src, size_t siz);
size_t OPENSSL_strlcat(char *dst, const char *src, size_t siz);
size_t OPENSSL_strnlen(const char *str, size_t maxlen);
int OPENSSL_strtoul(const char *str, char **endptr, int base, unsigned long *num);
int OPENSSL_buf2hexstr_ex(char *str, size_t str_n, size_t *strlength,
const unsigned char *buf, size_t buflen,
const char sep);
@ -160,6 +170,7 @@ const char *OpenSSL_version(int type);
# define OPENSSL_FULL_VERSION_STRING 7
# define OPENSSL_MODULES_DIR 8
# define OPENSSL_CPU_INFO 9
# define OPENSSL_WINCTX 10
const char *OPENSSL_info(int type);
/*
@ -174,6 +185,7 @@ const char *OPENSSL_info(int type);
# define OPENSSL_INFO_LIST_SEPARATOR 1006
# define OPENSSL_INFO_SEED_SOURCE 1007
# define OPENSSL_INFO_CPU_SETTINGS 1008
# define OPENSSL_INFO_WINDOWS_CONTEXT 1009
int OPENSSL_issetugid(void);
@ -341,11 +353,14 @@ void CRYPTO_get_mem_functions(CRYPTO_malloc_fn *malloc_fn,
CRYPTO_realloc_fn *realloc_fn,
CRYPTO_free_fn *free_fn);
void *CRYPTO_malloc(size_t num, const char *file, int line);
void *CRYPTO_zalloc(size_t num, const char *file, int line);
void *CRYPTO_memdup(const void *str, size_t siz, const char *file, int line);
char *CRYPTO_strdup(const char *str, const char *file, int line);
char *CRYPTO_strndup(const char *str, size_t s, const char *file, int line);
OSSL_CRYPTO_ALLOC void *CRYPTO_malloc(size_t num, const char *file, int line);
OSSL_CRYPTO_ALLOC void *CRYPTO_zalloc(size_t num, const char *file, int line);
OSSL_CRYPTO_ALLOC void *CRYPTO_aligned_alloc(size_t num, size_t align,
void **freeptr, const char *file,
int line);
OSSL_CRYPTO_ALLOC void *CRYPTO_memdup(const void *str, size_t siz, const char *file, int line);
OSSL_CRYPTO_ALLOC char *CRYPTO_strdup(const char *str, const char *file, int line);
OSSL_CRYPTO_ALLOC char *CRYPTO_strndup(const char *str, size_t s, const char *file, int line);
void CRYPTO_free(void *ptr, const char *file, int line);
void CRYPTO_clear_free(void *ptr, size_t num, const char *file, int line);
void *CRYPTO_realloc(void *addr, size_t num, const char *file, int line);
@ -354,8 +369,8 @@ void *CRYPTO_clear_realloc(void *addr, size_t old_num, size_t num,
int CRYPTO_secure_malloc_init(size_t sz, size_t minsize);
int CRYPTO_secure_malloc_done(void);
void *CRYPTO_secure_malloc(size_t num, const char *file, int line);
void *CRYPTO_secure_zalloc(size_t num, const char *file, int line);
OSSL_CRYPTO_ALLOC void *CRYPTO_secure_malloc(size_t num, const char *file, int line);
OSSL_CRYPTO_ALLOC void *CRYPTO_secure_zalloc(size_t num, const char *file, int line);
void CRYPTO_secure_free(void *ptr, const char *file, int line);
void CRYPTO_secure_clear_free(void *ptr, size_t num,
const char *file, int line);
@ -376,6 +391,9 @@ void OPENSSL_cleanse(void *ptr, size_t len);
# define CRYPTO_MEM_CHECK_ENABLE 0x2 /* Control and mode bit */
# define CRYPTO_MEM_CHECK_DISABLE 0x3 /* Control only */
/* max allowed length for value of OPENSSL_MALLOC_FAILURES env var. */
# define CRYPTO_MEM_CHECK_MAX_FS 256
void CRYPTO_get_alloc_counts(int *mcount, int *rcount, int *fcount);
# ifndef OPENSSL_NO_DEPRECATED_3_0
# define OPENSSL_mem_debug_push(info) \
@ -551,6 +569,13 @@ int OSSL_LIB_CTX_load_config(OSSL_LIB_CTX *ctx, const char *config_file);
void OSSL_LIB_CTX_free(OSSL_LIB_CTX *);
OSSL_LIB_CTX *OSSL_LIB_CTX_get0_global_default(void);
OSSL_LIB_CTX *OSSL_LIB_CTX_set0_default(OSSL_LIB_CTX *libctx);
int OSSL_LIB_CTX_get_conf_diagnostics(OSSL_LIB_CTX *ctx);
void OSSL_LIB_CTX_set_conf_diagnostics(OSSL_LIB_CTX *ctx, int value);
void OSSL_sleep(uint64_t millis);
void *OSSL_LIB_CTX_get_data(OSSL_LIB_CTX *ctx, int index);
# ifdef __cplusplus
}

2
crypto/openssl/include/openssl/ct.h
View file

@ -133,7 +133,7 @@ typedef enum {
*/
CT_POLICY_EVAL_CTX *CT_POLICY_EVAL_CTX_new_ex(OSSL_LIB_CTX *libctx,
const char *propq);
/*
* The same as CT_POLICY_EVAL_CTX_new_ex() but the default library
* context and property query string is used.

12
crypto/openssl/include/openssl/err.h
View file

@ -1,5 +1,5 @@
/*
* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -372,7 +372,7 @@ typedef struct ERR_string_data_st {
} ERR_STRING_DATA;
DEFINE_LHASH_OF_INTERNAL(ERR_STRING_DATA);
#define lh_ERR_STRING_DATA_new(hfn, cmp) ((LHASH_OF(ERR_STRING_DATA) *)OPENSSL_LH_new(ossl_check_ERR_STRING_DATA_lh_hashfunc_type(hfn), ossl_check_ERR_STRING_DATA_lh_compfunc_type(cmp)))
#define lh_ERR_STRING_DATA_new(hfn, cmp) ((LHASH_OF(ERR_STRING_DATA) *)OPENSSL_LH_set_thunks(OPENSSL_LH_new(ossl_check_ERR_STRING_DATA_lh_hashfunc_type(hfn), ossl_check_ERR_STRING_DATA_lh_compfunc_type(cmp)), lh_ERR_STRING_DATA_hash_thunk, lh_ERR_STRING_DATA_comp_thunk, lh_ERR_STRING_DATA_doall_thunk, lh_ERR_STRING_DATA_doall_arg_thunk))
#define lh_ERR_STRING_DATA_free(lh) OPENSSL_LH_free(ossl_check_ERR_STRING_DATA_lh_type(lh))
#define lh_ERR_STRING_DATA_flush(lh) OPENSSL_LH_flush(ossl_check_ERR_STRING_DATA_lh_type(lh))
#define lh_ERR_STRING_DATA_insert(lh, ptr) ((ERR_STRING_DATA *)OPENSSL_LH_insert(ossl_check_ERR_STRING_DATA_lh_type(lh), ossl_check_ERR_STRING_DATA_lh_plain_type(ptr)))
@ -496,6 +496,14 @@ int ERR_get_next_error_library(void);
int ERR_set_mark(void);
int ERR_pop_to_mark(void);
int ERR_clear_last_mark(void);
int ERR_count_to_mark(void);
int ERR_pop(void);
ERR_STATE *OSSL_ERR_STATE_new(void);
void OSSL_ERR_STATE_save(ERR_STATE *es);
void OSSL_ERR_STATE_save_to_mark(ERR_STATE *es);
void OSSL_ERR_STATE_restore(const ERR_STATE *es);
void OSSL_ERR_STATE_free(ERR_STATE *es);
#ifdef __cplusplus
}

7
crypto/openssl/include/openssl/fipskey.h
View file

@ -2,7 +2,7 @@
* WARNING: do not edit!
* Generated by Makefile from include/openssl/fipskey.h.in
*
* Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2020-2024 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -29,6 +29,11 @@ extern "C" {
*/
#define FIPS_KEY_STRING "f4556650ac31d35461610bac4ed81b1a181b2d8a43ea2854cbae22ca74560813"
/*
* The FIPS provider vendor name, as a string.
*/
#define FIPS_VENDOR "OpenSSL FIPS Provider"
# ifdef __cplusplus
}
# endif

240
crypto/openssl/include/openssl/lhash.h
View file

@ -1,5 +1,5 @@
/*
* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -24,6 +24,9 @@
# include <openssl/e_os2.h>
# include <openssl/bio.h>
# ifndef OPENSSL_NO_STDIO
# include <stdio.h>
# endif
#ifdef __cplusplus
extern "C" {
@ -31,9 +34,13 @@ extern "C" {
typedef struct lhash_node_st OPENSSL_LH_NODE;
typedef int (*OPENSSL_LH_COMPFUNC) (const void *, const void *);
typedef int (*OPENSSL_LH_COMPFUNCTHUNK) (const void *, const void *, OPENSSL_LH_COMPFUNC cfn);
typedef unsigned long (*OPENSSL_LH_HASHFUNC) (const void *);
typedef unsigned long (*OPENSSL_LH_HASHFUNCTHUNK) (const void *, OPENSSL_LH_HASHFUNC hfn);
typedef void (*OPENSSL_LH_DOALL_FUNC) (void *);
typedef void (*OPENSSL_LH_DOALL_FUNC_THUNK) (void *, OPENSSL_LH_DOALL_FUNC doall);
typedef void (*OPENSSL_LH_DOALL_FUNCARG) (void *, void *);
typedef void (*OPENSSL_LH_DOALL_FUNCARG_THUNK) (void *, void *, OPENSSL_LH_DOALL_FUNCARG doall);
typedef struct lhash_st OPENSSL_LHASH;
/*
@ -79,26 +86,40 @@ typedef struct lhash_st OPENSSL_LHASH;
int OPENSSL_LH_error(OPENSSL_LHASH *lh);
OPENSSL_LHASH *OPENSSL_LH_new(OPENSSL_LH_HASHFUNC h, OPENSSL_LH_COMPFUNC c);
OPENSSL_LHASH *OPENSSL_LH_set_thunks(OPENSSL_LHASH *lh,
OPENSSL_LH_HASHFUNCTHUNK hw,
OPENSSL_LH_COMPFUNCTHUNK cw,
OPENSSL_LH_DOALL_FUNC_THUNK daw,
OPENSSL_LH_DOALL_FUNCARG_THUNK daaw);
void OPENSSL_LH_free(OPENSSL_LHASH *lh);
void OPENSSL_LH_flush(OPENSSL_LHASH *lh);
void *OPENSSL_LH_insert(OPENSSL_LHASH *lh, void *data);
void *OPENSSL_LH_delete(OPENSSL_LHASH *lh, const void *data);
void *OPENSSL_LH_retrieve(OPENSSL_LHASH *lh, const void *data);
void OPENSSL_LH_doall(OPENSSL_LHASH *lh, OPENSSL_LH_DOALL_FUNC func);
void OPENSSL_LH_doall_arg(OPENSSL_LHASH *lh, OPENSSL_LH_DOALL_FUNCARG func, void *arg);
void OPENSSL_LH_doall_arg(OPENSSL_LHASH *lh,
OPENSSL_LH_DOALL_FUNCARG func, void *arg);
void OPENSSL_LH_doall_arg_thunk(OPENSSL_LHASH *lh,
OPENSSL_LH_DOALL_FUNCARG_THUNK daaw,
OPENSSL_LH_DOALL_FUNCARG fn, void *arg);
unsigned long OPENSSL_LH_strhash(const char *c);
unsigned long OPENSSL_LH_num_items(const OPENSSL_LHASH *lh);
unsigned long OPENSSL_LH_get_down_load(const OPENSSL_LHASH *lh);
void OPENSSL_LH_set_down_load(OPENSSL_LHASH *lh, unsigned long down_load);
# ifndef OPENSSL_NO_STDIO
void OPENSSL_LH_stats(const OPENSSL_LHASH *lh, FILE *fp);
void OPENSSL_LH_node_stats(const OPENSSL_LHASH *lh, FILE *fp);
void OPENSSL_LH_node_usage_stats(const OPENSSL_LHASH *lh, FILE *fp);
# ifndef OPENSSL_NO_DEPRECATED_3_1
OSSL_DEPRECATEDIN_3_1 void OPENSSL_LH_stats(const OPENSSL_LHASH *lh, FILE *fp);
OSSL_DEPRECATEDIN_3_1 void OPENSSL_LH_node_stats(const OPENSSL_LHASH *lh, FILE *fp);
OSSL_DEPRECATEDIN_3_1 void OPENSSL_LH_node_usage_stats(const OPENSSL_LHASH *lh, FILE *fp);
# endif
# endif
# ifndef OPENSSL_NO_DEPRECATED_3_1
OSSL_DEPRECATEDIN_3_1 void OPENSSL_LH_stats_bio(const OPENSSL_LHASH *lh, BIO *out);
OSSL_DEPRECATEDIN_3_1 void OPENSSL_LH_node_stats_bio(const OPENSSL_LHASH *lh, BIO *out);
OSSL_DEPRECATEDIN_3_1 void OPENSSL_LH_node_usage_stats_bio(const OPENSSL_LHASH *lh, BIO *out);
# endif
void OPENSSL_LH_stats_bio(const OPENSSL_LHASH *lh, BIO *out);
void OPENSSL_LH_node_stats_bio(const OPENSSL_LHASH *lh, BIO *out);
void OPENSSL_LH_node_usage_stats_bio(const OPENSSL_LHASH *lh, BIO *out);
# ifndef OPENSSL_NO_DEPRECATED_1_1_0
# define _LHASH OPENSSL_LHASH
@ -129,110 +150,190 @@ void OPENSSL_LH_node_usage_stats_bio(const OPENSSL_LHASH *lh, BIO *out);
/* Helper macro for internal use */
# define DEFINE_LHASH_OF_INTERNAL(type) \
LHASH_OF(type) { union lh_##type##_dummy { void* d1; unsigned long d2; int d3; } dummy; }; \
LHASH_OF(type) { \
union lh_##type##_dummy { void* d1; unsigned long d2; int d3; } dummy; \
}; \
typedef int (*lh_##type##_compfunc)(const type *a, const type *b); \
typedef unsigned long (*lh_##type##_hashfunc)(const type *a); \
typedef void (*lh_##type##_doallfunc)(type *a); \
static ossl_unused ossl_inline type *ossl_check_##type##_lh_plain_type(type *ptr) \
static ossl_inline unsigned long lh_##type##_hash_thunk(const void *data, OPENSSL_LH_HASHFUNC hfn) \
{ \
unsigned long (*hfn_conv)(const type *) = (unsigned long (*)(const type *))hfn; \
return hfn_conv((const type *)data); \
} \
static ossl_inline int lh_##type##_comp_thunk(const void *da, const void *db, OPENSSL_LH_COMPFUNC cfn) \
{ \
int (*cfn_conv)(const type *, const type *) = (int (*)(const type *, const type *))cfn; \
return cfn_conv((const type *)da, (const type *)db); \
} \
static ossl_inline void lh_##type##_doall_thunk(void *node, OPENSSL_LH_DOALL_FUNC doall) \
{ \
void (*doall_conv)(type *) = (void (*)(type *))doall; \
doall_conv((type *)node); \
} \
static ossl_inline void lh_##type##_doall_arg_thunk(void *node, void *arg, OPENSSL_LH_DOALL_FUNCARG doall) \
{ \
void (*doall_conv)(type *, void *) = (void (*)(type *, void *))doall; \
doall_conv((type *)node, arg); \
} \
static ossl_unused ossl_inline type *\
ossl_check_##type##_lh_plain_type(type *ptr) \
{ \
return ptr; \
} \
static ossl_unused ossl_inline const type *ossl_check_const_##type##_lh_plain_type(const type *ptr) \
static ossl_unused ossl_inline const type * \
ossl_check_const_##type##_lh_plain_type(const type *ptr) \
{ \
return ptr; \
} \
static ossl_unused ossl_inline const OPENSSL_LHASH *ossl_check_const_##type##_lh_type(const LHASH_OF(type) *lh) \
static ossl_unused ossl_inline const OPENSSL_LHASH * \
ossl_check_const_##type##_lh_type(const LHASH_OF(type) *lh) \
{ \
return (const OPENSSL_LHASH *)lh; \
} \
static ossl_unused ossl_inline OPENSSL_LHASH *ossl_check_##type##_lh_type(LHASH_OF(type) *lh) \
static ossl_unused ossl_inline OPENSSL_LHASH * \
ossl_check_##type##_lh_type(LHASH_OF(type) *lh) \
{ \
return (OPENSSL_LHASH *)lh; \
} \
static ossl_unused ossl_inline OPENSSL_LH_COMPFUNC ossl_check_##type##_lh_compfunc_type(lh_##type##_compfunc cmp) \
static ossl_unused ossl_inline OPENSSL_LH_COMPFUNC \
ossl_check_##type##_lh_compfunc_type(lh_##type##_compfunc cmp) \
{ \
return (OPENSSL_LH_COMPFUNC)cmp; \
} \
static ossl_unused ossl_inline OPENSSL_LH_HASHFUNC ossl_check_##type##_lh_hashfunc_type(lh_##type##_hashfunc hfn) \
static ossl_unused ossl_inline OPENSSL_LH_HASHFUNC \
ossl_check_##type##_lh_hashfunc_type(lh_##type##_hashfunc hfn) \
{ \
return (OPENSSL_LH_HASHFUNC)hfn; \
} \
static ossl_unused ossl_inline OPENSSL_LH_DOALL_FUNC ossl_check_##type##_lh_doallfunc_type(lh_##type##_doallfunc dfn) \
static ossl_unused ossl_inline OPENSSL_LH_DOALL_FUNC \
ossl_check_##type##_lh_doallfunc_type(lh_##type##_doallfunc dfn) \
{ \
return (OPENSSL_LH_DOALL_FUNC)dfn; \
} \
LHASH_OF(type)
# define DEFINE_LHASH_OF(type) \
LHASH_OF(type) { union lh_##type##_dummy { void* d1; unsigned long d2; int d3; } dummy; }; \
static ossl_unused ossl_inline LHASH_OF(type) *lh_##type##_new(unsigned long (*hfn)(const type *), \
int (*cfn)(const type *, const type *)) \
{ \
return (LHASH_OF(type) *) \
OPENSSL_LH_new((OPENSSL_LH_HASHFUNC)hfn, (OPENSSL_LH_COMPFUNC)cfn); \
} \
static ossl_unused ossl_inline void lh_##type##_free(LHASH_OF(type) *lh) \
{ \
OPENSSL_LH_free((OPENSSL_LHASH *)lh); \
} \
static ossl_unused ossl_inline void lh_##type##_flush(LHASH_OF(type) *lh) \
{ \
OPENSSL_LH_flush((OPENSSL_LHASH *)lh); \
} \
static ossl_unused ossl_inline type *lh_##type##_insert(LHASH_OF(type) *lh, type *d) \
{ \
return (type *)OPENSSL_LH_insert((OPENSSL_LHASH *)lh, d); \
} \
static ossl_unused ossl_inline type *lh_##type##_delete(LHASH_OF(type) *lh, const type *d) \
{ \
return (type *)OPENSSL_LH_delete((OPENSSL_LHASH *)lh, d); \
} \
static ossl_unused ossl_inline type *lh_##type##_retrieve(LHASH_OF(type) *lh, const type *d) \
{ \
return (type *)OPENSSL_LH_retrieve((OPENSSL_LHASH *)lh, d); \
} \
static ossl_unused ossl_inline int lh_##type##_error(LHASH_OF(type) *lh) \
{ \
return OPENSSL_LH_error((OPENSSL_LHASH *)lh); \
} \
static ossl_unused ossl_inline unsigned long lh_##type##_num_items(LHASH_OF(type) *lh) \
{ \
return OPENSSL_LH_num_items((OPENSSL_LHASH *)lh); \
} \
static ossl_unused ossl_inline void lh_##type##_node_stats_bio(const LHASH_OF(type) *lh, BIO *out) \
# ifndef OPENSSL_NO_DEPRECATED_3_1
# define DEFINE_LHASH_OF_DEPRECATED(type) \
static ossl_unused ossl_inline void \
lh_##type##_node_stats_bio(const LHASH_OF(type) *lh, BIO *out) \
{ \
OPENSSL_LH_node_stats_bio((const OPENSSL_LHASH *)lh, out); \
} \
static ossl_unused ossl_inline void lh_##type##_node_usage_stats_bio(const LHASH_OF(type) *lh, BIO *out) \
static ossl_unused ossl_inline void \
lh_##type##_node_usage_stats_bio(const LHASH_OF(type) *lh, BIO *out) \
{ \
OPENSSL_LH_node_usage_stats_bio((const OPENSSL_LHASH *)lh, out); \
} \
static ossl_unused ossl_inline void lh_##type##_stats_bio(const LHASH_OF(type) *lh, BIO *out) \
static ossl_unused ossl_inline void \
lh_##type##_stats_bio(const LHASH_OF(type) *lh, BIO *out) \
{ \
OPENSSL_LH_stats_bio((const OPENSSL_LHASH *)lh, out); \
}
# else
# define DEFINE_LHASH_OF_DEPRECATED(type)
# endif
# define DEFINE_LHASH_OF_EX(type) \
LHASH_OF(type) { \
union lh_##type##_dummy { void* d1; unsigned long d2; int d3; } dummy; \
}; \
static unsigned long \
lh_##type##_hfn_thunk(const void *data, OPENSSL_LH_HASHFUNC hfn) \
{ \
unsigned long (*hfn_conv)(const type *) = (unsigned long (*)(const type *))hfn; \
return hfn_conv((const type *)data); \
} \
static ossl_unused ossl_inline unsigned long lh_##type##_get_down_load(LHASH_OF(type) *lh) \
static int lh_##type##_cfn_thunk(const void *da, const void *db, OPENSSL_LH_COMPFUNC cfn) \
{ \
int (*cfn_conv)(const type *, const type *) = (int (*)(const type *, const type *))cfn; \
return cfn_conv((const type *)da, (const type *)db); \
} \
static ossl_unused ossl_inline void \
lh_##type##_free(LHASH_OF(type) *lh) \
{ \
OPENSSL_LH_free((OPENSSL_LHASH *)lh); \
} \
static ossl_unused ossl_inline void \
lh_##type##_flush(LHASH_OF(type) *lh) \
{ \
OPENSSL_LH_flush((OPENSSL_LHASH *)lh); \
} \
static ossl_unused ossl_inline type * \
lh_##type##_insert(LHASH_OF(type) *lh, type *d) \
{ \
return (type *)OPENSSL_LH_insert((OPENSSL_LHASH *)lh, d); \
} \
static ossl_unused ossl_inline type * \
lh_##type##_delete(LHASH_OF(type) *lh, const type *d) \
{ \
return (type *)OPENSSL_LH_delete((OPENSSL_LHASH *)lh, d); \
} \
static ossl_unused ossl_inline type * \
lh_##type##_retrieve(LHASH_OF(type) *lh, const type *d) \
{ \
return (type *)OPENSSL_LH_retrieve((OPENSSL_LHASH *)lh, d); \
} \
static ossl_unused ossl_inline int \
lh_##type##_error(LHASH_OF(type) *lh) \
{ \
return OPENSSL_LH_error((OPENSSL_LHASH *)lh); \
} \
static ossl_unused ossl_inline unsigned long \
lh_##type##_num_items(LHASH_OF(type) *lh) \
{ \
return OPENSSL_LH_num_items((OPENSSL_LHASH *)lh); \
} \
static ossl_unused ossl_inline unsigned long \
lh_##type##_get_down_load(LHASH_OF(type) *lh) \
{ \
return OPENSSL_LH_get_down_load((OPENSSL_LHASH *)lh); \
} \
static ossl_unused ossl_inline void lh_##type##_set_down_load(LHASH_OF(type) *lh, unsigned long dl) \
static ossl_unused ossl_inline void \
lh_##type##_set_down_load(LHASH_OF(type) *lh, unsigned long dl) \
{ \
OPENSSL_LH_set_down_load((OPENSSL_LHASH *)lh, dl); \
} \
static ossl_unused ossl_inline void lh_##type##_doall(LHASH_OF(type) *lh, \
void (*doall)(type *)) \
static ossl_unused ossl_inline void \
lh_##type##_doall_thunk(void *node, OPENSSL_LH_DOALL_FUNC doall) \
{ \
void (*doall_conv)(type *) = (void (*)(type *))doall; \
doall_conv((type *)node); \
} \
static ossl_unused ossl_inline void \
lh_##type##_doall_arg_thunk(void *node, void *arg, OPENSSL_LH_DOALL_FUNCARG doall) \
{ \
void (*doall_conv)(type *, void *) = (void (*)(type *, void *))doall; \
doall_conv((type *)node, arg); \
} \
static ossl_unused ossl_inline void \
lh_##type##_doall(LHASH_OF(type) *lh, void (*doall)(type *)) \
{ \
OPENSSL_LH_doall((OPENSSL_LHASH *)lh, (OPENSSL_LH_DOALL_FUNC)doall); \
} \
static ossl_unused ossl_inline void lh_##type##_doall_arg(LHASH_OF(type) *lh, \
void (*doallarg)(type *, void *), \
void *arg) \
static ossl_unused ossl_inline LHASH_OF(type) * \
lh_##type##_new(unsigned long (*hfn)(const type *), \
int (*cfn)(const type *, const type *)) \
{ \
return (LHASH_OF(type) *)OPENSSL_LH_set_thunks(OPENSSL_LH_new((OPENSSL_LH_HASHFUNC)hfn, (OPENSSL_LH_COMPFUNC)cfn), \
lh_##type##_hfn_thunk, lh_##type##_cfn_thunk, \
lh_##type##_doall_thunk, \
lh_##type##_doall_arg_thunk); \
} \
static ossl_unused ossl_inline void \
lh_##type##_doall_arg(LHASH_OF(type) *lh, \
void (*doallarg)(type *, void *), void *arg) \
{ \
OPENSSL_LH_doall_arg((OPENSSL_LHASH *)lh, \
(OPENSSL_LH_DOALL_FUNCARG)doallarg, arg); \
} \
LHASH_OF(type)
# define DEFINE_LHASH_OF(type) \
DEFINE_LHASH_OF_EX(type); \
DEFINE_LHASH_OF_DEPRECATED(type) \
LHASH_OF(type)
#define IMPLEMENT_LHASH_DOALL_ARG_CONST(type, argtype) \
int_implement_lhash_doall(type, argtype, const type)
@ -240,17 +341,26 @@ void OPENSSL_LH_node_usage_stats_bio(const OPENSSL_LHASH *lh, BIO *out);
int_implement_lhash_doall(type, argtype, type)
#define int_implement_lhash_doall(type, argtype, cbargtype) \
static ossl_unused ossl_inline void \
lh_##type##_doall_##argtype##_thunk(void *node, void *arg, OPENSSL_LH_DOALL_FUNCARG fn) \
{ \
void (*fn_conv)(cbargtype *, argtype *) = (void (*)(cbargtype *, argtype *))fn; \
fn_conv((cbargtype *)node, (argtype *)arg); \
} \
static ossl_unused ossl_inline void \
lh_##type##_doall_##argtype(LHASH_OF(type) *lh, \
void (*fn)(cbargtype *, argtype *), \
argtype *arg) \
{ \
OPENSSL_LH_doall_arg((OPENSSL_LHASH *)lh, (OPENSSL_LH_DOALL_FUNCARG)fn, (void *)arg); \
OPENSSL_LH_doall_arg_thunk((OPENSSL_LHASH *)lh, \
lh_##type##_doall_##argtype##_thunk, \
(OPENSSL_LH_DOALL_FUNCARG)fn, \
(void *)arg); \
} \
LHASH_OF(type)
DEFINE_LHASH_OF_INTERNAL(OPENSSL_STRING);
#define lh_OPENSSL_STRING_new(hfn, cmp) ((LHASH_OF(OPENSSL_STRING) *)OPENSSL_LH_new(ossl_check_OPENSSL_STRING_lh_hashfunc_type(hfn), ossl_check_OPENSSL_STRING_lh_compfunc_type(cmp)))
#define lh_OPENSSL_STRING_new(hfn, cmp) ((LHASH_OF(OPENSSL_STRING) *)OPENSSL_LH_set_thunks(OPENSSL_LH_new(ossl_check_OPENSSL_STRING_lh_hashfunc_type(hfn), ossl_check_OPENSSL_STRING_lh_compfunc_type(cmp)), lh_OPENSSL_STRING_hash_thunk, lh_OPENSSL_STRING_comp_thunk, lh_OPENSSL_STRING_doall_thunk, lh_OPENSSL_STRING_doall_arg_thunk))
#define lh_OPENSSL_STRING_free(lh) OPENSSL_LH_free(ossl_check_OPENSSL_STRING_lh_type(lh))
#define lh_OPENSSL_STRING_flush(lh) OPENSSL_LH_flush(ossl_check_OPENSSL_STRING_lh_type(lh))
#define lh_OPENSSL_STRING_insert(lh, ptr) ((OPENSSL_STRING *)OPENSSL_LH_insert(ossl_check_OPENSSL_STRING_lh_type(lh), ossl_check_OPENSSL_STRING_lh_plain_type(ptr)))
@ -265,7 +375,7 @@ DEFINE_LHASH_OF_INTERNAL(OPENSSL_STRING);
#define lh_OPENSSL_STRING_set_down_load(lh, dl) OPENSSL_LH_set_down_load(ossl_check_OPENSSL_STRING_lh_type(lh), dl)
#define lh_OPENSSL_STRING_doall(lh, dfn) OPENSSL_LH_doall(ossl_check_OPENSSL_STRING_lh_type(lh), ossl_check_OPENSSL_STRING_lh_doallfunc_type(dfn))
DEFINE_LHASH_OF_INTERNAL(OPENSSL_CSTRING);
#define lh_OPENSSL_CSTRING_new(hfn, cmp) ((LHASH_OF(OPENSSL_CSTRING) *)OPENSSL_LH_new(ossl_check_OPENSSL_CSTRING_lh_hashfunc_type(hfn), ossl_check_OPENSSL_CSTRING_lh_compfunc_type(cmp)))
#define lh_OPENSSL_CSTRING_new(hfn, cmp) ((LHASH_OF(OPENSSL_CSTRING) *)OPENSSL_LH_set_thunks(OPENSSL_LH_new(ossl_check_OPENSSL_CSTRING_lh_hashfunc_type(hfn), ossl_check_OPENSSL_CSTRING_lh_compfunc_type(cmp)), lh_OPENSSL_CSTRING_hash_thunk, lh_OPENSSL_CSTRING_comp_thunk, lh_OPENSSL_CSTRING_doall_thunk, lh_OPENSSL_CSTRING_doall_arg_thunk))
#define lh_OPENSSL_CSTRING_free(lh) OPENSSL_LH_free(ossl_check_OPENSSL_CSTRING_lh_type(lh))
#define lh_OPENSSL_CSTRING_flush(lh) OPENSSL_LH_flush(ossl_check_OPENSSL_CSTRING_lh_type(lh))
#define lh_OPENSSL_CSTRING_insert(lh, ptr) ((OPENSSL_CSTRING *)OPENSSL_LH_insert(ossl_check_OPENSSL_CSTRING_lh_type(lh), ossl_check_OPENSSL_CSTRING_lh_plain_type(ptr)))

14
crypto/openssl/include/openssl/opensslv.h
View file

@ -28,8 +28,8 @@ extern "C" {
* These macros express version number MAJOR.MINOR.PATCH exactly
*/
# define OPENSSL_VERSION_MAJOR 3
# define OPENSSL_VERSION_MINOR 0
# define OPENSSL_VERSION_PATCH 16
# define OPENSSL_VERSION_MINOR 5
# define OPENSSL_VERSION_PATCH 1
/*
* Additional version information
@ -57,7 +57,7 @@ extern "C" {
* be related to the API version expressed with the macros above.
* This is defined in free form.
*/
# define OPENSSL_SHLIB_VERSION 3
# define OPENSSL_SHLIB_VERSION 17
/*
* SECTION 2: USEFUL MACROS
@ -74,21 +74,21 @@ extern "C" {
* longer variant with OPENSSL_VERSION_PRE_RELEASE_STR and
* OPENSSL_VERSION_BUILD_METADATA_STR appended.
*/
# define OPENSSL_VERSION_STR "3.0.16"
# define OPENSSL_FULL_VERSION_STR "3.0.16"
# define OPENSSL_VERSION_STR "3.5.1"
# define OPENSSL_FULL_VERSION_STR "3.5.1"
/*
* SECTION 3: ADDITIONAL METADATA
*
* These strings are defined separately to allow them to be parsable.
*/
# define OPENSSL_RELEASE_DATE "11 Feb 2025"
# define OPENSSL_RELEASE_DATE "1 Jul 2025"
/*
* SECTION 4: BACKWARD COMPATIBILITY
*/
# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.16 11 Feb 2025"
# define OPENSSL_VERSION_TEXT "OpenSSL 3.5.1 1 Jul 2025"
/* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PPSL */
# ifdef OPENSSL_VERSION_PRE_RELEASE

18
crypto/openssl/include/openssl/pkcs12.h
View file

@ -2,7 +2,7 @@
* WARNING: do not edit!
* Generated by Makefile from include/openssl/pkcs12.h.in
*
* Copyright 1999-2021 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1999-2024 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -25,6 +25,9 @@
# include <openssl/core.h>
# include <openssl/x509.h>
# include <openssl/pkcs12err.h>
# ifndef OPENSSL_NO_STDIO
# include <stdio.h>
# endif
#ifdef __cplusplus
extern "C" {
@ -41,6 +44,7 @@ extern "C" {
# define PKCS12_MAC_KEY_LENGTH 20
/* The macro is expected to be used only internally. Kept for backwards compatibility. */
# define PKCS12_SALT_LEN 8
/* It's not clear if these are actually needed... */
@ -130,7 +134,9 @@ int PKCS12_SAFEBAG_get_bag_nid(const PKCS12_SAFEBAG *bag);
const ASN1_TYPE *PKCS12_SAFEBAG_get0_bag_obj(const PKCS12_SAFEBAG *bag);
const ASN1_OBJECT *PKCS12_SAFEBAG_get0_bag_type(const PKCS12_SAFEBAG *bag);
X509 *PKCS12_SAFEBAG_get1_cert_ex(const PKCS12_SAFEBAG *bag, OSSL_LIB_CTX *libctx, const char *propq);
X509 *PKCS12_SAFEBAG_get1_cert(const PKCS12_SAFEBAG *bag);
X509_CRL *PKCS12_SAFEBAG_get1_crl_ex(const PKCS12_SAFEBAG *bag, OSSL_LIB_CTX *libctx, const char *propq);
X509_CRL *PKCS12_SAFEBAG_get1_crl(const PKCS12_SAFEBAG *bag);
const STACK_OF(PKCS12_SAFEBAG) *
PKCS12_SAFEBAG_get0_safes(const PKCS12_SAFEBAG *bag);
@ -218,6 +224,7 @@ ASN1_TYPE *PKCS12_get_attr_gen(const STACK_OF(X509_ATTRIBUTE) *attrs,
char *PKCS12_get_friendlyname(PKCS12_SAFEBAG *bag);
const STACK_OF(X509_ATTRIBUTE) *
PKCS12_SAFEBAG_get0_attrs(const PKCS12_SAFEBAG *bag);
void PKCS12_SAFEBAG_set0_attrs(PKCS12_SAFEBAG *bag, STACK_OF(X509_ATTRIBUTE) *attrs);
unsigned char *PKCS12_pbe_crypt(const X509_ALGOR *algor,
const char *pass, int passlen,
const unsigned char *in, int inlen,
@ -285,6 +292,9 @@ int PKCS12_verify_mac(PKCS12 *p12, const char *pass, int passlen);
int PKCS12_set_mac(PKCS12 *p12, const char *pass, int passlen,
unsigned char *salt, int saltlen, int iter,
const EVP_MD *md_type);
int PKCS12_set_pbmac1_pbkdf2(PKCS12 *p12, const char *pass, int passlen,
unsigned char *salt, int saltlen, int iter,
const EVP_MD *md_type, const char *prf_md_name);
int PKCS12_setup_mac(PKCS12 *p12, int iter, unsigned char *salt,
int saltlen, const EVP_MD *md_type);
unsigned char *OPENSSL_asc2uni(const char *asc, int asclen,
@ -305,6 +315,7 @@ DECLARE_ASN1_ITEM(PKCS12_AUTHSAFES)
void PKCS12_PBE_add(void);
int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert,
STACK_OF(X509) **ca);
typedef int PKCS12_create_cb(PKCS12_SAFEBAG *bag, void *cbarg);
PKCS12 *PKCS12_create(const char *pass, const char *name, EVP_PKEY *pkey,
X509 *cert, STACK_OF(X509) *ca, int nid_key, int nid_cert,
int iter, int mac_iter, int keytype);
@ -312,6 +323,11 @@ PKCS12 *PKCS12_create_ex(const char *pass, const char *name, EVP_PKEY *pkey,
X509 *cert, STACK_OF(X509) *ca, int nid_key, int nid_cert,
int iter, int mac_iter, int keytype,
OSSL_LIB_CTX *ctx, const char *propq);
PKCS12 *PKCS12_create_ex2(const char *pass, const char *name, EVP_PKEY *pkey,
X509 *cert, STACK_OF(X509) *ca, int nid_key, int nid_cert,
int iter, int mac_iter, int keytype,
OSSL_LIB_CTX *ctx, const char *propq,
PKCS12_create_cb *cb, void *cbarg);
PKCS12_SAFEBAG *PKCS12_add_cert(STACK_OF(PKCS12_SAFEBAG) **pbags, X509 *cert);
PKCS12_SAFEBAG *PKCS12_add_key(STACK_OF(PKCS12_SAFEBAG) **pbags,

23
crypto/openssl/include/openssl/pkcs7.h
View file

@ -28,6 +28,9 @@
# include <openssl/symhacks.h>
# include <openssl/types.h>
# include <openssl/pkcs7err.h>
# ifndef OPENSSL_NO_STDIO
# include <stdio.h>
# endif
#ifdef __cplusplus
extern "C" {
@ -56,8 +59,8 @@ typedef struct pkcs7_signer_info_st {
PKCS7_ISSUER_AND_SERIAL *issuer_and_serial;
X509_ALGOR *digest_alg;
STACK_OF(X509_ATTRIBUTE) *auth_attr; /* [ 0 ] */
X509_ALGOR *digest_enc_alg;
ASN1_OCTET_STRING *enc_digest;
X509_ALGOR *digest_enc_alg; /* confusing name, actually used for signing */
ASN1_OCTET_STRING *enc_digest; /* confusing name, actually signature */
STACK_OF(X509_ATTRIBUTE) *unauth_attr; /* [ 1 ] */
/* The private key to sign with */
EVP_PKEY *pkey;
@ -131,8 +134,8 @@ SKM_DEFINE_STACK_OF_INTERNAL(PKCS7_RECIP_INFO, PKCS7_RECIP_INFO, PKCS7_RECIP_INF
typedef struct pkcs7_signed_st {
ASN1_INTEGER *version; /* version 1 */
STACK_OF(X509_ALGOR) *md_algs; /* md used */
STACK_OF(X509) *cert; /* [ 0 ] */
STACK_OF(X509_CRL) *crl; /* [ 1 ] */
STACK_OF(X509) *cert; /* [ 0 ] */ /* name should be 'certificates' */
STACK_OF(X509_CRL) *crl; /* [ 1 ] */ /* name should be 'crls' */
STACK_OF(PKCS7_SIGNER_INFO) *signer_info;
struct pkcs7_st *contents;
} PKCS7_SIGNED;
@ -158,8 +161,8 @@ typedef struct pkcs7_enveloped_st {
typedef struct pkcs7_signedandenveloped_st {
ASN1_INTEGER *version; /* version 1 */
STACK_OF(X509_ALGOR) *md_algs; /* md used */
STACK_OF(X509) *cert; /* [ 0 ] */
STACK_OF(X509_CRL) *crl; /* [ 1 ] */
STACK_OF(X509) *cert; /* [ 0 ] */ /* name should be 'certificates' */
STACK_OF(X509_CRL) *crl; /* [ 1 ] */ /* name should be 'crls' */
STACK_OF(PKCS7_SIGNER_INFO) *signer_info;
PKCS7_ENC_CONTENT *enc_data;
STACK_OF(PKCS7_RECIP_INFO) *recipientinfo;
@ -200,7 +203,7 @@ typedef struct pkcs7_st {
/* NID_pkcs7_data */
ASN1_OCTET_STRING *data;
/* NID_pkcs7_signed */
PKCS7_SIGNED *sign;
PKCS7_SIGNED *sign; /* field name 'signed' would clash with C keyword */
/* NID_pkcs7_enveloped */
PKCS7_ENVELOPE *enveloped;
/* NID_pkcs7_signedAndEnveloped */
@ -341,13 +344,13 @@ int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey,
const EVP_MD *dgst);
int PKCS7_SIGNER_INFO_sign(PKCS7_SIGNER_INFO *si);
int PKCS7_add_signer(PKCS7 *p7, PKCS7_SIGNER_INFO *p7i);
int PKCS7_add_certificate(PKCS7 *p7, X509 *x509);
int PKCS7_add_crl(PKCS7 *p7, X509_CRL *x509);
int PKCS7_add_certificate(PKCS7 *p7, X509 *cert);
int PKCS7_add_crl(PKCS7 *p7, X509_CRL *crl);
int PKCS7_content_new(PKCS7 *p7, int nid);
int PKCS7_dataVerify(X509_STORE *cert_store, X509_STORE_CTX *ctx,
BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si);
int PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si,
X509 *x509);
X509 *signer);
BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio);
int PKCS7_dataFinal(PKCS7 *p7, BIO *bio);

430
crypto/openssl/include/openssl/ssl.h
View file

@ -2,7 +2,7 @@
* WARNING: do not edit!
* Generated by Makefile from include/openssl/ssl.h.in
*
* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
* Copyright 2005 Nokia. All rights reserved.
*
@ -24,6 +24,7 @@
# endif
# include <openssl/e_os2.h>
# include <openssl/e_ostime.h>
# include <openssl/opensslconf.h>
# include <openssl/comp.h>
# include <openssl/bio.h>
@ -42,6 +43,9 @@
# include <openssl/ct.h>
# include <openssl/sslerr.h>
# include <openssl/prov_ssl.h>
# ifndef OPENSSL_NO_STDIO
# include <stdio.h>
# endif
#ifdef __cplusplus
extern "C" {
@ -231,10 +235,8 @@ typedef struct ssl_cipher_st SSL_CIPHER;
typedef struct ssl_session_st SSL_SESSION;
typedef struct tls_sigalgs_st TLS_SIGALGS;
typedef struct ssl_conf_ctx_st SSL_CONF_CTX;
typedef struct ssl_comp_st SSL_COMP;
STACK_OF(SSL_CIPHER);
STACK_OF(SSL_COMP);
/* SRTP protection profiles for use with the use_srtp extension (RFC 5764)*/
typedef struct srtp_protection_profile_st {
@ -278,28 +280,31 @@ typedef int (*tls_session_secret_cb_fn)(SSL *s, void *secret, int *secret_len,
/* Extension context codes */
/* This extension is only allowed in TLS */
#define SSL_EXT_TLS_ONLY 0x0001
#define SSL_EXT_TLS_ONLY 0x00001
/* This extension is only allowed in DTLS */
#define SSL_EXT_DTLS_ONLY 0x0002
#define SSL_EXT_DTLS_ONLY 0x00002
/* Some extensions may be allowed in DTLS but we don't implement them for it */
#define SSL_EXT_TLS_IMPLEMENTATION_ONLY 0x0004
#define SSL_EXT_TLS_IMPLEMENTATION_ONLY 0x00004
/* Most extensions are not defined for SSLv3 but EXT_TYPE_renegotiate is */
#define SSL_EXT_SSL3_ALLOWED 0x0008
#define SSL_EXT_SSL3_ALLOWED 0x00008
/* Extension is only defined for TLS1.2 and below */
#define SSL_EXT_TLS1_2_AND_BELOW_ONLY 0x0010
#define SSL_EXT_TLS1_2_AND_BELOW_ONLY 0x00010
/* Extension is only defined for TLS1.3 and above */
#define SSL_EXT_TLS1_3_ONLY 0x0020
#define SSL_EXT_TLS1_3_ONLY 0x00020
/* Ignore this extension during parsing if we are resuming */
#define SSL_EXT_IGNORE_ON_RESUMPTION 0x0040
#define SSL_EXT_CLIENT_HELLO 0x0080
#define SSL_EXT_IGNORE_ON_RESUMPTION 0x00040
#define SSL_EXT_CLIENT_HELLO 0x00080
/* Really means TLS1.2 or below */
#define SSL_EXT_TLS1_2_SERVER_HELLO 0x0100
#define SSL_EXT_TLS1_3_SERVER_HELLO 0x0200
#define SSL_EXT_TLS1_3_ENCRYPTED_EXTENSIONS 0x0400
#define SSL_EXT_TLS1_3_HELLO_RETRY_REQUEST 0x0800
#define SSL_EXT_TLS1_3_CERTIFICATE 0x1000
#define SSL_EXT_TLS1_3_NEW_SESSION_TICKET 0x2000
#define SSL_EXT_TLS1_3_CERTIFICATE_REQUEST 0x4000
#define SSL_EXT_TLS1_2_SERVER_HELLO 0x00100
#define SSL_EXT_TLS1_3_SERVER_HELLO 0x00200
#define SSL_EXT_TLS1_3_ENCRYPTED_EXTENSIONS 0x00400
#define SSL_EXT_TLS1_3_HELLO_RETRY_REQUEST 0x00800
#define SSL_EXT_TLS1_3_CERTIFICATE 0x01000
#define SSL_EXT_TLS1_3_NEW_SESSION_TICKET 0x02000
#define SSL_EXT_TLS1_3_CERTIFICATE_REQUEST 0x04000
#define SSL_EXT_TLS1_3_CERTIFICATE_COMPRESSION 0x08000
/* When sending a raw public key in a certificate message */
#define SSL_EXT_TLS1_3_RAW_PUBLIC_KEY 0x10000
/* Typedefs for handling custom extensions */
@ -404,7 +409,7 @@ typedef int (*SSL_async_callback_fn)(SSL *s, void *arg);
*/
# define SSL_OP_CIPHER_SERVER_PREFERENCE SSL_OP_BIT(22)
/*
* If set, a server will allow a client to issue a SSLv3.0 version
* If set, a server will allow a client to issue an SSLv3.0 version
* number as latest version supported in the premaster secret, even when
* TLSv1.0 (version 3.1) was announced in the client hello. Normally
* this is forbidden to prevent version rollback attacks.
@ -430,6 +435,19 @@ typedef int (*SSL_async_callback_fn)(SSL *s, void *arg);
* interoperability with CryptoPro CSP 3.x
*/
# define SSL_OP_CRYPTOPRO_TLSEXT_BUG SSL_OP_BIT(31)
/*
* Disable RFC8879 certificate compression
* SSL_OP_NO_TX_CERTIFICATE_COMPRESSION: don't send compressed certificates,
* and ignore the extension when received.
* SSL_OP_NO_RX_CERTIFICATE_COMPRESSION: don't send the extension, and
* subsequently indicating that receiving is not supported
*/
# define SSL_OP_NO_TX_CERTIFICATE_COMPRESSION SSL_OP_BIT(32)
# define SSL_OP_NO_RX_CERTIFICATE_COMPRESSION SSL_OP_BIT(33)
/* Enable KTLS TX zerocopy on Linux */
# define SSL_OP_ENABLE_KTLS_TX_ZEROCOPY_SENDFILE SSL_OP_BIT(34)
#define SSL_OP_PREFER_NO_DHE_KEX SSL_OP_BIT(35)
/*
* Option "collections."
@ -574,6 +592,8 @@ typedef int (*SSL_async_callback_fn)(SSL *s, void *arg);
# define CERT_PKEY_CERT_TYPE 0x400
/* Cert chain suitable to Suite B */
# define CERT_PKEY_SUITEB 0x800
/* Cert pkey valid for raw public key use */
# define CERT_PKEY_RPK 0x1000
# define SSL_CONF_FLAG_CMDLINE 0x1
# define SSL_CONF_FLAG_FILE 0x2
@ -965,6 +985,7 @@ uint32_t SSL_get_recv_max_early_data(const SSL *s);
# include <openssl/tls1.h> /* This is mostly sslv3 with a few tweaks */
# include <openssl/dtls1.h> /* Datagram TLS */
# include <openssl/srtp.h> /* Support for the use_srtp extension */
# include <openssl/quic.h>
#ifdef __cplusplus
extern "C" {
@ -1000,32 +1021,6 @@ SKM_DEFINE_STACK_OF_INTERNAL(SSL_CIPHER, const SSL_CIPHER, SSL_CIPHER)
#define sk_SSL_CIPHER_dup(sk) ((STACK_OF(SSL_CIPHER) *)OPENSSL_sk_dup(ossl_check_const_SSL_CIPHER_sk_type(sk)))
#define sk_SSL_CIPHER_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(SSL_CIPHER) *)OPENSSL_sk_deep_copy(ossl_check_const_SSL_CIPHER_sk_type(sk), ossl_check_SSL_CIPHER_copyfunc_type(copyfunc), ossl_check_SSL_CIPHER_freefunc_type(freefunc)))
#define sk_SSL_CIPHER_set_cmp_func(sk, cmp) ((sk_SSL_CIPHER_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_SSL_CIPHER_sk_type(sk), ossl_check_SSL_CIPHER_compfunc_type(cmp)))
SKM_DEFINE_STACK_OF_INTERNAL(SSL_COMP, SSL_COMP, SSL_COMP)
#define sk_SSL_COMP_num(sk) OPENSSL_sk_num(ossl_check_const_SSL_COMP_sk_type(sk))
#define sk_SSL_COMP_value(sk, idx) ((SSL_COMP *)OPENSSL_sk_value(ossl_check_const_SSL_COMP_sk_type(sk), (idx)))
#define sk_SSL_COMP_new(cmp) ((STACK_OF(SSL_COMP) *)OPENSSL_sk_new(ossl_check_SSL_COMP_compfunc_type(cmp)))
#define sk_SSL_COMP_new_null() ((STACK_OF(SSL_COMP) *)OPENSSL_sk_new_null())
#define sk_SSL_COMP_new_reserve(cmp, n) ((STACK_OF(SSL_COMP) *)OPENSSL_sk_new_reserve(ossl_check_SSL_COMP_compfunc_type(cmp), (n)))
#define sk_SSL_COMP_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_SSL_COMP_sk_type(sk), (n))
#define sk_SSL_COMP_free(sk) OPENSSL_sk_free(ossl_check_SSL_COMP_sk_type(sk))
#define sk_SSL_COMP_zero(sk) OPENSSL_sk_zero(ossl_check_SSL_COMP_sk_type(sk))
#define sk_SSL_COMP_delete(sk, i) ((SSL_COMP *)OPENSSL_sk_delete(ossl_check_SSL_COMP_sk_type(sk), (i)))
#define sk_SSL_COMP_delete_ptr(sk, ptr) ((SSL_COMP *)OPENSSL_sk_delete_ptr(ossl_check_SSL_COMP_sk_type(sk), ossl_check_SSL_COMP_type(ptr)))
#define sk_SSL_COMP_push(sk, ptr) OPENSSL_sk_push(ossl_check_SSL_COMP_sk_type(sk), ossl_check_SSL_COMP_type(ptr))
#define sk_SSL_COMP_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_SSL_COMP_sk_type(sk), ossl_check_SSL_COMP_type(ptr))
#define sk_SSL_COMP_pop(sk) ((SSL_COMP *)OPENSSL_sk_pop(ossl_check_SSL_COMP_sk_type(sk)))
#define sk_SSL_COMP_shift(sk) ((SSL_COMP *)OPENSSL_sk_shift(ossl_check_SSL_COMP_sk_type(sk)))
#define sk_SSL_COMP_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_SSL_COMP_sk_type(sk),ossl_check_SSL_COMP_freefunc_type(freefunc))
#define sk_SSL_COMP_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_SSL_COMP_sk_type(sk), ossl_check_SSL_COMP_type(ptr), (idx))
#define sk_SSL_COMP_set(sk, idx, ptr) ((SSL_COMP *)OPENSSL_sk_set(ossl_check_SSL_COMP_sk_type(sk), (idx), ossl_check_SSL_COMP_type(ptr)))
#define sk_SSL_COMP_find(sk, ptr) OPENSSL_sk_find(ossl_check_SSL_COMP_sk_type(sk), ossl_check_SSL_COMP_type(ptr))
#define sk_SSL_COMP_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_SSL_COMP_sk_type(sk), ossl_check_SSL_COMP_type(ptr))
#define sk_SSL_COMP_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_SSL_COMP_sk_type(sk), ossl_check_SSL_COMP_type(ptr), pnum)
#define sk_SSL_COMP_sort(sk) OPENSSL_sk_sort(ossl_check_SSL_COMP_sk_type(sk))
#define sk_SSL_COMP_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_SSL_COMP_sk_type(sk))
#define sk_SSL_COMP_dup(sk) ((STACK_OF(SSL_COMP) *)OPENSSL_sk_dup(ossl_check_const_SSL_COMP_sk_type(sk)))
#define sk_SSL_COMP_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(SSL_COMP) *)OPENSSL_sk_deep_copy(ossl_check_const_SSL_COMP_sk_type(sk), ossl_check_SSL_COMP_copyfunc_type(copyfunc), ossl_check_SSL_COMP_freefunc_type(freefunc)))
#define sk_SSL_COMP_set_cmp_func(sk, cmp) ((sk_SSL_COMP_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_SSL_COMP_sk_type(sk), ossl_check_SSL_COMP_compfunc_type(cmp)))
/* compatibility */
@ -1066,6 +1061,7 @@ typedef enum {
DTLS_ST_CR_HELLO_VERIFY_REQUEST,
TLS_ST_CR_SRVR_HELLO,
TLS_ST_CR_CERT,
TLS_ST_CR_COMP_CERT,
TLS_ST_CR_CERT_STATUS,
TLS_ST_CR_KEY_EXCH,
TLS_ST_CR_CERT_REQ,
@ -1075,6 +1071,7 @@ typedef enum {
TLS_ST_CR_FINISHED,
TLS_ST_CW_CLNT_HELLO,
TLS_ST_CW_CERT,
TLS_ST_CW_COMP_CERT,
TLS_ST_CW_KEY_EXCH,
TLS_ST_CW_CERT_VRFY,
TLS_ST_CW_CHANGE,
@ -1085,10 +1082,12 @@ typedef enum {
DTLS_ST_SW_HELLO_VERIFY_REQUEST,
TLS_ST_SW_SRVR_HELLO,
TLS_ST_SW_CERT,
TLS_ST_SW_COMP_CERT,
TLS_ST_SW_KEY_EXCH,
TLS_ST_SW_CERT_REQ,
TLS_ST_SW_SRVR_DONE,
TLS_ST_SR_CERT,
TLS_ST_SR_COMP_CERT,
TLS_ST_SR_KEY_EXCH,
TLS_ST_SR_CERT_VRFY,
TLS_ST_SR_NEXT_PROTO,
@ -1380,9 +1379,13 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
# define SSL_CTRL_GET_SIGNATURE_NID 132
# define SSL_CTRL_GET_TMP_KEY 133
# define SSL_CTRL_GET_NEGOTIATED_GROUP 134
# define SSL_CTRL_GET_IANA_GROUPS 135
# define SSL_CTRL_SET_RETRY_VERIFY 136
# define SSL_CTRL_GET_VERIFY_CERT_STORE 137
# define SSL_CTRL_GET_CHAIN_CERT_STORE 138
# define SSL_CTRL_GET0_IMPLEMENTED_GROUPS 139
# define SSL_CTRL_GET_SIGNATURE_NAME 140
# define SSL_CTRL_GET_PEER_SIGNATURE_NAME 141
# define SSL_CERT_SET_FIRST 1
# define SSL_CERT_SET_NEXT 2
# define SSL_CERT_SET_SERVER 3
@ -1485,10 +1488,15 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
# define SSL_get1_groups(s, glist) \
SSL_ctrl(s,SSL_CTRL_GET_GROUPS,0,(int*)(glist))
# define SSL_get0_iana_groups(s, plst) \
SSL_ctrl(s,SSL_CTRL_GET_IANA_GROUPS,0,(uint16_t **)(plst))
# define SSL_CTX_set1_groups(ctx, glist, glistlen) \
SSL_CTX_ctrl(ctx,SSL_CTRL_SET_GROUPS,glistlen,(int *)(glist))
# define SSL_CTX_set1_groups_list(ctx, s) \
SSL_CTX_ctrl(ctx,SSL_CTRL_SET_GROUPS_LIST,0,(char *)(s))
# define SSL_CTX_get0_implemented_groups(ctx, all, out) \
SSL_CTX_ctrl(ctx,SSL_CTRL_GET0_IMPLEMENTED_GROUPS, all, \
(STACK_OF(OPENSSL_CSTRING) *)(out))
# define SSL_set1_groups(s, glist, glistlen) \
SSL_ctrl(s,SSL_CTRL_SET_GROUPS,glistlen,(char *)(glist))
# define SSL_set1_groups_list(s, str) \
@ -1520,8 +1528,12 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
(char *)(clist))
# define SSL_set1_client_certificate_types(s, clist, clistlen) \
SSL_ctrl(s,SSL_CTRL_SET_CLIENT_CERT_TYPES,clistlen,(char *)(clist))
# define SSL_get0_signature_name(s, str) \
SSL_ctrl(s,SSL_CTRL_GET_SIGNATURE_NAME,0,(1?(str):(const char **)NULL))
# define SSL_get_signature_nid(s, pn) \
SSL_ctrl(s,SSL_CTRL_GET_SIGNATURE_NID,0,pn)
# define SSL_get0_peer_signature_name(s, str) \
SSL_ctrl(s,SSL_CTRL_GET_PEER_SIGNATURE_NAME,0,(1?(str):(const char **)NULL))
# define SSL_get_peer_signature_nid(s, pn) \
SSL_ctrl(s,SSL_CTRL_GET_PEER_SIGNATURE_NID,0,pn)
# define SSL_get_peer_tmp_key(s, pk) \
@ -1549,6 +1561,7 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
# define SSL_get_max_proto_version(s) \
SSL_ctrl(s, SSL_CTRL_GET_MAX_PROTO_VERSION, 0, NULL)
const char *SSL_get0_group_name(SSL *s);
const char *SSL_group_to_name(SSL *s, int id);
/* Backwards compatibility, original 1.1.0 names */
@ -1613,7 +1626,11 @@ void SSL_CTX_set1_cert_store(SSL_CTX *, X509_STORE *);
__owur int SSL_want(const SSL *s);
__owur int SSL_clear(SSL *s);
#ifndef OPENSSL_NO_DEPRECATED_3_4
OSSL_DEPRECATEDIN_3_4_FOR("not Y2038-safe, replace with SSL_CTX_flush_sessions_ex()")
void SSL_CTX_flush_sessions(SSL_CTX *ctx, long tm);
#endif
void SSL_CTX_flush_sessions_ex(SSL_CTX *ctx, time_t tm);
__owur const SSL_CIPHER *SSL_get_current_cipher(const SSL *s);
__owur const SSL_CIPHER *SSL_get_pending_cipher(const SSL *s);
@ -1725,13 +1742,21 @@ __owur const char *SSL_state_string(const SSL *s);
__owur const char *SSL_rstate_string(const SSL *s);
__owur const char *SSL_state_string_long(const SSL *s);
__owur const char *SSL_rstate_string_long(const SSL *s);
#ifndef OPENSSL_NO_DEPRECATED_3_4
OSSL_DEPRECATEDIN_3_4_FOR("not Y2038-safe, replace with SSL_SESSION_get_time_ex()")
__owur long SSL_SESSION_get_time(const SSL_SESSION *s);
OSSL_DEPRECATEDIN_3_4_FOR("not Y2038-safe, replace with SSL_SESSION_set_time_ex()")
__owur long SSL_SESSION_set_time(SSL_SESSION *s, long t);
#endif
__owur long SSL_SESSION_get_timeout(const SSL_SESSION *s);
__owur long SSL_SESSION_set_timeout(SSL_SESSION *s, long t);
__owur int SSL_SESSION_get_protocol_version(const SSL_SESSION *s);
__owur int SSL_SESSION_set_protocol_version(SSL_SESSION *s, int version);
__owur time_t SSL_SESSION_get_time_ex(const SSL_SESSION *s);
__owur time_t SSL_SESSION_set_time_ex(SSL_SESSION *s, time_t t);
__owur const char *SSL_SESSION_get0_hostname(const SSL_SESSION *s);
__owur int SSL_SESSION_set1_hostname(SSL_SESSION *s, const char *hostname);
void SSL_SESSION_get0_alpn_selected(const SSL_SESSION *s,
@ -1783,6 +1808,9 @@ __owur int SSL_has_matching_session_id(const SSL *s,
unsigned int id_len);
SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp,
long length);
SSL_SESSION *d2i_SSL_SESSION_ex(SSL_SESSION **a, const unsigned char **pp,
long length, OSSL_LIB_CTX *libctx,
const char *propq);
# ifdef OPENSSL_X509_H
__owur X509 *SSL_get0_peer_certificate(const SSL *s);
@ -1840,6 +1868,8 @@ __owur int SSL_CTX_set_session_id_context(SSL_CTX *ctx,
SSL *SSL_new(SSL_CTX *ctx);
int SSL_up_ref(SSL *s);
int SSL_is_dtls(const SSL *s);
int SSL_is_tls(const SSL *s);
int SSL_is_quic(const SSL *s);
__owur int SSL_set_session_id_context(SSL *ssl, const unsigned char *sid_ctx,
unsigned int sid_ctx_len);
@ -1848,8 +1878,8 @@ __owur int SSL_set_purpose(SSL *ssl, int purpose);
__owur int SSL_CTX_set_trust(SSL_CTX *ctx, int trust);
__owur int SSL_set_trust(SSL *ssl, int trust);
__owur int SSL_set1_host(SSL *s, const char *hostname);
__owur int SSL_add1_host(SSL *s, const char *hostname);
__owur int SSL_set1_host(SSL *s, const char *host);
__owur int SSL_add1_host(SSL *s, const char *host);
__owur const char *SSL_get0_peername(SSL *s);
void SSL_set_hostflags(SSL *s, unsigned int flags);
@ -1924,6 +1954,11 @@ OSSL_DEPRECATEDIN_3_0 __owur char *SSL_get_srp_userinfo(SSL *s);
typedef int (*SSL_client_hello_cb_fn) (SSL *s, int *al, void *arg);
void SSL_CTX_set_client_hello_cb(SSL_CTX *c, SSL_client_hello_cb_fn cb,
void *arg);
typedef int (*SSL_new_pending_conn_cb_fn) (SSL_CTX *ctx, SSL *new_ssl,
void *arg);
void SSL_CTX_set_new_pending_conn_cb(SSL_CTX *c, SSL_new_pending_conn_cb_fn cb,
void *arg);
int SSL_client_hello_isv2(SSL *s);
unsigned int SSL_client_hello_get0_legacy_version(SSL *s);
size_t SSL_client_hello_get0_random(SSL *s, const unsigned char **out);
@ -1932,6 +1967,8 @@ size_t SSL_client_hello_get0_ciphers(SSL *s, const unsigned char **out);
size_t SSL_client_hello_get0_compression_methods(SSL *s,
const unsigned char **out);
int SSL_client_hello_get1_extensions_present(SSL *s, int **out, size_t *outlen);
int SSL_client_hello_get_extension_order(SSL *s, uint16_t *exts,
size_t *num_exts);
int SSL_client_hello_get0_ext(SSL *s, unsigned int type,
const unsigned char **out, size_t *outlen);
@ -1978,6 +2015,12 @@ long SSL_callback_ctrl(SSL *, int, void (*)(void));
long SSL_CTX_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg);
long SSL_CTX_callback_ctrl(SSL_CTX *, int, void (*)(void));
# define SSL_WRITE_FLAG_CONCLUDE (1U << 0)
__owur int SSL_write_ex2(SSL *s, const void *buf, size_t num,
uint64_t flags,
size_t *written);
# define SSL_EARLY_DATA_NOT_SENT 0
# define SSL_EARLY_DATA_REJECTED 1
# define SSL_EARLY_DATA_ACCEPTED 2
@ -1986,6 +2029,7 @@ __owur int SSL_get_early_data_status(const SSL *s);
__owur int SSL_get_error(const SSL *s, int ret_code);
__owur const char *SSL_get_version(const SSL *s);
__owur int SSL_get_handshake_rtt(const SSL *s, uint64_t *rtt);
/* This sets the 'default' SSL version that SSL_new() will create */
# ifndef OPENSSL_NO_DEPRECATED_3_0
@ -2281,6 +2325,8 @@ void SSL_CTX_set_record_padding_callback(SSL_CTX *ctx,
void SSL_CTX_set_record_padding_callback_arg(SSL_CTX *ctx, void *arg);
void *SSL_CTX_get_record_padding_callback_arg(const SSL_CTX *ctx);
int SSL_CTX_set_block_padding(SSL_CTX *ctx, size_t block_size);
int SSL_CTX_set_block_padding_ex(SSL_CTX *ctx, size_t app_block_size,
size_t hs_block_size);
int SSL_set_record_padding_callback(SSL *ssl,
size_t (*cb) (SSL *ssl, int type,
@ -2288,12 +2334,255 @@ int SSL_set_record_padding_callback(SSL *ssl,
void SSL_set_record_padding_callback_arg(SSL *ssl, void *arg);
void *SSL_get_record_padding_callback_arg(const SSL *ssl);
int SSL_set_block_padding(SSL *ssl, size_t block_size);
int SSL_set_block_padding_ex(SSL *ssl, size_t app_block_size,
size_t hs_block_size);
int SSL_set_num_tickets(SSL *s, size_t num_tickets);
size_t SSL_get_num_tickets(const SSL *s);
int SSL_CTX_set_num_tickets(SSL_CTX *ctx, size_t num_tickets);
size_t SSL_CTX_get_num_tickets(const SSL_CTX *ctx);
/* QUIC support */
int SSL_handle_events(SSL *s);
__owur int SSL_get_event_timeout(SSL *s, struct timeval *tv, int *is_infinite);
__owur int SSL_get_rpoll_descriptor(SSL *s, BIO_POLL_DESCRIPTOR *desc);
__owur int SSL_get_wpoll_descriptor(SSL *s, BIO_POLL_DESCRIPTOR *desc);
__owur int SSL_net_read_desired(SSL *s);
__owur int SSL_net_write_desired(SSL *s);
__owur int SSL_set_blocking_mode(SSL *s, int blocking);
__owur int SSL_get_blocking_mode(SSL *s);
__owur int SSL_set1_initial_peer_addr(SSL *s, const BIO_ADDR *peer_addr);
__owur SSL *SSL_get0_connection(SSL *s);
__owur int SSL_is_connection(SSL *s);
__owur int SSL_is_listener(SSL *ssl);
__owur SSL *SSL_get0_listener(SSL *s);
#define SSL_LISTENER_FLAG_NO_VALIDATE (1UL << 1)
__owur SSL *SSL_new_listener(SSL_CTX *ctx, uint64_t flags);
__owur SSL *SSL_new_listener_from(SSL *ssl, uint64_t flags);
__owur SSL *SSL_new_from_listener(SSL *ssl, uint64_t flags);
#define SSL_ACCEPT_CONNECTION_NO_BLOCK (1UL << 0)
__owur SSL *SSL_accept_connection(SSL *ssl, uint64_t flags);
__owur size_t SSL_get_accept_connection_queue_len(SSL *ssl);
__owur int SSL_listen(SSL *ssl);
__owur int SSL_is_domain(SSL *s);
__owur SSL *SSL_get0_domain(SSL *s);
__owur SSL *SSL_new_domain(SSL_CTX *ctx, uint64_t flags);
#define SSL_DOMAIN_FLAG_SINGLE_THREAD (1U << 0)
#define SSL_DOMAIN_FLAG_MULTI_THREAD (1U << 1)
#define SSL_DOMAIN_FLAG_THREAD_ASSISTED (1U << 2)
#define SSL_DOMAIN_FLAG_BLOCKING (1U << 3)
#define SSL_DOMAIN_FLAG_LEGACY_BLOCKING (1U << 4)
__owur int SSL_CTX_set_domain_flags(SSL_CTX *ctx, uint64_t domain_flags);
__owur int SSL_CTX_get_domain_flags(const SSL_CTX *ctx, uint64_t *domain_flags);
__owur int SSL_get_domain_flags(const SSL *ssl, uint64_t *domain_flags);
#define SSL_STREAM_TYPE_NONE 0
#define SSL_STREAM_TYPE_READ (1U << 0)
#define SSL_STREAM_TYPE_WRITE (1U << 1)
#define SSL_STREAM_TYPE_BIDI (SSL_STREAM_TYPE_READ | SSL_STREAM_TYPE_WRITE)
__owur int SSL_get_stream_type(SSL *s);
__owur uint64_t SSL_get_stream_id(SSL *s);
__owur int SSL_is_stream_local(SSL *s);
#define SSL_DEFAULT_STREAM_MODE_NONE 0
#define SSL_DEFAULT_STREAM_MODE_AUTO_BIDI 1
#define SSL_DEFAULT_STREAM_MODE_AUTO_UNI 2
__owur int SSL_set_default_stream_mode(SSL *s, uint32_t mode);
#define SSL_STREAM_FLAG_UNI (1U << 0)
#define SSL_STREAM_FLAG_NO_BLOCK (1U << 1)
#define SSL_STREAM_FLAG_ADVANCE (1U << 2)
__owur SSL *SSL_new_stream(SSL *s, uint64_t flags);
#define SSL_INCOMING_STREAM_POLICY_AUTO 0
#define SSL_INCOMING_STREAM_POLICY_ACCEPT 1
#define SSL_INCOMING_STREAM_POLICY_REJECT 2
__owur int SSL_set_incoming_stream_policy(SSL *s, int policy, uint64_t aec);
#define SSL_ACCEPT_STREAM_NO_BLOCK (1U << 0)
__owur SSL *SSL_accept_stream(SSL *s, uint64_t flags);
__owur size_t SSL_get_accept_stream_queue_len(SSL *s);
# ifndef OPENSSL_NO_QUIC
__owur int SSL_inject_net_dgram(SSL *s, const unsigned char *buf,
size_t buf_len,
const BIO_ADDR *peer,
const BIO_ADDR *local);
# endif
typedef struct ssl_shutdown_ex_args_st {
uint64_t quic_error_code;
const char *quic_reason;
} SSL_SHUTDOWN_EX_ARGS;
#define SSL_SHUTDOWN_FLAG_RAPID (1U << 0)
#define SSL_SHUTDOWN_FLAG_NO_STREAM_FLUSH (1U << 1)
#define SSL_SHUTDOWN_FLAG_NO_BLOCK (1U << 2)
#define SSL_SHUTDOWN_FLAG_WAIT_PEER (1U << 3)
__owur int SSL_shutdown_ex(SSL *ssl, uint64_t flags,
const SSL_SHUTDOWN_EX_ARGS *args,
size_t args_len);
__owur int SSL_stream_conclude(SSL *ssl, uint64_t flags);
typedef struct ssl_stream_reset_args_st {
uint64_t quic_error_code;
} SSL_STREAM_RESET_ARGS;
__owur int SSL_stream_reset(SSL *ssl,
const SSL_STREAM_RESET_ARGS *args,
size_t args_len);
#define SSL_STREAM_STATE_NONE 0
#define SSL_STREAM_STATE_OK 1
#define SSL_STREAM_STATE_WRONG_DIR 2
#define SSL_STREAM_STATE_FINISHED 3
#define SSL_STREAM_STATE_RESET_LOCAL 4
#define SSL_STREAM_STATE_RESET_REMOTE 5
#define SSL_STREAM_STATE_CONN_CLOSED 6
__owur int SSL_get_stream_read_state(SSL *ssl);
__owur int SSL_get_stream_write_state(SSL *ssl);
__owur int SSL_get_stream_read_error_code(SSL *ssl, uint64_t *app_error_code);
__owur int SSL_get_stream_write_error_code(SSL *ssl, uint64_t *app_error_code);
#define SSL_CONN_CLOSE_FLAG_LOCAL (1U << 0)
#define SSL_CONN_CLOSE_FLAG_TRANSPORT (1U << 1)
typedef struct ssl_conn_close_info_st {
uint64_t error_code, frame_type;
const char *reason;
size_t reason_len;
uint32_t flags;
} SSL_CONN_CLOSE_INFO;
__owur int SSL_get_conn_close_info(SSL *ssl,
SSL_CONN_CLOSE_INFO *info,
size_t info_len);
# define SSL_VALUE_CLASS_GENERIC 0
# define SSL_VALUE_CLASS_FEATURE_REQUEST 1
# define SSL_VALUE_CLASS_FEATURE_PEER_REQUEST 2
# define SSL_VALUE_CLASS_FEATURE_NEGOTIATED 3
# define SSL_VALUE_NONE 0
# define SSL_VALUE_QUIC_STREAM_BIDI_LOCAL_AVAIL 1
# define SSL_VALUE_QUIC_STREAM_BIDI_REMOTE_AVAIL 2
# define SSL_VALUE_QUIC_STREAM_UNI_LOCAL_AVAIL 3
# define SSL_VALUE_QUIC_STREAM_UNI_REMOTE_AVAIL 4
# define SSL_VALUE_QUIC_IDLE_TIMEOUT 5
# define SSL_VALUE_EVENT_HANDLING_MODE 6
# define SSL_VALUE_STREAM_WRITE_BUF_SIZE 7
# define SSL_VALUE_STREAM_WRITE_BUF_USED 8
# define SSL_VALUE_STREAM_WRITE_BUF_AVAIL 9
# define SSL_VALUE_EVENT_HANDLING_MODE_INHERIT 0
# define SSL_VALUE_EVENT_HANDLING_MODE_IMPLICIT 1
# define SSL_VALUE_EVENT_HANDLING_MODE_EXPLICIT 2
int SSL_get_value_uint(SSL *s, uint32_t class_, uint32_t id, uint64_t *v);
int SSL_set_value_uint(SSL *s, uint32_t class_, uint32_t id, uint64_t v);
# define SSL_get_generic_value_uint(ssl, id, v) \
SSL_get_value_uint((ssl), SSL_VALUE_CLASS_GENERIC, (id), (v))
# define SSL_set_generic_value_uint(ssl, id, v) \
SSL_set_value_uint((ssl), SSL_VALUE_CLASS_GENERIC, (id), (v))
# define SSL_get_feature_request_uint(ssl, id, v) \
SSL_get_value_uint((ssl), SSL_VALUE_CLASS_FEATURE_REQUEST, (id), (v))
# define SSL_set_feature_request_uint(ssl, id, v) \
SSL_set_value_uint((ssl), SSL_VALUE_CLASS_FEATURE_REQUEST, (id), (v))
# define SSL_get_feature_peer_request_uint(ssl, id, v) \
SSL_get_value_uint((ssl), SSL_VALUE_CLASS_FEATURE_PEER_REQUEST, (id), (v))
# define SSL_get_feature_negotiated_uint(ssl, id, v) \
SSL_get_value_uint((ssl), SSL_VALUE_CLASS_FEATURE_NEGOTIATED, (id), (v))
# define SSL_get_quic_stream_bidi_local_avail(ssl, value) \
SSL_get_generic_value_uint((ssl), SSL_VALUE_QUIC_STREAM_BIDI_LOCAL_AVAIL, \
(value))
# define SSL_get_quic_stream_bidi_remote_avail(ssl, value) \
SSL_get_generic_value_uint((ssl), SSL_VALUE_QUIC_STREAM_BIDI_REMOTE_AVAIL, \
(value))
# define SSL_get_quic_stream_uni_local_avail(ssl, value) \
SSL_get_generic_value_uint((ssl), SSL_VALUE_QUIC_STREAM_UNI_LOCAL_AVAIL, \
(value))
# define SSL_get_quic_stream_uni_remote_avail(ssl, value) \
SSL_get_generic_value_uint((ssl), SSL_VALUE_QUIC_STREAM_UNI_REMOTE_AVAIL, \
(value))
# define SSL_get_event_handling_mode(ssl, value) \
SSL_get_generic_value_uint((ssl), SSL_VALUE_EVENT_HANDLING_MODE, \
(value))
# define SSL_set_event_handling_mode(ssl, value) \
SSL_set_generic_value_uint((ssl), SSL_VALUE_EVENT_HANDLING_MODE, \
(value))
# define SSL_get_stream_write_buf_size(ssl, value) \
SSL_get_generic_value_uint((ssl), SSL_VALUE_STREAM_WRITE_BUF_SIZE, \
(value))
# define SSL_get_stream_write_buf_used(ssl, value) \
SSL_get_generic_value_uint((ssl), SSL_VALUE_STREAM_WRITE_BUF_USED, \
(value))
# define SSL_get_stream_write_buf_avail(ssl, value) \
SSL_get_generic_value_uint((ssl), SSL_VALUE_STREAM_WRITE_BUF_AVAIL, \
(value))
# define SSL_POLL_EVENT_NONE 0
# define SSL_POLL_EVENT_F (1U << 0) /* F (Failure) */
# define SSL_POLL_EVENT_EL (1U << 1) /* EL (Exception on Listener) */
# define SSL_POLL_EVENT_EC (1U << 2) /* EC (Exception on Conn) */
# define SSL_POLL_EVENT_ECD (1U << 3) /* ECD (Exception on Conn Drained) */
# define SSL_POLL_EVENT_ER (1U << 4) /* ER (Exception on Read) */
# define SSL_POLL_EVENT_EW (1U << 5) /* EW (Exception on Write) */
# define SSL_POLL_EVENT_R (1U << 6) /* R (Readable) */
# define SSL_POLL_EVENT_W (1U << 7) /* W (Writable) */
# define SSL_POLL_EVENT_IC (1U << 8) /* IC (Incoming Connection) */
# define SSL_POLL_EVENT_ISB (1U << 9) /* ISB (Incoming Stream: Bidi) */
# define SSL_POLL_EVENT_ISU (1U << 10) /* ISU (Incoming Stream: Uni) */
# define SSL_POLL_EVENT_OSB (1U << 11) /* OSB (Outgoing Stream: Bidi) */
# define SSL_POLL_EVENT_OSU (1U << 12) /* OSU (Outgoing Stream: Uni) */
# define SSL_POLL_EVENT_RW (SSL_POLL_EVENT_R | SSL_POLL_EVENT_W)
# define SSL_POLL_EVENT_RE (SSL_POLL_EVENT_R | SSL_POLL_EVENT_ER)
# define SSL_POLL_EVENT_WE (SSL_POLL_EVENT_W | SSL_POLL_EVENT_EW)
# define SSL_POLL_EVENT_RWE (SSL_POLL_EVENT_RE | SSL_POLL_EVENT_WE)
# define SSL_POLL_EVENT_E (SSL_POLL_EVENT_EL | SSL_POLL_EVENT_EC \
| SSL_POLL_EVENT_ER | SSL_POLL_EVENT_EW)
# define SSL_POLL_EVENT_IS (SSL_POLL_EVENT_ISB | SSL_POLL_EVENT_ISU)
# define SSL_POLL_EVENT_ISE (SSL_POLL_EVENT_IS | SSL_POLL_EVENT_EC)
# define SSL_POLL_EVENT_I (SSL_POLL_EVENT_IS | SSL_POLL_EVENT_IC)
# define SSL_POLL_EVENT_OS (SSL_POLL_EVENT_OSB | SSL_POLL_EVENT_OSU)
# define SSL_POLL_EVENT_OSE (SSL_POLL_EVENT_OS | SSL_POLL_EVENT_EC)
typedef struct ssl_poll_item_st {
BIO_POLL_DESCRIPTOR desc;
uint64_t events, revents;
} SSL_POLL_ITEM;
# define SSL_POLL_FLAG_NO_HANDLE_EVENTS (1U << 0)
__owur int SSL_poll(SSL_POLL_ITEM *items,
size_t num_items,
size_t stride,
const struct timeval *timeout,
uint64_t flags,
size_t *result_count);
static ossl_inline ossl_unused BIO_POLL_DESCRIPTOR
SSL_as_poll_descriptor(SSL *s)
{
BIO_POLL_DESCRIPTOR d;
d.type = BIO_POLL_DESCRIPTOR_TYPE_SSL;
d.value.ssl = s;
return d;
}
# ifndef OPENSSL_NO_DEPRECATED_1_1_0
# define SSL_cache_hit(s) SSL_session_reused(s)
# endif
@ -2593,6 +2882,51 @@ void SSL_set_allow_early_data_cb(SSL *s,
const char *OSSL_default_cipher_list(void);
const char *OSSL_default_ciphersuites(void);
/* RFC8879 Certificate compression APIs */
int SSL_CTX_compress_certs(SSL_CTX *ctx, int alg);
int SSL_compress_certs(SSL *ssl, int alg);
int SSL_CTX_set1_cert_comp_preference(SSL_CTX *ctx, int *algs, size_t len);
int SSL_set1_cert_comp_preference(SSL *ssl, int *algs, size_t len);
int SSL_CTX_set1_compressed_cert(SSL_CTX *ctx, int algorithm, unsigned char *comp_data,
size_t comp_length, size_t orig_length);
int SSL_set1_compressed_cert(SSL *ssl, int algorithm, unsigned char *comp_data,
size_t comp_length, size_t orig_length);
size_t SSL_CTX_get1_compressed_cert(SSL_CTX *ctx, int alg, unsigned char **data, size_t *orig_len);
size_t SSL_get1_compressed_cert(SSL *ssl, int alg, unsigned char **data, size_t *orig_len);
__owur int SSL_add_expected_rpk(SSL *s, EVP_PKEY *rpk);
__owur EVP_PKEY *SSL_get0_peer_rpk(const SSL *s);
__owur EVP_PKEY *SSL_SESSION_get0_peer_rpk(SSL_SESSION *s);
__owur int SSL_get_negotiated_client_cert_type(const SSL *s);
__owur int SSL_get_negotiated_server_cert_type(const SSL *s);
__owur int SSL_set1_client_cert_type(SSL *s, const unsigned char *val, size_t len);
__owur int SSL_set1_server_cert_type(SSL *s, const unsigned char *val, size_t len);
__owur int SSL_CTX_set1_client_cert_type(SSL_CTX *ctx, const unsigned char *val, size_t len);
__owur int SSL_CTX_set1_server_cert_type(SSL_CTX *ctx, const unsigned char *val, size_t len);
__owur int SSL_get0_client_cert_type(const SSL *s, unsigned char **t, size_t *len);
__owur int SSL_get0_server_cert_type(const SSL *s, unsigned char **t, size_t *len);
__owur int SSL_CTX_get0_client_cert_type(const SSL_CTX *ctx, unsigned char **t, size_t *len);
__owur int SSL_CTX_get0_server_cert_type(const SSL_CTX *s, unsigned char **t, size_t *len);
/*
* Protection level. For <= TLSv1.2 only "NONE" and "APPLICATION" are used.
*/
# define OSSL_RECORD_PROTECTION_LEVEL_NONE 0
# define OSSL_RECORD_PROTECTION_LEVEL_EARLY 1
# define OSSL_RECORD_PROTECTION_LEVEL_HANDSHAKE 2
# define OSSL_RECORD_PROTECTION_LEVEL_APPLICATION 3
int SSL_set_quic_tls_cbs(SSL *s, const OSSL_DISPATCH *qtdis, void *arg);
int SSL_set_quic_tls_transport_params(SSL *s,
const unsigned char *params,
size_t params_len);
int SSL_set_quic_tls_early_data_enabled(SSL *s, int enabled);
# ifdef __cplusplus
}
# endif

65
crypto/openssl/include/openssl/x509.h
View file

@ -2,7 +2,7 @@
* WARNING: do not edit!
* Generated by Makefile from include/openssl/x509.h.in
*
* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
@ -40,6 +40,9 @@
# include <openssl/sha.h>
# include <openssl/x509err.h>
# ifndef OPENSSL_NO_STDIO
# include <stdio.h>
# endif
#ifdef __cplusplus
extern "C" {
@ -162,16 +165,24 @@ SKM_DEFINE_STACK_OF_INTERNAL(X509_CRL, X509_CRL, X509_CRL)
# define X509_FILETYPE_ASN1 2
# define X509_FILETYPE_DEFAULT 3
# define X509v3_KU_DIGITAL_SIGNATURE 0x0080
# define X509v3_KU_NON_REPUDIATION 0x0040
# define X509v3_KU_KEY_ENCIPHERMENT 0x0020
# define X509v3_KU_DATA_ENCIPHERMENT 0x0010
# define X509v3_KU_KEY_AGREEMENT 0x0008
# define X509v3_KU_KEY_CERT_SIGN 0x0004
# define X509v3_KU_CRL_SIGN 0x0002
# define X509v3_KU_ENCIPHER_ONLY 0x0001
# define X509v3_KU_DECIPHER_ONLY 0x8000
# define X509v3_KU_UNDEF 0xffff
/*-
* <https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.3>:
* The KeyUsage BITSTRING is treated as a little-endian integer, hence bit `0`
* is 0x80, while bit `7` is 0x01 (the LSB of the integer value), bit `8` is
* then the MSB of the second octet, or 0x8000.
*/
# define X509v3_KU_DIGITAL_SIGNATURE 0x0080 /* (0) */
# define X509v3_KU_NON_REPUDIATION 0x0040 /* (1) */
# define X509v3_KU_KEY_ENCIPHERMENT 0x0020 /* (2) */
# define X509v3_KU_DATA_ENCIPHERMENT 0x0010 /* (3) */
# define X509v3_KU_KEY_AGREEMENT 0x0008 /* (4) */
# define X509v3_KU_KEY_CERT_SIGN 0x0004 /* (5) */
# define X509v3_KU_CRL_SIGN 0x0002 /* (6) */
# define X509v3_KU_ENCIPHER_ONLY 0x0001 /* (7) */
# define X509v3_KU_DECIPHER_ONLY 0x8000 /* (8) */
# ifndef OPENSSL_NO_DEPRECATED_3_4
# define X509v3_KU_UNDEF 0xffff /* vestigial, not used */
# endif
struct X509_algor_st {
ASN1_OBJECT *algorithm;
@ -462,7 +473,12 @@ typedef struct PBKDF2PARAM_st {
X509_ALGOR *prf;
} PBKDF2PARAM;
#ifndef OPENSSL_NO_SCRYPT
typedef struct {
X509_ALGOR *keyDerivationFunc;
X509_ALGOR *messageAuthScheme;
} PBMAC1PARAM;
# ifndef OPENSSL_NO_SCRYPT
typedef struct SCRYPT_PARAMS_st {
ASN1_OCTET_STRING *salt;
ASN1_INTEGER *costParameter;
@ -470,7 +486,7 @@ typedef struct SCRYPT_PARAMS_st {
ASN1_INTEGER *parallelizationParameter;
ASN1_INTEGER *keyLength;
} SCRYPT_PARAMS;
#endif
# endif
#ifdef __cplusplus
}
@ -603,6 +619,8 @@ EVP_PKEY *d2i_PrivateKey_ex_fp(FILE *fp, EVP_PKEY **a, OSSL_LIB_CTX *libctx,
const char *propq);
EVP_PKEY *d2i_PrivateKey_fp(FILE *fp, EVP_PKEY **a);
int i2d_PUBKEY_fp(FILE *fp, const EVP_PKEY *pkey);
EVP_PKEY *d2i_PUBKEY_ex_fp(FILE *fp, EVP_PKEY **a, OSSL_LIB_CTX *libctx,
const char *propq);
EVP_PKEY *d2i_PUBKEY_fp(FILE *fp, EVP_PKEY **a);
# endif
@ -651,6 +669,8 @@ EVP_PKEY *d2i_PrivateKey_ex_bio(BIO *bp, EVP_PKEY **a, OSSL_LIB_CTX *libctx,
const char *propq);
EVP_PKEY *d2i_PrivateKey_bio(BIO *bp, EVP_PKEY **a);
int i2d_PUBKEY_bio(BIO *bp, const EVP_PKEY *pkey);
EVP_PKEY *d2i_PUBKEY_ex_bio(BIO *bp, EVP_PKEY **a, OSSL_LIB_CTX *libctx,
const char *propq);
EVP_PKEY *d2i_PUBKEY_bio(BIO *bp, EVP_PKEY **a);
DECLARE_ASN1_DUP_FUNCTION(X509)
@ -884,12 +904,12 @@ int X509_REQ_get_signature_nid(const X509_REQ *req);
int i2d_re_X509_REQ_tbs(X509_REQ *req, unsigned char **pp);
int X509_REQ_set_pubkey(X509_REQ *x, EVP_PKEY *pkey);
EVP_PKEY *X509_REQ_get_pubkey(X509_REQ *req);
EVP_PKEY *X509_REQ_get0_pubkey(X509_REQ *req);
EVP_PKEY *X509_REQ_get0_pubkey(const X509_REQ *req);
X509_PUBKEY *X509_REQ_get_X509_PUBKEY(X509_REQ *req);
int X509_REQ_extension_nid(int nid);
int *X509_REQ_get_extension_nids(void);
void X509_REQ_set_extension_nids(int *nids);
STACK_OF(X509_EXTENSION) *X509_REQ_get_extensions(X509_REQ *req);
STACK_OF(X509_EXTENSION) *X509_REQ_get_extensions(OSSL_FUTURE_CONST X509_REQ *req);
int X509_REQ_add_extensions_nid(X509_REQ *req,
const STACK_OF(X509_EXTENSION) *exts, int nid);
int X509_REQ_add_extensions(X509_REQ *req, const STACK_OF(X509_EXTENSION) *ext);
@ -950,13 +970,14 @@ X509_REVOKED_get0_extensions(const X509_REVOKED *r);
X509_CRL *X509_CRL_diff(X509_CRL *base, X509_CRL *newer,
EVP_PKEY *skey, const EVP_MD *md, unsigned int flags);
int X509_REQ_check_private_key(X509_REQ *x509, EVP_PKEY *pkey);
int X509_REQ_check_private_key(const X509_REQ *req, EVP_PKEY *pkey);
int X509_check_private_key(const X509 *x509, const EVP_PKEY *pkey);
int X509_check_private_key(const X509 *cert, const EVP_PKEY *pkey);
int X509_chain_check_suiteb(int *perror_depth,
X509 *x, STACK_OF(X509) *chain,
unsigned long flags);
int X509_CRL_check_suiteb(X509_CRL *crl, EVP_PKEY *pk, unsigned long flags);
void OSSL_STACK_OF_X509_free(STACK_OF(X509) *certs);
STACK_OF(X509) *X509_chain_up_ref(STACK_OF(X509) *chain);
int X509_issuer_and_serial_cmp(const X509 *a, const X509 *b);
@ -1077,6 +1098,8 @@ X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x, int loc);
X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x, int loc);
STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x,
X509_EXTENSION *ex, int loc);
STACK_OF(X509_EXTENSION) *X509v3_add_extensions(STACK_OF(X509_EXTENSION) **target,
const STACK_OF(X509_EXTENSION) *exts);
int X509_get_ext_count(const X509 *x);
int X509_get_ext_by_NID(const X509 *x, int nid, int lastpos);
@ -1198,9 +1221,10 @@ X509 *X509_find_by_subject(STACK_OF(X509) *sk, const X509_NAME *name);
DECLARE_ASN1_FUNCTIONS(PBEPARAM)
DECLARE_ASN1_FUNCTIONS(PBE2PARAM)
DECLARE_ASN1_FUNCTIONS(PBKDF2PARAM)
#ifndef OPENSSL_NO_SCRYPT
DECLARE_ASN1_FUNCTIONS(PBMAC1PARAM)
# ifndef OPENSSL_NO_SCRYPT
DECLARE_ASN1_FUNCTIONS(SCRYPT_PARAMS)
#endif
# endif
int PKCS5_pbe_set0_algor(X509_ALGOR *algor, int alg, int iter,
const unsigned char *salt, int saltlen);
@ -1237,6 +1261,7 @@ X509_ALGOR *PKCS5_pbkdf2_set_ex(int iter, unsigned char *salt, int saltlen,
int prf_nid, int keylen,
OSSL_LIB_CTX *libctx);
PBKDF2PARAM *PBMAC1_get1_pbkdf2_param(const X509_ALGOR *macalg);
/* PKCS#8 utilities */
DECLARE_ASN1_FUNCTIONS(PKCS8_PRIV_KEY_INFO)
@ -1262,6 +1287,8 @@ int PKCS8_pkey_add1_attr_by_OBJ(PKCS8_PRIV_KEY_INFO *p8, const ASN1_OBJECT *obj,
int type, const unsigned char *bytes, int len);
void X509_PUBKEY_set0_public_key(X509_PUBKEY *pub,
unsigned char *penc, int penclen);
int X509_PUBKEY_set0_param(X509_PUBKEY *pub, ASN1_OBJECT *aobj,
int ptype, void *pval,
unsigned char *penc, int penclen);

294
crypto/openssl/include/openssl/x509_acert.h Normal file
View file

@ -0,0 +1,294 @@
/*
* WARNING: do not edit!
* Generated by Makefile from include/openssl/x509_acert.h.in
*
* Copyright 2022-2024 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OPENSSL_X509_ACERT_H
# define OPENSSL_X509_ACERT_H
# pragma once
# include <openssl/x509v3.h>
# include <openssl/x509.h>
# include <openssl/pem.h>
typedef struct X509_acert_st X509_ACERT;
typedef struct X509_acert_info_st X509_ACERT_INFO;
typedef struct ossl_object_digest_info_st OSSL_OBJECT_DIGEST_INFO;
typedef struct ossl_issuer_serial_st OSSL_ISSUER_SERIAL;
typedef struct X509_acert_issuer_v2form_st X509_ACERT_ISSUER_V2FORM;
DECLARE_ASN1_FUNCTIONS(X509_ACERT)
DECLARE_ASN1_DUP_FUNCTION(X509_ACERT)
DECLARE_ASN1_ITEM(X509_ACERT_INFO)
DECLARE_ASN1_ALLOC_FUNCTIONS(X509_ACERT_INFO)
DECLARE_ASN1_ALLOC_FUNCTIONS(OSSL_OBJECT_DIGEST_INFO)
DECLARE_ASN1_ALLOC_FUNCTIONS(OSSL_ISSUER_SERIAL)
DECLARE_ASN1_ALLOC_FUNCTIONS(X509_ACERT_ISSUER_V2FORM)
# ifndef OPENSSL_NO_STDIO
X509_ACERT *d2i_X509_ACERT_fp(FILE *fp, X509_ACERT **acert);
int i2d_X509_ACERT_fp(FILE *fp, const X509_ACERT *acert);
# endif
DECLARE_PEM_rw(X509_ACERT, X509_ACERT)
X509_ACERT *d2i_X509_ACERT_bio(BIO *bp, X509_ACERT **acert);
int i2d_X509_ACERT_bio(BIO *bp, const X509_ACERT *acert);
int X509_ACERT_sign(X509_ACERT *x, EVP_PKEY *pkey, const EVP_MD *md);
int X509_ACERT_sign_ctx(X509_ACERT *x, EVP_MD_CTX *ctx);
int X509_ACERT_verify(X509_ACERT *a, EVP_PKEY *r);
# define X509_ACERT_VERSION_2 1
const GENERAL_NAMES *X509_ACERT_get0_holder_entityName(const X509_ACERT *x);
const OSSL_ISSUER_SERIAL *X509_ACERT_get0_holder_baseCertId(const X509_ACERT *x);
const OSSL_OBJECT_DIGEST_INFO * X509_ACERT_get0_holder_digest(const X509_ACERT *x);
const X509_NAME *X509_ACERT_get0_issuerName(const X509_ACERT *x);
long X509_ACERT_get_version(const X509_ACERT *x);
void X509_ACERT_get0_signature(const X509_ACERT *x,
const ASN1_BIT_STRING **psig,
const X509_ALGOR **palg);
int X509_ACERT_get_signature_nid(const X509_ACERT *x);
const X509_ALGOR *X509_ACERT_get0_info_sigalg(const X509_ACERT *x);
const ASN1_INTEGER *X509_ACERT_get0_serialNumber(const X509_ACERT *x);
const ASN1_TIME *X509_ACERT_get0_notBefore(const X509_ACERT *x);
const ASN1_TIME *X509_ACERT_get0_notAfter(const X509_ACERT *x);
const ASN1_BIT_STRING *X509_ACERT_get0_issuerUID(const X509_ACERT *x);
int X509_ACERT_print(BIO *bp, X509_ACERT *x);
int X509_ACERT_print_ex(BIO *bp, X509_ACERT *x, unsigned long nmflags,
unsigned long cflag);
int X509_ACERT_get_attr_count(const X509_ACERT *x);
int X509_ACERT_get_attr_by_NID(const X509_ACERT *x, int nid, int lastpos);
int X509_ACERT_get_attr_by_OBJ(const X509_ACERT *x, const ASN1_OBJECT *obj,
int lastpos);
X509_ATTRIBUTE *X509_ACERT_get_attr(const X509_ACERT *x, int loc);
X509_ATTRIBUTE *X509_ACERT_delete_attr(X509_ACERT *x, int loc);
void *X509_ACERT_get_ext_d2i(const X509_ACERT *x, int nid, int *crit, int *idx);
int X509_ACERT_add1_ext_i2d(X509_ACERT *x, int nid, void *value, int crit,
unsigned long flags);
const STACK_OF(X509_EXTENSION) *X509_ACERT_get0_extensions(const X509_ACERT *x);
# define OSSL_OBJECT_DIGEST_INFO_PUBLIC_KEY 0
# define OSSL_OBJECT_DIGEST_INFO_PUBLIC_KEY_CERT 1
# define OSSL_OBJECT_DIGEST_INFO_OTHER 2 /* must not be used in RFC 5755 profile */
int X509_ACERT_set_version(X509_ACERT *x, long version);
void X509_ACERT_set0_holder_entityName(X509_ACERT *x, GENERAL_NAMES *name);
void X509_ACERT_set0_holder_baseCertId(X509_ACERT *x, OSSL_ISSUER_SERIAL *isss);
void X509_ACERT_set0_holder_digest(X509_ACERT *x,
OSSL_OBJECT_DIGEST_INFO *dinfo);
int X509_ACERT_add1_attr(X509_ACERT *x, X509_ATTRIBUTE *attr);
int X509_ACERT_add1_attr_by_OBJ(X509_ACERT *x, const ASN1_OBJECT *obj,
int type, const void *bytes, int len);
int X509_ACERT_add1_attr_by_NID(X509_ACERT *x, int nid, int type,
const void *bytes, int len);
int X509_ACERT_add1_attr_by_txt(X509_ACERT *x, const char *attrname, int type,
const unsigned char *bytes, int len);
int X509_ACERT_add_attr_nconf(CONF *conf, const char *section,
X509_ACERT *acert);
int X509_ACERT_set1_issuerName(X509_ACERT *x, const X509_NAME *name);
int X509_ACERT_set1_serialNumber(X509_ACERT *x, const ASN1_INTEGER *serial);
int X509_ACERT_set1_notBefore(X509_ACERT *x, const ASN1_GENERALIZEDTIME *time);
int X509_ACERT_set1_notAfter(X509_ACERT *x, const ASN1_GENERALIZEDTIME *time);
void OSSL_OBJECT_DIGEST_INFO_get0_digest(const OSSL_OBJECT_DIGEST_INFO *o,
int *digestedObjectType,
const X509_ALGOR **digestAlgorithm,
const ASN1_BIT_STRING **digest);
int OSSL_OBJECT_DIGEST_INFO_set1_digest(OSSL_OBJECT_DIGEST_INFO *o,
int digestedObjectType,
X509_ALGOR *digestAlgorithm,
ASN1_BIT_STRING *digest);
const X509_NAME *OSSL_ISSUER_SERIAL_get0_issuer(const OSSL_ISSUER_SERIAL *isss);
const ASN1_INTEGER *OSSL_ISSUER_SERIAL_get0_serial(const OSSL_ISSUER_SERIAL *isss);
const ASN1_BIT_STRING *OSSL_ISSUER_SERIAL_get0_issuerUID(const OSSL_ISSUER_SERIAL *isss);
int OSSL_ISSUER_SERIAL_set1_issuer(OSSL_ISSUER_SERIAL *isss,
const X509_NAME *issuer);
int OSSL_ISSUER_SERIAL_set1_serial(OSSL_ISSUER_SERIAL *isss,
const ASN1_INTEGER *serial);
int OSSL_ISSUER_SERIAL_set1_issuerUID(OSSL_ISSUER_SERIAL *isss,
const ASN1_BIT_STRING *uid);
# define OSSL_IETFAS_OCTETS 0
# define OSSL_IETFAS_OID 1
# define OSSL_IETFAS_STRING 2
typedef struct OSSL_IETF_ATTR_SYNTAX_VALUE_st OSSL_IETF_ATTR_SYNTAX_VALUE;
typedef struct OSSL_IETF_ATTR_SYNTAX_st OSSL_IETF_ATTR_SYNTAX;
SKM_DEFINE_STACK_OF_INTERNAL(OSSL_IETF_ATTR_SYNTAX_VALUE, OSSL_IETF_ATTR_SYNTAX_VALUE, OSSL_IETF_ATTR_SYNTAX_VALUE)
#define sk_OSSL_IETF_ATTR_SYNTAX_VALUE_num(sk) OPENSSL_sk_num(ossl_check_const_OSSL_IETF_ATTR_SYNTAX_VALUE_sk_type(sk))
#define sk_OSSL_IETF_ATTR_SYNTAX_VALUE_value(sk, idx) ((OSSL_IETF_ATTR_SYNTAX_VALUE *)OPENSSL_sk_value(ossl_check_const_OSSL_IETF_ATTR_SYNTAX_VALUE_sk_type(sk), (idx)))
#define sk_OSSL_IETF_ATTR_SYNTAX_VALUE_new(cmp) ((STACK_OF(OSSL_IETF_ATTR_SYNTAX_VALUE) *)OPENSSL_sk_new(ossl_check_OSSL_IETF_ATTR_SYNTAX_VALUE_compfunc_type(cmp)))
#define sk_OSSL_IETF_ATTR_SYNTAX_VALUE_new_null() ((STACK_OF(OSSL_IETF_ATTR_SYNTAX_VALUE) *)OPENSSL_sk_new_null())
#define sk_OSSL_IETF_ATTR_SYNTAX_VALUE_new_reserve(cmp, n) ((STACK_OF(OSSL_IETF_ATTR_SYNTAX_VALUE) *)OPENSSL_sk_new_reserve(ossl_check_OSSL_IETF_ATTR_SYNTAX_VALUE_compfunc_type(cmp), (n)))
#define sk_OSSL_IETF_ATTR_SYNTAX_VALUE_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_OSSL_IETF_ATTR_SYNTAX_VALUE_sk_type(sk), (n))
#define sk_OSSL_IETF_ATTR_SYNTAX_VALUE_free(sk) OPENSSL_sk_free(ossl_check_OSSL_IETF_ATTR_SYNTAX_VALUE_sk_type(sk))
#define sk_OSSL_IETF_ATTR_SYNTAX_VALUE_zero(sk) OPENSSL_sk_zero(ossl_check_OSSL_IETF_ATTR_SYNTAX_VALUE_sk_type(sk))
#define sk_OSSL_IETF_ATTR_SYNTAX_VALUE_delete(sk, i) ((OSSL_IETF_ATTR_SYNTAX_VALUE *)OPENSSL_sk_delete(ossl_check_OSSL_IETF_ATTR_SYNTAX_VALUE_sk_type(sk), (i)))
#define sk_OSSL_IETF_ATTR_SYNTAX_VALUE_delete_ptr(sk, ptr) ((OSSL_IETF_ATTR_SYNTAX_VALUE *)OPENSSL_sk_delete_ptr(ossl_check_OSSL_IETF_ATTR_SYNTAX_VALUE_sk_type(sk), ossl_check_OSSL_IETF_ATTR_SYNTAX_VALUE_type(ptr)))
#define sk_OSSL_IETF_ATTR_SYNTAX_VALUE_push(sk, ptr) OPENSSL_sk_push(ossl_check_OSSL_IETF_ATTR_SYNTAX_VALUE_sk_type(sk), ossl_check_OSSL_IETF_ATTR_SYNTAX_VALUE_type(ptr))
#define sk_OSSL_IETF_ATTR_SYNTAX_VALUE_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_OSSL_IETF_ATTR_SYNTAX_VALUE_sk_type(sk), ossl_check_OSSL_IETF_ATTR_SYNTAX_VALUE_type(ptr))
#define sk_OSSL_IETF_ATTR_SYNTAX_VALUE_pop(sk) ((OSSL_IETF_ATTR_SYNTAX_VALUE *)OPENSSL_sk_pop(ossl_check_OSSL_IETF_ATTR_SYNTAX_VALUE_sk_type(sk)))
#define sk_OSSL_IETF_ATTR_SYNTAX_VALUE_shift(sk) ((OSSL_IETF_ATTR_SYNTAX_VALUE *)OPENSSL_sk_shift(ossl_check_OSSL_IETF_ATTR_SYNTAX_VALUE_sk_type(sk)))
#define sk_OSSL_IETF_ATTR_SYNTAX_VALUE_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_OSSL_IETF_ATTR_SYNTAX_VALUE_sk_type(sk),ossl_check_OSSL_IETF_ATTR_SYNTAX_VALUE_freefunc_type(freefunc))
#define sk_OSSL_IETF_ATTR_SYNTAX_VALUE_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_OSSL_IETF_ATTR_SYNTAX_VALUE_sk_type(sk), ossl_check_OSSL_IETF_ATTR_SYNTAX_VALUE_type(ptr), (idx))
#define sk_OSSL_IETF_ATTR_SYNTAX_VALUE_set(sk, idx, ptr) ((OSSL_IETF_ATTR_SYNTAX_VALUE *)OPENSSL_sk_set(ossl_check_OSSL_IETF_ATTR_SYNTAX_VALUE_sk_type(sk), (idx), ossl_check_OSSL_IETF_ATTR_SYNTAX_VALUE_type(ptr)))
#define sk_OSSL_IETF_ATTR_SYNTAX_VALUE_find(sk, ptr) OPENSSL_sk_find(ossl_check_OSSL_IETF_ATTR_SYNTAX_VALUE_sk_type(sk), ossl_check_OSSL_IETF_ATTR_SYNTAX_VALUE_type(ptr))
#define sk_OSSL_IETF_ATTR_SYNTAX_VALUE_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_OSSL_IETF_ATTR_SYNTAX_VALUE_sk_type(sk), ossl_check_OSSL_IETF_ATTR_SYNTAX_VALUE_type(ptr))
#define sk_OSSL_IETF_ATTR_SYNTAX_VALUE_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_OSSL_IETF_ATTR_SYNTAX_VALUE_sk_type(sk), ossl_check_OSSL_IETF_ATTR_SYNTAX_VALUE_type(ptr), pnum)
#define sk_OSSL_IETF_ATTR_SYNTAX_VALUE_sort(sk) OPENSSL_sk_sort(ossl_check_OSSL_IETF_ATTR_SYNTAX_VALUE_sk_type(sk))
#define sk_OSSL_IETF_ATTR_SYNTAX_VALUE_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_OSSL_IETF_ATTR_SYNTAX_VALUE_sk_type(sk))
#define sk_OSSL_IETF_ATTR_SYNTAX_VALUE_dup(sk) ((STACK_OF(OSSL_IETF_ATTR_SYNTAX_VALUE) *)OPENSSL_sk_dup(ossl_check_const_OSSL_IETF_ATTR_SYNTAX_VALUE_sk_type(sk)))
#define sk_OSSL_IETF_ATTR_SYNTAX_VALUE_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(OSSL_IETF_ATTR_SYNTAX_VALUE) *)OPENSSL_sk_deep_copy(ossl_check_const_OSSL_IETF_ATTR_SYNTAX_VALUE_sk_type(sk), ossl_check_OSSL_IETF_ATTR_SYNTAX_VALUE_copyfunc_type(copyfunc), ossl_check_OSSL_IETF_ATTR_SYNTAX_VALUE_freefunc_type(freefunc)))
#define sk_OSSL_IETF_ATTR_SYNTAX_VALUE_set_cmp_func(sk, cmp) ((sk_OSSL_IETF_ATTR_SYNTAX_VALUE_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_OSSL_IETF_ATTR_SYNTAX_VALUE_sk_type(sk), ossl_check_OSSL_IETF_ATTR_SYNTAX_VALUE_compfunc_type(cmp)))
DECLARE_ASN1_ITEM(OSSL_IETF_ATTR_SYNTAX_VALUE)
DECLARE_ASN1_ALLOC_FUNCTIONS(OSSL_IETF_ATTR_SYNTAX_VALUE)
DECLARE_ASN1_FUNCTIONS(OSSL_IETF_ATTR_SYNTAX)
const GENERAL_NAMES *
OSSL_IETF_ATTR_SYNTAX_get0_policyAuthority(const OSSL_IETF_ATTR_SYNTAX *a);
void OSSL_IETF_ATTR_SYNTAX_set0_policyAuthority(OSSL_IETF_ATTR_SYNTAX *a,
GENERAL_NAMES *names);
int OSSL_IETF_ATTR_SYNTAX_get_value_num(const OSSL_IETF_ATTR_SYNTAX *a);
void *OSSL_IETF_ATTR_SYNTAX_get0_value(const OSSL_IETF_ATTR_SYNTAX *a,
int ind, int *type);
int OSSL_IETF_ATTR_SYNTAX_add1_value(OSSL_IETF_ATTR_SYNTAX *a, int type,
void *data);
int OSSL_IETF_ATTR_SYNTAX_print(BIO *bp, OSSL_IETF_ATTR_SYNTAX *a, int indent);
struct TARGET_CERT_st {
OSSL_ISSUER_SERIAL *targetCertificate;
GENERAL_NAME *targetName;
OSSL_OBJECT_DIGEST_INFO *certDigestInfo;
};
typedef struct TARGET_CERT_st OSSL_TARGET_CERT;
# define OSSL_TGT_TARGET_NAME 0
# define OSSL_TGT_TARGET_GROUP 1
# define OSSL_TGT_TARGET_CERT 2
typedef struct TARGET_st {
int type;
union {
GENERAL_NAME *targetName;
GENERAL_NAME *targetGroup;
OSSL_TARGET_CERT *targetCert;
} choice;
} OSSL_TARGET;
typedef STACK_OF(OSSL_TARGET) OSSL_TARGETS;
typedef STACK_OF(OSSL_TARGETS) OSSL_TARGETING_INFORMATION;
SKM_DEFINE_STACK_OF_INTERNAL(OSSL_TARGET, OSSL_TARGET, OSSL_TARGET)
#define sk_OSSL_TARGET_num(sk) OPENSSL_sk_num(ossl_check_const_OSSL_TARGET_sk_type(sk))
#define sk_OSSL_TARGET_value(sk, idx) ((OSSL_TARGET *)OPENSSL_sk_value(ossl_check_const_OSSL_TARGET_sk_type(sk), (idx)))
#define sk_OSSL_TARGET_new(cmp) ((STACK_OF(OSSL_TARGET) *)OPENSSL_sk_new(ossl_check_OSSL_TARGET_compfunc_type(cmp)))
#define sk_OSSL_TARGET_new_null() ((STACK_OF(OSSL_TARGET) *)OPENSSL_sk_new_null())
#define sk_OSSL_TARGET_new_reserve(cmp, n) ((STACK_OF(OSSL_TARGET) *)OPENSSL_sk_new_reserve(ossl_check_OSSL_TARGET_compfunc_type(cmp), (n)))
#define sk_OSSL_TARGET_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_OSSL_TARGET_sk_type(sk), (n))
#define sk_OSSL_TARGET_free(sk) OPENSSL_sk_free(ossl_check_OSSL_TARGET_sk_type(sk))
#define sk_OSSL_TARGET_zero(sk) OPENSSL_sk_zero(ossl_check_OSSL_TARGET_sk_type(sk))
#define sk_OSSL_TARGET_delete(sk, i) ((OSSL_TARGET *)OPENSSL_sk_delete(ossl_check_OSSL_TARGET_sk_type(sk), (i)))
#define sk_OSSL_TARGET_delete_ptr(sk, ptr) ((OSSL_TARGET *)OPENSSL_sk_delete_ptr(ossl_check_OSSL_TARGET_sk_type(sk), ossl_check_OSSL_TARGET_type(ptr)))
#define sk_OSSL_TARGET_push(sk, ptr) OPENSSL_sk_push(ossl_check_OSSL_TARGET_sk_type(sk), ossl_check_OSSL_TARGET_type(ptr))
#define sk_OSSL_TARGET_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_OSSL_TARGET_sk_type(sk), ossl_check_OSSL_TARGET_type(ptr))
#define sk_OSSL_TARGET_pop(sk) ((OSSL_TARGET *)OPENSSL_sk_pop(ossl_check_OSSL_TARGET_sk_type(sk)))
#define sk_OSSL_TARGET_shift(sk) ((OSSL_TARGET *)OPENSSL_sk_shift(ossl_check_OSSL_TARGET_sk_type(sk)))
#define sk_OSSL_TARGET_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_OSSL_TARGET_sk_type(sk),ossl_check_OSSL_TARGET_freefunc_type(freefunc))
#define sk_OSSL_TARGET_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_OSSL_TARGET_sk_type(sk), ossl_check_OSSL_TARGET_type(ptr), (idx))
#define sk_OSSL_TARGET_set(sk, idx, ptr) ((OSSL_TARGET *)OPENSSL_sk_set(ossl_check_OSSL_TARGET_sk_type(sk), (idx), ossl_check_OSSL_TARGET_type(ptr)))
#define sk_OSSL_TARGET_find(sk, ptr) OPENSSL_sk_find(ossl_check_OSSL_TARGET_sk_type(sk), ossl_check_OSSL_TARGET_type(ptr))
#define sk_OSSL_TARGET_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_OSSL_TARGET_sk_type(sk), ossl_check_OSSL_TARGET_type(ptr))
#define sk_OSSL_TARGET_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_OSSL_TARGET_sk_type(sk), ossl_check_OSSL_TARGET_type(ptr), pnum)
#define sk_OSSL_TARGET_sort(sk) OPENSSL_sk_sort(ossl_check_OSSL_TARGET_sk_type(sk))
#define sk_OSSL_TARGET_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_OSSL_TARGET_sk_type(sk))
#define sk_OSSL_TARGET_dup(sk) ((STACK_OF(OSSL_TARGET) *)OPENSSL_sk_dup(ossl_check_const_OSSL_TARGET_sk_type(sk)))
#define sk_OSSL_TARGET_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(OSSL_TARGET) *)OPENSSL_sk_deep_copy(ossl_check_const_OSSL_TARGET_sk_type(sk), ossl_check_OSSL_TARGET_copyfunc_type(copyfunc), ossl_check_OSSL_TARGET_freefunc_type(freefunc)))
#define sk_OSSL_TARGET_set_cmp_func(sk, cmp) ((sk_OSSL_TARGET_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_OSSL_TARGET_sk_type(sk), ossl_check_OSSL_TARGET_compfunc_type(cmp)))
SKM_DEFINE_STACK_OF_INTERNAL(OSSL_TARGETS, OSSL_TARGETS, OSSL_TARGETS)
#define sk_OSSL_TARGETS_num(sk) OPENSSL_sk_num(ossl_check_const_OSSL_TARGETS_sk_type(sk))
#define sk_OSSL_TARGETS_value(sk, idx) ((OSSL_TARGETS *)OPENSSL_sk_value(ossl_check_const_OSSL_TARGETS_sk_type(sk), (idx)))
#define sk_OSSL_TARGETS_new(cmp) ((STACK_OF(OSSL_TARGETS) *)OPENSSL_sk_new(ossl_check_OSSL_TARGETS_compfunc_type(cmp)))
#define sk_OSSL_TARGETS_new_null() ((STACK_OF(OSSL_TARGETS) *)OPENSSL_sk_new_null())
#define sk_OSSL_TARGETS_new_reserve(cmp, n) ((STACK_OF(OSSL_TARGETS) *)OPENSSL_sk_new_reserve(ossl_check_OSSL_TARGETS_compfunc_type(cmp), (n)))
#define sk_OSSL_TARGETS_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_OSSL_TARGETS_sk_type(sk), (n))
#define sk_OSSL_TARGETS_free(sk) OPENSSL_sk_free(ossl_check_OSSL_TARGETS_sk_type(sk))
#define sk_OSSL_TARGETS_zero(sk) OPENSSL_sk_zero(ossl_check_OSSL_TARGETS_sk_type(sk))
#define sk_OSSL_TARGETS_delete(sk, i) ((OSSL_TARGETS *)OPENSSL_sk_delete(ossl_check_OSSL_TARGETS_sk_type(sk), (i)))
#define sk_OSSL_TARGETS_delete_ptr(sk, ptr) ((OSSL_TARGETS *)OPENSSL_sk_delete_ptr(ossl_check_OSSL_TARGETS_sk_type(sk), ossl_check_OSSL_TARGETS_type(ptr)))
#define sk_OSSL_TARGETS_push(sk, ptr) OPENSSL_sk_push(ossl_check_OSSL_TARGETS_sk_type(sk), ossl_check_OSSL_TARGETS_type(ptr))
#define sk_OSSL_TARGETS_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_OSSL_TARGETS_sk_type(sk), ossl_check_OSSL_TARGETS_type(ptr))
#define sk_OSSL_TARGETS_pop(sk) ((OSSL_TARGETS *)OPENSSL_sk_pop(ossl_check_OSSL_TARGETS_sk_type(sk)))
#define sk_OSSL_TARGETS_shift(sk) ((OSSL_TARGETS *)OPENSSL_sk_shift(ossl_check_OSSL_TARGETS_sk_type(sk)))
#define sk_OSSL_TARGETS_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_OSSL_TARGETS_sk_type(sk),ossl_check_OSSL_TARGETS_freefunc_type(freefunc))
#define sk_OSSL_TARGETS_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_OSSL_TARGETS_sk_type(sk), ossl_check_OSSL_TARGETS_type(ptr), (idx))
#define sk_OSSL_TARGETS_set(sk, idx, ptr) ((OSSL_TARGETS *)OPENSSL_sk_set(ossl_check_OSSL_TARGETS_sk_type(sk), (idx), ossl_check_OSSL_TARGETS_type(ptr)))
#define sk_OSSL_TARGETS_find(sk, ptr) OPENSSL_sk_find(ossl_check_OSSL_TARGETS_sk_type(sk), ossl_check_OSSL_TARGETS_type(ptr))
#define sk_OSSL_TARGETS_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_OSSL_TARGETS_sk_type(sk), ossl_check_OSSL_TARGETS_type(ptr))
#define sk_OSSL_TARGETS_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_OSSL_TARGETS_sk_type(sk), ossl_check_OSSL_TARGETS_type(ptr), pnum)
#define sk_OSSL_TARGETS_sort(sk) OPENSSL_sk_sort(ossl_check_OSSL_TARGETS_sk_type(sk))
#define sk_OSSL_TARGETS_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_OSSL_TARGETS_sk_type(sk))
#define sk_OSSL_TARGETS_dup(sk) ((STACK_OF(OSSL_TARGETS) *)OPENSSL_sk_dup(ossl_check_const_OSSL_TARGETS_sk_type(sk)))
#define sk_OSSL_TARGETS_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(OSSL_TARGETS) *)OPENSSL_sk_deep_copy(ossl_check_const_OSSL_TARGETS_sk_type(sk), ossl_check_OSSL_TARGETS_copyfunc_type(copyfunc), ossl_check_OSSL_TARGETS_freefunc_type(freefunc)))
#define sk_OSSL_TARGETS_set_cmp_func(sk, cmp) ((sk_OSSL_TARGETS_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_OSSL_TARGETS_sk_type(sk), ossl_check_OSSL_TARGETS_compfunc_type(cmp)))
DECLARE_ASN1_FUNCTIONS(OSSL_TARGET)
DECLARE_ASN1_FUNCTIONS(OSSL_TARGETS)
DECLARE_ASN1_FUNCTIONS(OSSL_TARGETING_INFORMATION)
typedef STACK_OF(OSSL_ISSUER_SERIAL) OSSL_AUTHORITY_ATTRIBUTE_ID_SYNTAX;
DECLARE_ASN1_FUNCTIONS(OSSL_AUTHORITY_ATTRIBUTE_ID_SYNTAX)
SKM_DEFINE_STACK_OF_INTERNAL(OSSL_ISSUER_SERIAL, OSSL_ISSUER_SERIAL, OSSL_ISSUER_SERIAL)
#define sk_OSSL_ISSUER_SERIAL_num(sk) OPENSSL_sk_num(ossl_check_const_OSSL_ISSUER_SERIAL_sk_type(sk))
#define sk_OSSL_ISSUER_SERIAL_value(sk, idx) ((OSSL_ISSUER_SERIAL *)OPENSSL_sk_value(ossl_check_const_OSSL_ISSUER_SERIAL_sk_type(sk), (idx)))
#define sk_OSSL_ISSUER_SERIAL_new(cmp) ((STACK_OF(OSSL_ISSUER_SERIAL) *)OPENSSL_sk_new(ossl_check_OSSL_ISSUER_SERIAL_compfunc_type(cmp)))
#define sk_OSSL_ISSUER_SERIAL_new_null() ((STACK_OF(OSSL_ISSUER_SERIAL) *)OPENSSL_sk_new_null())
#define sk_OSSL_ISSUER_SERIAL_new_reserve(cmp, n) ((STACK_OF(OSSL_ISSUER_SERIAL) *)OPENSSL_sk_new_reserve(ossl_check_OSSL_ISSUER_SERIAL_compfunc_type(cmp), (n)))
#define sk_OSSL_ISSUER_SERIAL_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_OSSL_ISSUER_SERIAL_sk_type(sk), (n))
#define sk_OSSL_ISSUER_SERIAL_free(sk) OPENSSL_sk_free(ossl_check_OSSL_ISSUER_SERIAL_sk_type(sk))
#define sk_OSSL_ISSUER_SERIAL_zero(sk) OPENSSL_sk_zero(ossl_check_OSSL_ISSUER_SERIAL_sk_type(sk))
#define sk_OSSL_ISSUER_SERIAL_delete(sk, i) ((OSSL_ISSUER_SERIAL *)OPENSSL_sk_delete(ossl_check_OSSL_ISSUER_SERIAL_sk_type(sk), (i)))
#define sk_OSSL_ISSUER_SERIAL_delete_ptr(sk, ptr) ((OSSL_ISSUER_SERIAL *)OPENSSL_sk_delete_ptr(ossl_check_OSSL_ISSUER_SERIAL_sk_type(sk), ossl_check_OSSL_ISSUER_SERIAL_type(ptr)))
#define sk_OSSL_ISSUER_SERIAL_push(sk, ptr) OPENSSL_sk_push(ossl_check_OSSL_ISSUER_SERIAL_sk_type(sk), ossl_check_OSSL_ISSUER_SERIAL_type(ptr))
#define sk_OSSL_ISSUER_SERIAL_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_OSSL_ISSUER_SERIAL_sk_type(sk), ossl_check_OSSL_ISSUER_SERIAL_type(ptr))
#define sk_OSSL_ISSUER_SERIAL_pop(sk) ((OSSL_ISSUER_SERIAL *)OPENSSL_sk_pop(ossl_check_OSSL_ISSUER_SERIAL_sk_type(sk)))
#define sk_OSSL_ISSUER_SERIAL_shift(sk) ((OSSL_ISSUER_SERIAL *)OPENSSL_sk_shift(ossl_check_OSSL_ISSUER_SERIAL_sk_type(sk)))
#define sk_OSSL_ISSUER_SERIAL_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_OSSL_ISSUER_SERIAL_sk_type(sk),ossl_check_OSSL_ISSUER_SERIAL_freefunc_type(freefunc))
#define sk_OSSL_ISSUER_SERIAL_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_OSSL_ISSUER_SERIAL_sk_type(sk), ossl_check_OSSL_ISSUER_SERIAL_type(ptr), (idx))
#define sk_OSSL_ISSUER_SERIAL_set(sk, idx, ptr) ((OSSL_ISSUER_SERIAL *)OPENSSL_sk_set(ossl_check_OSSL_ISSUER_SERIAL_sk_type(sk), (idx), ossl_check_OSSL_ISSUER_SERIAL_type(ptr)))
#define sk_OSSL_ISSUER_SERIAL_find(sk, ptr) OPENSSL_sk_find(ossl_check_OSSL_ISSUER_SERIAL_sk_type(sk), ossl_check_OSSL_ISSUER_SERIAL_type(ptr))
#define sk_OSSL_ISSUER_SERIAL_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_OSSL_ISSUER_SERIAL_sk_type(sk), ossl_check_OSSL_ISSUER_SERIAL_type(ptr))
#define sk_OSSL_ISSUER_SERIAL_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_OSSL_ISSUER_SERIAL_sk_type(sk), ossl_check_OSSL_ISSUER_SERIAL_type(ptr), pnum)
#define sk_OSSL_ISSUER_SERIAL_sort(sk) OPENSSL_sk_sort(ossl_check_OSSL_ISSUER_SERIAL_sk_type(sk))
#define sk_OSSL_ISSUER_SERIAL_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_OSSL_ISSUER_SERIAL_sk_type(sk))
#define sk_OSSL_ISSUER_SERIAL_dup(sk) ((STACK_OF(OSSL_ISSUER_SERIAL) *)OPENSSL_sk_dup(ossl_check_const_OSSL_ISSUER_SERIAL_sk_type(sk)))
#define sk_OSSL_ISSUER_SERIAL_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(OSSL_ISSUER_SERIAL) *)OPENSSL_sk_deep_copy(ossl_check_const_OSSL_ISSUER_SERIAL_sk_type(sk), ossl_check_OSSL_ISSUER_SERIAL_copyfunc_type(copyfunc), ossl_check_OSSL_ISSUER_SERIAL_freefunc_type(freefunc)))
#define sk_OSSL_ISSUER_SERIAL_set_cmp_func(sk, cmp) ((sk_OSSL_ISSUER_SERIAL_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_OSSL_ISSUER_SERIAL_sk_type(sk), ossl_check_OSSL_ISSUER_SERIAL_compfunc_type(cmp)))
#endif

121
crypto/openssl/include/openssl/x509_vfy.h
View file

@ -2,7 +2,7 @@
* WARNING: do not edit!
* Generated by Makefile from include/openssl/x509_vfy.h.in
*
* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -411,6 +411,7 @@ X509_LOOKUP_ctrl_ex((x), X509_L_ADD_STORE, (name), 0, NULL, \
# define X509_V_ERR_CA_CERT_MISSING_KEY_USAGE 92
# define X509_V_ERR_EXTENSIONS_REQUIRE_VERSION_3 93
# define X509_V_ERR_EC_KEY_EXPLICIT_PARAMS 94
# define X509_V_ERR_RPK_UNTRUSTED 95
/* Certificate verify flags */
# ifndef OPENSSL_NO_DEPRECATED_1_1_0
@ -491,71 +492,72 @@ int X509_OBJECT_set1_X509(X509_OBJECT *a, X509 *obj);
X509_CRL *X509_OBJECT_get0_X509_CRL(const X509_OBJECT *a);
int X509_OBJECT_set1_X509_CRL(X509_OBJECT *a, X509_CRL *obj);
X509_STORE *X509_STORE_new(void);
void X509_STORE_free(X509_STORE *v);
int X509_STORE_lock(X509_STORE *ctx);
int X509_STORE_unlock(X509_STORE *ctx);
int X509_STORE_up_ref(X509_STORE *v);
STACK_OF(X509_OBJECT) *X509_STORE_get0_objects(const X509_STORE *v);
STACK_OF(X509) *X509_STORE_get1_all_certs(X509_STORE *st);
STACK_OF(X509) *X509_STORE_CTX_get1_certs(X509_STORE_CTX *st,
void X509_STORE_free(X509_STORE *xs);
int X509_STORE_lock(X509_STORE *xs);
int X509_STORE_unlock(X509_STORE *xs);
int X509_STORE_up_ref(X509_STORE *xs);
STACK_OF(X509_OBJECT) *X509_STORE_get0_objects(const X509_STORE *xs);
STACK_OF(X509_OBJECT) *X509_STORE_get1_objects(X509_STORE *xs);
STACK_OF(X509) *X509_STORE_get1_all_certs(X509_STORE *xs);
STACK_OF(X509) *X509_STORE_CTX_get1_certs(X509_STORE_CTX *xs,
const X509_NAME *nm);
STACK_OF(X509_CRL) *X509_STORE_CTX_get1_crls(const X509_STORE_CTX *st,
const X509_NAME *nm);
int X509_STORE_set_flags(X509_STORE *ctx, unsigned long flags);
int X509_STORE_set_purpose(X509_STORE *ctx, int purpose);
int X509_STORE_set_trust(X509_STORE *ctx, int trust);
int X509_STORE_set1_param(X509_STORE *ctx, const X509_VERIFY_PARAM *pm);
X509_VERIFY_PARAM *X509_STORE_get0_param(const X509_STORE *ctx);
int X509_STORE_set_flags(X509_STORE *xs, unsigned long flags);
int X509_STORE_set_purpose(X509_STORE *xs, int purpose);
int X509_STORE_set_trust(X509_STORE *xs, int trust);
int X509_STORE_set1_param(X509_STORE *xs, const X509_VERIFY_PARAM *pm);
X509_VERIFY_PARAM *X509_STORE_get0_param(const X509_STORE *xs);
void X509_STORE_set_verify(X509_STORE *ctx, X509_STORE_CTX_verify_fn verify);
void X509_STORE_set_verify(X509_STORE *xs, X509_STORE_CTX_verify_fn verify);
#define X509_STORE_set_verify_func(ctx, func) \
X509_STORE_set_verify((ctx),(func))
void X509_STORE_CTX_set_verify(X509_STORE_CTX *ctx,
X509_STORE_CTX_verify_fn verify);
X509_STORE_CTX_verify_fn X509_STORE_get_verify(const X509_STORE *ctx);
void X509_STORE_set_verify_cb(X509_STORE *ctx,
X509_STORE_CTX_verify_fn X509_STORE_get_verify(const X509_STORE *xs);
void X509_STORE_set_verify_cb(X509_STORE *xs,
X509_STORE_CTX_verify_cb verify_cb);
# define X509_STORE_set_verify_cb_func(ctx,func) \
X509_STORE_set_verify_cb((ctx),(func))
X509_STORE_CTX_verify_cb X509_STORE_get_verify_cb(const X509_STORE *ctx);
void X509_STORE_set_get_issuer(X509_STORE *ctx,
X509_STORE_CTX_verify_cb X509_STORE_get_verify_cb(const X509_STORE *xs);
void X509_STORE_set_get_issuer(X509_STORE *xs,
X509_STORE_CTX_get_issuer_fn get_issuer);
X509_STORE_CTX_get_issuer_fn X509_STORE_get_get_issuer(const X509_STORE *ctx);
void X509_STORE_set_check_issued(X509_STORE *ctx,
X509_STORE_CTX_get_issuer_fn X509_STORE_get_get_issuer(const X509_STORE *xs);
void X509_STORE_set_check_issued(X509_STORE *xs,
X509_STORE_CTX_check_issued_fn check_issued);
X509_STORE_CTX_check_issued_fn X509_STORE_get_check_issued(const X509_STORE *ctx);
void X509_STORE_set_check_revocation(X509_STORE *ctx,
X509_STORE_CTX_check_issued_fn X509_STORE_get_check_issued(const X509_STORE *s);
void X509_STORE_set_check_revocation(X509_STORE *xs,
X509_STORE_CTX_check_revocation_fn check_revocation);
X509_STORE_CTX_check_revocation_fn
X509_STORE_get_check_revocation(const X509_STORE *ctx);
void X509_STORE_set_get_crl(X509_STORE *ctx,
X509_STORE_get_check_revocation(const X509_STORE *xs);
void X509_STORE_set_get_crl(X509_STORE *xs,
X509_STORE_CTX_get_crl_fn get_crl);
X509_STORE_CTX_get_crl_fn X509_STORE_get_get_crl(const X509_STORE *ctx);
void X509_STORE_set_check_crl(X509_STORE *ctx,
X509_STORE_CTX_get_crl_fn X509_STORE_get_get_crl(const X509_STORE *xs);
void X509_STORE_set_check_crl(X509_STORE *xs,
X509_STORE_CTX_check_crl_fn check_crl);
X509_STORE_CTX_check_crl_fn X509_STORE_get_check_crl(const X509_STORE *ctx);
void X509_STORE_set_cert_crl(X509_STORE *ctx,
X509_STORE_CTX_check_crl_fn X509_STORE_get_check_crl(const X509_STORE *xs);
void X509_STORE_set_cert_crl(X509_STORE *xs,
X509_STORE_CTX_cert_crl_fn cert_crl);
X509_STORE_CTX_cert_crl_fn X509_STORE_get_cert_crl(const X509_STORE *ctx);
void X509_STORE_set_check_policy(X509_STORE *ctx,
X509_STORE_CTX_cert_crl_fn X509_STORE_get_cert_crl(const X509_STORE *xs);
void X509_STORE_set_check_policy(X509_STORE *xs,
X509_STORE_CTX_check_policy_fn check_policy);
X509_STORE_CTX_check_policy_fn X509_STORE_get_check_policy(const X509_STORE *ctx);
void X509_STORE_set_lookup_certs(X509_STORE *ctx,
X509_STORE_CTX_check_policy_fn X509_STORE_get_check_policy(const X509_STORE *s);
void X509_STORE_set_lookup_certs(X509_STORE *xs,
X509_STORE_CTX_lookup_certs_fn lookup_certs);
X509_STORE_CTX_lookup_certs_fn X509_STORE_get_lookup_certs(const X509_STORE *ctx);
void X509_STORE_set_lookup_crls(X509_STORE *ctx,
X509_STORE_CTX_lookup_certs_fn X509_STORE_get_lookup_certs(const X509_STORE *s);
void X509_STORE_set_lookup_crls(X509_STORE *xs,
X509_STORE_CTX_lookup_crls_fn lookup_crls);
#define X509_STORE_set_lookup_crls_cb(ctx, func) \
X509_STORE_set_lookup_crls((ctx), (func))
X509_STORE_CTX_lookup_crls_fn X509_STORE_get_lookup_crls(const X509_STORE *ctx);
void X509_STORE_set_cleanup(X509_STORE *ctx,
X509_STORE_CTX_lookup_crls_fn X509_STORE_get_lookup_crls(const X509_STORE *xs);
void X509_STORE_set_cleanup(X509_STORE *xs,
X509_STORE_CTX_cleanup_fn cleanup);
X509_STORE_CTX_cleanup_fn X509_STORE_get_cleanup(const X509_STORE *ctx);
X509_STORE_CTX_cleanup_fn X509_STORE_get_cleanup(const X509_STORE *xs);
#define X509_STORE_get_ex_new_index(l, p, newf, dupf, freef) \
CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_X509_STORE, l, p, newf, dupf, freef)
int X509_STORE_set_ex_data(X509_STORE *ctx, int idx, void *data);
void *X509_STORE_get_ex_data(const X509_STORE *ctx, int idx);
int X509_STORE_set_ex_data(X509_STORE *xs, int idx, void *data);
void *X509_STORE_get_ex_data(const X509_STORE *xs, int idx);
X509_STORE_CTX *X509_STORE_CTX_new_ex(OSSL_LIB_CTX *libctx, const char *propq);
X509_STORE_CTX *X509_STORE_CTX_new(void);
@ -565,11 +567,14 @@ int X509_STORE_CTX_get1_issuer(X509 **issuer, X509_STORE_CTX *ctx, X509 *x);
void X509_STORE_CTX_free(X509_STORE_CTX *ctx);
int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *trust_store,
X509 *target, STACK_OF(X509) *untrusted);
int X509_STORE_CTX_init_rpk(X509_STORE_CTX *ctx, X509_STORE *trust_store,
EVP_PKEY* rpk);
void X509_STORE_CTX_set0_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk);
void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx);
X509_STORE *X509_STORE_CTX_get0_store(const X509_STORE_CTX *ctx);
X509 *X509_STORE_CTX_get0_cert(const X509_STORE_CTX *ctx);
EVP_PKEY *X509_STORE_CTX_get0_rpk(const X509_STORE_CTX *ctx);
STACK_OF(X509)* X509_STORE_CTX_get0_untrusted(const X509_STORE_CTX *ctx);
void X509_STORE_CTX_set0_untrusted(X509_STORE_CTX *ctx, STACK_OF(X509) *sk);
void X509_STORE_CTX_set_verify_cb(X509_STORE_CTX *ctx,
@ -579,6 +584,8 @@ X509_STORE_CTX_verify_fn X509_STORE_CTX_get_verify(const X509_STORE_CTX *ctx);
X509_STORE_CTX_get_issuer_fn X509_STORE_CTX_get_get_issuer(const X509_STORE_CTX *ctx);
X509_STORE_CTX_check_issued_fn X509_STORE_CTX_get_check_issued(const X509_STORE_CTX *ctx);
X509_STORE_CTX_check_revocation_fn X509_STORE_CTX_get_check_revocation(const X509_STORE_CTX *ctx);
void X509_STORE_CTX_set_get_crl(X509_STORE_CTX *ctx,
X509_STORE_CTX_get_crl_fn get_crl);
X509_STORE_CTX_get_crl_fn X509_STORE_CTX_get_get_crl(const X509_STORE_CTX *ctx);
X509_STORE_CTX_check_crl_fn X509_STORE_CTX_get_check_crl(const X509_STORE_CTX *ctx);
X509_STORE_CTX_cert_crl_fn X509_STORE_CTX_get_cert_crl(const X509_STORE_CTX *ctx);
@ -600,7 +607,7 @@ X509_STORE_CTX_cleanup_fn X509_STORE_CTX_get_cleanup(const X509_STORE_CTX *ctx);
# define X509_STORE_get1_crl X509_STORE_CTX_get1_crls
#endif
X509_LOOKUP *X509_STORE_add_lookup(X509_STORE *v, X509_LOOKUP_METHOD *m);
X509_LOOKUP *X509_STORE_add_lookup(X509_STORE *xs, X509_LOOKUP_METHOD *m);
X509_LOOKUP_METHOD *X509_LOOKUP_hash_dir(void);
X509_LOOKUP_METHOD *X509_LOOKUP_file(void);
X509_LOOKUP_METHOD *X509_LOOKUP_store(void);
@ -685,8 +692,8 @@ X509_LOOKUP_get_by_alias_fn X509_LOOKUP_meth_get_get_by_alias(
const X509_LOOKUP_METHOD *method);
int X509_STORE_add_cert(X509_STORE *ctx, X509 *x);
int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x);
int X509_STORE_add_cert(X509_STORE *xs, X509 *x);
int X509_STORE_add_crl(X509_STORE *xs, X509_CRL *x);
int X509_STORE_CTX_get_by_subject(const X509_STORE_CTX *vs,
X509_LOOKUP_TYPE type,
@ -730,23 +737,21 @@ void *X509_LOOKUP_get_method_data(const X509_LOOKUP *ctx);
X509_STORE *X509_LOOKUP_get_store(const X509_LOOKUP *ctx);
int X509_LOOKUP_shutdown(X509_LOOKUP *ctx);
int X509_STORE_load_file(X509_STORE *ctx, const char *file);
int X509_STORE_load_path(X509_STORE *ctx, const char *path);
int X509_STORE_load_store(X509_STORE *ctx, const char *store);
int X509_STORE_load_locations(X509_STORE *ctx,
const char *file,
const char *dir);
int X509_STORE_set_default_paths(X509_STORE *ctx);
int X509_STORE_load_file(X509_STORE *xs, const char *file);
int X509_STORE_load_path(X509_STORE *xs, const char *path);
int X509_STORE_load_store(X509_STORE *xs, const char *store);
int X509_STORE_load_locations(X509_STORE *s, const char *file, const char *dir);
int X509_STORE_set_default_paths(X509_STORE *xs);
int X509_STORE_load_file_ex(X509_STORE *ctx, const char *file,
int X509_STORE_load_file_ex(X509_STORE *xs, const char *file,
OSSL_LIB_CTX *libctx, const char *propq);
int X509_STORE_load_store_ex(X509_STORE *ctx, const char *store,
int X509_STORE_load_store_ex(X509_STORE *xs, const char *store,
OSSL_LIB_CTX *libctx, const char *propq);
int X509_STORE_load_locations_ex(X509_STORE *ctx, const char *file,
const char *dir, OSSL_LIB_CTX *libctx,
const char *propq);
int X509_STORE_set_default_paths_ex(X509_STORE *ctx, OSSL_LIB_CTX *libctx,
const char *propq);
int X509_STORE_load_locations_ex(X509_STORE *xs,
const char *file, const char *dir,
OSSL_LIB_CTX *libctx, const char *propq);
int X509_STORE_set_default_paths_ex(X509_STORE *xs,
OSSL_LIB_CTX *libctx, const char *propq);
#define X509_STORE_CTX_get_ex_new_index(l, p, newf, dupf, freef) \
CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_X509_STORE_CTX, l, p, newf, dupf, freef)
@ -764,6 +769,7 @@ X509_STORE_CTX *X509_STORE_CTX_get0_parent_ctx(const X509_STORE_CTX *ctx);
STACK_OF(X509) *X509_STORE_CTX_get0_chain(const X509_STORE_CTX *ctx);
STACK_OF(X509) *X509_STORE_CTX_get1_chain(const X509_STORE_CTX *ctx);
void X509_STORE_CTX_set_cert(X509_STORE_CTX *ctx, X509 *target);
void X509_STORE_CTX_set0_rpk(X509_STORE_CTX *ctx, EVP_PKEY *target);
void X509_STORE_CTX_set0_verified_chain(X509_STORE_CTX *c, STACK_OF(X509) *sk);
void X509_STORE_CTX_set0_crls(X509_STORE_CTX *ctx, STACK_OF(X509_CRL) *sk);
int X509_STORE_CTX_set_purpose(X509_STORE_CTX *ctx, int purpose);
@ -773,6 +779,8 @@ int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose,
void X509_STORE_CTX_set_flags(X509_STORE_CTX *ctx, unsigned long flags);
void X509_STORE_CTX_set_time(X509_STORE_CTX *ctx, unsigned long flags,
time_t t);
void X509_STORE_CTX_set_current_reasons(X509_STORE_CTX *ctx,
unsigned int current_reasons);
X509_POLICY_TREE *X509_STORE_CTX_get0_policy_tree(const X509_STORE_CTX *ctx);
int X509_STORE_CTX_get_explicit_policy(const X509_STORE_CTX *ctx);
@ -804,6 +812,7 @@ int X509_VERIFY_PARAM_clear_flags(X509_VERIFY_PARAM *param,
unsigned long flags);
unsigned long X509_VERIFY_PARAM_get_flags(const X509_VERIFY_PARAM *param);
int X509_VERIFY_PARAM_set_purpose(X509_VERIFY_PARAM *param, int purpose);
int X509_VERIFY_PARAM_get_purpose(const X509_VERIFY_PARAM *param);
int X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *param, int trust);
void X509_VERIFY_PARAM_set_depth(X509_VERIFY_PARAM *param, int depth);
void X509_VERIFY_PARAM_set_auth_level(X509_VERIFY_PARAM *param, int auth_level);

550
crypto/openssl/include/openssl/x509v3.h
View file

@ -2,7 +2,7 @@
* WARNING: do not edit!
* Generated by Makefile from include/openssl/x509v3.h.in
*
* Copyright 1999-2023 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1999-2025 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -25,6 +25,9 @@
# include <openssl/x509.h>
# include <openssl/conf.h>
# include <openssl/x509v3err.h>
# ifndef OPENSSL_NO_STDIO
# include <stdio.h>
# endif
#ifdef __cplusplus
extern "C" {
@ -146,6 +149,11 @@ typedef struct BASIC_CONSTRAINTS_st {
ASN1_INTEGER *pathlen;
} BASIC_CONSTRAINTS;
typedef struct OSSL_BASIC_ATTR_CONSTRAINTS_st {
int authority;
ASN1_INTEGER *pathlen;
} OSSL_BASIC_ATTR_CONSTRAINTS;
typedef struct PKEY_USAGE_PERIOD_st {
ASN1_GENERALIZEDTIME *notBefore;
ASN1_GENERALIZEDTIME *notAfter;
@ -198,6 +206,8 @@ typedef struct ACCESS_DESCRIPTION_st {
GENERAL_NAME *location;
} ACCESS_DESCRIPTION;
int GENERAL_NAME_set1_X509_NAME(GENERAL_NAME **tgt, const X509_NAME *src);
SKM_DEFINE_STACK_OF_INTERNAL(ACCESS_DESCRIPTION, ACCESS_DESCRIPTION, ACCESS_DESCRIPTION)
#define sk_ACCESS_DESCRIPTION_num(sk) OPENSSL_sk_num(ossl_check_const_ACCESS_DESCRIPTION_sk_type(sk))
#define sk_ACCESS_DESCRIPTION_value(sk, idx) ((ACCESS_DESCRIPTION *)OPENSSL_sk_value(ossl_check_const_ACCESS_DESCRIPTION_sk_type(sk), (idx)))
@ -294,6 +304,7 @@ typedef struct DIST_POINT_NAME_st {
/* If relativename then this contains the full distribution point name */
X509_NAME *dpname;
} DIST_POINT_NAME;
DECLARE_ASN1_DUP_FUNCTION(DIST_POINT_NAME)
/* All existing reasons */
# define CRLDP_ALL_REASONS 0x807f
@ -659,15 +670,16 @@ struct ISSUING_DIST_POINT_st {
# define EXFLAG_SAN_CRITICAL 0x80000
# define EXFLAG_NO_FINGERPRINT 0x100000
# define KU_DIGITAL_SIGNATURE 0x0080
# define KU_NON_REPUDIATION 0x0040
# define KU_KEY_ENCIPHERMENT 0x0020
# define KU_DATA_ENCIPHERMENT 0x0010
# define KU_KEY_AGREEMENT 0x0008
# define KU_KEY_CERT_SIGN 0x0004
# define KU_CRL_SIGN 0x0002
# define KU_ENCIPHER_ONLY 0x0001
# define KU_DECIPHER_ONLY 0x8000
/* https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.3 */
# define KU_DIGITAL_SIGNATURE X509v3_KU_DIGITAL_SIGNATURE
# define KU_NON_REPUDIATION X509v3_KU_NON_REPUDIATION
# define KU_KEY_ENCIPHERMENT X509v3_KU_KEY_ENCIPHERMENT
# define KU_DATA_ENCIPHERMENT X509v3_KU_DATA_ENCIPHERMENT
# define KU_KEY_AGREEMENT X509v3_KU_KEY_AGREEMENT
# define KU_KEY_CERT_SIGN X509v3_KU_KEY_CERT_SIGN
# define KU_CRL_SIGN X509v3_KU_CRL_SIGN
# define KU_ENCIPHER_ONLY X509v3_KU_ENCIPHER_ONLY
# define KU_DECIPHER_ONLY X509v3_KU_DECIPHER_ONLY
# define NS_SSL_CLIENT 0x80
# define NS_SSL_SERVER 0x40
@ -729,7 +741,7 @@ SKM_DEFINE_STACK_OF_INTERNAL(X509_PURPOSE, X509_PURPOSE, X509_PURPOSE)
#define sk_X509_PURPOSE_set_cmp_func(sk, cmp) ((sk_X509_PURPOSE_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_X509_PURPOSE_sk_type(sk), ossl_check_X509_PURPOSE_compfunc_type(cmp)))
# define X509_PURPOSE_DEFAULT_ANY 0
# define X509_PURPOSE_SSL_CLIENT 1
# define X509_PURPOSE_SSL_SERVER 2
# define X509_PURPOSE_NS_SSL_SERVER 3
@ -739,9 +751,10 @@ SKM_DEFINE_STACK_OF_INTERNAL(X509_PURPOSE, X509_PURPOSE, X509_PURPOSE)
# define X509_PURPOSE_ANY 7
# define X509_PURPOSE_OCSP_HELPER 8
# define X509_PURPOSE_TIMESTAMP_SIGN 9
# define X509_PURPOSE_CODE_SIGN 10
# define X509_PURPOSE_MIN 1
# define X509_PURPOSE_MAX 9
# define X509_PURPOSE_MAX 10
/* Flags for X509V3_EXT_print() */
@ -767,6 +780,7 @@ SKM_DEFINE_STACK_OF_INTERNAL(X509_PURPOSE, X509_PURPOSE, X509_PURPOSE)
# define X509V3_ADD_SILENT 0x10
DECLARE_ASN1_FUNCTIONS(BASIC_CONSTRAINTS)
DECLARE_ASN1_FUNCTIONS(OSSL_BASIC_ATTR_CONSTRAINTS)
DECLARE_ASN1_FUNCTIONS(SXNET)
DECLARE_ASN1_FUNCTIONS(SXNETID)
@ -976,7 +990,6 @@ int X509V3_extensions_print(BIO *out, const char *title,
int X509_check_ca(X509 *x);
int X509_check_purpose(X509 *x, int id, int ca);
int X509_supported_extension(X509_EXTENSION *ex);
int X509_PURPOSE_set(int *p, int purpose);
int X509_check_issued(X509 *issuer, X509 *subject);
int X509_check_akid(const X509 *issuer, const AUTHORITY_KEYID *akid);
void X509_set_proxy_flag(X509 *x);
@ -992,22 +1005,26 @@ const GENERAL_NAMES *X509_get0_authority_issuer(X509 *x);
const ASN1_INTEGER *X509_get0_authority_serial(X509 *x);
int X509_PURPOSE_get_count(void);
X509_PURPOSE *X509_PURPOSE_get0(int idx);
int X509_PURPOSE_get_unused_id(OSSL_LIB_CTX *libctx);
int X509_PURPOSE_get_by_sname(const char *sname);
int X509_PURPOSE_get_by_id(int id);
int X509_PURPOSE_add(int id, int trust, int flags,
int (*ck) (const X509_PURPOSE *, const X509 *, int),
const char *name, const char *sname, void *arg);
void X509_PURPOSE_cleanup(void);
X509_PURPOSE *X509_PURPOSE_get0(int idx);
int X509_PURPOSE_get_id(const X509_PURPOSE *);
char *X509_PURPOSE_get0_name(const X509_PURPOSE *xp);
char *X509_PURPOSE_get0_sname(const X509_PURPOSE *xp);
int X509_PURPOSE_get_trust(const X509_PURPOSE *xp);
void X509_PURPOSE_cleanup(void);
int X509_PURPOSE_get_id(const X509_PURPOSE *);
int X509_PURPOSE_set(int *p, int purpose);
STACK_OF(OPENSSL_STRING) *X509_get1_email(X509 *x);
STACK_OF(OPENSSL_STRING) *X509_REQ_get1_email(X509_REQ *x);
void X509_email_free(STACK_OF(OPENSSL_STRING) *sk);
STACK_OF(OPENSSL_STRING) *X509_get1_ocsp(X509 *x);
/* Flags for X509_check_* functions */
/*
@ -1444,6 +1461,507 @@ const ASN1_PRINTABLESTRING *PROFESSION_INFO_get0_registrationNumber(
void PROFESSION_INFO_set0_registrationNumber(
PROFESSION_INFO *pi, ASN1_PRINTABLESTRING *rn);
int OSSL_GENERAL_NAMES_print(BIO *out, GENERAL_NAMES *gens, int indent);
typedef STACK_OF(X509_ATTRIBUTE) OSSL_ATTRIBUTES_SYNTAX;
DECLARE_ASN1_FUNCTIONS(OSSL_ATTRIBUTES_SYNTAX)
typedef STACK_OF(USERNOTICE) OSSL_USER_NOTICE_SYNTAX;
DECLARE_ASN1_FUNCTIONS(OSSL_USER_NOTICE_SYNTAX)
SKM_DEFINE_STACK_OF_INTERNAL(USERNOTICE, USERNOTICE, USERNOTICE)
#define sk_USERNOTICE_num(sk) OPENSSL_sk_num(ossl_check_const_USERNOTICE_sk_type(sk))
#define sk_USERNOTICE_value(sk, idx) ((USERNOTICE *)OPENSSL_sk_value(ossl_check_const_USERNOTICE_sk_type(sk), (idx)))
#define sk_USERNOTICE_new(cmp) ((STACK_OF(USERNOTICE) *)OPENSSL_sk_new(ossl_check_USERNOTICE_compfunc_type(cmp)))
#define sk_USERNOTICE_new_null() ((STACK_OF(USERNOTICE) *)OPENSSL_sk_new_null())
#define sk_USERNOTICE_new_reserve(cmp, n) ((STACK_OF(USERNOTICE) *)OPENSSL_sk_new_reserve(ossl_check_USERNOTICE_compfunc_type(cmp), (n)))
#define sk_USERNOTICE_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_USERNOTICE_sk_type(sk), (n))
#define sk_USERNOTICE_free(sk) OPENSSL_sk_free(ossl_check_USERNOTICE_sk_type(sk))
#define sk_USERNOTICE_zero(sk) OPENSSL_sk_zero(ossl_check_USERNOTICE_sk_type(sk))
#define sk_USERNOTICE_delete(sk, i) ((USERNOTICE *)OPENSSL_sk_delete(ossl_check_USERNOTICE_sk_type(sk), (i)))
#define sk_USERNOTICE_delete_ptr(sk, ptr) ((USERNOTICE *)OPENSSL_sk_delete_ptr(ossl_check_USERNOTICE_sk_type(sk), ossl_check_USERNOTICE_type(ptr)))
#define sk_USERNOTICE_push(sk, ptr) OPENSSL_sk_push(ossl_check_USERNOTICE_sk_type(sk), ossl_check_USERNOTICE_type(ptr))
#define sk_USERNOTICE_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_USERNOTICE_sk_type(sk), ossl_check_USERNOTICE_type(ptr))
#define sk_USERNOTICE_pop(sk) ((USERNOTICE *)OPENSSL_sk_pop(ossl_check_USERNOTICE_sk_type(sk)))
#define sk_USERNOTICE_shift(sk) ((USERNOTICE *)OPENSSL_sk_shift(ossl_check_USERNOTICE_sk_type(sk)))
#define sk_USERNOTICE_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_USERNOTICE_sk_type(sk),ossl_check_USERNOTICE_freefunc_type(freefunc))
#define sk_USERNOTICE_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_USERNOTICE_sk_type(sk), ossl_check_USERNOTICE_type(ptr), (idx))
#define sk_USERNOTICE_set(sk, idx, ptr) ((USERNOTICE *)OPENSSL_sk_set(ossl_check_USERNOTICE_sk_type(sk), (idx), ossl_check_USERNOTICE_type(ptr)))
#define sk_USERNOTICE_find(sk, ptr) OPENSSL_sk_find(ossl_check_USERNOTICE_sk_type(sk), ossl_check_USERNOTICE_type(ptr))
#define sk_USERNOTICE_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_USERNOTICE_sk_type(sk), ossl_check_USERNOTICE_type(ptr))
#define sk_USERNOTICE_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_USERNOTICE_sk_type(sk), ossl_check_USERNOTICE_type(ptr), pnum)
#define sk_USERNOTICE_sort(sk) OPENSSL_sk_sort(ossl_check_USERNOTICE_sk_type(sk))
#define sk_USERNOTICE_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_USERNOTICE_sk_type(sk))
#define sk_USERNOTICE_dup(sk) ((STACK_OF(USERNOTICE) *)OPENSSL_sk_dup(ossl_check_const_USERNOTICE_sk_type(sk)))
#define sk_USERNOTICE_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(USERNOTICE) *)OPENSSL_sk_deep_copy(ossl_check_const_USERNOTICE_sk_type(sk), ossl_check_USERNOTICE_copyfunc_type(copyfunc), ossl_check_USERNOTICE_freefunc_type(freefunc)))
#define sk_USERNOTICE_set_cmp_func(sk, cmp) ((sk_USERNOTICE_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_USERNOTICE_sk_type(sk), ossl_check_USERNOTICE_compfunc_type(cmp)))
typedef struct OSSL_ROLE_SPEC_CERT_ID_st {
GENERAL_NAME *roleName;
GENERAL_NAME *roleCertIssuer;
ASN1_INTEGER *roleCertSerialNumber;
GENERAL_NAMES *roleCertLocator;
} OSSL_ROLE_SPEC_CERT_ID;
DECLARE_ASN1_FUNCTIONS(OSSL_ROLE_SPEC_CERT_ID)
SKM_DEFINE_STACK_OF_INTERNAL(OSSL_ROLE_SPEC_CERT_ID, OSSL_ROLE_SPEC_CERT_ID, OSSL_ROLE_SPEC_CERT_ID)
#define sk_OSSL_ROLE_SPEC_CERT_ID_num(sk) OPENSSL_sk_num(ossl_check_const_OSSL_ROLE_SPEC_CERT_ID_sk_type(sk))
#define sk_OSSL_ROLE_SPEC_CERT_ID_value(sk, idx) ((OSSL_ROLE_SPEC_CERT_ID *)OPENSSL_sk_value(ossl_check_const_OSSL_ROLE_SPEC_CERT_ID_sk_type(sk), (idx)))
#define sk_OSSL_ROLE_SPEC_CERT_ID_new(cmp) ((STACK_OF(OSSL_ROLE_SPEC_CERT_ID) *)OPENSSL_sk_new(ossl_check_OSSL_ROLE_SPEC_CERT_ID_compfunc_type(cmp)))
#define sk_OSSL_ROLE_SPEC_CERT_ID_new_null() ((STACK_OF(OSSL_ROLE_SPEC_CERT_ID) *)OPENSSL_sk_new_null())
#define sk_OSSL_ROLE_SPEC_CERT_ID_new_reserve(cmp, n) ((STACK_OF(OSSL_ROLE_SPEC_CERT_ID) *)OPENSSL_sk_new_reserve(ossl_check_OSSL_ROLE_SPEC_CERT_ID_compfunc_type(cmp), (n)))
#define sk_OSSL_ROLE_SPEC_CERT_ID_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_OSSL_ROLE_SPEC_CERT_ID_sk_type(sk), (n))
#define sk_OSSL_ROLE_SPEC_CERT_ID_free(sk) OPENSSL_sk_free(ossl_check_OSSL_ROLE_SPEC_CERT_ID_sk_type(sk))
#define sk_OSSL_ROLE_SPEC_CERT_ID_zero(sk) OPENSSL_sk_zero(ossl_check_OSSL_ROLE_SPEC_CERT_ID_sk_type(sk))
#define sk_OSSL_ROLE_SPEC_CERT_ID_delete(sk, i) ((OSSL_ROLE_SPEC_CERT_ID *)OPENSSL_sk_delete(ossl_check_OSSL_ROLE_SPEC_CERT_ID_sk_type(sk), (i)))
#define sk_OSSL_ROLE_SPEC_CERT_ID_delete_ptr(sk, ptr) ((OSSL_ROLE_SPEC_CERT_ID *)OPENSSL_sk_delete_ptr(ossl_check_OSSL_ROLE_SPEC_CERT_ID_sk_type(sk), ossl_check_OSSL_ROLE_SPEC_CERT_ID_type(ptr)))
#define sk_OSSL_ROLE_SPEC_CERT_ID_push(sk, ptr) OPENSSL_sk_push(ossl_check_OSSL_ROLE_SPEC_CERT_ID_sk_type(sk), ossl_check_OSSL_ROLE_SPEC_CERT_ID_type(ptr))
#define sk_OSSL_ROLE_SPEC_CERT_ID_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_OSSL_ROLE_SPEC_CERT_ID_sk_type(sk), ossl_check_OSSL_ROLE_SPEC_CERT_ID_type(ptr))
#define sk_OSSL_ROLE_SPEC_CERT_ID_pop(sk) ((OSSL_ROLE_SPEC_CERT_ID *)OPENSSL_sk_pop(ossl_check_OSSL_ROLE_SPEC_CERT_ID_sk_type(sk)))
#define sk_OSSL_ROLE_SPEC_CERT_ID_shift(sk) ((OSSL_ROLE_SPEC_CERT_ID *)OPENSSL_sk_shift(ossl_check_OSSL_ROLE_SPEC_CERT_ID_sk_type(sk)))
#define sk_OSSL_ROLE_SPEC_CERT_ID_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_OSSL_ROLE_SPEC_CERT_ID_sk_type(sk),ossl_check_OSSL_ROLE_SPEC_CERT_ID_freefunc_type(freefunc))
#define sk_OSSL_ROLE_SPEC_CERT_ID_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_OSSL_ROLE_SPEC_CERT_ID_sk_type(sk), ossl_check_OSSL_ROLE_SPEC_CERT_ID_type(ptr), (idx))
#define sk_OSSL_ROLE_SPEC_CERT_ID_set(sk, idx, ptr) ((OSSL_ROLE_SPEC_CERT_ID *)OPENSSL_sk_set(ossl_check_OSSL_ROLE_SPEC_CERT_ID_sk_type(sk), (idx), ossl_check_OSSL_ROLE_SPEC_CERT_ID_type(ptr)))
#define sk_OSSL_ROLE_SPEC_CERT_ID_find(sk, ptr) OPENSSL_sk_find(ossl_check_OSSL_ROLE_SPEC_CERT_ID_sk_type(sk), ossl_check_OSSL_ROLE_SPEC_CERT_ID_type(ptr))
#define sk_OSSL_ROLE_SPEC_CERT_ID_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_OSSL_ROLE_SPEC_CERT_ID_sk_type(sk), ossl_check_OSSL_ROLE_SPEC_CERT_ID_type(ptr))
#define sk_OSSL_ROLE_SPEC_CERT_ID_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_OSSL_ROLE_SPEC_CERT_ID_sk_type(sk), ossl_check_OSSL_ROLE_SPEC_CERT_ID_type(ptr), pnum)
#define sk_OSSL_ROLE_SPEC_CERT_ID_sort(sk) OPENSSL_sk_sort(ossl_check_OSSL_ROLE_SPEC_CERT_ID_sk_type(sk))
#define sk_OSSL_ROLE_SPEC_CERT_ID_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_OSSL_ROLE_SPEC_CERT_ID_sk_type(sk))
#define sk_OSSL_ROLE_SPEC_CERT_ID_dup(sk) ((STACK_OF(OSSL_ROLE_SPEC_CERT_ID) *)OPENSSL_sk_dup(ossl_check_const_OSSL_ROLE_SPEC_CERT_ID_sk_type(sk)))
#define sk_OSSL_ROLE_SPEC_CERT_ID_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(OSSL_ROLE_SPEC_CERT_ID) *)OPENSSL_sk_deep_copy(ossl_check_const_OSSL_ROLE_SPEC_CERT_ID_sk_type(sk), ossl_check_OSSL_ROLE_SPEC_CERT_ID_copyfunc_type(copyfunc), ossl_check_OSSL_ROLE_SPEC_CERT_ID_freefunc_type(freefunc)))
#define sk_OSSL_ROLE_SPEC_CERT_ID_set_cmp_func(sk, cmp) ((sk_OSSL_ROLE_SPEC_CERT_ID_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_OSSL_ROLE_SPEC_CERT_ID_sk_type(sk), ossl_check_OSSL_ROLE_SPEC_CERT_ID_compfunc_type(cmp)))
typedef STACK_OF(OSSL_ROLE_SPEC_CERT_ID) OSSL_ROLE_SPEC_CERT_ID_SYNTAX;
DECLARE_ASN1_FUNCTIONS(OSSL_ROLE_SPEC_CERT_ID_SYNTAX)
typedef struct OSSL_HASH_st {
X509_ALGOR *algorithmIdentifier;
ASN1_BIT_STRING *hashValue;
} OSSL_HASH;
typedef struct OSSL_INFO_SYNTAX_POINTER_st {
GENERAL_NAMES *name;
OSSL_HASH *hash;
} OSSL_INFO_SYNTAX_POINTER;
# define OSSL_INFO_SYNTAX_TYPE_CONTENT 0
# define OSSL_INFO_SYNTAX_TYPE_POINTER 1
typedef struct OSSL_INFO_SYNTAX_st {
int type;
union {
ASN1_STRING *content;
OSSL_INFO_SYNTAX_POINTER *pointer;
} choice;
} OSSL_INFO_SYNTAX;
typedef struct OSSL_PRIVILEGE_POLICY_ID_st {
ASN1_OBJECT *privilegePolicy;
OSSL_INFO_SYNTAX *privPolSyntax;
} OSSL_PRIVILEGE_POLICY_ID;
typedef struct OSSL_ATTRIBUTE_DESCRIPTOR_st {
ASN1_OBJECT *identifier;
ASN1_STRING *attributeSyntax;
ASN1_UTF8STRING *name;
ASN1_UTF8STRING *description;
OSSL_PRIVILEGE_POLICY_ID *dominationRule;
} OSSL_ATTRIBUTE_DESCRIPTOR;
DECLARE_ASN1_FUNCTIONS(OSSL_HASH)
DECLARE_ASN1_FUNCTIONS(OSSL_INFO_SYNTAX)
DECLARE_ASN1_FUNCTIONS(OSSL_INFO_SYNTAX_POINTER)
DECLARE_ASN1_FUNCTIONS(OSSL_PRIVILEGE_POLICY_ID)
DECLARE_ASN1_FUNCTIONS(OSSL_ATTRIBUTE_DESCRIPTOR)
typedef struct OSSL_TIME_SPEC_ABSOLUTE_st {
ASN1_GENERALIZEDTIME *startTime;
ASN1_GENERALIZEDTIME *endTime;
} OSSL_TIME_SPEC_ABSOLUTE;
typedef struct OSSL_DAY_TIME_st {
ASN1_INTEGER *hour;
ASN1_INTEGER *minute;
ASN1_INTEGER *second;
} OSSL_DAY_TIME;
typedef struct OSSL_DAY_TIME_BAND_st {
OSSL_DAY_TIME *startDayTime;
OSSL_DAY_TIME *endDayTime;
} OSSL_DAY_TIME_BAND;
# define OSSL_NAMED_DAY_TYPE_INT 0
# define OSSL_NAMED_DAY_TYPE_BIT 1
# define OSSL_NAMED_DAY_INT_SUN 1
# define OSSL_NAMED_DAY_INT_MON 2
# define OSSL_NAMED_DAY_INT_TUE 3
# define OSSL_NAMED_DAY_INT_WED 4
# define OSSL_NAMED_DAY_INT_THU 5
# define OSSL_NAMED_DAY_INT_FRI 6
# define OSSL_NAMED_DAY_INT_SAT 7
# define OSSL_NAMED_DAY_BIT_SUN 0
# define OSSL_NAMED_DAY_BIT_MON 1
# define OSSL_NAMED_DAY_BIT_TUE 2
# define OSSL_NAMED_DAY_BIT_WED 3
# define OSSL_NAMED_DAY_BIT_THU 4
# define OSSL_NAMED_DAY_BIT_FRI 5
# define OSSL_NAMED_DAY_BIT_SAT 6
typedef struct OSSL_NAMED_DAY_st {
int type;
union {
ASN1_INTEGER *intNamedDays;
ASN1_BIT_STRING *bitNamedDays;
} choice;
} OSSL_NAMED_DAY;
# define OSSL_TIME_SPEC_X_DAY_OF_FIRST 0
# define OSSL_TIME_SPEC_X_DAY_OF_SECOND 1
# define OSSL_TIME_SPEC_X_DAY_OF_THIRD 2
# define OSSL_TIME_SPEC_X_DAY_OF_FOURTH 3
# define OSSL_TIME_SPEC_X_DAY_OF_FIFTH 4
typedef struct OSSL_TIME_SPEC_X_DAY_OF_st {
int type;
union {
OSSL_NAMED_DAY *first;
OSSL_NAMED_DAY *second;
OSSL_NAMED_DAY *third;
OSSL_NAMED_DAY *fourth;
OSSL_NAMED_DAY *fifth;
} choice;
} OSSL_TIME_SPEC_X_DAY_OF;
# define OSSL_TIME_SPEC_DAY_TYPE_INT 0
# define OSSL_TIME_SPEC_DAY_TYPE_BIT 1
# define OSSL_TIME_SPEC_DAY_TYPE_DAY_OF 2
# define OSSL_TIME_SPEC_DAY_BIT_SUN 0
# define OSSL_TIME_SPEC_DAY_BIT_MON 1
# define OSSL_TIME_SPEC_DAY_BIT_TUE 2
# define OSSL_TIME_SPEC_DAY_BIT_WED 3
# define OSSL_TIME_SPEC_DAY_BIT_THU 4
# define OSSL_TIME_SPEC_DAY_BIT_FRI 5
# define OSSL_TIME_SPEC_DAY_BIT_SAT 6
# define OSSL_TIME_SPEC_DAY_INT_SUN 1
# define OSSL_TIME_SPEC_DAY_INT_MON 2
# define OSSL_TIME_SPEC_DAY_INT_TUE 3
# define OSSL_TIME_SPEC_DAY_INT_WED 4
# define OSSL_TIME_SPEC_DAY_INT_THU 5
# define OSSL_TIME_SPEC_DAY_INT_FRI 6
# define OSSL_TIME_SPEC_DAY_INT_SAT 7
typedef struct OSSL_TIME_SPEC_DAY_st {
int type;
union {
STACK_OF(ASN1_INTEGER) *intDay;
ASN1_BIT_STRING *bitDay;
OSSL_TIME_SPEC_X_DAY_OF *dayOf;
} choice;
} OSSL_TIME_SPEC_DAY;
# define OSSL_TIME_SPEC_WEEKS_TYPE_ALL 0
# define OSSL_TIME_SPEC_WEEKS_TYPE_INT 1
# define OSSL_TIME_SPEC_WEEKS_TYPE_BIT 2
# define OSSL_TIME_SPEC_BIT_WEEKS_1 0
# define OSSL_TIME_SPEC_BIT_WEEKS_2 1
# define OSSL_TIME_SPEC_BIT_WEEKS_3 2
# define OSSL_TIME_SPEC_BIT_WEEKS_4 3
# define OSSL_TIME_SPEC_BIT_WEEKS_5 4
typedef struct OSSL_TIME_SPEC_WEEKS_st {
int type;
union {
ASN1_NULL *allWeeks;
STACK_OF(ASN1_INTEGER) *intWeek;
ASN1_BIT_STRING *bitWeek;
} choice;
} OSSL_TIME_SPEC_WEEKS;
# define OSSL_TIME_SPEC_MONTH_TYPE_ALL 0
# define OSSL_TIME_SPEC_MONTH_TYPE_INT 1
# define OSSL_TIME_SPEC_MONTH_TYPE_BIT 2
# define OSSL_TIME_SPEC_INT_MONTH_JAN 1
# define OSSL_TIME_SPEC_INT_MONTH_FEB 2
# define OSSL_TIME_SPEC_INT_MONTH_MAR 3
# define OSSL_TIME_SPEC_INT_MONTH_APR 4
# define OSSL_TIME_SPEC_INT_MONTH_MAY 5
# define OSSL_TIME_SPEC_INT_MONTH_JUN 6
# define OSSL_TIME_SPEC_INT_MONTH_JUL 7
# define OSSL_TIME_SPEC_INT_MONTH_AUG 8
# define OSSL_TIME_SPEC_INT_MONTH_SEP 9
# define OSSL_TIME_SPEC_INT_MONTH_OCT 10
# define OSSL_TIME_SPEC_INT_MONTH_NOV 11
# define OSSL_TIME_SPEC_INT_MONTH_DEC 12
# define OSSL_TIME_SPEC_BIT_MONTH_JAN 0
# define OSSL_TIME_SPEC_BIT_MONTH_FEB 1
# define OSSL_TIME_SPEC_BIT_MONTH_MAR 2
# define OSSL_TIME_SPEC_BIT_MONTH_APR 3
# define OSSL_TIME_SPEC_BIT_MONTH_MAY 4
# define OSSL_TIME_SPEC_BIT_MONTH_JUN 5
# define OSSL_TIME_SPEC_BIT_MONTH_JUL 6
# define OSSL_TIME_SPEC_BIT_MONTH_AUG 7
# define OSSL_TIME_SPEC_BIT_MONTH_SEP 8
# define OSSL_TIME_SPEC_BIT_MONTH_OCT 9
# define OSSL_TIME_SPEC_BIT_MONTH_NOV 10
# define OSSL_TIME_SPEC_BIT_MONTH_DEC 11
typedef struct OSSL_TIME_SPEC_MONTH_st {
int type;
union {
ASN1_NULL *allMonths;
STACK_OF(ASN1_INTEGER) *intMonth;
ASN1_BIT_STRING *bitMonth;
} choice;
} OSSL_TIME_SPEC_MONTH;
typedef struct OSSL_TIME_PERIOD_st {
STACK_OF(OSSL_DAY_TIME_BAND) *timesOfDay;
OSSL_TIME_SPEC_DAY *days;
OSSL_TIME_SPEC_WEEKS *weeks;
OSSL_TIME_SPEC_MONTH *months;
STACK_OF(ASN1_INTEGER) *years;
} OSSL_TIME_PERIOD;
# define OSSL_TIME_SPEC_TIME_TYPE_ABSOLUTE 0
# define OSSL_TIME_SPEC_TIME_TYPE_PERIODIC 1
typedef struct OSSL_TIME_SPEC_TIME_st {
int type;
union {
OSSL_TIME_SPEC_ABSOLUTE *absolute;
STACK_OF(OSSL_TIME_PERIOD) *periodic;
} choice;
} OSSL_TIME_SPEC_TIME;
typedef struct OSSL_TIME_SPEC_st {
OSSL_TIME_SPEC_TIME *time;
ASN1_BOOLEAN notThisTime;
ASN1_INTEGER *timeZone;
} OSSL_TIME_SPEC;
DECLARE_ASN1_FUNCTIONS(OSSL_DAY_TIME)
DECLARE_ASN1_FUNCTIONS(OSSL_DAY_TIME_BAND)
DECLARE_ASN1_FUNCTIONS(OSSL_TIME_SPEC_DAY)
DECLARE_ASN1_FUNCTIONS(OSSL_TIME_SPEC_WEEKS)
DECLARE_ASN1_FUNCTIONS(OSSL_TIME_SPEC_MONTH)
DECLARE_ASN1_FUNCTIONS(OSSL_NAMED_DAY)
DECLARE_ASN1_FUNCTIONS(OSSL_TIME_SPEC_X_DAY_OF)
DECLARE_ASN1_FUNCTIONS(OSSL_TIME_SPEC_ABSOLUTE)
DECLARE_ASN1_FUNCTIONS(OSSL_TIME_SPEC_TIME)
DECLARE_ASN1_FUNCTIONS(OSSL_TIME_SPEC)
DECLARE_ASN1_FUNCTIONS(OSSL_TIME_PERIOD)
SKM_DEFINE_STACK_OF_INTERNAL(OSSL_TIME_PERIOD, OSSL_TIME_PERIOD, OSSL_TIME_PERIOD)
#define sk_OSSL_TIME_PERIOD_num(sk) OPENSSL_sk_num(ossl_check_const_OSSL_TIME_PERIOD_sk_type(sk))
#define sk_OSSL_TIME_PERIOD_value(sk, idx) ((OSSL_TIME_PERIOD *)OPENSSL_sk_value(ossl_check_const_OSSL_TIME_PERIOD_sk_type(sk), (idx)))
#define sk_OSSL_TIME_PERIOD_new(cmp) ((STACK_OF(OSSL_TIME_PERIOD) *)OPENSSL_sk_new(ossl_check_OSSL_TIME_PERIOD_compfunc_type(cmp)))
#define sk_OSSL_TIME_PERIOD_new_null() ((STACK_OF(OSSL_TIME_PERIOD) *)OPENSSL_sk_new_null())
#define sk_OSSL_TIME_PERIOD_new_reserve(cmp, n) ((STACK_OF(OSSL_TIME_PERIOD) *)OPENSSL_sk_new_reserve(ossl_check_OSSL_TIME_PERIOD_compfunc_type(cmp), (n)))
#define sk_OSSL_TIME_PERIOD_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_OSSL_TIME_PERIOD_sk_type(sk), (n))
#define sk_OSSL_TIME_PERIOD_free(sk) OPENSSL_sk_free(ossl_check_OSSL_TIME_PERIOD_sk_type(sk))
#define sk_OSSL_TIME_PERIOD_zero(sk) OPENSSL_sk_zero(ossl_check_OSSL_TIME_PERIOD_sk_type(sk))
#define sk_OSSL_TIME_PERIOD_delete(sk, i) ((OSSL_TIME_PERIOD *)OPENSSL_sk_delete(ossl_check_OSSL_TIME_PERIOD_sk_type(sk), (i)))
#define sk_OSSL_TIME_PERIOD_delete_ptr(sk, ptr) ((OSSL_TIME_PERIOD *)OPENSSL_sk_delete_ptr(ossl_check_OSSL_TIME_PERIOD_sk_type(sk), ossl_check_OSSL_TIME_PERIOD_type(ptr)))
#define sk_OSSL_TIME_PERIOD_push(sk, ptr) OPENSSL_sk_push(ossl_check_OSSL_TIME_PERIOD_sk_type(sk), ossl_check_OSSL_TIME_PERIOD_type(ptr))
#define sk_OSSL_TIME_PERIOD_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_OSSL_TIME_PERIOD_sk_type(sk), ossl_check_OSSL_TIME_PERIOD_type(ptr))
#define sk_OSSL_TIME_PERIOD_pop(sk) ((OSSL_TIME_PERIOD *)OPENSSL_sk_pop(ossl_check_OSSL_TIME_PERIOD_sk_type(sk)))
#define sk_OSSL_TIME_PERIOD_shift(sk) ((OSSL_TIME_PERIOD *)OPENSSL_sk_shift(ossl_check_OSSL_TIME_PERIOD_sk_type(sk)))
#define sk_OSSL_TIME_PERIOD_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_OSSL_TIME_PERIOD_sk_type(sk),ossl_check_OSSL_TIME_PERIOD_freefunc_type(freefunc))
#define sk_OSSL_TIME_PERIOD_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_OSSL_TIME_PERIOD_sk_type(sk), ossl_check_OSSL_TIME_PERIOD_type(ptr), (idx))
#define sk_OSSL_TIME_PERIOD_set(sk, idx, ptr) ((OSSL_TIME_PERIOD *)OPENSSL_sk_set(ossl_check_OSSL_TIME_PERIOD_sk_type(sk), (idx), ossl_check_OSSL_TIME_PERIOD_type(ptr)))
#define sk_OSSL_TIME_PERIOD_find(sk, ptr) OPENSSL_sk_find(ossl_check_OSSL_TIME_PERIOD_sk_type(sk), ossl_check_OSSL_TIME_PERIOD_type(ptr))
#define sk_OSSL_TIME_PERIOD_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_OSSL_TIME_PERIOD_sk_type(sk), ossl_check_OSSL_TIME_PERIOD_type(ptr))
#define sk_OSSL_TIME_PERIOD_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_OSSL_TIME_PERIOD_sk_type(sk), ossl_check_OSSL_TIME_PERIOD_type(ptr), pnum)
#define sk_OSSL_TIME_PERIOD_sort(sk) OPENSSL_sk_sort(ossl_check_OSSL_TIME_PERIOD_sk_type(sk))
#define sk_OSSL_TIME_PERIOD_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_OSSL_TIME_PERIOD_sk_type(sk))
#define sk_OSSL_TIME_PERIOD_dup(sk) ((STACK_OF(OSSL_TIME_PERIOD) *)OPENSSL_sk_dup(ossl_check_const_OSSL_TIME_PERIOD_sk_type(sk)))
#define sk_OSSL_TIME_PERIOD_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(OSSL_TIME_PERIOD) *)OPENSSL_sk_deep_copy(ossl_check_const_OSSL_TIME_PERIOD_sk_type(sk), ossl_check_OSSL_TIME_PERIOD_copyfunc_type(copyfunc), ossl_check_OSSL_TIME_PERIOD_freefunc_type(freefunc)))
#define sk_OSSL_TIME_PERIOD_set_cmp_func(sk, cmp) ((sk_OSSL_TIME_PERIOD_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_OSSL_TIME_PERIOD_sk_type(sk), ossl_check_OSSL_TIME_PERIOD_compfunc_type(cmp)))
SKM_DEFINE_STACK_OF_INTERNAL(OSSL_DAY_TIME_BAND, OSSL_DAY_TIME_BAND, OSSL_DAY_TIME_BAND)
#define sk_OSSL_DAY_TIME_BAND_num(sk) OPENSSL_sk_num(ossl_check_const_OSSL_DAY_TIME_BAND_sk_type(sk))
#define sk_OSSL_DAY_TIME_BAND_value(sk, idx) ((OSSL_DAY_TIME_BAND *)OPENSSL_sk_value(ossl_check_const_OSSL_DAY_TIME_BAND_sk_type(sk), (idx)))
#define sk_OSSL_DAY_TIME_BAND_new(cmp) ((STACK_OF(OSSL_DAY_TIME_BAND) *)OPENSSL_sk_new(ossl_check_OSSL_DAY_TIME_BAND_compfunc_type(cmp)))
#define sk_OSSL_DAY_TIME_BAND_new_null() ((STACK_OF(OSSL_DAY_TIME_BAND) *)OPENSSL_sk_new_null())
#define sk_OSSL_DAY_TIME_BAND_new_reserve(cmp, n) ((STACK_OF(OSSL_DAY_TIME_BAND) *)OPENSSL_sk_new_reserve(ossl_check_OSSL_DAY_TIME_BAND_compfunc_type(cmp), (n)))
#define sk_OSSL_DAY_TIME_BAND_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_OSSL_DAY_TIME_BAND_sk_type(sk), (n))
#define sk_OSSL_DAY_TIME_BAND_free(sk) OPENSSL_sk_free(ossl_check_OSSL_DAY_TIME_BAND_sk_type(sk))
#define sk_OSSL_DAY_TIME_BAND_zero(sk) OPENSSL_sk_zero(ossl_check_OSSL_DAY_TIME_BAND_sk_type(sk))
#define sk_OSSL_DAY_TIME_BAND_delete(sk, i) ((OSSL_DAY_TIME_BAND *)OPENSSL_sk_delete(ossl_check_OSSL_DAY_TIME_BAND_sk_type(sk), (i)))
#define sk_OSSL_DAY_TIME_BAND_delete_ptr(sk, ptr) ((OSSL_DAY_TIME_BAND *)OPENSSL_sk_delete_ptr(ossl_check_OSSL_DAY_TIME_BAND_sk_type(sk), ossl_check_OSSL_DAY_TIME_BAND_type(ptr)))
#define sk_OSSL_DAY_TIME_BAND_push(sk, ptr) OPENSSL_sk_push(ossl_check_OSSL_DAY_TIME_BAND_sk_type(sk), ossl_check_OSSL_DAY_TIME_BAND_type(ptr))
#define sk_OSSL_DAY_TIME_BAND_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_OSSL_DAY_TIME_BAND_sk_type(sk), ossl_check_OSSL_DAY_TIME_BAND_type(ptr))
#define sk_OSSL_DAY_TIME_BAND_pop(sk) ((OSSL_DAY_TIME_BAND *)OPENSSL_sk_pop(ossl_check_OSSL_DAY_TIME_BAND_sk_type(sk)))
#define sk_OSSL_DAY_TIME_BAND_shift(sk) ((OSSL_DAY_TIME_BAND *)OPENSSL_sk_shift(ossl_check_OSSL_DAY_TIME_BAND_sk_type(sk)))
#define sk_OSSL_DAY_TIME_BAND_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_OSSL_DAY_TIME_BAND_sk_type(sk),ossl_check_OSSL_DAY_TIME_BAND_freefunc_type(freefunc))
#define sk_OSSL_DAY_TIME_BAND_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_OSSL_DAY_TIME_BAND_sk_type(sk), ossl_check_OSSL_DAY_TIME_BAND_type(ptr), (idx))
#define sk_OSSL_DAY_TIME_BAND_set(sk, idx, ptr) ((OSSL_DAY_TIME_BAND *)OPENSSL_sk_set(ossl_check_OSSL_DAY_TIME_BAND_sk_type(sk), (idx), ossl_check_OSSL_DAY_TIME_BAND_type(ptr)))
#define sk_OSSL_DAY_TIME_BAND_find(sk, ptr) OPENSSL_sk_find(ossl_check_OSSL_DAY_TIME_BAND_sk_type(sk), ossl_check_OSSL_DAY_TIME_BAND_type(ptr))
#define sk_OSSL_DAY_TIME_BAND_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_OSSL_DAY_TIME_BAND_sk_type(sk), ossl_check_OSSL_DAY_TIME_BAND_type(ptr))
#define sk_OSSL_DAY_TIME_BAND_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_OSSL_DAY_TIME_BAND_sk_type(sk), ossl_check_OSSL_DAY_TIME_BAND_type(ptr), pnum)
#define sk_OSSL_DAY_TIME_BAND_sort(sk) OPENSSL_sk_sort(ossl_check_OSSL_DAY_TIME_BAND_sk_type(sk))
#define sk_OSSL_DAY_TIME_BAND_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_OSSL_DAY_TIME_BAND_sk_type(sk))
#define sk_OSSL_DAY_TIME_BAND_dup(sk) ((STACK_OF(OSSL_DAY_TIME_BAND) *)OPENSSL_sk_dup(ossl_check_const_OSSL_DAY_TIME_BAND_sk_type(sk)))
#define sk_OSSL_DAY_TIME_BAND_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(OSSL_DAY_TIME_BAND) *)OPENSSL_sk_deep_copy(ossl_check_const_OSSL_DAY_TIME_BAND_sk_type(sk), ossl_check_OSSL_DAY_TIME_BAND_copyfunc_type(copyfunc), ossl_check_OSSL_DAY_TIME_BAND_freefunc_type(freefunc)))
#define sk_OSSL_DAY_TIME_BAND_set_cmp_func(sk, cmp) ((sk_OSSL_DAY_TIME_BAND_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_OSSL_DAY_TIME_BAND_sk_type(sk), ossl_check_OSSL_DAY_TIME_BAND_compfunc_type(cmp)))
/* Attribute Type and Value */
typedef struct atav_st {
ASN1_OBJECT *type;
ASN1_TYPE *value;
} OSSL_ATAV;
typedef struct ATTRIBUTE_TYPE_MAPPING_st {
ASN1_OBJECT *local;
ASN1_OBJECT *remote;
} OSSL_ATTRIBUTE_TYPE_MAPPING;
typedef struct ATTRIBUTE_VALUE_MAPPING_st {
OSSL_ATAV *local;
OSSL_ATAV *remote;
} OSSL_ATTRIBUTE_VALUE_MAPPING;
# define OSSL_ATTR_MAP_TYPE 0
# define OSSL_ATTR_MAP_VALUE 1
typedef struct ATTRIBUTE_MAPPING_st {
int type;
union {
OSSL_ATTRIBUTE_TYPE_MAPPING *typeMappings;
OSSL_ATTRIBUTE_VALUE_MAPPING *typeValueMappings;
} choice;
} OSSL_ATTRIBUTE_MAPPING;
typedef STACK_OF(OSSL_ATTRIBUTE_MAPPING) OSSL_ATTRIBUTE_MAPPINGS;
DECLARE_ASN1_FUNCTIONS(OSSL_ATAV)
DECLARE_ASN1_FUNCTIONS(OSSL_ATTRIBUTE_TYPE_MAPPING)
DECLARE_ASN1_FUNCTIONS(OSSL_ATTRIBUTE_VALUE_MAPPING)
DECLARE_ASN1_FUNCTIONS(OSSL_ATTRIBUTE_MAPPING)
DECLARE_ASN1_FUNCTIONS(OSSL_ATTRIBUTE_MAPPINGS)
SKM_DEFINE_STACK_OF_INTERNAL(OSSL_ATTRIBUTE_MAPPING, OSSL_ATTRIBUTE_MAPPING, OSSL_ATTRIBUTE_MAPPING)
#define sk_OSSL_ATTRIBUTE_MAPPING_num(sk) OPENSSL_sk_num(ossl_check_const_OSSL_ATTRIBUTE_MAPPING_sk_type(sk))
#define sk_OSSL_ATTRIBUTE_MAPPING_value(sk, idx) ((OSSL_ATTRIBUTE_MAPPING *)OPENSSL_sk_value(ossl_check_const_OSSL_ATTRIBUTE_MAPPING_sk_type(sk), (idx)))
#define sk_OSSL_ATTRIBUTE_MAPPING_new(cmp) ((STACK_OF(OSSL_ATTRIBUTE_MAPPING) *)OPENSSL_sk_new(ossl_check_OSSL_ATTRIBUTE_MAPPING_compfunc_type(cmp)))
#define sk_OSSL_ATTRIBUTE_MAPPING_new_null() ((STACK_OF(OSSL_ATTRIBUTE_MAPPING) *)OPENSSL_sk_new_null())
#define sk_OSSL_ATTRIBUTE_MAPPING_new_reserve(cmp, n) ((STACK_OF(OSSL_ATTRIBUTE_MAPPING) *)OPENSSL_sk_new_reserve(ossl_check_OSSL_ATTRIBUTE_MAPPING_compfunc_type(cmp), (n)))
#define sk_OSSL_ATTRIBUTE_MAPPING_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_OSSL_ATTRIBUTE_MAPPING_sk_type(sk), (n))
#define sk_OSSL_ATTRIBUTE_MAPPING_free(sk) OPENSSL_sk_free(ossl_check_OSSL_ATTRIBUTE_MAPPING_sk_type(sk))
#define sk_OSSL_ATTRIBUTE_MAPPING_zero(sk) OPENSSL_sk_zero(ossl_check_OSSL_ATTRIBUTE_MAPPING_sk_type(sk))
#define sk_OSSL_ATTRIBUTE_MAPPING_delete(sk, i) ((OSSL_ATTRIBUTE_MAPPING *)OPENSSL_sk_delete(ossl_check_OSSL_ATTRIBUTE_MAPPING_sk_type(sk), (i)))
#define sk_OSSL_ATTRIBUTE_MAPPING_delete_ptr(sk, ptr) ((OSSL_ATTRIBUTE_MAPPING *)OPENSSL_sk_delete_ptr(ossl_check_OSSL_ATTRIBUTE_MAPPING_sk_type(sk), ossl_check_OSSL_ATTRIBUTE_MAPPING_type(ptr)))
#define sk_OSSL_ATTRIBUTE_MAPPING_push(sk, ptr) OPENSSL_sk_push(ossl_check_OSSL_ATTRIBUTE_MAPPING_sk_type(sk), ossl_check_OSSL_ATTRIBUTE_MAPPING_type(ptr))
#define sk_OSSL_ATTRIBUTE_MAPPING_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_OSSL_ATTRIBUTE_MAPPING_sk_type(sk), ossl_check_OSSL_ATTRIBUTE_MAPPING_type(ptr))
#define sk_OSSL_ATTRIBUTE_MAPPING_pop(sk) ((OSSL_ATTRIBUTE_MAPPING *)OPENSSL_sk_pop(ossl_check_OSSL_ATTRIBUTE_MAPPING_sk_type(sk)))
#define sk_OSSL_ATTRIBUTE_MAPPING_shift(sk) ((OSSL_ATTRIBUTE_MAPPING *)OPENSSL_sk_shift(ossl_check_OSSL_ATTRIBUTE_MAPPING_sk_type(sk)))
#define sk_OSSL_ATTRIBUTE_MAPPING_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_OSSL_ATTRIBUTE_MAPPING_sk_type(sk),ossl_check_OSSL_ATTRIBUTE_MAPPING_freefunc_type(freefunc))
#define sk_OSSL_ATTRIBUTE_MAPPING_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_OSSL_ATTRIBUTE_MAPPING_sk_type(sk), ossl_check_OSSL_ATTRIBUTE_MAPPING_type(ptr), (idx))
#define sk_OSSL_ATTRIBUTE_MAPPING_set(sk, idx, ptr) ((OSSL_ATTRIBUTE_MAPPING *)OPENSSL_sk_set(ossl_check_OSSL_ATTRIBUTE_MAPPING_sk_type(sk), (idx), ossl_check_OSSL_ATTRIBUTE_MAPPING_type(ptr)))
#define sk_OSSL_ATTRIBUTE_MAPPING_find(sk, ptr) OPENSSL_sk_find(ossl_check_OSSL_ATTRIBUTE_MAPPING_sk_type(sk), ossl_check_OSSL_ATTRIBUTE_MAPPING_type(ptr))
#define sk_OSSL_ATTRIBUTE_MAPPING_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_OSSL_ATTRIBUTE_MAPPING_sk_type(sk), ossl_check_OSSL_ATTRIBUTE_MAPPING_type(ptr))
#define sk_OSSL_ATTRIBUTE_MAPPING_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_OSSL_ATTRIBUTE_MAPPING_sk_type(sk), ossl_check_OSSL_ATTRIBUTE_MAPPING_type(ptr), pnum)
#define sk_OSSL_ATTRIBUTE_MAPPING_sort(sk) OPENSSL_sk_sort(ossl_check_OSSL_ATTRIBUTE_MAPPING_sk_type(sk))
#define sk_OSSL_ATTRIBUTE_MAPPING_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_OSSL_ATTRIBUTE_MAPPING_sk_type(sk))
#define sk_OSSL_ATTRIBUTE_MAPPING_dup(sk) ((STACK_OF(OSSL_ATTRIBUTE_MAPPING) *)OPENSSL_sk_dup(ossl_check_const_OSSL_ATTRIBUTE_MAPPING_sk_type(sk)))
#define sk_OSSL_ATTRIBUTE_MAPPING_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(OSSL_ATTRIBUTE_MAPPING) *)OPENSSL_sk_deep_copy(ossl_check_const_OSSL_ATTRIBUTE_MAPPING_sk_type(sk), ossl_check_OSSL_ATTRIBUTE_MAPPING_copyfunc_type(copyfunc), ossl_check_OSSL_ATTRIBUTE_MAPPING_freefunc_type(freefunc)))
#define sk_OSSL_ATTRIBUTE_MAPPING_set_cmp_func(sk, cmp) ((sk_OSSL_ATTRIBUTE_MAPPING_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_OSSL_ATTRIBUTE_MAPPING_sk_type(sk), ossl_check_OSSL_ATTRIBUTE_MAPPING_compfunc_type(cmp)))
# define OSSL_AAA_ATTRIBUTE_TYPE 0
# define OSSL_AAA_ATTRIBUTE_VALUES 1
typedef struct ALLOWED_ATTRIBUTES_CHOICE_st {
int type;
union {
ASN1_OBJECT *attributeType;
X509_ATTRIBUTE *attributeTypeandValues;
} choice;
} OSSL_ALLOWED_ATTRIBUTES_CHOICE;
typedef struct ALLOWED_ATTRIBUTES_ITEM_st {
STACK_OF(OSSL_ALLOWED_ATTRIBUTES_CHOICE) *attributes;
GENERAL_NAME *holderDomain;
} OSSL_ALLOWED_ATTRIBUTES_ITEM;
typedef STACK_OF(OSSL_ALLOWED_ATTRIBUTES_ITEM) OSSL_ALLOWED_ATTRIBUTES_SYNTAX;
DECLARE_ASN1_FUNCTIONS(OSSL_ALLOWED_ATTRIBUTES_CHOICE)
DECLARE_ASN1_FUNCTIONS(OSSL_ALLOWED_ATTRIBUTES_ITEM)
DECLARE_ASN1_FUNCTIONS(OSSL_ALLOWED_ATTRIBUTES_SYNTAX)
SKM_DEFINE_STACK_OF_INTERNAL(OSSL_ALLOWED_ATTRIBUTES_CHOICE, OSSL_ALLOWED_ATTRIBUTES_CHOICE, OSSL_ALLOWED_ATTRIBUTES_CHOICE)
#define sk_OSSL_ALLOWED_ATTRIBUTES_CHOICE_num(sk) OPENSSL_sk_num(ossl_check_const_OSSL_ALLOWED_ATTRIBUTES_CHOICE_sk_type(sk))
#define sk_OSSL_ALLOWED_ATTRIBUTES_CHOICE_value(sk, idx) ((OSSL_ALLOWED_ATTRIBUTES_CHOICE *)OPENSSL_sk_value(ossl_check_const_OSSL_ALLOWED_ATTRIBUTES_CHOICE_sk_type(sk), (idx)))
#define sk_OSSL_ALLOWED_ATTRIBUTES_CHOICE_new(cmp) ((STACK_OF(OSSL_ALLOWED_ATTRIBUTES_CHOICE) *)OPENSSL_sk_new(ossl_check_OSSL_ALLOWED_ATTRIBUTES_CHOICE_compfunc_type(cmp)))
#define sk_OSSL_ALLOWED_ATTRIBUTES_CHOICE_new_null() ((STACK_OF(OSSL_ALLOWED_ATTRIBUTES_CHOICE) *)OPENSSL_sk_new_null())
#define sk_OSSL_ALLOWED_ATTRIBUTES_CHOICE_new_reserve(cmp, n) ((STACK_OF(OSSL_ALLOWED_ATTRIBUTES_CHOICE) *)OPENSSL_sk_new_reserve(ossl_check_OSSL_ALLOWED_ATTRIBUTES_CHOICE_compfunc_type(cmp), (n)))
#define sk_OSSL_ALLOWED_ATTRIBUTES_CHOICE_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_OSSL_ALLOWED_ATTRIBUTES_CHOICE_sk_type(sk), (n))
#define sk_OSSL_ALLOWED_ATTRIBUTES_CHOICE_free(sk) OPENSSL_sk_free(ossl_check_OSSL_ALLOWED_ATTRIBUTES_CHOICE_sk_type(sk))
#define sk_OSSL_ALLOWED_ATTRIBUTES_CHOICE_zero(sk) OPENSSL_sk_zero(ossl_check_OSSL_ALLOWED_ATTRIBUTES_CHOICE_sk_type(sk))
#define sk_OSSL_ALLOWED_ATTRIBUTES_CHOICE_delete(sk, i) ((OSSL_ALLOWED_ATTRIBUTES_CHOICE *)OPENSSL_sk_delete(ossl_check_OSSL_ALLOWED_ATTRIBUTES_CHOICE_sk_type(sk), (i)))
#define sk_OSSL_ALLOWED_ATTRIBUTES_CHOICE_delete_ptr(sk, ptr) ((OSSL_ALLOWED_ATTRIBUTES_CHOICE *)OPENSSL_sk_delete_ptr(ossl_check_OSSL_ALLOWED_ATTRIBUTES_CHOICE_sk_type(sk), ossl_check_OSSL_ALLOWED_ATTRIBUTES_CHOICE_type(ptr)))
#define sk_OSSL_ALLOWED_ATTRIBUTES_CHOICE_push(sk, ptr) OPENSSL_sk_push(ossl_check_OSSL_ALLOWED_ATTRIBUTES_CHOICE_sk_type(sk), ossl_check_OSSL_ALLOWED_ATTRIBUTES_CHOICE_type(ptr))
#define sk_OSSL_ALLOWED_ATTRIBUTES_CHOICE_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_OSSL_ALLOWED_ATTRIBUTES_CHOICE_sk_type(sk), ossl_check_OSSL_ALLOWED_ATTRIBUTES_CHOICE_type(ptr))
#define sk_OSSL_ALLOWED_ATTRIBUTES_CHOICE_pop(sk) ((OSSL_ALLOWED_ATTRIBUTES_CHOICE *)OPENSSL_sk_pop(ossl_check_OSSL_ALLOWED_ATTRIBUTES_CHOICE_sk_type(sk)))
#define sk_OSSL_ALLOWED_ATTRIBUTES_CHOICE_shift(sk) ((OSSL_ALLOWED_ATTRIBUTES_CHOICE *)OPENSSL_sk_shift(ossl_check_OSSL_ALLOWED_ATTRIBUTES_CHOICE_sk_type(sk)))
#define sk_OSSL_ALLOWED_ATTRIBUTES_CHOICE_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_OSSL_ALLOWED_ATTRIBUTES_CHOICE_sk_type(sk),ossl_check_OSSL_ALLOWED_ATTRIBUTES_CHOICE_freefunc_type(freefunc))
#define sk_OSSL_ALLOWED_ATTRIBUTES_CHOICE_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_OSSL_ALLOWED_ATTRIBUTES_CHOICE_sk_type(sk), ossl_check_OSSL_ALLOWED_ATTRIBUTES_CHOICE_type(ptr), (idx))
#define sk_OSSL_ALLOWED_ATTRIBUTES_CHOICE_set(sk, idx, ptr) ((OSSL_ALLOWED_ATTRIBUTES_CHOICE *)OPENSSL_sk_set(ossl_check_OSSL_ALLOWED_ATTRIBUTES_CHOICE_sk_type(sk), (idx), ossl_check_OSSL_ALLOWED_ATTRIBUTES_CHOICE_type(ptr)))
#define sk_OSSL_ALLOWED_ATTRIBUTES_CHOICE_find(sk, ptr) OPENSSL_sk_find(ossl_check_OSSL_ALLOWED_ATTRIBUTES_CHOICE_sk_type(sk), ossl_check_OSSL_ALLOWED_ATTRIBUTES_CHOICE_type(ptr))
#define sk_OSSL_ALLOWED_ATTRIBUTES_CHOICE_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_OSSL_ALLOWED_ATTRIBUTES_CHOICE_sk_type(sk), ossl_check_OSSL_ALLOWED_ATTRIBUTES_CHOICE_type(ptr))
#define sk_OSSL_ALLOWED_ATTRIBUTES_CHOICE_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_OSSL_ALLOWED_ATTRIBUTES_CHOICE_sk_type(sk), ossl_check_OSSL_ALLOWED_ATTRIBUTES_CHOICE_type(ptr), pnum)
#define sk_OSSL_ALLOWED_ATTRIBUTES_CHOICE_sort(sk) OPENSSL_sk_sort(ossl_check_OSSL_ALLOWED_ATTRIBUTES_CHOICE_sk_type(sk))
#define sk_OSSL_ALLOWED_ATTRIBUTES_CHOICE_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_OSSL_ALLOWED_ATTRIBUTES_CHOICE_sk_type(sk))
#define sk_OSSL_ALLOWED_ATTRIBUTES_CHOICE_dup(sk) ((STACK_OF(OSSL_ALLOWED_ATTRIBUTES_CHOICE) *)OPENSSL_sk_dup(ossl_check_const_OSSL_ALLOWED_ATTRIBUTES_CHOICE_sk_type(sk)))
#define sk_OSSL_ALLOWED_ATTRIBUTES_CHOICE_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(OSSL_ALLOWED_ATTRIBUTES_CHOICE) *)OPENSSL_sk_deep_copy(ossl_check_const_OSSL_ALLOWED_ATTRIBUTES_CHOICE_sk_type(sk), ossl_check_OSSL_ALLOWED_ATTRIBUTES_CHOICE_copyfunc_type(copyfunc), ossl_check_OSSL_ALLOWED_ATTRIBUTES_CHOICE_freefunc_type(freefunc)))
#define sk_OSSL_ALLOWED_ATTRIBUTES_CHOICE_set_cmp_func(sk, cmp) ((sk_OSSL_ALLOWED_ATTRIBUTES_CHOICE_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_OSSL_ALLOWED_ATTRIBUTES_CHOICE_sk_type(sk), ossl_check_OSSL_ALLOWED_ATTRIBUTES_CHOICE_compfunc_type(cmp)))
SKM_DEFINE_STACK_OF_INTERNAL(OSSL_ALLOWED_ATTRIBUTES_ITEM, OSSL_ALLOWED_ATTRIBUTES_ITEM, OSSL_ALLOWED_ATTRIBUTES_ITEM)
#define sk_OSSL_ALLOWED_ATTRIBUTES_ITEM_num(sk) OPENSSL_sk_num(ossl_check_const_OSSL_ALLOWED_ATTRIBUTES_ITEM_sk_type(sk))
#define sk_OSSL_ALLOWED_ATTRIBUTES_ITEM_value(sk, idx) ((OSSL_ALLOWED_ATTRIBUTES_ITEM *)OPENSSL_sk_value(ossl_check_const_OSSL_ALLOWED_ATTRIBUTES_ITEM_sk_type(sk), (idx)))
#define sk_OSSL_ALLOWED_ATTRIBUTES_ITEM_new(cmp) ((STACK_OF(OSSL_ALLOWED_ATTRIBUTES_ITEM) *)OPENSSL_sk_new(ossl_check_OSSL_ALLOWED_ATTRIBUTES_ITEM_compfunc_type(cmp)))
#define sk_OSSL_ALLOWED_ATTRIBUTES_ITEM_new_null() ((STACK_OF(OSSL_ALLOWED_ATTRIBUTES_ITEM) *)OPENSSL_sk_new_null())
#define sk_OSSL_ALLOWED_ATTRIBUTES_ITEM_new_reserve(cmp, n) ((STACK_OF(OSSL_ALLOWED_ATTRIBUTES_ITEM) *)OPENSSL_sk_new_reserve(ossl_check_OSSL_ALLOWED_ATTRIBUTES_ITEM_compfunc_type(cmp), (n)))
#define sk_OSSL_ALLOWED_ATTRIBUTES_ITEM_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_OSSL_ALLOWED_ATTRIBUTES_ITEM_sk_type(sk), (n))
#define sk_OSSL_ALLOWED_ATTRIBUTES_ITEM_free(sk) OPENSSL_sk_free(ossl_check_OSSL_ALLOWED_ATTRIBUTES_ITEM_sk_type(sk))
#define sk_OSSL_ALLOWED_ATTRIBUTES_ITEM_zero(sk) OPENSSL_sk_zero(ossl_check_OSSL_ALLOWED_ATTRIBUTES_ITEM_sk_type(sk))
#define sk_OSSL_ALLOWED_ATTRIBUTES_ITEM_delete(sk, i) ((OSSL_ALLOWED_ATTRIBUTES_ITEM *)OPENSSL_sk_delete(ossl_check_OSSL_ALLOWED_ATTRIBUTES_ITEM_sk_type(sk), (i)))
#define sk_OSSL_ALLOWED_ATTRIBUTES_ITEM_delete_ptr(sk, ptr) ((OSSL_ALLOWED_ATTRIBUTES_ITEM *)OPENSSL_sk_delete_ptr(ossl_check_OSSL_ALLOWED_ATTRIBUTES_ITEM_sk_type(sk), ossl_check_OSSL_ALLOWED_ATTRIBUTES_ITEM_type(ptr)))
#define sk_OSSL_ALLOWED_ATTRIBUTES_ITEM_push(sk, ptr) OPENSSL_sk_push(ossl_check_OSSL_ALLOWED_ATTRIBUTES_ITEM_sk_type(sk), ossl_check_OSSL_ALLOWED_ATTRIBUTES_ITEM_type(ptr))
#define sk_OSSL_ALLOWED_ATTRIBUTES_ITEM_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_OSSL_ALLOWED_ATTRIBUTES_ITEM_sk_type(sk), ossl_check_OSSL_ALLOWED_ATTRIBUTES_ITEM_type(ptr))
#define sk_OSSL_ALLOWED_ATTRIBUTES_ITEM_pop(sk) ((OSSL_ALLOWED_ATTRIBUTES_ITEM *)OPENSSL_sk_pop(ossl_check_OSSL_ALLOWED_ATTRIBUTES_ITEM_sk_type(sk)))
#define sk_OSSL_ALLOWED_ATTRIBUTES_ITEM_shift(sk) ((OSSL_ALLOWED_ATTRIBUTES_ITEM *)OPENSSL_sk_shift(ossl_check_OSSL_ALLOWED_ATTRIBUTES_ITEM_sk_type(sk)))
#define sk_OSSL_ALLOWED_ATTRIBUTES_ITEM_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_OSSL_ALLOWED_ATTRIBUTES_ITEM_sk_type(sk),ossl_check_OSSL_ALLOWED_ATTRIBUTES_ITEM_freefunc_type(freefunc))
#define sk_OSSL_ALLOWED_ATTRIBUTES_ITEM_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_OSSL_ALLOWED_ATTRIBUTES_ITEM_sk_type(sk), ossl_check_OSSL_ALLOWED_ATTRIBUTES_ITEM_type(ptr), (idx))
#define sk_OSSL_ALLOWED_ATTRIBUTES_ITEM_set(sk, idx, ptr) ((OSSL_ALLOWED_ATTRIBUTES_ITEM *)OPENSSL_sk_set(ossl_check_OSSL_ALLOWED_ATTRIBUTES_ITEM_sk_type(sk), (idx), ossl_check_OSSL_ALLOWED_ATTRIBUTES_ITEM_type(ptr)))
#define sk_OSSL_ALLOWED_ATTRIBUTES_ITEM_find(sk, ptr) OPENSSL_sk_find(ossl_check_OSSL_ALLOWED_ATTRIBUTES_ITEM_sk_type(sk), ossl_check_OSSL_ALLOWED_ATTRIBUTES_ITEM_type(ptr))
#define sk_OSSL_ALLOWED_ATTRIBUTES_ITEM_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_OSSL_ALLOWED_ATTRIBUTES_ITEM_sk_type(sk), ossl_check_OSSL_ALLOWED_ATTRIBUTES_ITEM_type(ptr))
#define sk_OSSL_ALLOWED_ATTRIBUTES_ITEM_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_OSSL_ALLOWED_ATTRIBUTES_ITEM_sk_type(sk), ossl_check_OSSL_ALLOWED_ATTRIBUTES_ITEM_type(ptr), pnum)
#define sk_OSSL_ALLOWED_ATTRIBUTES_ITEM_sort(sk) OPENSSL_sk_sort(ossl_check_OSSL_ALLOWED_ATTRIBUTES_ITEM_sk_type(sk))
#define sk_OSSL_ALLOWED_ATTRIBUTES_ITEM_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_OSSL_ALLOWED_ATTRIBUTES_ITEM_sk_type(sk))
#define sk_OSSL_ALLOWED_ATTRIBUTES_ITEM_dup(sk) ((STACK_OF(OSSL_ALLOWED_ATTRIBUTES_ITEM) *)OPENSSL_sk_dup(ossl_check_const_OSSL_ALLOWED_ATTRIBUTES_ITEM_sk_type(sk)))
#define sk_OSSL_ALLOWED_ATTRIBUTES_ITEM_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(OSSL_ALLOWED_ATTRIBUTES_ITEM) *)OPENSSL_sk_deep_copy(ossl_check_const_OSSL_ALLOWED_ATTRIBUTES_ITEM_sk_type(sk), ossl_check_OSSL_ALLOWED_ATTRIBUTES_ITEM_copyfunc_type(copyfunc), ossl_check_OSSL_ALLOWED_ATTRIBUTES_ITEM_freefunc_type(freefunc)))
#define sk_OSSL_ALLOWED_ATTRIBUTES_ITEM_set_cmp_func(sk, cmp) ((sk_OSSL_ALLOWED_ATTRIBUTES_ITEM_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_OSSL_ALLOWED_ATTRIBUTES_ITEM_sk_type(sk), ossl_check_OSSL_ALLOWED_ATTRIBUTES_ITEM_compfunc_type(cmp)))
typedef struct AA_DIST_POINT_st {
DIST_POINT_NAME *distpoint;
ASN1_BIT_STRING *reasons;
int dp_reasons;
ASN1_BOOLEAN indirectCRL;
ASN1_BOOLEAN containsUserAttributeCerts;
ASN1_BOOLEAN containsAACerts;
ASN1_BOOLEAN containsSOAPublicKeyCerts;
} OSSL_AA_DIST_POINT;
DECLARE_ASN1_FUNCTIONS(OSSL_AA_DIST_POINT)
# ifdef __cplusplus
}
# endif

37
crypto/openssl/providers/common/der/der_ml_dsa_gen.c Normal file
View file

@ -0,0 +1,37 @@
/*
* WARNING: do not edit!
* Generated by Makefile from providers/common/der/der_ml_dsa_gen.c.in
*
* Copyright 2025 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include "prov/der_ml_dsa.h"
/* Well known OIDs precompiled */
/*
* id-ml-dsa-44 OBJECT IDENTIFIER ::= { sigAlgs 17 }
*/
const unsigned char ossl_der_oid_id_ml_dsa_44[DER_OID_SZ_id_ml_dsa_44] = {
DER_OID_V_id_ml_dsa_44
};
/*
* id-ml-dsa-65 OBJECT IDENTIFIER ::= { sigAlgs 18 }
*/
const unsigned char ossl_der_oid_id_ml_dsa_65[DER_OID_SZ_id_ml_dsa_65] = {
DER_OID_V_id_ml_dsa_65
};
/*
* id-ml-dsa-87 OBJECT IDENTIFIER ::= { sigAlgs 19 }
*/
const unsigned char ossl_der_oid_id_ml_dsa_87[DER_OID_SZ_id_ml_dsa_87] = {
DER_OID_V_id_ml_dsa_87
};

100
crypto/openssl/providers/common/der/der_slh_dsa_gen.c Normal file
View file

@ -0,0 +1,100 @@
/*
* WARNING: do not edit!
* Generated by Makefile from providers/common/der/der_slh_dsa_gen.c.in
*
* Copyright 2025 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include "prov/der_slh_dsa.h"
/* Well known OIDs precompiled */
/*
* id-slh-dsa-sha2-128s OBJECT IDENTIFIER ::= { sigAlgs 20 }
*/
const unsigned char ossl_der_oid_id_slh_dsa_sha2_128s[DER_OID_SZ_id_slh_dsa_sha2_128s] = {
DER_OID_V_id_slh_dsa_sha2_128s
};
/*
* id-slh-dsa-sha2-128f OBJECT IDENTIFIER ::= { sigAlgs 21 }
*/
const unsigned char ossl_der_oid_id_slh_dsa_sha2_128f[DER_OID_SZ_id_slh_dsa_sha2_128f] = {
DER_OID_V_id_slh_dsa_sha2_128f
};
/*
* id-slh-dsa-sha2-192s OBJECT IDENTIFIER ::= { sigAlgs 22 }
*/
const unsigned char ossl_der_oid_id_slh_dsa_sha2_192s[DER_OID_SZ_id_slh_dsa_sha2_192s] = {
DER_OID_V_id_slh_dsa_sha2_192s
};
/*
* id-slh-dsa-sha2-192f OBJECT IDENTIFIER ::= { sigAlgs 23 }
*/
const unsigned char ossl_der_oid_id_slh_dsa_sha2_192f[DER_OID_SZ_id_slh_dsa_sha2_192f] = {
DER_OID_V_id_slh_dsa_sha2_192f
};
/*
* id-slh-dsa-sha2-256s OBJECT IDENTIFIER ::= { sigAlgs 24 }
*/
const unsigned char ossl_der_oid_id_slh_dsa_sha2_256s[DER_OID_SZ_id_slh_dsa_sha2_256s] = {
DER_OID_V_id_slh_dsa_sha2_256s
};
/*
* id-slh-dsa-sha2-256f OBJECT IDENTIFIER ::= { sigAlgs 25 }
*/
const unsigned char ossl_der_oid_id_slh_dsa_sha2_256f[DER_OID_SZ_id_slh_dsa_sha2_256f] = {
DER_OID_V_id_slh_dsa_sha2_256f
};
/*
* id-slh-dsa-shake-128s OBJECT IDENTIFIER ::= { sigAlgs 26 }
*/
const unsigned char ossl_der_oid_id_slh_dsa_shake_128s[DER_OID_SZ_id_slh_dsa_shake_128s] = {
DER_OID_V_id_slh_dsa_shake_128s
};
/*
* id-slh-dsa-shake-128f OBJECT IDENTIFIER ::= { sigAlgs 27 }
*/
const unsigned char ossl_der_oid_id_slh_dsa_shake_128f[DER_OID_SZ_id_slh_dsa_shake_128f] = {
DER_OID_V_id_slh_dsa_shake_128f
};
/*
* id-slh-dsa-shake-192s OBJECT IDENTIFIER ::= { sigAlgs 28 }
*/
const unsigned char ossl_der_oid_id_slh_dsa_shake_192s[DER_OID_SZ_id_slh_dsa_shake_192s] = {
DER_OID_V_id_slh_dsa_shake_192s
};
/*
* id-slh-dsa-shake-192f OBJECT IDENTIFIER ::= { sigAlgs 29 }
*/
const unsigned char ossl_der_oid_id_slh_dsa_shake_192f[DER_OID_SZ_id_slh_dsa_shake_192f] = {
DER_OID_V_id_slh_dsa_shake_192f
};
/*
* id-slh-dsa-shake-256s OBJECT IDENTIFIER ::= { sigAlgs 30 }
*/
const unsigned char ossl_der_oid_id_slh_dsa_shake_256s[DER_OID_SZ_id_slh_dsa_shake_256s] = {
DER_OID_V_id_slh_dsa_shake_256s
};
/*
* id-slh-dsa-shake-256f OBJECT IDENTIFIER ::= { sigAlgs 31 }
*/
const unsigned char ossl_der_oid_id_slh_dsa_shake_256f[DER_OID_SZ_id_slh_dsa_shake_256f] = {
DER_OID_V_id_slh_dsa_shake_256f
};

40
crypto/openssl/providers/common/include/prov/der_ml_dsa.h Normal file
View file

@ -0,0 +1,40 @@
/*
* WARNING: do not edit!
* Generated by Makefile from providers/common/include/prov/der_ml_dsa.h.in
*
* Copyright 2025 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include "internal/der.h"
#include "crypto/ml_dsa.h"
/* Well known OIDs precompiled */
/*
* id-ml-dsa-44 OBJECT IDENTIFIER ::= { sigAlgs 17 }
*/
#define DER_OID_V_id_ml_dsa_44 DER_P_OBJECT, 9, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x03, 0x11
#define DER_OID_SZ_id_ml_dsa_44 11
extern const unsigned char ossl_der_oid_id_ml_dsa_44[DER_OID_SZ_id_ml_dsa_44];
/*
* id-ml-dsa-65 OBJECT IDENTIFIER ::= { sigAlgs 18 }
*/
#define DER_OID_V_id_ml_dsa_65 DER_P_OBJECT, 9, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x03, 0x12
#define DER_OID_SZ_id_ml_dsa_65 11
extern const unsigned char ossl_der_oid_id_ml_dsa_65[DER_OID_SZ_id_ml_dsa_65];
/*
* id-ml-dsa-87 OBJECT IDENTIFIER ::= { sigAlgs 19 }
*/
#define DER_OID_V_id_ml_dsa_87 DER_P_OBJECT, 9, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x03, 0x13
#define DER_OID_SZ_id_ml_dsa_87 11
extern const unsigned char ossl_der_oid_id_ml_dsa_87[DER_OID_SZ_id_ml_dsa_87];
int ossl_DER_w_algorithmIdentifier_ML_DSA(WPACKET *pkt, int tag, ML_DSA_KEY *key);

103
crypto/openssl/providers/common/include/prov/der_slh_dsa.h Normal file
View file

@ -0,0 +1,103 @@
/*
* WARNING: do not edit!
* Generated by Makefile from providers/common/include/prov/der_slh_dsa.h.in
*
* Copyright 2025 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include "internal/der.h"
#include "crypto/slh_dsa.h"
/* Well known OIDs precompiled */
/*
* id-slh-dsa-sha2-128s OBJECT IDENTIFIER ::= { sigAlgs 20 }
*/
#define DER_OID_V_id_slh_dsa_sha2_128s DER_P_OBJECT, 9, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x03, 0x14
#define DER_OID_SZ_id_slh_dsa_sha2_128s 11
extern const unsigned char ossl_der_oid_id_slh_dsa_sha2_128s[DER_OID_SZ_id_slh_dsa_sha2_128s];
/*
* id-slh-dsa-sha2-128f OBJECT IDENTIFIER ::= { sigAlgs 21 }
*/
#define DER_OID_V_id_slh_dsa_sha2_128f DER_P_OBJECT, 9, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x03, 0x15
#define DER_OID_SZ_id_slh_dsa_sha2_128f 11
extern const unsigned char ossl_der_oid_id_slh_dsa_sha2_128f[DER_OID_SZ_id_slh_dsa_sha2_128f];
/*
* id-slh-dsa-sha2-192s OBJECT IDENTIFIER ::= { sigAlgs 22 }
*/
#define DER_OID_V_id_slh_dsa_sha2_192s DER_P_OBJECT, 9, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x03, 0x16
#define DER_OID_SZ_id_slh_dsa_sha2_192s 11
extern const unsigned char ossl_der_oid_id_slh_dsa_sha2_192s[DER_OID_SZ_id_slh_dsa_sha2_192s];
/*
* id-slh-dsa-sha2-192f OBJECT IDENTIFIER ::= { sigAlgs 23 }
*/
#define DER_OID_V_id_slh_dsa_sha2_192f DER_P_OBJECT, 9, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x03, 0x17
#define DER_OID_SZ_id_slh_dsa_sha2_192f 11
extern const unsigned char ossl_der_oid_id_slh_dsa_sha2_192f[DER_OID_SZ_id_slh_dsa_sha2_192f];
/*
* id-slh-dsa-sha2-256s OBJECT IDENTIFIER ::= { sigAlgs 24 }
*/
#define DER_OID_V_id_slh_dsa_sha2_256s DER_P_OBJECT, 9, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x03, 0x18
#define DER_OID_SZ_id_slh_dsa_sha2_256s 11
extern const unsigned char ossl_der_oid_id_slh_dsa_sha2_256s[DER_OID_SZ_id_slh_dsa_sha2_256s];
/*
* id-slh-dsa-sha2-256f OBJECT IDENTIFIER ::= { sigAlgs 25 }
*/
#define DER_OID_V_id_slh_dsa_sha2_256f DER_P_OBJECT, 9, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x03, 0x19
#define DER_OID_SZ_id_slh_dsa_sha2_256f 11
extern const unsigned char ossl_der_oid_id_slh_dsa_sha2_256f[DER_OID_SZ_id_slh_dsa_sha2_256f];
/*
* id-slh-dsa-shake-128s OBJECT IDENTIFIER ::= { sigAlgs 26 }
*/
#define DER_OID_V_id_slh_dsa_shake_128s DER_P_OBJECT, 9, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x03, 0x1A
#define DER_OID_SZ_id_slh_dsa_shake_128s 11
extern const unsigned char ossl_der_oid_id_slh_dsa_shake_128s[DER_OID_SZ_id_slh_dsa_shake_128s];
/*
* id-slh-dsa-shake-128f OBJECT IDENTIFIER ::= { sigAlgs 27 }
*/
#define DER_OID_V_id_slh_dsa_shake_128f DER_P_OBJECT, 9, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x03, 0x1B
#define DER_OID_SZ_id_slh_dsa_shake_128f 11
extern const unsigned char ossl_der_oid_id_slh_dsa_shake_128f[DER_OID_SZ_id_slh_dsa_shake_128f];
/*
* id-slh-dsa-shake-192s OBJECT IDENTIFIER ::= { sigAlgs 28 }
*/
#define DER_OID_V_id_slh_dsa_shake_192s DER_P_OBJECT, 9, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x03, 0x1C
#define DER_OID_SZ_id_slh_dsa_shake_192s 11
extern const unsigned char ossl_der_oid_id_slh_dsa_shake_192s[DER_OID_SZ_id_slh_dsa_shake_192s];
/*
* id-slh-dsa-shake-192f OBJECT IDENTIFIER ::= { sigAlgs 29 }
*/
#define DER_OID_V_id_slh_dsa_shake_192f DER_P_OBJECT, 9, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x03, 0x1D
#define DER_OID_SZ_id_slh_dsa_shake_192f 11
extern const unsigned char ossl_der_oid_id_slh_dsa_shake_192f[DER_OID_SZ_id_slh_dsa_shake_192f];
/*
* id-slh-dsa-shake-256s OBJECT IDENTIFIER ::= { sigAlgs 30 }
*/
#define DER_OID_V_id_slh_dsa_shake_256s DER_P_OBJECT, 9, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x03, 0x1E
#define DER_OID_SZ_id_slh_dsa_shake_256s 11
extern const unsigned char ossl_der_oid_id_slh_dsa_shake_256s[DER_OID_SZ_id_slh_dsa_shake_256s];
/*
* id-slh-dsa-shake-256f OBJECT IDENTIFIER ::= { sigAlgs 31 }
*/
#define DER_OID_V_id_slh_dsa_shake_256f DER_P_OBJECT, 9, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x03, 0x1F
#define DER_OID_SZ_id_slh_dsa_shake_256f 11
extern const unsigned char ossl_der_oid_id_slh_dsa_shake_256f[DER_OID_SZ_id_slh_dsa_shake_256f];
int ossl_DER_w_algorithmIdentifier_SLH_DSA(WPACKET *pkt, int tag, SLH_DSA_KEY *key);

16
crypto/openssl/test/provider_internal_test.cnf Normal file
View file

@ -0,0 +1,16 @@
# Comment out the next line to ignore configuration errors
config_diagnostics = 1
openssl_conf = openssl_init
[openssl_init]
providers = providers
[providers]
p_test_configured = p_test_configured
[p_test_configured]
module = p_test.so
activate = 1
greeting = Hello OpenSSL, greetings from Test Provider

252
crypto/openssl/tools/c_rehash Executable file
View file

@ -0,0 +1,252 @@
#!/usr/local/bin/perl
# WARNING: do not edit!
# Generated by Makefile from tools/c_rehash.in
# Copyright 1999-2025 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the Apache License 2.0 (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
# in the file LICENSE in the source distribution or at
# https://www.openssl.org/source/license.html
# Perl c_rehash script, scan all files in a directory
# and add symbolic links to their hash values.
my $dir = "/usr/local/openssl";
my $prefix = "/usr/local";
my $errorcount = 0;
my $openssl = $ENV{OPENSSL} || "openssl";
my $pwd;
my $x509hash = "-subject_hash";
my $crlhash = "-hash";
my $verbose = 0;
my $symlink_exists=eval {symlink("",""); 1};
my $removelinks = 1;
## Parse flags.
while ( $ARGV[0] =~ /^-/ ) {
my $flag = shift @ARGV;
last if ( $flag eq '--');
if ( $flag eq '-old') {
$x509hash = "-subject_hash_old";
$crlhash = "-hash_old";
} elsif ( $flag eq '-h' || $flag eq '-help' ) {
help();
} elsif ( $flag eq '-n' ) {
$removelinks = 0;
} elsif ( $flag eq '-v' ) {
$verbose++;
}
else {
print STDERR "Usage error; try -h.\n";
exit 1;
}
}
sub help {
print "Usage: c_rehash [-old] [-h] [-help] [-v] [dirs...]\n";
print " -old use old-style digest\n";
print " -h or -help print this help text\n";
print " -v print files removed and linked\n";
exit 0;
}
eval "require Cwd";
if (defined(&Cwd::getcwd)) {
$pwd=Cwd::getcwd();
} else {
$pwd=`pwd`;
chomp($pwd);
}
# DOS/Win32 or Unix delimiter? Prefix our installdir, then search.
my $path_delim = ($pwd =~ /^[a-z]\:/i) ? ';' : ':';
$ENV{PATH} = "$prefix/bin" . ($ENV{PATH} ? $path_delim . $ENV{PATH} : "");
if (!(-f $openssl && -x $openssl)) {
my $found = 0;
foreach (split /$path_delim/, $ENV{PATH}) {
if (-f "$_/$openssl" && -x "$_/$openssl") {
$found = 1;
$openssl = "$_/$openssl";
last;
}
}
if ($found == 0) {
print STDERR "c_rehash: rehashing skipped ('openssl' program not available)\n";
exit 0;
}
}
if (@ARGV) {
@dirlist = @ARGV;
} elsif ($ENV{SSL_CERT_DIR}) {
@dirlist = split /$path_delim/, $ENV{SSL_CERT_DIR};
} else {
$dirlist[0] = "$dir/certs";
}
if (-d $dirlist[0]) {
chdir $dirlist[0];
$openssl="$pwd/$openssl" if (!(-f $openssl && -x $openssl));
chdir $pwd;
}
foreach (@dirlist) {
if (-d $_ ) {
if ( -w $_) {
hash_dir($_);
} else {
print "Skipping $_, can't write\n";
$errorcount++;
}
}
}
exit($errorcount);
sub copy_file {
my ($src_fname, $dst_fname) = @_;
if (open(my $in, "<", $src_fname)) {
if (open(my $out, ">", $dst_fname)) {
print $out $_ while (<$in>);
close $out;
} else {
warn "Cannot open $dst_fname for write, $!";
}
close $in;
} else {
warn "Cannot open $src_fname for read, $!";
}
}
sub hash_dir {
my $dir = shift;
my %hashlist;
print "Doing $dir\n";
if (!chdir $dir) {
print STDERR "WARNING: Cannot chdir to '$dir', $!\n";
return;
}
opendir(DIR, ".") || print STDERR "WARNING: Cannot opendir '.', $!\n";
my @flist = sort readdir(DIR);
closedir DIR;
if ( $removelinks ) {
# Delete any existing symbolic links
foreach (grep {/^[\da-f]+\.r{0,1}\d+$/} @flist) {
if (-l $_) {
print "unlink $_\n" if $verbose;
unlink $_ || warn "Can't unlink $_, $!\n";
}
}
}
FILE: foreach $fname (grep {/\.(pem|crt|cer|crl)$/} @flist) {
# Check to see if certificates and/or CRLs present.
my ($cert, $crl) = check_file($fname);
if (!$cert && !$crl) {
print STDERR "WARNING: $fname does not contain a certificate or CRL: skipping\n";
next;
}
link_hash_cert($fname) if ($cert);
link_hash_crl($fname) if ($crl);
}
chdir $pwd;
}
sub check_file {
my ($is_cert, $is_crl) = (0,0);
my $fname = $_[0];
open(my $in, "<", $fname);
while(<$in>) {
if (/^-----BEGIN (.*)-----/) {
my $hdr = $1;
if ($hdr =~ /^(X509 |TRUSTED |)CERTIFICATE$/) {
$is_cert = 1;
last if ($is_crl);
} elsif ($hdr eq "X509 CRL") {
$is_crl = 1;
last if ($is_cert);
}
}
}
close $in;
return ($is_cert, $is_crl);
}
sub compute_hash {
my $fh;
if ( $^O eq "VMS" ) {
# VMS uses the open through shell
# The file names are safe there and list form is unsupported
if (!open($fh, "-|", join(' ', @_))) {
print STDERR "Cannot compute hash on '$fname'\n";
return;
}
} else {
if (!open($fh, "-|", @_)) {
print STDERR "Cannot compute hash on '$fname'\n";
return;
}
}
return (<$fh>, <$fh>);
}
# Link a certificate to its subject name hash value, each hash is of
# the form <hash>.<n> where n is an integer. If the hash value already exists
# then we need to up the value of n, unless its a duplicate in which
# case we skip the link. We check for duplicates by comparing the
# certificate fingerprints
sub link_hash_cert {
link_hash($_[0], 'cert');
}
# Same as above except for a CRL. CRL links are of the form <hash>.r<n>
sub link_hash_crl {
link_hash($_[0], 'crl');
}
sub link_hash {
my ($fname, $type) = @_;
my $is_cert = $type eq 'cert';
my ($hash, $fprint) = compute_hash($openssl,
$is_cert ? "x509" : "crl",
$is_cert ? $x509hash : $crlhash,
"-fingerprint", "-noout",
"-in", $fname);
chomp $hash;
$hash =~ s/^.*=// if !$is_cert;
chomp $fprint;
return if !$hash;
$fprint =~ s/^.*=//;
$fprint =~ tr/://d;
my $suffix = 0;
# Search for an unused hash filename
my $crlmark = $is_cert ? "" : "r";
while(exists $hashlist{"$hash.$crlmark$suffix"}) {
# Hash matches: if fingerprint matches its a duplicate cert
if ($hashlist{"$hash.$crlmark$suffix"} eq $fprint) {
my $what = $is_cert ? 'certificate' : 'CRL';
print STDERR "WARNING: Skipping duplicate $what $fname\n";
return;
}
$suffix++;
}
$hash .= ".$crlmark$suffix";
if ($symlink_exists) {
print "link $fname -> $hash\n" if $verbose;
symlink $fname, $hash || warn "Can't symlink, $!";
} else {
print "copy $fname -> $hash\n" if $verbose;
copy_file($fname, $hash);
}
$hashlist{$hash} = $fprint;
}

114
crypto/openssl/util/shlib_wrap.sh Executable file
View file

@ -0,0 +1,114 @@
#!/bin/sh
# To test this OpenSSL version's applications against another version's
# shared libraries, simply set
#
# OPENSSL_REGRESSION=/path/to/other/OpenSSL/build/tree
if [ -n "$OPENSSL_REGRESSION" ]; then
shlibwrap="$OPENSSL_REGRESSION/util/shlib_wrap.sh"
if [ -x "$shlibwrap" ]; then
# We clear OPENSSL_REGRESSION to avoid a loop, should the shlib_wrap.sh
# we exec also support that mechanism...
OPENSSL_REGRESSION= exec "$shlibwrap" "$@"
else
if [ -f "$shlibwrap" ]; then
echo "Not permitted to run $shlibwrap" >&2
else
echo "No $shlibwrap, perhaps OPENSSL_REGRESSION isn't properly set?" >&2
fi
exit 1
fi
fi
[ $# -ne 0 ] || set -x # debug mode without arguments:-)
THERE="`echo $0 | sed -e 's|[^/]*$||' 2>/dev/null`.."
[ -d "${THERE}" ] || exec "$@" # should never happen...
LIBCRYPTOSO="${THERE}/libcrypto.so.17"
LIBSSLSO="${THERE}/libssl.so.17"
SYSNAME=`(uname -s) 2>/dev/null`;
case "$SYSNAME" in
SunOS|IRIX*)
# SunOS and IRIX run-time linkers evaluate alternative
# variables depending on target ABI...
rld_var=LD_LIBRARY_PATH
case "`(/usr/bin/file "$LIBCRYPTOSO") 2>/dev/null`" in
*ELF\ 64*SPARC*|*ELF\ 64*AMD64*)
[ -n "$LD_LIBRARY_PATH_64" ] && rld_var=LD_LIBRARY_PATH_64
LD_PRELOAD_64="$LIBCRYPTOSO $LIBSSLSO"; export LD_PRELOAD_64
preload_var=LD_PRELOAD_64
;;
*ELF\ 32*SPARC*|*ELF\ 32*80386*)
# We only need to change LD_PRELOAD_32 and LD_LIBRARY_PATH_32
# on a multi-arch system. Otherwise, trust the fallbacks.
if [ -f /lib/64/ld.so.1 ]; then
[ -n "$LD_LIBRARY_PATH_32" ] && rld_var=LD_LIBRARY_PATH_32
LD_PRELOAD_32="$LIBCRYPTOSO $LIBSSLSO"; export LD_PRELOAD_32
preload_var=LD_PRELOAD_32
fi
;;
# Why are newly built .so's preloaded anyway? Because run-time
# .so lookup path embedded into application takes precedence
# over LD_LIBRARY_PATH and as result application ends up linking
# to previously installed .so's. On IRIX instead of preloading
# newly built .so's we trick run-time linker to fail to find
# the installed .so by setting _RLD_ROOT variable.
*ELF\ 32*MIPS*)
#_RLD_LIST="$LIBCRYPTOSO:$LIBSSLSO:DEFAULT"; export _RLD_LIST
_RLD_ROOT=/no/such/dir; export _RLD_ROOT
eval $rld_var=\"/usr/lib'${'$rld_var':+:$'$rld_var'}'\"
preload_var=_RLD_LIST
;;
*ELF\ N32*MIPS*)
[ -n "$LD_LIBRARYN32_PATH" ] && rld_var=LD_LIBRARYN32_PATH
#_RLDN32_LIST="$LIBCRYPTOSO:$LIBSSLSO:DEFAULT"; export _RLDN32_LIST
_RLDN32_ROOT=/no/such/dir; export _RLDN32_ROOT
eval $rld_var=\"/usr/lib32'${'$rld_var':+:$'$rld_var'}'\"
preload_var=_RLDN32_LIST
;;
*ELF\ 64*MIPS*)
[ -n "$LD_LIBRARY64_PATH" ] && rld_var=LD_LIBRARY64_PATH
#_RLD64_LIST="$LIBCRYPTOSO:$LIBSSLSO:DEFAULT"; export _RLD64_LIST
_RLD64_ROOT=/no/such/dir; export _RLD64_ROOT
eval $rld_var=\"/usr/lib64'${'$rld_var':+:$'$rld_var'}'\"
preload_var=_RLD64_LIST
;;
esac
eval $rld_var=\"${THERE}'${'$rld_var':+:$'$rld_var'}'\"; export $rld_var
unset rld_var
;;
NONSTOP_KERNEL)
# HPE NonStop has a proprietary mechanism for specifying
# the location of DLLs. It does not use PATH or variables
# commonly used on other platforms. The platform has a limited
# environment space keeping extraneous variables to a minimum
# is recommended.
_RLD_LIB_PATH="${THERE}:$LD_LIBRARY_PATH"
export _RLD_LIB_PATH
;;
*) LD_LIBRARY_PATH="${THERE}:$LD_LIBRARY_PATH" # Linux, ELF HP-UX
DYLD_LIBRARY_PATH="${THERE}:$DYLD_LIBRARY_PATH" # MacOS X
SHLIB_PATH="${THERE}:$SHLIB_PATH" # legacy HP-UX
LIBPATH="${THERE}:$LIBPATH" # AIX, OS/2
export LD_LIBRARY_PATH DYLD_LIBRARY_PATH SHLIB_PATH LIBPATH
# Even though $PATH is adjusted [for Windows sake], it doesn't
# necessarily does the trick. Trouble is that with introduction
# of SafeDllSearchMode in XP/2003 it's more appropriate to copy
# .DLLs in vicinity of executable, which is done elsewhere...
if [ "$OSTYPE" != msdosdjgpp ]; then
PATH="${THERE}:$PATH"; export PATH
fi
;;
esac
cmd="$1"; [ -x "$cmd" ] || cmd="$cmd${EXE_EXT}"
shift
if [ $# -eq 0 ]; then
exec "$cmd" # old sh, such as Tru64 4.x, fails to expand empty "$@"
else
exec "$cmd" "$@"
fi

133
crypto/openssl/util/wrap.pl Executable file
View file

@ -0,0 +1,133 @@
#! /usr/local/bin/perl
use strict;
use warnings;
use File::Basename;
use File::Spec::Functions;
BEGIN {
# This method corresponds exactly to 'use OpenSSL::Util',
# but allows us to use a platform specific file spec.
require '/home/khorben/Projects/FreeBSD/ports/security/openssl35/work/openssl-3.5.1/util/perl/OpenSSL/Util.pm';
OpenSSL::Util->import();
}
sub quote_cmd_win32 {
my $cmd = "";
foreach my $arg (@_) {
if ($arg =~ m{\A[\w,-./@]+\z}) {
$cmd .= $arg . q{ };;
} else {
$cmd .= q{"} . quote_arg_win32($arg) . q{" };
}
}
return substr($cmd, 0, -1);
}
sub quote_arg_win32 {
my ($arg) = @_;
my $val = "";
pos($arg) = 0;
while (1) {
return $val if (pos($arg) == length($arg));
if ($arg =~ m{\G((?:(?>[\\]*)[^"\\]+)+)}ogc) {
$val .= $1;
} elsif ($arg =~ m{\G"}ogc) {
$val .= qq{\\"};
} elsif ($arg =~ m{\G((?>[\\]+)(?="|\z))}ogc) {
$val .= qq{\\} x (2 * length($1));
} else {
die sprintf("Internal error quoting: '%s'\n", $arg);
}
}
}
my $there = canonpath(catdir(dirname($0), updir()));
my $std_engines = catdir($there, 'engines');
my $std_providers = catdir($there, 'providers');
my $std_openssl_conf = catdir($there, 'apps/openssl.cnf');
my $unix_shlib_wrap = catfile($there, 'util/shlib_wrap.sh');
my $std_openssl_conf_include;
if ($ARGV[0] eq '-fips') {
$std_openssl_conf = '/home/khorben/Projects/FreeBSD/ports/security/openssl35/work/openssl-3.5.1/test/fips-and-base.cnf';
shift;
$std_openssl_conf_include = catdir($there, 'providers');
}
if ($ARGV[0] eq '-jitter') {
$std_openssl_conf = '/home/khorben/Projects/FreeBSD/ports/security/openssl35/work/openssl-3.5.1/test/default-and-jitter.cnf';
shift;
$std_openssl_conf_include = catdir($there, 'providers');
}
local $ENV{OPENSSL_CONF_INCLUDE} = $std_openssl_conf_include
if defined $std_openssl_conf_include
&&($ENV{OPENSSL_CONF_INCLUDE} // '') eq ''
&& -d $std_openssl_conf_include;
local $ENV{OPENSSL_ENGINES} = $std_engines
if ($ENV{OPENSSL_ENGINES} // '') eq '' && -d $std_engines;
local $ENV{OPENSSL_MODULES} = $std_providers
if ($ENV{OPENSSL_MODULES} // '') eq '' && -d $std_providers;
local $ENV{OPENSSL_CONF} = $std_openssl_conf
if ($ENV{OPENSSL_CONF} // '') eq '' && -f $std_openssl_conf;
my $use_system = 0;
my @cmd;
if ($^O eq 'VMS') {
# VMS needs the command to be appropriately quotified
@cmd = fixup_cmd(@ARGV);
} elsif (-x $unix_shlib_wrap) {
@cmd = ( $unix_shlib_wrap, @ARGV );
} else {
# Hope for the best
@cmd = ( @ARGV );
}
# The exec() statement on MSWin32 doesn't seem to give back the exit code
# from the call, so we resort to using system() instead.
my $waitcode;
if ($^O eq 'MSWin32') {
$waitcode = system(quote_cmd_win32(@cmd));
} else {
$waitcode = system @cmd;
}
# According to documentation, -1 means that system() couldn't run the command,
# otherwise, the value is similar to the Unix wait() status value
# (exitcode << 8 | signalcode)
die "wrap.pl: Failed to execute '", join(' ', @cmd), "': $!\n"
if $waitcode == -1;
# When the subprocess aborted on a signal, we simply raise the same signal.
kill(($? & 255) => $$) if ($? & 255) != 0;
# If that didn't stop this script, mimic what Unix shells do, by
# converting the signal code to an exit code by setting the high bit.
# This only happens on Unix flavored operating systems, the others don't
# have this sort of signaling to date, and simply leave the low byte zero.
exit(($? & 255) | 128) if ($? & 255) != 0;
# When not a signal, just shift down the subprocess exit code and use that.
my $exitcode = $? >> 8;
# For VMS, perl recommendations is to emulate what the C library exit() does
# for all non-zero exit codes, except we set the error severity rather than
# success.
# Ref: https://perldoc.perl.org/perlport#exit
# https://perldoc.perl.org/perlvms#$?
if ($^O eq 'VMS' && $exitcode != 0) {
$exitcode =
0x35a000 # C facility code
+ ($exitcode * 8) # shift up to make space for the 3 severity bits
+ 2 # Severity: E(rror)
+ 0x10000000; # bit 28 set => the shell stays silent
}
exit($exitcode);

215
secure/lib/libcrypto/Makefile
View file

@ -8,19 +8,32 @@ SUBDIR= engines modules
PACKAGE= openssl-lib
LIB= crypto
SHLIB_MAJOR= 30
SHLIB_MAJOR= 35
VERSION_MAP= ${.CURDIR}/Version.map
NO_LINT=
PCFILES= libcrypto.pc
.include "Makefile.man"
.include "Makefile.inc"
SRCS= asn1_dsa.c bsearch.c cpt_err.c context.c core_algorithm.c core_fetch.c core_namemap.c cpuid.c cryptlib.c ctype.c
SRCS+= cversion.c der_writer.c ebcdic.c ex_data.c getenv.c info.c init.c initthread.c
SRCS+= mem.c mem_sec.c o_dir.c o_fopen.c o_init.c o_str.c o_time.c packet.c
SRCS+= param_build.c param_build_set.c params.c params_dup.c params_from_text.c
SRCS+= passphrase.c provider.c provider_child.c provider_conf.c provider_core.c provider_predefined.c punycode.c self_test_core.c sparse_array.c threads_lib.c threads_none.c threads_pthread.c trace.c uid.c
# $UTIL_COMMON
SRCS= cryptlib.c params.c params_from_text.c bsearch.c ex_data.c o_str.c
SRCS+= threads_pthread.c threads_win.c threads_none.c initthread.c
SRCS+= context.c sparse_array.c asn1_dsa.c packet.c param_build.c
SRCS+= param_build_set.c der_writer.c threads_lib.c params_dup.c
SRCS+= time.c params_idx.c
SRCS+= mem.c mem_sec.c
SRCS+= comp_methods.c cversion.c info.c cpt_err.c ebcdic.c uid.c o_time.c
SRCS+= o_dir.c o_fopen.c getenv.c o_init.c init.c trace.c provider.c
SRCS+= provider_child.c punycode.c passphrase.c sleep.c deterministic_nonce.c
SRCS+= quic_vlint.c defaults.c ssl_err.c
SRCS+= core_algorithm.c core_fetch.c core_namemap.c cpuid.c ctype.c
SRCS+= indicator_core.c
SRCS+= provider_conf.c provider_core.c provider_predefined.c
SRCS+= self_test_core.c
.if defined(ASM_aarch64)
SRCS+= arm64cpuid.S armcap.c
ACFLAGS.arm64cpuid.S= -march=armv8-a+crypto
@ -46,8 +59,8 @@ SRCS+= aes_cfb.c aes_ecb.c aes_ige.c aes_misc.c aes_ofb.c aes_wrap.c
SRCS+= aes_cbc.c aes_core.c aesv8-armx.S vpaes-armv8.S
ACFLAGS.aesv8-armx.S= -march=armv8-a+crypto
.elif defined(ASM_amd64)
SRCS+= aes-x86_64.S aesni-mb-x86_64.S aesni-sha1-x86_64.S
SRCS+= aesni-sha256-x86_64.S aesni-x86_64.S bsaes-x86_64.S vpaes-x86_64.S
SRCS+= aes-x86_64.S aesni-mb-x86_64.S aesni-sha1-x86_64.S aesni-sha256-x86_64.S
SRCS+= aesni-x86_64.S aesni-xts-avx512.S bsaes-x86_64.S vpaes-x86_64.S
.elif defined(ASM_arm)
SRCS+= aes_cbc.c aes-armv4.S aesv8-armx.S bsaes-armv7.S
.elif defined(ASM_i386)
@ -89,7 +102,7 @@ SRCS+= bf_enc.c
# bio
SRCS+= bio_addr.c bio_dump.c bio_print.c bio_sock.c bio_sock2.c bf_buff.c
SRCS+= bf_lbuf.c bf_nbio.c bf_null.c bio_cb.c bio_err.c bio_lib.c bio_meth.c
SRCS+= bss_acpt.c bss_bio.c bss_conn.c bss_core.c bss_dgram.c bss_fd.c
SRCS+= bss_acpt.c bss_bio.c bss_conn.c bss_core.c bss_dgram.c bss_dgram_pair.c bss_fd.c
SRCS+= bss_file.c bss_log.c bss_mem.c bss_null.c bss_sock.c ossl_core_bio.c
# bn
@ -101,7 +114,10 @@ SRCS+= bn_sqr.c bn_sqrt.c bn_srp.c bn_word.c bn_x931p.c
.if defined(ASM_aarch64)
SRCS+= armv8-mont.S bn_asm.c
.elif defined(ASM_amd64)
SRCS+= rsaz-avx2.S rsaz-avx512.S rsaz-x86_64.S rsaz_exp.c rsaz_exp_x2.c
SRCS+= rsaz-2k-avx512.S rsaz-2k-avxifma.S
SRCS+= rsaz-3k-avx512.S rsaz-3k-avxifma.S
SRCS+= rsaz-4k-avx512.S rsaz-4k-avxifma.S
SRCS+= rsaz-avx2.S rsaz-x86_64.S rsaz_exp.c rsaz_exp_x2.c
SRCS+= x86_64-gcc.c x86_64-gf2m.S x86_64-mont.S x86_64-mont5.S
.elif defined(ASM_arm)
SRCS+= armv4-gf2m.S armv4-mont.S bn_asm.c
@ -140,7 +156,7 @@ SRCS+= c_cfb64.c c_ecb.c c_enc.c c_ofb64.c c_skey.c
# chacha
.if defined(ASM_aarch64)
SRCS+= chacha-armv8.S
SRCS+= chacha-armv8.S chacha-armv8-sve.S
.elif defined(ASM_amd64)
SRCS+= chacha-x86_64.S
.elif defined(ASM_arm)
@ -148,11 +164,11 @@ SRCS+= chacha-armv4.S
.elif defined(ASM_i386)
SRCS+= chacha-x86.S
.elif defined(ASM_powerpc)
SRCS+= chacha_ppc.c chacha-ppc.S
SRCS+= chacha_ppc.c chacha-ppc.S chachap10-ppc.S
.elif defined(ASM_powerpc64)
SRCS+= chacha_ppc.c chacha-ppc.S
SRCS+= chacha_ppc.c chacha-ppc.S chachap10-ppc.S
.elif defined(ASM_powerpc64le)
SRCS+= chacha_ppc.c chacha-ppc.S
SRCS+= chacha_ppc.c chacha-ppc.S chachap10-ppc.S
.else
SRCS+= chacha_enc.c
.endif
@ -161,8 +177,10 @@ SRCS+= chacha_enc.c
SRCS+= cmac.c
# cmp
SRCS+= cmp_asn.c cmp_client.c cmp_ctx.c cmp_err.c cmp_hdr.c cmp_http.c
SRCS+= cmp_msg.c cmp_protect.c cmp_server.c cmp_status.c cmp_util.c cmp_vfy.c
SRCS+= cmp_asn.c cmp_ctx.c cmp_err.c cmp_util.c
SRCS+= cmp_status.c cmp_hdr.c cmp_protect.c cmp_msg.c cmp_vfy.c
SRCS+= cmp_server.c cmp_client.c cmp_genm.c
SRCS+= cmp_http.c
# cms
SRCS+= cms_asn1.c cms_att.c cms_cd.c cms_dd.c cms_dh.c cms_ec.c cms_enc.c
@ -170,7 +188,7 @@ SRCS+= cms_env.c cms_err.c cms_ess.c cms_io.c cms_kari.c cms_lib.c cms_pwri.c
SRCS+= cms_rsa.c cms_sd.c cms_smime.c
# comp
SRCS+= c_zlib.c comp_err.c comp_lib.c
SRCS+= comp_lib.c comp_err.c c_brotli.c c_zstd.c c_zlib.c
# conf
SRCS+= conf_api.c conf_def.c conf_err.c conf_lib.c conf_mall.c conf_mod.c
@ -216,7 +234,9 @@ SRCS+= ecp_oct.c ecp_smpl.c ecx_backend.c ecx_key.c ecx_meth.c eddsa.c
SRCS+= f_generic.c f_impl32.c f_impl64.c scalar.c
# see OPENSSL_NO_EC_NISTP_64_GCC_128 in configuration.h
.if ${MACHINE_ABI:Mlittle-endian} && ${MACHINE_ABI:Mlong64}
SRCS+= ecp_nistp224.c ecp_nistp256.c ecp_nistp521.c ecp_nistputil.c
SRCS+= ecp_nistp224.c ecp_nistp256.c ecp_nistp384.c ecp_nistp521.c ecp_nistputil.c
.else
CFLAGS+=-DOPENSSL_NO_EC_NISTP_64_GCC_128
.endif
.if defined(ASM_aarch64)
SRCS+= ecp_nistz256-armv8.S ecp_nistz256.c
@ -243,7 +263,7 @@ SRCS+= eng_rdrand.c eng_table.c tb_asnmth.c tb_cipher.c tb_dh.c tb_digest.c
SRCS+= tb_dsa.c tb_eckey.c tb_pkmeth.c tb_rand.c tb_rsa.c
# err
SRCS+= err.c err_all.c err_all_legacy.c err_blocks.c err_prn.c
SRCS+= err.c err_all.c err_all_legacy.c err_blocks.c err_mark.c err_prn.c err_save.c
# ess
SRCS+= ess_asn1.c ess_err.c ess_lib.c
@ -258,15 +278,21 @@ SRCS+= encode.c evp_cnf.c evp_enc.c evp_err.c evp_fetch.c evp_key.c evp_lib.c ev
SRCS+= evp_pkey.c evp_rand.c evp_utils.c exchange.c kdf_lib.c kdf_meth.c kem.c keymgmt_lib.c keymgmt_meth.c
SRCS+= legacy_blake2.c legacy_md4.c legacy_md5.c legacy_md5_sha1.c m_null.c
SRCS+= legacy_ripemd.c legacy_sha.c legacy_wp.c m_sigver.c mac_lib.c mac_meth.c names.c p5_crpt.c
SRCS+= p5_crpt2.c p_dec.c p_enc.c p_legacy.c p_lib.c p_open.c p_seal.c p_sign.c
SRCS+= p_verify.c pbe_scrypt.c pmeth_check.c pmeth_gn.c pmeth_lib.c signature.c
SRCS+= p5_crpt2.c p_dec.c p_enc.c p_legacy.c p_lib.c s_lib.c p_open.c p_seal.c p_sign.c
SRCS+= p_verify.c pbe_scrypt.c pmeth_check.c pmeth_gn.c skeymgmt_meth.c pmeth_lib.c signature.c
# ffc
SRCS+= ffc_backend.c ffc_dh.c ffc_key_generate.c ffc_key_validate.c
SRCS+= ffc_params.c ffc_params_generate.c ffc_params_validate.c
# hashtable
SRCS+= hashtable.c hashfunc.c
# hmac
SRCS+= hmac.c
SRCS+= hmac.c hmac_s390x.c
# hpke
SRCS+= hpke_util.c hpke.c
# http
SRCS+= http_client.c http_err.c http_lib.c
@ -288,14 +314,22 @@ SRCS+= md5-x86_64.S
SRCS+= md5-586.S
.endif
# ml_dsa
SRCS+= ml_dsa_encoders.c ml_dsa_key_compress.c ml_dsa_key.c
SRCS+= ml_dsa_matrix.c ml_dsa_ntt.c ml_dsa_params.c ml_dsa_sample.c
SRCS+= ml_dsa_sign.c
# ml_kem
SRCS+= ml_kem.c
# modes
SRCS+= cbc128.c ccm128.c cfb128.c ctr128.c cts128.c gcm128.c ocb128.c
SRCS+= ofb128.c siv128.c wrap128.c xts128.c
SRCS+= ofb128.c siv128.c wrap128.c xts128.c xts128gb.c
.if defined(ASM_aarch64)
SRCS+= ghashv8-armx.S aes-gcm-armv8_64.S
SRCS+= ghashv8-armx.S aes-gcm-armv8_64.S aes-gcm-armv8-unroll8_64.S
ACFLAGS.ghashv8-armx.S= -march=armv8-a+crypto
.elif defined(ASM_amd64)
SRCS+= aesni-gcm-x86_64.S ghash-x86_64.S
SRCS+= aesni-gcm-x86_64.S aes-gcm-avx512.S ghash-x86_64.S
.elif defined(ASM_arm)
SRCS+= ghash-armv4.S ghashv8-armx.S
.elif defined(ASM_i386)
@ -303,9 +337,9 @@ SRCS+= ghash-x86.S
.elif defined(ASM_powerpc)
SRCS+= ghashp8-ppc.S
.elif defined(ASM_powerpc64)
SRCS+= ghashp8-ppc.S
SRCS+= aes-gcm-ppc.S ghashp8-ppc.S
.elif defined(ASM_powerpc64le)
SRCS+= ghashp8-ppc.S
SRCS+= aes-gcm-ppc.S ghashp8-ppc.S
.endif
# objects
@ -361,7 +395,9 @@ SRCS+= securitycheck_default.c
# providers/common/der
SRCS+= der_rsa_gen.c der_rsa_key.c der_rsa_sig.c
SRCS+= der_digests_gen.c
SRCS+= der_ml_dsa_gen.c der_ml_dsa_key.c
SRCS+= der_wrap_gen.c
SRCS+= der_slh_dsa_gen.c der_slh_dsa_key.c
SRCS+= der_dsa_gen.c der_dsa_key.c der_dsa_sig.c
SRCS+= der_ec_gen.c der_ec_key.c der_ec_sig.c
SRCS+= der_ecx_gen.c der_ecx_key.c
@ -371,18 +407,20 @@ SRCS+= rsa_enc.c
# providers/implementations/ciphers
SRCS+= ciphercommon.c ciphercommon_hw.c ciphercommon_block.c \
ciphercommon_gcm.c ciphercommon_gcm_hw.c \
ciphercommon_ccm.c ciphercommon_ccm_hw.c
ciphercommon_gcm.c ciphercommon_gcm_hw.c \
ciphercommon_ccm.c ciphercommon_ccm_hw.c
SRCS+= cipher_aes.c cipher_aes_hw.c \
cipher_aes_xts.c cipher_aes_xts_hw.c \
cipher_aes_gcm.c cipher_aes_gcm_hw.c \
cipher_aes_ccm.c cipher_aes_ccm_hw.c \
cipher_aes_wrp.c \
cipher_aes_cbc_hmac_sha.c \
cipher_aes_cbc_hmac_sha256_hw.c cipher_aes_cbc_hmac_sha1_hw.c \
cipher_cts.c
cipher_aes_xts.c cipher_aes_xts_hw.c \
cipher_aes_gcm.c cipher_aes_gcm_hw.c \
cipher_aes_ccm.c cipher_aes_ccm_hw.c \
cipher_aes_wrp.c \
cipher_aes_cbc_hmac_sha.c \
cipher_aes_cbc_hmac_sha256_hw.c cipher_aes_cbc_hmac_sha1_hw.c \
cipher_cts.c
SRCS+= cipher_aes_ocb.c cipher_aes_ocb_hw.c
SRCS+= cipher_aes_xts_fips.c
SRCS+= cipher_aes_gcm_siv.c cipher_aes_gcm_siv_hw.c \
cipher_aes_gcm_siv_polyval.c
SRCS+= cipher_aes_siv.c cipher_aes_siv_hw.c
SRCS+= cipher_blowfish.c cipher_blowfish_hw.c
SRCS+= cipher_camellia.c cipher_camellia_hw.c
@ -414,6 +452,7 @@ SRCS+= decode_der2key.c decode_epki2pki.c decode_msblob2key.c decode_pvk2key.c
SRCS+= decode_pem2der.c decode_spki2typespki.c
SRCS+= encode_key2any.c encode_key2blob.c encode_key2ms.c encode_key2text.c
SRCS+= endecoder_common.c
SRCS+= ml_dsa_codecs.c ml_kem_codecs.c ml_common_codecs.c
# providers/implementations/exchange
SRCS+= dh_exch.c
@ -421,15 +460,17 @@ SRCS+= ecx_exch.c ecdh_exch.c
SRCS+= kdf_exch.c
# providers/implementations/kdfs
SRCS+= hkdf.c kbkdf.c krb5kdf.c pbkdf1.c pbkdf2.c pbkdf2_fips.c
SRCS+= pkcs12kdf.c scrypt.c sskdf.c sshkdf.c tls1_prf.c x942kdf.c
SRCS+= argon2.c hkdf.c hmacdrbg_kdf.c kbkdf.c krb5kdf.c
SRCS+= pbkdf1.c pbkdf2.c pbkdf2_fips.c
SRCS+= pkcs12kdf.c pvkkdf.c scrypt.c sskdf.c sshkdf.c tls1_prf.c x942kdf.c
# providers/implementations/kem
SRCS+= rsa_kem.c
SRCS+= ec_kem.c ecx_kem.c kem_util.c ml_kem_kem.c mlx_kem.c rsa_kem.c
# providers/implementations/keymgmt
SRCS+= dh_kmgmt.c dsa_kmgmt.c ec_kmgmt.c ecx_kmgmt.c kdf_legacy_kmgmt.c
SRCS+= mac_legacy_kmgmt.c rsa_kmgmt.c
SRCS+= mac_legacy_kmgmt.c ml_dsa_kmgmt.c ml_kem_kmgmt.c mlx_kmgmt.c rsa_kmgmt.c
SRCS+= slh_dsa_kmgmt.c
# providers/implementations/macs
SRCS+= gmac_prov.c hmac_prov.c kmac_prov.c
@ -439,21 +480,25 @@ SRCS+= poly1305_prov.c
SRCS+= siphash_prov.c
# providers/implementations/rands
SRCS+= crngt.c drbg.c drbg_ctr.c drbg_hash.c drbg_hmac.c test_rng.c
SRCS+= drbg.c drbg_ctr.c drbg_hash.c drbg_hmac.c test_rng.c
SRCS+= seed_src.c
# providers/implementations/rands/seeding
SRCS+= rand_cpu_x86.c rand_tsc.c rand_unix.c rand_win.c
# providers/implementations/signature
SRCS+= dsa_sig.c eddsa_sig.c ecdsa_sig.c mac_legacy_sig.c rsa_sig.c
SRCS+= dsa_sig.c eddsa_sig.c ecdsa_sig.c mac_legacy_sig.c ml_dsa_sig.c
SRCS+= rsa_sig.c slh_dsa_sig.c
# providers/implementations/skeymgmt
SRCS+= aes_skmgmt.c generic.c
# providers/implementations/storemgmt
SRCS+= file_store.c file_store_any2obj.c
# rand
SRCS+= prov_seed.c rand_deprecated.c rand_egd.c rand_err.c rand_lib.c
SRCS+= rand_meth.c rand_pool.c randfile.c
SRCS+= rand_meth.c rand_pool.c rand_uniform.c randfile.c
# rc2
SRCS+= rc2_cbc.c rc2_ecb.c rc2_skey.c rc2cfb64.c rc2ofb64.c
@ -467,6 +512,10 @@ SRCS+= rc4-586.S
SRCS+= rc4_enc.c rc4_skey.c
.endif
# record/methods
SRCS+= ssl3_cbc.c
SRCS+= tls_pad.c
# ripemd
SRCS+= rmd_dgst.c rmd_one.c
.if defined(ASM_i386)
@ -507,15 +556,13 @@ SRCS+= keccak1600.c
# siphash
SRCS+= siphash.c
# slh_dsa
SRCS+= slh_adrs.c slh_dsa.c slh_dsa_hash_ctx.c slh_dsa_key.c slh_fors.c slh_hash.c
SRCS+= slh_hypertree.c slh_params.c slh_wots.c slh_xmss.c
# srp
SRCS+= srp_lib.c srp_vfy.c
# ssl
SRCS+= s3_cbc.c
# ssl/record
SRCS+= tls_pad.c
# stack
SRCS+= stack.c
@ -523,6 +570,9 @@ SRCS+= stack.c
SRCS+= store_err.c store_init.c store_lib.c store_meth.c store_register.c
SRCS+= store_result.c store_strings.c
# thread
SRCS+= api.c arch.c arch/thread_win.c arch/thread_posix.c arch/thread_none.c internal.c
# ts
SRCS+= ts_asn1.c ts_conf.c ts_err.c ts_lib.c ts_req_print.c ts_req_utils.c
SRCS+= ts_rsp_print.c ts_rsp_sign.c ts_rsp_utils.c ts_rsp_verify.c
@ -545,38 +595,45 @@ SRCS+= wp_block.c
.endif
# x509
SRCS+= by_dir.c by_file.c by_store.c
SRCS+= pcy_cache.c pcy_data.c pcy_lib.c pcy_map.c pcy_node.c pcy_tree.c
SRCS+= t_crl.c t_req.c t_x509.c
SRCS+= v3_addr.c v3_admis.c v3_akeya.c v3_akid.c v3_asid.c
SRCS+= v3_bcons.c v3_bitst.c v3_conf.c v3_cpols.c v3_crld.c v3_enum.c
SRCS+= v3_extku.c v3_genn.c v3_ia5.c v3_info.c v3_int.c v3_ist.c v3_lib.c v3_ncons.c
SRCS+= v3_pci.c v3_pcia.c v3_pcons.c v3_pku.c v3_pmaps.c v3_prn.c v3_purp.c
SRCS+= v3_san.c v3_skid.c v3_sxnet.c v3_tlsf.c v3_utf8.c v3_utl.c v3err.c
SRCS+= x509_att.c x509_cmp.c x509_d2.c x509_def.c x509_err.c x509_ext.c x509_lu.c x509_meth.c
SRCS+= x509_obj.c x509_r2x.c x509_req.c x509_set.c x509_trust.c x509_txt.c
SRCS+= x509_v3.c x509_vfy.c x509_vpm.c x509cset.c x509name.c x509rset.c
SRCS+= x509spki.c x509type.c x_all.c x_attrib.c x_crl.c x_exten.c x_name.c
SRCS+= x_pubkey.c x_req.c x_x509.c x_x509a.c
SRCS+= x509_def.c x509_d2.c x509_r2x.c x509_cmp.c
SRCS+= x509_obj.c x509_req.c x509spki.c x509_vfy.c
SRCS+= x509_set.c x509cset.c x509rset.c x509_err.c
SRCS+= x509name.c x509_v3.c x509_ext.c x509_att.c
SRCS+= x509_meth.c x509_lu.c x_all.c x509_txt.c
SRCS+= x509_trust.c by_file.c by_dir.c by_store.c x509_vpm.c
SRCS+= x_crl.c t_crl.c x_req.c t_req.c x_x509.c t_x509.c
SRCS+= x_pubkey.c x_x509a.c x_attrib.c x_exten.c x_name.c
SRCS+= v3_bcons.c v3_bitst.c v3_conf.c v3_extku.c v3_ia5.c v3_utf8.c v3_lib.c
SRCS+= v3_prn.c v3_utl.c v3err.c v3_genn.c v3_san.c v3_skid.c v3_akid.c
SRCS+= v3_pku.c v3_int.c v3_enum.c v3_sxnet.c v3_cpols.c v3_crld.c v3_purp.c
SRCS+= v3_info.c v3_akeya.c v3_pmaps.c v3_pcons.c v3_ncons.c
SRCS+= v3_pcia.c v3_pci.c v3_ist.c
SRCS+= pcy_cache.c pcy_node.c pcy_data.c pcy_map.c pcy_tree.c pcy_lib.c
SRCS+= v3_asid.c v3_addr.c v3_tlsf.c v3_admis.c v3_no_rev_avail.c
SRCS+= v3_soa_id.c v3_no_ass.c v3_group_ac.c v3_single_use.c v3_ind_iss.c
SRCS+= x509_acert.c x509aset.c t_acert.c x_ietfatt.c v3_ac_tgt.c v3_sda.c
SRCS+= v3_usernotice.c v3_battcons.c v3_audit_id.c v3_iobo.c v3_authattid.c
SRCS+= v3_rolespec.c v3_attrdesc.c v3_timespec.c v3_attrmap.c v3_aaa.c
SRCS+= x509type.c
INCS= aes.h asn1.h asn1_mac.h asn1err.h asn1t.h async.h asyncerr.h bio.h
INCS+= bioerr.h blowfish.h bn.h bnerr.h buffer.h buffererr.h camellia.h
INCS= aes.h asn1.h asn1err.h asn1t.h async.h asyncerr.h bio.h
INCS+= bioerr.h blowfish.h bn.h bnerr.h buffer.h buffererr.h byteorder.h camellia.h
INCS+= cast.h cmac.h cmp.h cmp_util.h cmperr.h cms.h cmserr.h comp.h comperr.h conf.h conf_api.h
INCS+= conferr.h configuration.h conftypes.h core.h core_dispatch.h core_names.h core_object.h
INCS+= crmf.h crmferr.h crypto.h cryptoerr.h cryptoerr_legacy.h ct.h cterr.h
INCS+= decoder.h decodererr.h des.h dh.h dherr.h dsa.h
INCS+= dsaerr.h dtls1.h e_os2.h ebcdic.h ec.h ecdh.h ecdsa.h ecerr.h encoder.h encodererr.h
INCS+= engine.h engineerr.h err.h ess.h esserr.h evp.h evperr.h fips_names.h fipskey.h hmac.h http.h httperr.h idea.h kdf.h
INCS+= kdferr.h lhash.h macros.h md2.h md4.h md5.h mdc2.h modes.h obj_mac.h
INCS+= dsaerr.h dtls1.h e_os2.h e_ostime.h ebcdic.h ec.h ecdh.h ecdsa.h ecerr.h encoder.h encodererr.h
INCS+= engine.h engineerr.h err.h ess.h esserr.h evp.h evperr.h fips_names.h fipskey.h hmac.h hpke.h http.h httperr.h idea.h indicator.h
INCS+= kdf.h kdferr.h lhash.h macros.h md2.h md4.h md5.h mdc2.h modes.h obj_mac.h
INCS+= objects.h objectserr.h ocsp.h ocsperr.h opensslconf.h opensslv.h
INCS+= ossl_typ.h param_build.h params.h pem.h pem2.h pemerr.h pkcs12.h pkcs12err.h pkcs7.h
INCS+= pkcs7err.h prov_ssl.h proverr.h provider.h rand.h randerr.h rc2.h rc4.h rc5.h ripemd.h
INCS+= pkcs7err.h prov_ssl.h proverr.h provider.h quic.h rand.h randerr.h rc2.h rc4.h rc5.h ripemd.h
INCS+= rsa.h rsaerr.h safestack.h seed.h self_test.h sha.h srp.h srtp.h ssl.h ssl2.h
INCS+= ssl3.h sslerr.h sslerr_legacy.h stack.h store.h storeerr.h symhacks.h tls1.h trace.h ts.h
INCS+= ssl3.h sslerr.h sslerr_legacy.h stack.h store.h storeerr.h symhacks.h thread.h tls1.h trace.h ts.h
INCS+= tserr.h txt_db.h types.h ui.h uierr.h whrlpool.h x509.h x509_vfy.h x509err.h
INCS+= x509v3.h x509v3err.h
INCSDIR= ${INCLUDEDIR}/openssl
INCSDIR=${INCLUDEDIR}/openssl
LIBADD= pthread
@ -615,6 +672,10 @@ buildasm cleanasm:
.include <bsd.lib.mk>
.if ${MACHINE} == "powerpc"
# Work around "relocation R_PPC_GOT16 out of range" errors
PICFLAG= -fPIC
.endif
PICFLAG+= -DOPENSSL_PIC
.if defined(ASM_${MACHINE_CPUARCH})
@ -626,7 +687,8 @@ PICFLAG+= -DOPENSSL_PIC
.PATH: ${SRCTOP}/sys/crypto/openssl/${MACHINE_ARCH}
.endif
.PATH: ${LCRYPTO_SRC}/crypto \
.PATH: ${LCRYPTO_SRC}/include/openssl \
${LCRYPTO_SRC}/crypto \
${LCRYPTO_SRC}/crypto/aes \
${LCRYPTO_SRC}/crypto/aria \
${LCRYPTO_SRC}/crypto/asn1 \
@ -660,7 +722,9 @@ PICFLAG+= -DOPENSSL_PIC
${LCRYPTO_SRC}/crypto/ess \
${LCRYPTO_SRC}/crypto/evp \
${LCRYPTO_SRC}/crypto/ffc \
${LCRYPTO_SRC}/crypto/hashtable \
${LCRYPTO_SRC}/crypto/hmac \
${LCRYPTO_SRC}/crypto/hpke \
${LCRYPTO_SRC}/crypto/http \
${LCRYPTO_SRC}/crypto/idea \
${LCRYPTO_SRC}/crypto/kdf \
@ -668,6 +732,8 @@ PICFLAG+= -DOPENSSL_PIC
${LCRYPTO_SRC}/crypto/md4 \
${LCRYPTO_SRC}/crypto/md5 \
${LCRYPTO_SRC}/crypto/mdc2 \
${LCRYPTO_SRC}/crypto/ml_dsa \
${LCRYPTO_SRC}/crypto/ml_kem \
${LCRYPTO_SRC}/crypto/modes \
${LCRYPTO_SRC}/crypto/objects \
${LCRYPTO_SRC}/crypto/ocsp \
@ -685,19 +751,20 @@ PICFLAG+= -DOPENSSL_PIC
${LCRYPTO_SRC}/crypto/seed \
${LCRYPTO_SRC}/crypto/sha \
${LCRYPTO_SRC}/crypto/siphash \
${LCRYPTO_SRC}/crypto/slh_dsa \
${LCRYPTO_SRC}/crypto/sm2 \
${LCRYPTO_SRC}/crypto/sm3 \
${LCRYPTO_SRC}/crypto/sm4 \
${LCRYPTO_SRC}/crypto/srp \
${LCRYPTO_SRC}/crypto/stack \
${LCRYPTO_SRC}/crypto/store \
${LCRYPTO_SRC}/crypto/thread \
${LCRYPTO_SRC}/crypto/ts \
${LCRYPTO_SRC}/crypto/txt_db \
${LCRYPTO_SRC}/crypto/ui \
${LCRYPTO_SRC}/crypto/whrlpool \
${LCRYPTO_SRC}/crypto/x509 \
${LCRYPTO_SRC}/crypto/x509v3 \
${LCRYPTO_SRC}/include/openssl \
${LCRYPTO_SRC}/providers \
${LCRYPTO_SRC}/providers/common \
${LCRYPTO_SRC}/providers/common/der \
@ -713,6 +780,8 @@ PICFLAG+= -DOPENSSL_PIC
${LCRYPTO_SRC}/providers/implementations/rands \
${LCRYPTO_SRC}/providers/implementations/rands/seeding \
${LCRYPTO_SRC}/providers/implementations/signature \
${LCRYPTO_SRC}/providers/implementations/skeymgmt \
${LCRYPTO_SRC}/providers/implementations/storemgmt \
${LCRYPTO_SRC}/ssl \
${LCRYPTO_SRC}/ssl/record
${LCRYPTO_SRC}/ssl/record \
${LCRYPTO_SRC}/ssl/record/methods

50
secure/lib/libcrypto/Makefile.asm
View file

@ -12,9 +12,12 @@
${LCRYPTO_SRC}/crypto/bn/asm \
${LCRYPTO_SRC}/crypto/chacha/asm \
${LCRYPTO_SRC}/crypto/ec/asm \
${LCRYPTO_SRC}/crypto/md5/asm \
${LCRYPTO_SRC}/crypto/modes/asm \
${LCRYPTO_SRC}/crypto/poly1305/asm \
${LCRYPTO_SRC}/crypto/sha/asm
${LCRYPTO_SRC}/crypto/sha/asm \
${LCRYPTO_SRC}/crypto/sm3/asm \
${LCRYPTO_SRC}/crypto/sm4/asm
PERLPATH= -I${LCRYPTO_SRC}/crypto/perlasm
@ -22,19 +25,22 @@ PERLPATH= -I${LCRYPTO_SRC}/crypto/perlasm
SRCS= arm64cpuid.pl
# aes
SRCS+= aesv8-armx.pl vpaes-armv8.pl
SRCS+= aesv8-armx.pl bsaes-armv8.pl vpaes-armv8.pl
# bn
SRCS+= armv8-mont.pl
# chacha
SRCS+= chacha-armv8.pl
SRCS+= chacha-armv8.pl chacha-armv8-sve.pl
# ec
SRCS+= ecp_nistz256-armv8.pl
SRCS+= ecp_nistz256-armv8.pl ecp_sm2p256-armv8.pl
# md5
SRCS+= md5-aarch64.pl
# modes
SRCS+= ghashv8-armx.pl aes-gcm-armv8_64.S
SRCS+= ghashv8-armx.pl aes-gcm-armv8_64.pl aes-gcm-armv8-unroll8_64.pl
# poly1305
SRCS+= poly1305-armv8.pl
@ -42,6 +48,12 @@ SRCS+= poly1305-armv8.pl
# sha
SRCS+= keccak1600-armv8.pl sha1-armv8.pl sha512-armv8.pl
# sm3
SRCS+= sm3-armv8.pl
# sm4
SRCS+= sm4-armv8.pl vpsm4-armv8.pl vpsm4_ex-armv8.pl
ASM= ${SRCS:R:S/$/.S/} sha256-armv8.S
all: ${ASM}
@ -83,11 +95,14 @@ SRCS= x86_64cpuid.pl
# aes
SRCS+= aes-x86_64.pl \
aesni-mb-x86_64.pl aesni-sha1-x86_64.pl aesni-sha256-x86_64.pl \
aesni-x86_64.pl bsaes-x86_64.pl vpaes-x86_64.pl
aesni-x86_64.pl aesni-xts-avx512.pl bsaes-x86_64.pl vpaes-x86_64.pl
# bn
SRCS+= rsaz-avx2.pl rsaz-avx512.pl rsaz-x86_64.pl x86_64-gf2m.pl \
x86_64-mont.pl x86_64-mont5.pl
SRCS+= rsaz-avx2.pl rsaz-x86_64.pl \
rsaz-2k-avx512.pl rsaz-2k-avxifma.pl \
rsaz-3k-avx512.pl rsaz-3k-avxifma.pl \
rsaz-4k-avx512.pl rsaz-4k-avxifma.pl \
x86_64-gf2m.pl x86_64-mont.pl x86_64-mont5.pl
# camellia
SRCS+= cmll-x86_64.pl
@ -102,7 +117,7 @@ SRCS+= ecp_nistz256-x86_64.pl x25519-x86_64.pl
SRCS+= md5-x86_64.pl
# modes
SRCS+= aesni-gcm-x86_64.pl ghash-x86_64.pl
SRCS+= aes-gcm-avx512.pl aesni-gcm-x86_64.pl ghash-x86_64.pl
# poly1305
SRCS+= poly1305-x86_64.pl
@ -314,10 +329,10 @@ SRCS+= aes-ppc.pl vpaes-ppc.pl aesp8-ppc.pl
SRCS+= sha1-ppc.pl sha512-ppc.pl sha512p8-ppc.pl
#modes
SRCS+= ghashp8-ppc.pl
SRCS+= aes-gcm-ppc.pl ghashp8-ppc.pl
#chacha
SRCS+= chacha-ppc.pl
SRCS+= chacha-ppc.pl chachap10-ppc.pl
#poly1305
SRCS+= poly1305-ppc.pl poly1305-ppcfp.pl
@ -376,16 +391,17 @@ SRCS+= aes-ppc.pl vpaes-ppc.pl aesp8-ppc.pl
SRCS+= sha1-ppc.pl sha512-ppc.pl sha512p8-ppc.pl
#modes
SRCS+= ghashp8-ppc.pl
SRCS+= aes-gcm-ppc.pl ghashp8-ppc.pl
#chacha
SRCS+= chacha-ppc.pl
SRCS+= chacha-ppc.pl chachap10-ppc.pl
#poly1305
SRCS+= poly1305-ppc.pl poly1305-ppcfp.pl
#ec
SRCS+= ecp_nistp521-ppc64.pl ecp_nistz256-ppc64.pl x25519-ppc64.pl
SRCS+= ecp_nistp384-ppc64.pl ecp_nistp521-ppc64.pl ecp_nistz256-ppc64.pl x25519-ppc64.pl
#keccak1600
SRCS+= keccak1600-ppc64.pl
@ -444,16 +460,16 @@ SRCS+= aes-ppc.pl vpaes-ppc.pl aesp8-ppc.pl
SRCS+= sha1-ppc.pl sha512-ppc.pl sha512p8-ppc.pl
#modes
SRCS+= ghashp8-ppc.pl
SRCS+= aes-gcm-ppc.pl ghashp8-ppc.pl
#chacha
SRCS+= chacha-ppc.pl
SRCS+= chacha-ppc.pl chachap10-ppc.pl
#poly1305
SRCS+= poly1305-ppc.pl poly1305-ppcfp.pl
#ec
SRCS+= ecp_nistp521-ppc64.pl ecp_nistz256-ppc64.pl x25519-ppc64.pl
SRCS+= ecp_nistp384-ppc64.pl ecp_nistp521-ppc64.pl ecp_nistz256-ppc64.pl x25519-ppc64.pl
#keccak1600
SRCS+= keccak1600-ppc64.pl

5
secure/lib/libcrypto/Makefile.inc
View file

@ -1,8 +1,8 @@
.include <bsd.own.mk>
# OpenSSL version used for manual page generation
OPENSSL_VER= 3.0.16
OPENSSL_DATE= 2025-02-11
OPENSSL_VER= 3.5.0
OPENSSL_DATE= 2025-07-01
LCRYPTO_SRC= ${SRCTOP}/crypto/openssl
LCRYPTO_DOC= ${LCRYPTO_SRC}/doc
@ -10,6 +10,7 @@ LCRYPTO_DOC= ${LCRYPTO_SRC}/doc
CFLAGS+= -I${LCRYPTO_SRC}
CFLAGS+= -I${LCRYPTO_SRC}/include
CFLAGS+= -I${LCRYPTO_SRC}/providers/common/include
CFLAGS+= -I${LCRYPTO_SRC}/providers/fips/include
CFLAGS+= -I${LCRYPTO_SRC}/providers/implementations/include
.include "Makefile.common"

544
secure/lib/libcrypto/Version.map
View file

@ -5397,3 +5397,547 @@ OPENSSL_3_0_9 {
i2s_ASN1_UTF8STRING;
s2i_ASN1_UTF8STRING;
} OPENSSL_1_1_1h;
OPENSSL_3_5_0 {
global:
ASN1_item_unpack_ex;
BIO_ADDR_copy;
BIO_ADDR_dup;
BIO_err_is_non_fatal;
BIO_f_brotli;
BIO_f_zlib;
BIO_f_zstd;
BIO_get_rpoll_descriptor;
BIO_get_wpoll_descriptor;
BIO_meth_get_recvmmsg;
BIO_meth_get_sendmmsg;
BIO_meth_set_recvmmsg;
BIO_meth_set_sendmmsg;
BIO_new_bio_dgram_pair;
BIO_recvmmsg;
BIO_s_dgram_mem;
BIO_s_dgram_pair;
BIO_sendmmsg;
BN_are_coprime;
BN_signed_bin2bn;
BN_signed_bn2bin;
BN_signed_bn2lebin;
BN_signed_bn2native;
BN_signed_lebin2bn;
BN_signed_native2bn;
CMS_EnvelopedData_decrypt;
CMS_EnvelopedData_dup;
CMS_SignedData_free;
CMS_SignedData_new;
CMS_SignedData_verify;
CMS_final_digest;
COMP_brotli;
COMP_brotli_oneshot;
COMP_zlib_oneshot;
COMP_zstd;
COMP_zstd_oneshot;
CRYPTO_aligned_alloc;
CRYPTO_atomic_add64;
CRYPTO_atomic_and;
CRYPTO_atomic_load_int;
CRYPTO_atomic_store;
DIST_POINT_NAME_dup;
EC_GROUP_to_params;
ERR_count_to_mark;
ERR_pop;
EVP_CIPHER_CTX_dup;
EVP_CIPHER_CTX_get_algor;
EVP_CIPHER_CTX_get_algor_params;
EVP_CIPHER_CTX_set_algor_params;
EVP_CIPHER_can_pipeline;
EVP_CipherInit_SKEY;
EVP_DigestSqueeze;
EVP_KEYMGMT_gen_gettable_params;
EVP_MAC_init_SKEY;
EVP_MD_CTX_dup;
EVP_MD_CTX_get_size_ex;
EVP_MD_xof;
EVP_PKEY_CTX_get_algor;
EVP_PKEY_CTX_get_algor_params;
EVP_PKEY_CTX_set_algor_params;
EVP_PKEY_CTX_set_signature;
EVP_PKEY_auth_decapsulate_init;
EVP_PKEY_auth_encapsulate_init;
EVP_PKEY_sign_init_ex2;
EVP_PKEY_sign_message_final;
EVP_PKEY_sign_message_init;
EVP_PKEY_sign_message_update;
EVP_PKEY_verify_init_ex2;
EVP_PKEY_verify_message_final;
EVP_PKEY_verify_message_init;
EVP_PKEY_verify_message_update;
EVP_PKEY_verify_recover_init_ex2;
EVP_RAND_CTX_up_ref;
EVP_SKEY_export;
EVP_SKEY_free;
EVP_SKEY_generate;
EVP_SKEY_get0_key_id;
EVP_SKEY_get0_provider_name;
EVP_SKEY_get0_raw_key;
EVP_SKEY_get0_skeymgmt_name;
EVP_SKEY_import;
EVP_SKEY_import_raw_key;
EVP_SKEY_is_a;
EVP_SKEY_to_provider;
EVP_SKEY_up_ref;
EVP_SKEYMGMT_do_all_provided;
EVP_SKEYMGMT_fetch;
EVP_SKEYMGMT_free;
EVP_SKEYMGMT_get0_description;
EVP_SKEYMGMT_get0_gen_settable_params;
EVP_SKEYMGMT_get0_imp_settable_params;
EVP_SKEYMGMT_get0_name;
EVP_SKEYMGMT_get0_provider;
EVP_SKEYMGMT_is_a;
EVP_SKEYMGMT_names_do_all;
EVP_SKEYMGMT_up_ref;
EVP_get1_default_properties;
GENERAL_NAME_set1_X509_NAME;
OPENSSL_LH_doall_arg_thunk;
OPENSSL_LH_set_thunks;
OPENSSL_strtoul;
OSSL_AA_DIST_POINT_free;
OSSL_AA_DIST_POINT_it;
OSSL_AA_DIST_POINT_new;
OSSL_ALLOWED_ATTRIBUTES_CHOICE_free;
OSSL_ALLOWED_ATTRIBUTES_CHOICE_it;
OSSL_ALLOWED_ATTRIBUTES_CHOICE_new;
OSSL_ALLOWED_ATTRIBUTES_ITEM_free;
OSSL_ALLOWED_ATTRIBUTES_ITEM_it;
OSSL_ALLOWED_ATTRIBUTES_ITEM_new;
OSSL_ALLOWED_ATTRIBUTES_SYNTAX_free;
OSSL_ALLOWED_ATTRIBUTES_SYNTAX_it;
OSSL_ALLOWED_ATTRIBUTES_SYNTAX_new;
OSSL_ATAV_free;
OSSL_ATAV_it;
OSSL_ATAV_new;
OSSL_ATTRIBUTES_SYNTAX_free;
OSSL_ATTRIBUTES_SYNTAX_it;
OSSL_ATTRIBUTES_SYNTAX_new;
OSSL_ATTRIBUTE_DESCRIPTOR_free;
OSSL_ATTRIBUTE_DESCRIPTOR_it;
OSSL_ATTRIBUTE_DESCRIPTOR_new;
OSSL_ATTRIBUTE_MAPPINGS_free;
OSSL_ATTRIBUTE_MAPPINGS_it;
OSSL_ATTRIBUTE_MAPPINGS_new;
OSSL_ATTRIBUTE_MAPPING_free;
OSSL_ATTRIBUTE_MAPPING_it;
OSSL_ATTRIBUTE_MAPPING_new;
OSSL_ATTRIBUTE_TYPE_MAPPING_free;
OSSL_ATTRIBUTE_TYPE_MAPPING_it;
OSSL_ATTRIBUTE_TYPE_MAPPING_new;
OSSL_ATTRIBUTE_VALUE_MAPPING_free;
OSSL_ATTRIBUTE_VALUE_MAPPING_it;
OSSL_ATTRIBUTE_VALUE_MAPPING_new;
OSSL_AUTHORITY_ATTRIBUTE_ID_SYNTAX_free;
OSSL_AUTHORITY_ATTRIBUTE_ID_SYNTAX_it;
OSSL_AUTHORITY_ATTRIBUTE_ID_SYNTAX_new;
OSSL_LIB_CTX_get_conf_diagnostics;
OSSL_LIB_CTX_get_data;
OSSL_STACK_OF_X509_free;
OSSL_BASIC_ATTR_CONSTRAINTS_free;
OSSL_BASIC_ATTR_CONSTRAINTS_it;
OSSL_BASIC_ATTR_CONSTRAINTS_new;
OSSL_CMP_ATAV_create;
OSSL_CMP_ATAV_get0_algId;
OSSL_CMP_ATAV_get0_type;
OSSL_CMP_ATAV_get0_value;
OSSL_CMP_ATAV_get_rsaKeyLen;
OSSL_CMP_ATAV_new_algId;
OSSL_CMP_ATAV_new_rsaKeyLen;
OSSL_CMP_ATAV_push1;
OSSL_CMP_ATAV_set0;
OSSL_CMP_ATAVS_free;
OSSL_CMP_ATAVS_it;
OSSL_CMP_ATAVS_new;
OSSL_CMP_CERTREQTEMPLATE_free;
OSSL_CMP_CERTREQTEMPLATE_it;
OSSL_CMP_CERTREQTEMPLATE_new;
OSSL_CMP_CRLSOURCE_free;
OSSL_CMP_CRLSOURCE_it;
OSSL_CMP_CRLSOURCE_new;
OSSL_CMP_CRLSTATUS_create;
OSSL_CMP_CRLSTATUS_free;
OSSL_CMP_CRLSTATUS_get0;
OSSL_CMP_CRLSTATUS_it;
OSSL_CMP_CRLSTATUS_new;
OSSL_CMP_CRLSTATUS_new1;
OSSL_CMP_CTX_get0_geninfo_ITAVs;
OSSL_CMP_CTX_get0_libctx;
OSSL_CMP_CTX_get0_propq;
OSSL_CMP_CTX_get0_validatedSrvCert;
OSSL_CMP_CTX_set1_serialNumber;
OSSL_CMP_HDR_get0_geninfo_ITAVs;
OSSL_CMP_ITAV_get0_caCerts;
OSSL_CMP_ITAV_get0_certProfile;
OSSL_CMP_ITAV_get0_crlStatusList;
OSSL_CMP_ITAV_get0_crls;
OSSL_CMP_ITAV_get0_rootCaCert;
OSSL_CMP_ITAV_get0_rootCaKeyUpdate;
OSSL_CMP_ITAV_get1_certReqTemplate;
OSSL_CMP_ITAV_new_caCerts;
OSSL_CMP_ITAV_new_crls;
OSSL_CMP_ITAV_new_rootCaCert;
OSSL_CMP_ITAV_new_rootCaKeyUpdate;
OSSL_CMP_ITAV_new0_certProfile;
OSSL_CMP_ITAV_new0_certReqTemplate;
OSSL_CMP_ITAV_new0_crlStatusList;
OSSL_CMP_MSG_get0_certreq_publickey;
OSSL_CMP_ROOTCAKEYUPDATE_free;
OSSL_CMP_ROOTCAKEYUPDATE_it;
OSSL_CMP_ROOTCAKEYUPDATE_new;
OSSL_CMP_SRV_CTX_init_trans;
OSSL_CMP_get1_caCerts;
OSSL_CMP_get1_certReqTemplate;
OSSL_CMP_get1_crlUpdate;
OSSL_CMP_get1_rootCaKeyUpdate;
OSSL_CRMF_ATTRIBUTETYPEANDVALUE_dup;
OSSL_CRMF_ATTRIBUTETYPEANDVALUE_free;
OSSL_CRMF_ATTRIBUTETYPEANDVALUE_it;
OSSL_CRMF_ATTRIBUTETYPEANDVALUE_new;
OSSL_CRMF_CERTTEMPLATE_dup;
OSSL_CRMF_CERTTEMPLATE_get0_publicKey;
OSSL_CRMF_ENCRYPTEDKEY_free;
OSSL_CRMF_ENCRYPTEDKEY_get1_encCert;
OSSL_CRMF_ENCRYPTEDKEY_get1_pkey;
OSSL_CRMF_ENCRYPTEDKEY_init_envdata;
OSSL_CRMF_ENCRYPTEDKEY_it;
OSSL_CRMF_ENCRYPTEDKEY_new;
OSSL_CRMF_ENCRYPTEDVALUE_decrypt;
OSSL_CRMF_MSG_centralkeygen_requested;
OSSL_DAY_TIME_BAND_free;
OSSL_DAY_TIME_BAND_it;
OSSL_DAY_TIME_BAND_new;
OSSL_DAY_TIME_free;
OSSL_DAY_TIME_it;
OSSL_DAY_TIME_new;
OSSL_ERR_STATE_free;
OSSL_ERR_STATE_new;
OSSL_ERR_STATE_restore;
OSSL_ERR_STATE_save;
OSSL_ERR_STATE_save_to_mark;
OSSL_GENERAL_NAMES_print;
OSSL_HASH_free;
OSSL_HASH_it;
OSSL_HASH_new;
OSSL_HPKE_CTX_free;
OSSL_HPKE_CTX_get_seq;
OSSL_HPKE_CTX_new;
OSSL_HPKE_CTX_set1_authpriv;
OSSL_HPKE_CTX_set1_authpub;
OSSL_HPKE_CTX_set1_ikme;
OSSL_HPKE_CTX_set1_psk;
OSSL_HPKE_CTX_set_seq;
OSSL_HPKE_decap;
OSSL_HPKE_encap;
OSSL_HPKE_export;
OSSL_HPKE_get_ciphertext_size;
OSSL_HPKE_get_grease_value;
OSSL_HPKE_get_public_encap_size;
OSSL_HPKE_get_recommended_ikmelen;
OSSL_HPKE_keygen;
OSSL_HPKE_open;
OSSL_HPKE_seal;
OSSL_HPKE_str2suite;
OSSL_HPKE_suite_check;
OSSL_HTTP_REQ_CTX_set_max_response_hdr_lines;
OSSL_IETF_ATTR_SYNTAX_VALUE_free;
OSSL_IETF_ATTR_SYNTAX_VALUE_it;
OSSL_IETF_ATTR_SYNTAX_VALUE_new;
OSSL_IETF_ATTR_SYNTAX_add1_value;
OSSL_IETF_ATTR_SYNTAX_free;
OSSL_IETF_ATTR_SYNTAX_get0_policyAuthority;
OSSL_IETF_ATTR_SYNTAX_get0_value;
OSSL_IETF_ATTR_SYNTAX_get_value_num;
OSSL_IETF_ATTR_SYNTAX_it;
OSSL_IETF_ATTR_SYNTAX_new;
OSSL_IETF_ATTR_SYNTAX_print;
OSSL_IETF_ATTR_SYNTAX_set0_policyAuthority;
OSSL_INDICATOR_get_callback;
OSSL_INDICATOR_set_callback;
OSSL_INFO_SYNTAX_POINTER_free;
OSSL_INFO_SYNTAX_POINTER_it;
OSSL_INFO_SYNTAX_POINTER_new;
OSSL_INFO_SYNTAX_free;
OSSL_INFO_SYNTAX_it;
OSSL_INFO_SYNTAX_new;
OSSL_ISSUER_SERIAL_free;
OSSL_ISSUER_SERIAL_get0_issuer;
OSSL_ISSUER_SERIAL_get0_issuerUID;
OSSL_ISSUER_SERIAL_get0_serial;
OSSL_ISSUER_SERIAL_it;
OSSL_ISSUER_SERIAL_new;
OSSL_ISSUER_SERIAL_set1_issuer;
OSSL_ISSUER_SERIAL_set1_issuerUID;
OSSL_ISSUER_SERIAL_set1_serial;
OSSL_LIB_CTX_set_conf_diagnostics;
OSSL_NAMED_DAY_free;
OSSL_NAMED_DAY_it;
OSSL_NAMED_DAY_new;
OSSL_OBJECT_DIGEST_INFO_free;
OSSL_OBJECT_DIGEST_INFO_get0_digest;
OSSL_OBJECT_DIGEST_INFO_it;
OSSL_OBJECT_DIGEST_INFO_new;
OSSL_OBJECT_DIGEST_INFO_set1_digest;
OSSL_PARAM_print_to_bio;
OSSL_PRIVILEGE_POLICY_ID_free;
OSSL_PRIVILEGE_POLICY_ID_it;
OSSL_PRIVILEGE_POLICY_ID_new;
OSSL_PROVIDER_add_conf_parameter;
OSSL_PROVIDER_conf_get_bool;
OSSL_PROVIDER_get0_default_search_path;
OSSL_PROVIDER_get_conf_parameters;
OSSL_PROVIDER_load_ex;
OSSL_PROVIDER_try_load_ex;
OSSL_ROLE_SPEC_CERT_ID_SYNTAX_free;
OSSL_ROLE_SPEC_CERT_ID_SYNTAX_it;
OSSL_ROLE_SPEC_CERT_ID_SYNTAX_new;
OSSL_ROLE_SPEC_CERT_ID_free;
OSSL_ROLE_SPEC_CERT_ID_it;
OSSL_ROLE_SPEC_CERT_ID_new;
OSSL_STORE_delete;
OSSL_TARGETING_INFORMATION_free;
OSSL_TARGETING_INFORMATION_it;
OSSL_TARGETING_INFORMATION_new;
OSSL_TARGETS_free;
OSSL_TARGETS_it;
OSSL_TARGETS_new;
OSSL_TARGET_free;
OSSL_TARGET_it;
OSSL_TARGET_new;
OSSL_TIME_PERIOD_free;
OSSL_TIME_PERIOD_it;
OSSL_TIME_PERIOD_new;
OSSL_TIME_SPEC_ABSOLUTE_free;
OSSL_TIME_SPEC_ABSOLUTE_it;
OSSL_TIME_SPEC_ABSOLUTE_new;
OSSL_TIME_SPEC_DAY_free;
OSSL_TIME_SPEC_DAY_it;
OSSL_TIME_SPEC_DAY_new;
OSSL_TIME_SPEC_MONTH_free;
OSSL_TIME_SPEC_MONTH_it;
OSSL_TIME_SPEC_MONTH_new;
OSSL_TIME_SPEC_TIME_free;
OSSL_TIME_SPEC_TIME_it;
OSSL_TIME_SPEC_TIME_new;
OSSL_TIME_SPEC_WEEKS_free;
OSSL_TIME_SPEC_WEEKS_it;
OSSL_TIME_SPEC_WEEKS_new;
OSSL_TIME_SPEC_X_DAY_OF_free;
OSSL_TIME_SPEC_X_DAY_OF_it;
OSSL_TIME_SPEC_X_DAY_OF_new;
OSSL_TIME_SPEC_free;
OSSL_TIME_SPEC_it;
OSSL_TIME_SPEC_new;
OSSL_USER_NOTICE_SYNTAX_free;
OSSL_USER_NOTICE_SYNTAX_it;
OSSL_USER_NOTICE_SYNTAX_new;
OSSL_get_max_threads;
OSSL_get_thread_support_flags;
OSSL_set_max_threads;
OSSL_sleep;
OSSL_trace_string;
PBMAC1_get1_pbkdf2_param;
PBMAC1PARAM_free;
PBMAC1PARAM_it;
PBMAC1PARAM_new;
PEM_ASN1_write_bio_ctx;
PEM_read_X509_ACERT;
PEM_read_bio_X509_ACERT;
PEM_write_X509_ACERT;
PEM_write_bio_X509_ACERT;
PKCS12_SAFEBAG_get1_cert_ex;
PKCS12_SAFEBAG_get1_crl_ex;
PKCS12_SAFEBAG_set0_attrs;
PKCS12_create_ex2;
PKCS12_set_pbmac1_pbkdf2;
RAND_set0_private;
RAND_set0_public;
RAND_set1_random_provider;
TS_VERIFY_CTX_set0_certs;
TS_VERIFY_CTX_set0_data;
TS_VERIFY_CTX_set0_imprint;
TS_VERIFY_CTX_set0_store;
WPACKET_quic_sub_allocate_bytes;
WPACKET_quic_write_vlint;
WPACKET_start_quic_sub_packet;
WPACKET_start_quic_sub_packet_bound;
X509_ACERT_INFO_free;
X509_ACERT_INFO_it;
X509_ACERT_INFO_new;
X509_ACERT_ISSUER_V2FORM_free;
X509_ACERT_ISSUER_V2FORM_it;
X509_ACERT_ISSUER_V2FORM_new;
X509_ACERT_ISSUER_it;
X509_ACERT_add1_attr;
X509_ACERT_add1_attr_by_NID;
X509_ACERT_add1_attr_by_OBJ;
X509_ACERT_add1_attr_by_txt;
X509_ACERT_add1_ext_i2d;
X509_ACERT_add_attr_nconf;
X509_ACERT_delete_attr;
X509_ACERT_dup;
X509_ACERT_free;
X509_ACERT_get0_extensions;
X509_ACERT_get0_holder_baseCertId;
X509_ACERT_get0_holder_digest;
X509_ACERT_get0_holder_entityName;
X509_ACERT_get0_info_sigalg;
X509_ACERT_get0_issuerName;
X509_ACERT_get0_issuerUID;
X509_ACERT_get0_notAfter;
X509_ACERT_get0_notBefore;
X509_ACERT_get0_serialNumber;
X509_ACERT_get0_signature;
X509_ACERT_get_attr;
X509_ACERT_get_attr_by_NID;
X509_ACERT_get_attr_by_OBJ;
X509_ACERT_get_attr_count;
X509_ACERT_get_ext_d2i;
X509_ACERT_get_signature_nid;
X509_ACERT_get_version;
X509_ACERT_it;
X509_ACERT_new;
X509_ACERT_print;
X509_ACERT_print_ex;
X509_ACERT_set0_holder_baseCertId;
X509_ACERT_set0_holder_digest;
X509_ACERT_set0_holder_entityName;
X509_ACERT_set1_issuerName;
X509_ACERT_set1_notAfter;
X509_ACERT_set1_notBefore;
X509_ACERT_set1_serialNumber;
X509_ACERT_set_version;
X509_ACERT_sign;
X509_ACERT_sign_ctx;
X509_ACERT_verify;
X509_HOLDER_it;
X509_PUBKEY_set0_public_key;
X509_PURPOSE_get_unused_id;
X509_STORE_CTX_get0_rpk;
X509_STORE_CTX_init_rpk;
X509_STORE_CTX_set0_rpk;
X509_STORE_CTX_set_current_reasons;
X509_STORE_CTX_set_get_crl;
X509_STORE_get1_objects;
X509_VERIFY_PARAM_get_purpose;
X509v3_add_extensions;
d2i_OSSL_AA_DIST_POINT;
d2i_OSSL_ALLOWED_ATTRIBUTES_CHOICE;
d2i_OSSL_ALLOWED_ATTRIBUTES_ITEM;
d2i_OSSL_ALLOWED_ATTRIBUTES_SYNTAX;
d2i_OSSL_ATAV;
d2i_OSSL_ATTRIBUTES_SYNTAX;
d2i_OSSL_ATTRIBUTE_DESCRIPTOR;
d2i_OSSL_ATTRIBUTE_MAPPING;
d2i_OSSL_ATTRIBUTE_MAPPINGS;
d2i_OSSL_ATTRIBUTE_TYPE_MAPPING;
d2i_OSSL_ATTRIBUTE_VALUE_MAPPING;
d2i_OSSL_AUTHORITY_ATTRIBUTE_ID_SYNTAX;
d2i_OSSL_BASIC_ATTR_CONSTRAINTS;
d2i_OSSL_CMP_ATAVS;
d2i_OSSL_CMP_CERTREQTEMPLATE;
d2i_OSSL_CMP_CRLSOURCE;
d2i_OSSL_CMP_CRLSTATUS;
d2i_OSSL_CMP_ROOTCAKEYUPDATE;
d2i_OSSL_CRMF_ENCRYPTEDKEY;
d2i_OSSL_DAY_TIME;
d2i_OSSL_DAY_TIME_BAND;
d2i_OSSL_HASH;
d2i_OSSL_IETF_ATTR_SYNTAX;
d2i_OSSL_INFO_SYNTAX;
d2i_OSSL_INFO_SYNTAX_POINTER;
d2i_OSSL_NAMED_DAY;
d2i_OSSL_PRIVILEGE_POLICY_ID;
d2i_OSSL_ROLE_SPEC_CERT_ID;
d2i_OSSL_ROLE_SPEC_CERT_ID_SYNTAX;
d2i_OSSL_TARGET;
d2i_OSSL_TARGETING_INFORMATION;
d2i_OSSL_TARGETS;
d2i_OSSL_TIME_PERIOD;
d2i_OSSL_TIME_SPEC;
d2i_OSSL_TIME_SPEC_ABSOLUTE;
d2i_OSSL_TIME_SPEC_DAY;
d2i_OSSL_TIME_SPEC_MONTH;
d2i_OSSL_TIME_SPEC_TIME;
d2i_OSSL_TIME_SPEC_WEEKS;
d2i_OSSL_TIME_SPEC_X_DAY_OF;
d2i_OSSL_USER_NOTICE_SYNTAX;
d2i_PBMAC1PARAM;
d2i_PUBKEY_ex_bio;
d2i_PUBKEY_ex_fp;
d2i_X509_ACERT;
d2i_X509_ACERT_bio;
d2i_X509_ACERT_fp;
i2d_OSSL_AA_DIST_POINT;
i2d_OSSL_ALLOWED_ATTRIBUTES_CHOICE;
i2d_OSSL_ALLOWED_ATTRIBUTES_ITEM;
i2d_OSSL_ALLOWED_ATTRIBUTES_SYNTAX;
i2d_OSSL_ATAV;
i2d_OSSL_ATTRIBUTES_SYNTAX;
i2d_OSSL_ATTRIBUTE_DESCRIPTOR;
i2d_OSSL_ATTRIBUTE_MAPPING;
i2d_OSSL_ATTRIBUTE_MAPPINGS;
i2d_OSSL_ATTRIBUTE_TYPE_MAPPING;
i2d_OSSL_ATTRIBUTE_VALUE_MAPPING;
i2d_OSSL_AUTHORITY_ATTRIBUTE_ID_SYNTAX;
i2d_OSSL_BASIC_ATTR_CONSTRAINTS;
i2d_OSSL_CMP_ATAVS;
i2d_OSSL_CMP_CERTREQTEMPLATE;
i2d_OSSL_CMP_CRLSOURCE;
i2d_OSSL_CMP_CRLSTATUS;
i2d_OSSL_CMP_ROOTCAKEYUPDATE;
i2d_OSSL_CRMF_ENCRYPTEDKEY;
i2d_OSSL_DAY_TIME;
i2d_OSSL_DAY_TIME_BAND;
i2d_OSSL_HASH;
i2d_OSSL_IETF_ATTR_SYNTAX;
i2d_OSSL_INFO_SYNTAX;
i2d_OSSL_INFO_SYNTAX_POINTER;
i2d_OSSL_NAMED_DAY;
i2d_OSSL_PRIVILEGE_POLICY_ID;
i2d_OSSL_ROLE_SPEC_CERT_ID;
i2d_OSSL_ROLE_SPEC_CERT_ID_SYNTAX;
i2d_OSSL_TARGET;
i2d_OSSL_TARGETING_INFORMATION;
i2d_OSSL_TARGETS;
i2d_OSSL_TIME_PERIOD;
i2d_OSSL_TIME_SPEC;
i2d_OSSL_TIME_SPEC_ABSOLUTE;
i2d_OSSL_TIME_SPEC_DAY;
i2d_OSSL_TIME_SPEC_MONTH;
i2d_OSSL_TIME_SPEC_TIME;
i2d_OSSL_TIME_SPEC_WEEKS;
i2d_OSSL_TIME_SPEC_X_DAY_OF;
i2d_OSSL_USER_NOTICE_SYNTAX;
i2d_PBMAC1PARAM;
i2d_X509_ACERT;
i2d_X509_ACERT_bio;
i2d_X509_ACERT_fp;
ossl_crypto_condvar_broadcast;
ossl_crypto_condvar_free;
ossl_crypto_condvar_new;
ossl_crypto_condvar_signal;
ossl_crypto_condvar_wait;
ossl_crypto_condvar_wait_timeout;
ossl_crypto_mutex_free;
ossl_crypto_mutex_lock;
ossl_crypto_mutex_new;
ossl_crypto_mutex_try_lock;
ossl_crypto_mutex_unlock;
ossl_crypto_thread_native_clean;
ossl_crypto_thread_native_exit;
ossl_crypto_thread_native_is_self;
ossl_crypto_thread_native_join;
ossl_crypto_thread_native_perform_join;
ossl_crypto_thread_native_spawn;
ossl_crypto_thread_native_start;
ssl3_cbc_digest_record;
ssl3_cbc_remove_padding_and_mac;
tls1_cbc_remove_padding_and_mac;
} OPENSSL_3_0_9;

120
secure/lib/libcrypto/man/man3/ADMISSIONS.3
View file

@ -1,4 +1,5 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\" -*- mode: troff; coding: utf-8 -*-
.\" Automatically generated by Pod::Man 5.0102 (Pod::Simple 3.45)
.\"
.\" Standard preamble:
.\" ========================================================================
@ -15,29 +16,12 @@
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.\" \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>.
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
@ -68,75 +52,15 @@
. \}
.\}
.rr rF
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "ADMISSIONS 3ossl"
.TH ADMISSIONS 3ossl "2023-09-19" "3.0.11" "OpenSSL"
.TH ADMISSIONS 3ossl 2025-07-01 3.5.1 OpenSSL
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
.SH NAME
ADMISSIONS,
ADMISSIONS_get0_admissionAuthority,
ADMISSIONS_get0_namingAuthority,
@ -169,7 +93,7 @@ PROFESSION_INFO_set0_professionItems,
PROFESSION_INFO_set0_professionOIDs,
PROFESSION_INFO_set0_registrationNumber
\&\- Accessors and settors for ADMISSION_SYNTAX
.SH "SYNOPSIS"
.SH SYNOPSIS
.IX Header "SYNOPSIS"
.Vb 5
\& typedef struct NamingAuthority_st NAMING_AUTHORITY;
@ -228,23 +152,23 @@ PROFESSION_INFO_set0_registrationNumber
\& void PROFESSION_INFO_set0_registrationNumber(
\& PROFESSION_INFO *pi, ASN1_PRINTABLESTRING *rn);
.Ve
.SH "DESCRIPTION"
.SH DESCRIPTION
.IX Header "DESCRIPTION"
The \fB\s-1PROFESSION_INFOS\s0\fR, \fB\s-1ADMISSION_SYNTAX\s0\fR, \fB\s-1ADMISSIONS\s0\fR, and
\&\fB\s-1PROFESSION_INFO\s0\fR types are opaque structures representing the
analogous types defined in the Common \s-1PKI\s0 Specification published
The \fBPROFESSION_INFOS\fR, \fBADMISSION_SYNTAX\fR, \fBADMISSIONS\fR, and
\&\fBPROFESSION_INFO\fR types are opaque structures representing the
analogous types defined in the Common PKI Specification published
by <https://www.t7ev.org>.
Knowledge of those structures and their semantics is assumed.
.PP
The conventional routines to convert between \s-1DER\s0 and the local format
The conventional routines to convert between DER and the local format
are described in \fBd2i_X509\fR\|(3).
The conventional routines to allocate and free the types are defined
in \fBX509_dup\fR\|(3).
.PP
The \fB\s-1PROFESSION_INFOS\s0\fR type is a stack of \fB\s-1PROFESSION_INFO\s0\fR; see
\&\s-1\fBDEFINE_STACK_OF\s0\fR\|(3) for details.
The \fBPROFESSION_INFOS\fR type is a stack of \fBPROFESSION_INFO\fR; see
\&\fBDEFINE_STACK_OF\fR\|(3) for details.
.PP
The \fB\s-1NAMING_AUTHORITY\s0\fR type has an authority \s-1ID\s0 and \s-1URL,\s0 and text fields.
The \fBNAMING_AUTHORITY\fR type has an authority ID and URL, and text fields.
The \fBNAMING_AUTHORITY_get0_authorityId()\fR,
\&\fBNAMING_AUTHORITY_get0_get0_authorityURL()\fR, and
\&\fBNAMING_AUTHORITY_get0_get0_authorityText()\fR, functions return pointers
@ -254,8 +178,8 @@ The \fBNAMING_AUTHORITY_set0_authorityId()\fR,
\&\fBNAMING_AUTHORITY_set0_get0_authorityText()\fR,
functions free any existing value and set the pointer to the specified value.
.PP
The \fB\s-1ADMISSION_SYNTAX\s0\fR type has an authority name and a stack of
\&\fB\s-1ADMISSION\s0\fR objects.
The \fBADMISSION_SYNTAX\fR type has an authority name and a stack of
\&\fBADMISSION\fR objects.
The \fBADMISSION_SYNTAX_get0_admissionAuthority()\fR
and \fBADMISSION_SYNTAX_get0_contentsOfAdmissions()\fR functions return pointers
to those values within the object.
@ -264,8 +188,8 @@ The
\&\fBADMISSION_SYNTAX_set0_contentsOfAdmissions()\fR
functions free any existing value and set the pointer to the specified value.
.PP
The \fB\s-1ADMISSION\s0\fR type has an authority name, authority object, and a
stack of \fB\s-1PROFESSION_INFO\s0\fR items.
The \fBADMISSION\fR type has an authority name, authority object, and a
stack of \fBPROFESSION_INFO\fR items.
The \fBADMISSIONS_get0_admissionAuthority()\fR, \fBADMISSIONS_get0_namingAuthority()\fR,
and \fBADMISSIONS_get0_professionInfos()\fR
functions return pointers to those values within the object.
@ -275,7 +199,7 @@ The
\&\fBADMISSIONS_set0_professionInfos()\fR
functions free any existing value and set the pointer to the specified value.
.PP
The \fB\s-1PROFESSION_INFO\s0\fR type has a name authority, stacks of
The \fBPROFESSION_INFO\fR type has a name authority, stacks of
profession Items and OIDs, a registration number, and additional
profession info.
The functions \fBPROFESSION_INFO_get0_addProfessionInfo()\fR,
@ -299,11 +223,11 @@ structure and must not be freed.
.IX Header "SEE ALSO"
\&\fBX509_dup\fR\|(3),
\&\fBd2i_X509\fR\|(3),
.SH "COPYRIGHT"
.SH COPYRIGHT
.IX Header "COPYRIGHT"
Copyright 2017\-2018 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
in the file LICENSE in the source distribution or at
<https://www.openssl.org/source/license.html>.

192
secure/lib/libcrypto/man/man3/ASN1_EXTERN_FUNCS.3
View file

@ -1,4 +1,5 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\" -*- mode: troff; coding: utf-8 -*-
.\" Automatically generated by Pod::Man 5.0102 (Pod::Simple 3.45)
.\"
.\" Standard preamble:
.\" ========================================================================
@ -15,29 +16,12 @@
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.\" \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>.
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
@ -68,80 +52,20 @@
. \}
.\}
.rr rF
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "ASN1_EXTERN_FUNCS 3ossl"
.TH ASN1_EXTERN_FUNCS 3ossl "2023-09-19" "3.0.11" "OpenSSL"
.TH ASN1_EXTERN_FUNCS 3ossl 2025-07-01 3.5.1 OpenSSL
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
.SH NAME
ASN1_EXTERN_FUNCS, ASN1_ex_d2i, ASN1_ex_d2i_ex, ASN1_ex_i2d, ASN1_ex_new_func,
ASN1_ex_new_ex_func, ASN1_ex_free_func, ASN1_ex_print_func,
IMPLEMENT_EXTERN_ASN1
\&\- ASN.1 external function support
.SH "SYNOPSIS"
.SH SYNOPSIS
.IX Header "SYNOPSIS"
.Vb 1
\& #include <openssl/asn1t.h>
@ -178,120 +102,120 @@ IMPLEMENT_EXTERN_ASN1
\&
\& #define IMPLEMENT_EXTERN_ASN1(sname, tag, fptrs)
.Ve
.SH "DESCRIPTION"
.SH DESCRIPTION
.IX Header "DESCRIPTION"
\&\s-1ASN.1\s0 data structures templates are typically defined in OpenSSL using a series
of macros such as \s-1\fBASN1_SEQUENCE\s0()\fR, \s-1\fBASN1_SEQUENCE_END\s0()\fR and so on. Instead
ASN.1 data structures templates are typically defined in OpenSSL using a series
of macros such as \fBASN1_SEQUENCE()\fR, \fBASN1_SEQUENCE_END()\fR and so on. Instead
templates can also be defined based entirely on external functions. These
external functions are called to perform operations such as creating a new
\&\fB\s-1ASN1_VALUE\s0\fR or converting an \fB\s-1ASN1_VALUE\s0\fR to or from \s-1DER\s0 encoding.
\&\fBASN1_VALUE\fR or converting an \fBASN1_VALUE\fR to or from DER encoding.
.PP
The macro \s-1\fBIMPLEMENT_EXTERN_ASN1\s0()\fR can be used to create such an externally
The macro \fBIMPLEMENT_EXTERN_ASN1()\fR can be used to create such an externally
defined structure. The name of the structure should be supplied in the \fIsname\fR
parameter. The tag for the structure (e.g. typically \fBV_ASN1_SEQUENCE\fR) should
be supplied in the \fItag\fR parameter. Finally a pointer to an
\&\fB\s-1ASN1_EXTERN_FUNCS\s0\fR structure should be supplied in the \fIfptrs\fR parameter.
\&\fBASN1_EXTERN_FUNCS\fR structure should be supplied in the \fIfptrs\fR parameter.
.PP
The \fB\s-1ASN1_EXTERN_FUNCS\s0\fR structure has the following entries.
.IP "\fIapp_data\fR" 4
The \fBASN1_EXTERN_FUNCS\fR structure has the following entries.
.IP \fIapp_data\fR 4
.IX Item "app_data"
A pointer to arbitrary application specific data.
.IP "\fIasn1_ex_new\fR" 4
.IP \fIasn1_ex_new\fR 4
.IX Item "asn1_ex_new"
A \*(L"new\*(R" function responsible for constructing a new \fB\s-1ASN1_VALUE\s0\fR object. The
A "new" function responsible for constructing a new \fBASN1_VALUE\fR object. The
newly constructed value should be stored in \fI*pval\fR. The \fIit\fR parameter is a
pointer to the \fB\s-1ASN1_ITEM\s0\fR template object created via the
\&\s-1\fBIMPLEMENT_EXTERN_ASN1\s0()\fR macro.
pointer to the \fBASN1_ITEM\fR template object created via the
\&\fBIMPLEMENT_EXTERN_ASN1()\fR macro.
.Sp
Returns a positive value on success or 0 on error.
.IP "\fIasn1_ex_free\fR" 4
.IP \fIasn1_ex_free\fR 4
.IX Item "asn1_ex_free"
A \*(L"free\*(R" function responsible for freeing the \fB\s-1ASN1_VALUE\s0\fR passed in \fI*pval\fR
that was previously allocated via a \*(L"new\*(R" function. The \fIit\fR parameter is a
pointer to the \fB\s-1ASN1_ITEM\s0\fR template object created via the
\&\s-1\fBIMPLEMENT_EXTERN_ASN1\s0()\fR macro.
.IP "\fIasn1_ex_clear\fR" 4
A "free" function responsible for freeing the \fBASN1_VALUE\fR passed in \fI*pval\fR
that was previously allocated via a "new" function. The \fIit\fR parameter is a
pointer to the \fBASN1_ITEM\fR template object created via the
\&\fBIMPLEMENT_EXTERN_ASN1()\fR macro.
.IP \fIasn1_ex_clear\fR 4
.IX Item "asn1_ex_clear"
A \*(L"clear\*(R" function responsible for clearing any data in the \fB\s-1ASN1_VALUE\s0\fR passed
A "clear" function responsible for clearing any data in the \fBASN1_VALUE\fR passed
in \fI*pval\fR and making it suitable for reuse. The \fIit\fR parameter is a pointer
to the \fB\s-1ASN1_ITEM\s0\fR template object created via the \s-1\fBIMPLEMENT_EXTERN_ASN1\s0()\fR
to the \fBASN1_ITEM\fR template object created via the \fBIMPLEMENT_EXTERN_ASN1()\fR
macro.
.IP "\fIasn1_ex_d2i\fR" 4
.IP \fIasn1_ex_d2i\fR 4
.IX Item "asn1_ex_d2i"
A \*(L"d2i\*(R" function responsible for converting \s-1DER\s0 data with the tag \fItag\fR and
class \fIclass\fR into an \fB\s-1ASN1_VALUE\s0\fR. If \fI*pval\fR is non-NULL then the
\&\fB\s-1ASN_VALUE\s0\fR it points to should be reused. Otherwise a new \fB\s-1ASN1_VALUE\s0\fR
should be allocated and stored in \fI*pval\fR. \fI*in\fR points to the \s-1DER\s0 data to be
A "d2i" function responsible for converting DER data with the tag \fItag\fR and
class \fIclass\fR into an \fBASN1_VALUE\fR. If \fI*pval\fR is non-NULL then the
\&\fBASN_VALUE\fR it points to should be reused. Otherwise a new \fBASN1_VALUE\fR
should be allocated and stored in \fI*pval\fR. \fI*in\fR points to the DER data to be
decoded and \fIlen\fR is the length of that data. After decoding \fI*in\fR should be
updated to point at the next byte after the decoded data. If the \fB\s-1ASN1_VALUE\s0\fR
updated to point at the next byte after the decoded data. If the \fBASN1_VALUE\fR
is considered optional in this context then \fIopt\fR will be nonzero. Otherwise
it will be zero. The \fIit\fR parameter is a pointer to the \fB\s-1ASN1_ITEM\s0\fR template
object created via the \s-1\fBIMPLEMENT_EXTERN_ASN1\s0()\fR macro. A pointer to the current
\&\fB\s-1ASN1_TLC\s0\fR context (which may be required for other \s-1ASN1\s0 function calls) is
it will be zero. The \fIit\fR parameter is a pointer to the \fBASN1_ITEM\fR template
object created via the \fBIMPLEMENT_EXTERN_ASN1()\fR macro. A pointer to the current
\&\fBASN1_TLC\fR context (which may be required for other ASN1 function calls) is
passed in the \fIctx\fR parameter.
.Sp
The \fIasn1_ex_d2i\fR entry may be \s-1NULL\s0 if \fIasn1_ex_d2i_ex\fR has been specified
The \fIasn1_ex_d2i\fR entry may be NULL if \fIasn1_ex_d2i_ex\fR has been specified
instead.
.Sp
Returns <= 0 on error or a positive value on success.
.IP "\fIasn1_ex_i2d\fR" 4
.IP \fIasn1_ex_i2d\fR 4
.IX Item "asn1_ex_i2d"
An \*(L"i2d\*(R" function responsible for converting an \fB\s-1ASN1_VALUE\s0\fR into \s-1DER\s0 encoding.
On entry \fI*pval\fR will contain the \fB\s-1ASN1_VALUE\s0\fR to be encoded. If default
An "i2d" function responsible for converting an \fBASN1_VALUE\fR into DER encoding.
On entry \fI*pval\fR will contain the \fBASN1_VALUE\fR to be encoded. If default
tagging is to be used then \fItag\fR will be \-1 on entry. Otherwise if implicit
tagging should be used then \fItag\fR and \fIaclass\fR will be the tag and associated
class.
.Sp
If \fIout\fR is not \s-1NULL\s0 then this function should write the \s-1DER\s0 encoded data to
If \fIout\fR is not NULL then this function should write the DER encoded data to
the buffer in \fI*out\fR, and then increment \fI*out\fR to point to immediately after
the data just written.
.Sp
If \fIout\fR is \s-1NULL\s0 then no data should be written but the length calculated and
If \fIout\fR is NULL then no data should be written but the length calculated and
returned as if it were.
.Sp
The \fIasn1_ex_i2d\fR entry may be \s-1NULL\s0 if \fIasn1_ex_i2d_ex\fR has been specified
The \fIasn1_ex_i2d\fR entry may be NULL if \fIasn1_ex_i2d_ex\fR has been specified
instead.
.Sp
The return value should be negative if a fatal error occurred, or 0 if a
non-fatal error occurred. Otherwise it should return the length of the encoded
data.
.IP "\fIasn1_ex_print\fR" 4
.IP \fIasn1_ex_print\fR 4
.IX Item "asn1_ex_print"
A \*(L"print\*(R" function. \fIout\fR is the \s-1BIO\s0 to print the output to. \fI*pval\fR is the
\&\fB\s-1ASN1_VALUE\s0\fR to be printed. \fIindent\fR is the number of spaces of indenting to
A "print" function. \fIout\fR is the BIO to print the output to. \fI*pval\fR is the
\&\fBASN1_VALUE\fR to be printed. \fIindent\fR is the number of spaces of indenting to
be printed before any data is printed. \fIfname\fR is currently unused and is
always "". \fIpctx\fR is a pointer to the \fB\s-1ASN1_PCTX\s0\fR for the print operation.
always "". \fIpctx\fR is a pointer to the \fBASN1_PCTX\fR for the print operation.
.Sp
Returns 0 on error or a positive value on success. If the return value is 2 then
an additional newline will be printed after the data printed by this function.
.IP "\fIasn1_ex_new_ex\fR" 4
.IP \fIasn1_ex_new_ex\fR 4
.IX Item "asn1_ex_new_ex"
This is the same as \fIasn1_ex_new\fR except that it is additionally passed the
\&\s-1OSSL_LIB_CTX\s0 to be used in \fIlibctx\fR and any property query string to be used
OSSL_LIB_CTX to be used in \fIlibctx\fR and any property query string to be used
for algorithm fetching in the \fIpropq\fR parameter. See
\&\*(L"\s-1ALGORITHM FETCHING\*(R"\s0 in \fBcrypto\fR\|(7) for further details. If \fIasn1_ex_new_ex\fR is
non \s-1NULL,\s0 then it will always be called in preference to \fIasn1_ex_new\fR.
.IP "\fIasn1_ex_d2i_ex\fR" 4
"ALGORITHM FETCHING" in \fBcrypto\fR\|(7) for further details. If \fIasn1_ex_new_ex\fR is
non NULL, then it will always be called in preference to \fIasn1_ex_new\fR.
.IP \fIasn1_ex_d2i_ex\fR 4
.IX Item "asn1_ex_d2i_ex"
This is the same as \fIasn1_ex_d2i\fR except that it is additionally passed the
\&\s-1OSSL_LIB_CTX\s0 to be used in \fIlibctx\fR and any property query string to be used
OSSL_LIB_CTX to be used in \fIlibctx\fR and any property query string to be used
for algorithm fetching in the \fIpropq\fR parameter. See
\&\*(L"\s-1ALGORITHM FETCHING\*(R"\s0 in \fBcrypto\fR\|(7) for further details. If \fIasn1_ex_d2i_ex\fR is
non \s-1NULL,\s0 then it will always be called in preference to \fIasn1_ex_d2i\fR.
"ALGORITHM FETCHING" in \fBcrypto\fR\|(7) for further details. If \fIasn1_ex_d2i_ex\fR is
non NULL, then it will always be called in preference to \fIasn1_ex_d2i\fR.
.SH "RETURN VALUES"
.IX Header "RETURN VALUES"
Return values for the various callbacks are as described above.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBASN1_item_new_ex\fR\|(3)
.SH "HISTORY"
.SH HISTORY
.IX Header "HISTORY"
The \fIasn1_ex_new_ex\fR and \fIasn1_ex_d2i_ex\fR callbacks were added in OpenSSL 3.0.
.SH "COPYRIGHT"
.SH COPYRIGHT
.IX Header "COPYRIGHT"
Copyright 2021 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
in the file LICENSE in the source distribution or at
<https://www.openssl.org/source/license.html>.

140
secure/lib/libcrypto/man/man3/ASN1_INTEGER_get_int64.3
View file

@ -1,4 +1,5 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\" -*- mode: troff; coding: utf-8 -*-
.\" Automatically generated by Pod::Man 5.0102 (Pod::Simple 3.45)
.\"
.\" Standard preamble:
.\" ========================================================================
@ -15,29 +16,12 @@
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.\" \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>.
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
@ -68,79 +52,19 @@
. \}
.\}
.rr rF
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "ASN1_INTEGER_GET_INT64 3ossl"
.TH ASN1_INTEGER_GET_INT64 3ossl "2023-09-19" "3.0.11" "OpenSSL"
.TH ASN1_INTEGER_GET_INT64 3ossl 2025-07-01 3.5.1 OpenSSL
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
.SH NAME
ASN1_INTEGER_get_uint64, ASN1_INTEGER_set_uint64,
ASN1_INTEGER_get_int64, ASN1_INTEGER_get, ASN1_INTEGER_set_int64, ASN1_INTEGER_set, BN_to_ASN1_INTEGER, ASN1_INTEGER_to_BN, ASN1_ENUMERATED_get_int64, ASN1_ENUMERATED_get, ASN1_ENUMERATED_set_int64, ASN1_ENUMERATED_set, BN_to_ASN1_ENUMERATED, ASN1_ENUMERATED_to_BN
\&\- ASN.1 INTEGER and ENUMERATED utilities
.SH "SYNOPSIS"
.SH SYNOPSIS
.IX Header "SYNOPSIS"
.Vb 1
\& #include <openssl/asn1.h>
@ -166,12 +90,12 @@ ASN1_INTEGER_get_int64, ASN1_INTEGER_get, ASN1_INTEGER_set_int64, ASN1_INTEGER_s
\& ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(const BIGNUM *bn, ASN1_ENUMERATED *ai);
\& BIGNUM *ASN1_ENUMERATED_to_BN(const ASN1_ENUMERATED *ai, BIGNUM *bn);
.Ve
.SH "DESCRIPTION"
.SH DESCRIPTION
.IX Header "DESCRIPTION"
These functions convert to and from \fB\s-1ASN1_INTEGER\s0\fR and \fB\s-1ASN1_ENUMERATED\s0\fR
These functions convert to and from \fBASN1_INTEGER\fR and \fBASN1_ENUMERATED\fR
structures.
.PP
\&\fBASN1_INTEGER_get_int64()\fR converts an \fB\s-1ASN1_INTEGER\s0\fR into an \fBint64_t\fR type
\&\fBASN1_INTEGER_get_int64()\fR converts an \fBASN1_INTEGER\fR into an \fBint64_t\fR type
If successful it returns 1 and sets \fI*pr\fR to the value of \fIa\fR. If it fails
(due to invalid type or the value being too big to fit into an \fBint64_t\fR type)
it returns 0.
@ -181,44 +105,44 @@ converts to a \fBuint64_t\fR type and an error is returned if the passed integer
is negative.
.PP
\&\fBASN1_INTEGER_get()\fR also returns the value of \fIa\fR but it returns 0 if \fIa\fR is
\&\s-1NULL\s0 and \-1 on error (which is ambiguous because \-1 is a legitimate value for
an \fB\s-1ASN1_INTEGER\s0\fR). New applications should use \fBASN1_INTEGER_get_int64()\fR
NULL and \-1 on error (which is ambiguous because \-1 is a legitimate value for
an \fBASN1_INTEGER\fR). New applications should use \fBASN1_INTEGER_get_int64()\fR
instead.
.PP
\&\fBASN1_INTEGER_set_int64()\fR sets the value of \fB\s-1ASN1_INTEGER\s0\fR \fIa\fR to the
\&\fBASN1_INTEGER_set_int64()\fR sets the value of \fBASN1_INTEGER\fR \fIa\fR to the
\&\fBint64_t\fR value \fIr\fR.
.PP
\&\fBASN1_INTEGER_set_uint64()\fR sets the value of \fB\s-1ASN1_INTEGER\s0\fR \fIa\fR to the
\&\fBASN1_INTEGER_set_uint64()\fR sets the value of \fBASN1_INTEGER\fR \fIa\fR to the
\&\fBuint64_t\fR value \fIr\fR.
.PP
\&\fBASN1_INTEGER_set()\fR sets the value of \fB\s-1ASN1_INTEGER\s0\fR \fIa\fR to the \fIlong\fR value
\&\fBASN1_INTEGER_set()\fR sets the value of \fBASN1_INTEGER\fR \fIa\fR to the \fIlong\fR value
\&\fIv\fR.
.PP
\&\fBBN_to_ASN1_INTEGER()\fR converts \fB\s-1BIGNUM\s0\fR \fIbn\fR to an \fB\s-1ASN1_INTEGER\s0\fR. If \fIai\fR
is \s-1NULL\s0 a new \fB\s-1ASN1_INTEGER\s0\fR structure is returned. If \fIai\fR is not \s-1NULL\s0 then
\&\fBBN_to_ASN1_INTEGER()\fR converts \fBBIGNUM\fR \fIbn\fR to an \fBASN1_INTEGER\fR. If \fIai\fR
is NULL a new \fBASN1_INTEGER\fR structure is returned. If \fIai\fR is not NULL then
the existing structure will be used instead.
.PP
\&\fBASN1_INTEGER_to_BN()\fR converts \s-1ASN1_INTEGER\s0 \fIai\fR into a \fB\s-1BIGNUM\s0\fR. If \fIbn\fR is
\&\s-1NULL\s0 a new \fB\s-1BIGNUM\s0\fR structure is returned. If \fIbn\fR is not \s-1NULL\s0 then the
\&\fBASN1_INTEGER_to_BN()\fR converts ASN1_INTEGER \fIai\fR into a \fBBIGNUM\fR. If \fIbn\fR is
NULL a new \fBBIGNUM\fR structure is returned. If \fIbn\fR is not NULL then the
existing structure will be used instead.
.PP
\&\fBASN1_ENUMERATED_get_int64()\fR, \fBASN1_ENUMERATED_set_int64()\fR,
\&\fBASN1_ENUMERATED_set()\fR, \fBBN_to_ASN1_ENUMERATED()\fR and \fBASN1_ENUMERATED_to_BN()\fR
behave in an identical way to their \s-1ASN1_INTEGER\s0 counterparts except they
operate on an \fB\s-1ASN1_ENUMERATED\s0\fR value.
behave in an identical way to their ASN1_INTEGER counterparts except they
operate on an \fBASN1_ENUMERATED\fR value.
.PP
\&\fBASN1_ENUMERATED_get()\fR returns the value of \fIa\fR in a similar way to
\&\fBASN1_INTEGER_get()\fR but it returns \fB0xffffffffL\fR if the value of \fIa\fR will not
fit in a long type. New applications should use \fBASN1_ENUMERATED_get_int64()\fR
instead.
.SH "NOTES"
.SH NOTES
.IX Header "NOTES"
In general an \fB\s-1ASN1_INTEGER\s0\fR or \fB\s-1ASN1_ENUMERATED\s0\fR type can contain an
In general an \fBASN1_INTEGER\fR or \fBASN1_ENUMERATED\fR type can contain an
integer of almost arbitrary size and so cannot always be represented by a C
\&\fBint64_t\fR type. However, in many cases (for example version numbers) they
represent small integers which can be more easily manipulated if converted to
an appropriate C integer type.
.SH "BUGS"
.SH BUGS
.IX Header "BUGS"
The ambiguous return values of \fBASN1_INTEGER_get()\fR and \fBASN1_ENUMERATED_get()\fR
mean these functions should be avoided if possible. They are retained for
@ -235,26 +159,26 @@ and 0 for failure. They will fail if the passed type is incorrect (this will
only happen if there is a programming error) or if the value exceeds the range
of an \fBint64_t\fR type.
.PP
\&\fBBN_to_ASN1_INTEGER()\fR and \fBBN_to_ASN1_ENUMERATED()\fR return an \fB\s-1ASN1_INTEGER\s0\fR or
\&\fB\s-1ASN1_ENUMERATED\s0\fR structure respectively or \s-1NULL\s0 if an error occurs. They will
\&\fBBN_to_ASN1_INTEGER()\fR and \fBBN_to_ASN1_ENUMERATED()\fR return an \fBASN1_INTEGER\fR or
\&\fBASN1_ENUMERATED\fR structure respectively or NULL if an error occurs. They will
only fail due to a memory allocation error.
.PP
\&\fBASN1_INTEGER_to_BN()\fR and \fBASN1_ENUMERATED_to_BN()\fR return a \fB\s-1BIGNUM\s0\fR structure
of \s-1NULL\s0 if an error occurs. They can fail if the passed type is incorrect
\&\fBASN1_INTEGER_to_BN()\fR and \fBASN1_ENUMERATED_to_BN()\fR return a \fBBIGNUM\fR structure
of NULL if an error occurs. They can fail if the passed type is incorrect
(due to programming error) or due to a memory allocation failure.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBERR_get_error\fR\|(3)
.SH "HISTORY"
.SH HISTORY
.IX Header "HISTORY"
\&\fBASN1_INTEGER_set_int64()\fR, \fBASN1_INTEGER_get_int64()\fR,
\&\fBASN1_ENUMERATED_set_int64()\fR and \fBASN1_ENUMERATED_get_int64()\fR
were added in OpenSSL 1.1.0.
.SH "COPYRIGHT"
.SH COPYRIGHT
.IX Header "COPYRIGHT"
Copyright 2015\-2021 The OpenSSL Project Authors. All Rights Reserved.
Copyright 2015\-2020 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
in the file LICENSE in the source distribution or at
<https://www.openssl.org/source/license.html>.

107
secure/lib/libcrypto/man/man3/ASN1_INTEGER_new.3
View file

@ -1,4 +1,5 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\" -*- mode: troff; coding: utf-8 -*-
.\" Automatically generated by Pod::Man 5.0102 (Pod::Simple 3.45)
.\"
.\" Standard preamble:
.\" ========================================================================
@ -15,29 +16,12 @@
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.\" \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>.
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
@ -68,77 +52,17 @@
. \}
.\}
.rr rF
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "ASN1_INTEGER_NEW 3ossl"
.TH ASN1_INTEGER_NEW 3ossl "2023-09-19" "3.0.11" "OpenSSL"
.TH ASN1_INTEGER_NEW 3ossl 2025-07-01 3.5.1 OpenSSL
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
.SH NAME
ASN1_INTEGER_new, ASN1_INTEGER_free \- ASN1_INTEGER allocation functions
.SH "SYNOPSIS"
.SH SYNOPSIS
.IX Header "SYNOPSIS"
.Vb 1
\& #include <openssl/asn1.h>
@ -146,27 +70,28 @@ ASN1_INTEGER_new, ASN1_INTEGER_free \- ASN1_INTEGER allocation functions
\& ASN1_INTEGER *ASN1_INTEGER_new(void);
\& void ASN1_INTEGER_free(ASN1_INTEGER *a);
.Ve
.SH "DESCRIPTION"
.SH DESCRIPTION
.IX Header "DESCRIPTION"
\&\fBASN1_INTEGER_new()\fR returns an allocated \fB\s-1ASN1_INTEGER\s0\fR structure.
\&\fBASN1_INTEGER_new()\fR returns an allocated \fBASN1_INTEGER\fR structure.
.PP
\&\fBASN1_INTEGER_free()\fR frees up a single \fB\s-1ASN1_INTEGER\s0\fR object.
\&\fBASN1_INTEGER_free()\fR frees up a single \fBASN1_INTEGER\fR object.
If the argument is NULL, nothing is done.
.PP
\&\fB\s-1ASN1_INTEGER\s0\fR structure representing the \s-1ASN.1 INTEGER\s0 type
\&\fBASN1_INTEGER\fR structure representing the ASN.1 INTEGER type
.SH "RETURN VALUES"
.IX Header "RETURN VALUES"
\&\fBASN1_INTEGER_new()\fR return a valid \fB\s-1ASN1_INTEGER\s0\fR structure or \s-1NULL\s0
\&\fBASN1_INTEGER_new()\fR return a valid \fBASN1_INTEGER\fR structure or NULL
if an error occurred.
.PP
\&\fBASN1_INTEGER_free()\fR does not return a value.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBERR_get_error\fR\|(3)
.SH "COPYRIGHT"
.SH COPYRIGHT
.IX Header "COPYRIGHT"
Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
Copyright 2020\-2024 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
in the file LICENSE in the source distribution or at
<https://www.openssl.org/source/license.html>.

106
secure/lib/libcrypto/man/man3/ASN1_ITEM_lookup.3
View file

@ -1,4 +1,5 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\" -*- mode: troff; coding: utf-8 -*-
.\" Automatically generated by Pod::Man 5.0102 (Pod::Simple 3.45)
.\"
.\" Standard preamble:
.\" ========================================================================
@ -15,29 +16,12 @@
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.\" \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>.
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
@ -68,77 +52,17 @@
. \}
.\}
.rr rF
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "ASN1_ITEM_LOOKUP 3ossl"
.TH ASN1_ITEM_LOOKUP 3ossl "2023-09-19" "3.0.11" "OpenSSL"
.TH ASN1_ITEM_LOOKUP 3ossl 2025-07-01 3.5.1 OpenSSL
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
.SH NAME
ASN1_ITEM_lookup, ASN1_ITEM_get \- lookup ASN.1 structures
.SH "SYNOPSIS"
.SH SYNOPSIS
.IX Header "SYNOPSIS"
.Vb 1
\& #include <openssl/asn1.h>
@ -146,24 +70,24 @@ ASN1_ITEM_lookup, ASN1_ITEM_get \- lookup ASN.1 structures
\& const ASN1_ITEM *ASN1_ITEM_lookup(const char *name);
\& const ASN1_ITEM *ASN1_ITEM_get(size_t i);
.Ve
.SH "DESCRIPTION"
.SH DESCRIPTION
.IX Header "DESCRIPTION"
\&\fBASN1_ITEM_lookup()\fR returns the \fB\s-1ASN1_ITEM\s0\fR named \fIname\fR.
\&\fBASN1_ITEM_lookup()\fR returns the \fBASN1_ITEM\fR named \fIname\fR.
.PP
\&\fBASN1_ITEM_get()\fR returns the \fB\s-1ASN1_ITEM\s0\fR with index \fIi\fR. This function
returns \s-1NULL\s0 if the index \fIi\fR is out of range.
\&\fBASN1_ITEM_get()\fR returns the \fBASN1_ITEM\fR with index \fIi\fR. This function
returns NULL if the index \fIi\fR is out of range.
.SH "RETURN VALUES"
.IX Header "RETURN VALUES"
\&\fBASN1_ITEM_lookup()\fR and \fBASN1_ITEM_get()\fR return a valid \fB\s-1ASN1_ITEM\s0\fR structure
or \s-1NULL\s0 if an error occurred.
\&\fBASN1_ITEM_lookup()\fR and \fBASN1_ITEM_get()\fR return a valid \fBASN1_ITEM\fR structure
or NULL if an error occurred.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBERR_get_error\fR\|(3)
.SH "COPYRIGHT"
.SH COPYRIGHT
.IX Header "COPYRIGHT"
Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
in the file LICENSE in the source distribution or at
<https://www.openssl.org/source/license.html>.

114
secure/lib/libcrypto/man/man3/ASN1_OBJECT_new.3
View file

@ -1,4 +1,5 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\" -*- mode: troff; coding: utf-8 -*-
.\" Automatically generated by Pod::Man 5.0102 (Pod::Simple 3.45)
.\"
.\" Standard preamble:
.\" ========================================================================
@ -15,29 +16,12 @@
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.\" \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>.
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
@ -68,77 +52,17 @@
. \}
.\}
.rr rF
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "ASN1_OBJECT_NEW 3ossl"
.TH ASN1_OBJECT_NEW 3ossl "2023-09-19" "3.0.11" "OpenSSL"
.TH ASN1_OBJECT_NEW 3ossl 2025-07-01 3.5.1 OpenSSL
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
.SH NAME
ASN1_OBJECT_new, ASN1_OBJECT_free \- object allocation functions
.SH "SYNOPSIS"
.SH SYNOPSIS
.IX Header "SYNOPSIS"
.Vb 1
\& #include <openssl/asn1.h>
@ -146,23 +70,23 @@ ASN1_OBJECT_new, ASN1_OBJECT_free \- object allocation functions
\& ASN1_OBJECT *ASN1_OBJECT_new(void);
\& void ASN1_OBJECT_free(ASN1_OBJECT *a);
.Ve
.SH "DESCRIPTION"
.SH DESCRIPTION
.IX Header "DESCRIPTION"
The \fB\s-1ASN1_OBJECT\s0\fR allocation routines, allocate and free an
\&\fB\s-1ASN1_OBJECT\s0\fR structure, which represents an \s-1ASN1 OBJECT IDENTIFIER.\s0
The \fBASN1_OBJECT\fR allocation routines, allocate and free an
\&\fBASN1_OBJECT\fR structure, which represents an ASN1 OBJECT IDENTIFIER.
.PP
\&\fBASN1_OBJECT_new()\fR allocates and initializes an \fB\s-1ASN1_OBJECT\s0\fR structure.
\&\fBASN1_OBJECT_new()\fR allocates and initializes an \fBASN1_OBJECT\fR structure.
.PP
\&\fBASN1_OBJECT_free()\fR frees up the \fB\s-1ASN1_OBJECT\s0\fR structure \fIa\fR.
If \fIa\fR is \s-1NULL,\s0 nothing is done.
.SH "NOTES"
\&\fBASN1_OBJECT_free()\fR frees up the \fBASN1_OBJECT\fR structure \fIa\fR.
If \fIa\fR is NULL, nothing is done.
.SH NOTES
.IX Header "NOTES"
Although \fBASN1_OBJECT_new()\fR allocates a new \fB\s-1ASN1_OBJECT\s0\fR structure it
is almost never used in applications. The \s-1ASN1\s0 object utility functions
Although \fBASN1_OBJECT_new()\fR allocates a new \fBASN1_OBJECT\fR structure it
is almost never used in applications. The ASN1 object utility functions
such as \fBOBJ_nid2obj()\fR are used instead.
.SH "RETURN VALUES"
.IX Header "RETURN VALUES"
If the allocation fails, \fBASN1_OBJECT_new()\fR returns \s-1NULL\s0 and sets an error
If the allocation fails, \fBASN1_OBJECT_new()\fR returns NULL and sets an error
code that can be obtained by \fBERR_get_error\fR\|(3).
Otherwise it returns a pointer to the newly allocated structure.
.PP
@ -170,11 +94,11 @@ Otherwise it returns a pointer to the newly allocated structure.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBERR_get_error\fR\|(3), \fBd2i_ASN1_OBJECT\fR\|(3)
.SH "COPYRIGHT"
.SH COPYRIGHT
.IX Header "COPYRIGHT"
Copyright 2002\-2016 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
in the file LICENSE in the source distribution or at
<https://www.openssl.org/source/license.html>.

120
secure/lib/libcrypto/man/man3/ASN1_STRING_TABLE_add.3
View file

@ -1,4 +1,5 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\" -*- mode: troff; coding: utf-8 -*-
.\" Automatically generated by Pod::Man 5.0102 (Pod::Simple 3.45)
.\"
.\" Standard preamble:
.\" ========================================================================
@ -15,29 +16,12 @@
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.\" \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>.
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
@ -68,78 +52,18 @@
. \}
.\}
.rr rF
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "ASN1_STRING_TABLE_ADD 3ossl"
.TH ASN1_STRING_TABLE_ADD 3ossl "2023-09-19" "3.0.11" "OpenSSL"
.TH ASN1_STRING_TABLE_ADD 3ossl 2025-07-01 3.5.1 OpenSSL
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
.SH NAME
ASN1_STRING_TABLE, ASN1_STRING_TABLE_add, ASN1_STRING_TABLE_get,
ASN1_STRING_TABLE_cleanup \- ASN1_STRING_TABLE manipulation functions
.SH "SYNOPSIS"
.SH SYNOPSIS
.IX Header "SYNOPSIS"
.Vb 1
\& #include <openssl/asn1.h>
@ -151,44 +75,44 @@ ASN1_STRING_TABLE_cleanup \- ASN1_STRING_TABLE manipulation functions
\& ASN1_STRING_TABLE *ASN1_STRING_TABLE_get(int nid);
\& void ASN1_STRING_TABLE_cleanup(void);
.Ve
.SH "DESCRIPTION"
.SH DESCRIPTION
.IX Header "DESCRIPTION"
.SS "Types"
.SS Types
.IX Subsection "Types"
\&\fB\s-1ASN1_STRING_TABLE\s0\fR is a table which holds string information
(basically minimum size, maximum size, type and etc) for a \s-1NID\s0 object.
.SS "Functions"
\&\fBASN1_STRING_TABLE\fR is a table which holds string information
(basically minimum size, maximum size, type and etc) for a NID object.
.SS Functions
.IX Subsection "Functions"
\&\fBASN1_STRING_TABLE_add()\fR adds a new \fB\s-1ASN1_STRING_TABLE\s0\fR item into the
local \s-1ASN1\s0 string table based on the \fInid\fR along with other parameters.
\&\fBASN1_STRING_TABLE_add()\fR adds a new \fBASN1_STRING_TABLE\fR item into the
local ASN1 string table based on the \fInid\fR along with other parameters.
.PP
If the item is already in the table, fields of \fB\s-1ASN1_STRING_TABLE\s0\fR are
If the item is already in the table, fields of \fBASN1_STRING_TABLE\fR are
updated (depending on the values of those parameters, e.g., \fIminsize\fR
and \fImaxsize\fR >= 0, \fImask\fR and \fIflags\fR != 0). If the \fInid\fR is standard,
a copy of the standard \fB\s-1ASN1_STRING_TABLE\s0\fR is created and updated with
a copy of the standard \fBASN1_STRING_TABLE\fR is created and updated with
other parameters.
.PP
\&\fBASN1_STRING_TABLE_get()\fR searches for an \fB\s-1ASN1_STRING_TABLE\s0\fR item based
\&\fBASN1_STRING_TABLE_get()\fR searches for an \fBASN1_STRING_TABLE\fR item based
on \fInid\fR. It will search the local table first, then the standard one.
.PP
\&\fBASN1_STRING_TABLE_cleanup()\fR frees all \fB\s-1ASN1_STRING_TABLE\s0\fR items added
\&\fBASN1_STRING_TABLE_cleanup()\fR frees all \fBASN1_STRING_TABLE\fR items added
by \fBASN1_STRING_TABLE_add()\fR.
.SH "RETURN VALUES"
.IX Header "RETURN VALUES"
\&\fBASN1_STRING_TABLE_add()\fR returns 1 on success, 0 if an error occurred.
.PP
\&\fBASN1_STRING_TABLE_get()\fR returns a valid \fB\s-1ASN1_STRING_TABLE\s0\fR structure
or \s-1NULL\s0 if nothing is found.
\&\fBASN1_STRING_TABLE_get()\fR returns a valid \fBASN1_STRING_TABLE\fR structure
or NULL if nothing is found.
.PP
\&\fBASN1_STRING_TABLE_cleanup()\fR does not return a value.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBERR_get_error\fR\|(3)
.SH "COPYRIGHT"
.SH COPYRIGHT
.IX Header "COPYRIGHT"
Copyright 2017\-2020 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
in the file LICENSE in the source distribution or at
<https://www.openssl.org/source/license.html>.

124
secure/lib/libcrypto/man/man3/ASN1_STRING_length.3
View file

@ -1,4 +1,5 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\" -*- mode: troff; coding: utf-8 -*-
.\" Automatically generated by Pod::Man 5.0102 (Pod::Simple 3.45)
.\"
.\" Standard preamble:
.\" ========================================================================
@ -15,29 +16,12 @@
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.\" \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>.
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
@ -68,79 +52,19 @@
. \}
.\}
.rr rF
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "ASN1_STRING_LENGTH 3ossl"
.TH ASN1_STRING_LENGTH 3ossl "2023-09-19" "3.0.11" "OpenSSL"
.TH ASN1_STRING_LENGTH 3ossl 2025-07-01 3.5.1 OpenSSL
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
.SH NAME
ASN1_STRING_dup, ASN1_STRING_cmp, ASN1_STRING_set, ASN1_STRING_length,
ASN1_STRING_type, ASN1_STRING_get0_data, ASN1_STRING_data,
ASN1_STRING_to_UTF8 \- ASN1_STRING utility functions
.SH "SYNOPSIS"
.SH SYNOPSIS
.IX Header "SYNOPSIS"
.Vb 1
\& #include <openssl/asn1.h>
@ -159,15 +83,15 @@ ASN1_STRING_to_UTF8 \- ASN1_STRING utility functions
\&
\& int ASN1_STRING_to_UTF8(unsigned char **out, const ASN1_STRING *in);
.Ve
.SH "DESCRIPTION"
.SH DESCRIPTION
.IX Header "DESCRIPTION"
These functions allow an \fB\s-1ASN1_STRING\s0\fR structure to be manipulated.
These functions allow an \fBASN1_STRING\fR structure to be manipulated.
.PP
\&\fBASN1_STRING_length()\fR returns the length of the content of \fIx\fR.
\&\fBASN1_STRING_length()\fR returns the length of the content of \fIx\fR. \fIx\fR \fBMUST NOT\fR be NULL.
.PP
\&\fBASN1_STRING_get0_data()\fR returns an internal pointer to the data of \fIx\fR.
Since this is an internal pointer it should \fBnot\fR be freed or
modified in any way.
modified in any way. \fIx\fR \fBMUST NOT\fR be NULL.
.PP
\&\fBASN1_STRING_data()\fR is similar to \fBASN1_STRING_get0_data()\fR except the
returned value is not constant. This function is deprecated:
@ -185,28 +109,28 @@ is \-1 then the length is determined by strlen(data).
\&\fBASN1_STRING_type()\fR returns the type of \fIx\fR, using standard constants
such as \fBV_ASN1_OCTET_STRING\fR.
.PP
\&\fBASN1_STRING_to_UTF8()\fR converts the string \fIin\fR to \s-1UTF8\s0 format, the
\&\fBASN1_STRING_to_UTF8()\fR converts the string \fIin\fR to UTF8 format, the
converted data is allocated in a buffer in \fI*out\fR. The length of
\&\fIout\fR is returned or a negative error code. The buffer \fI*out\fR
should be freed using \fBOPENSSL_free()\fR.
.SH "NOTES"
.SH NOTES
.IX Header "NOTES"
Almost all \s-1ASN1\s0 types in OpenSSL are represented as an \fB\s-1ASN1_STRING\s0\fR
structure. Other types such as \fB\s-1ASN1_OCTET_STRING\s0\fR are simply typedef'ed
to \fB\s-1ASN1_STRING\s0\fR and the functions call the \fB\s-1ASN1_STRING\s0\fR equivalents.
\&\fB\s-1ASN1_STRING\s0\fR is also used for some \fB\s-1CHOICE\s0\fR types which consist
Almost all ASN1 types in OpenSSL are represented as an \fBASN1_STRING\fR
structure. Other types such as \fBASN1_OCTET_STRING\fR are simply typedef'ed
to \fBASN1_STRING\fR and the functions call the \fBASN1_STRING\fR equivalents.
\&\fBASN1_STRING\fR is also used for some \fBCHOICE\fR types which consist
entirely of primitive string types such as \fBDirectoryString\fR and
\&\fBTime\fR.
.PP
These functions should \fBnot\fR be used to examine or modify \fB\s-1ASN1_INTEGER\s0\fR
or \fB\s-1ASN1_ENUMERATED\s0\fR types: the relevant \fB\s-1INTEGER\s0\fR or \fB\s-1ENUMERATED\s0\fR
These functions should \fBnot\fR be used to examine or modify \fBASN1_INTEGER\fR
or \fBASN1_ENUMERATED\fR types: the relevant \fBINTEGER\fR or \fBENUMERATED\fR
utility functions should be used instead.
.PP
In general it cannot be assumed that the data returned by \fBASN1_STRING_data()\fR
is null terminated or does not contain embedded nulls. The actual format
of the data will depend on the actual string type itself: for example
for an IA5String the data will be \s-1ASCII,\s0 for a BMPString two bytes per
character in big endian format, and for a UTF8String it will be in \s-1UTF8\s0 format.
for an IA5String the data will be ASCII, for a BMPString two bytes per
character in big endian format, and for a UTF8String it will be in UTF8 format.
.PP
Similar care should be take to ensure the data is in the correct format
when calling \fBASN1_STRING_set()\fR.
@ -217,7 +141,7 @@ when calling \fBASN1_STRING_set()\fR.
\&\fBASN1_STRING_get0_data()\fR and \fBASN1_STRING_data()\fR return an internal pointer to
the data of \fIx\fR.
.PP
\&\fBASN1_STRING_dup()\fR returns a valid \fB\s-1ASN1_STRING\s0\fR structure or \s-1NULL\s0 if an
\&\fBASN1_STRING_dup()\fR returns a valid \fBASN1_STRING\fR structure or NULL if an
error occurred.
.PP
\&\fBASN1_STRING_cmp()\fR returns an integer greater than, equal to, or less than 0,
@ -232,11 +156,11 @@ negative value if an error occurred.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBERR_get_error\fR\|(3)
.SH "COPYRIGHT"
.SH COPYRIGHT
.IX Header "COPYRIGHT"
Copyright 2002\-2020 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
in the file LICENSE in the source distribution or at
<https://www.openssl.org/source/license.html>.

108
secure/lib/libcrypto/man/man3/ASN1_STRING_new.3
View file

@ -1,4 +1,5 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\" -*- mode: troff; coding: utf-8 -*-
.\" Automatically generated by Pod::Man 5.0102 (Pod::Simple 3.45)
.\"
.\" Standard preamble:
.\" ========================================================================
@ -15,29 +16,12 @@
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.\" \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>.
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
@ -68,78 +52,18 @@
. \}
.\}
.rr rF
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "ASN1_STRING_NEW 3ossl"
.TH ASN1_STRING_NEW 3ossl "2023-09-19" "3.0.11" "OpenSSL"
.TH ASN1_STRING_NEW 3ossl 2025-07-01 3.5.1 OpenSSL
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
.SH NAME
ASN1_STRING_new, ASN1_STRING_type_new, ASN1_STRING_free \-
ASN1_STRING allocation functions
.SH "SYNOPSIS"
.SH SYNOPSIS
.IX Header "SYNOPSIS"
.Vb 1
\& #include <openssl/asn1.h>
@ -148,34 +72,34 @@ ASN1_STRING allocation functions
\& ASN1_STRING *ASN1_STRING_type_new(int type);
\& void ASN1_STRING_free(ASN1_STRING *a);
.Ve
.SH "DESCRIPTION"
.SH DESCRIPTION
.IX Header "DESCRIPTION"
\&\fBASN1_STRING_new()\fR returns an allocated \fB\s-1ASN1_STRING\s0\fR structure. Its type
\&\fBASN1_STRING_new()\fR returns an allocated \fBASN1_STRING\fR structure. Its type
is undefined.
.PP
\&\fBASN1_STRING_type_new()\fR returns an allocated \fB\s-1ASN1_STRING\s0\fR structure of
\&\fBASN1_STRING_type_new()\fR returns an allocated \fBASN1_STRING\fR structure of
type \fItype\fR.
.PP
\&\fBASN1_STRING_free()\fR frees up \fIa\fR.
If \fIa\fR is \s-1NULL\s0 nothing is done.
.SH "NOTES"
If \fIa\fR is NULL nothing is done.
.SH NOTES
.IX Header "NOTES"
Other string types call the \fB\s-1ASN1_STRING\s0\fR functions. For example
Other string types call the \fBASN1_STRING\fR functions. For example
\&\fBASN1_OCTET_STRING_new()\fR calls ASN1_STRING_type_new(V_ASN1_OCTET_STRING).
.SH "RETURN VALUES"
.IX Header "RETURN VALUES"
\&\fBASN1_STRING_new()\fR and \fBASN1_STRING_type_new()\fR return a valid
\&\fB\s-1ASN1_STRING\s0\fR structure or \s-1NULL\s0 if an error occurred.
\&\fBASN1_STRING\fR structure or NULL if an error occurred.
.PP
\&\fBASN1_STRING_free()\fR does not return a value.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBERR_get_error\fR\|(3)
.SH "COPYRIGHT"
.SH COPYRIGHT
.IX Header "COPYRIGHT"
Copyright 2002\-2023 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
in the file LICENSE in the source distribution or at
<https://www.openssl.org/source/license.html>.

158
secure/lib/libcrypto/man/man3/ASN1_STRING_print_ex.3
View file

@ -1,4 +1,5 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\" -*- mode: troff; coding: utf-8 -*-
.\" Automatically generated by Pod::Man 5.0102 (Pod::Simple 3.45)
.\"
.\" Standard preamble:
.\" ========================================================================
@ -15,29 +16,12 @@
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.\" \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>.
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
@ -68,78 +52,18 @@
. \}
.\}
.rr rF
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "ASN1_STRING_PRINT_EX 3ossl"
.TH ASN1_STRING_PRINT_EX 3ossl "2023-09-19" "3.0.11" "OpenSSL"
.TH ASN1_STRING_PRINT_EX 3ossl 2025-07-01 3.5.1 OpenSSL
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
.SH NAME
ASN1_tag2str, ASN1_STRING_print_ex, ASN1_STRING_print_ex_fp, ASN1_STRING_print
\&\- ASN1_STRING output routines
.SH "SYNOPSIS"
.SH SYNOPSIS
.IX Header "SYNOPSIS"
.Vb 1
\& #include <openssl/asn1.h>
@ -150,78 +74,78 @@ ASN1_tag2str, ASN1_STRING_print_ex, ASN1_STRING_print_ex_fp, ASN1_STRING_print
\&
\& const char *ASN1_tag2str(int tag);
.Ve
.SH "DESCRIPTION"
.SH DESCRIPTION
.IX Header "DESCRIPTION"
These functions output an \fB\s-1ASN1_STRING\s0\fR structure. \fB\s-1ASN1_STRING\s0\fR is used to
represent all the \s-1ASN1\s0 string types.
These functions output an \fBASN1_STRING\fR structure. \fBASN1_STRING\fR is used to
represent all the ASN1 string types.
.PP
\&\fBASN1_STRING_print_ex()\fR outputs \fIstr\fR to \fIout\fR, the format is determined by
the options \fIflags\fR. \fBASN1_STRING_print_ex_fp()\fR is identical except it outputs
to \fIfp\fR instead.
.PP
\&\fBASN1_STRING_print()\fR prints \fIstr\fR to \fIout\fR but using a different format to
\&\fBASN1_STRING_print_ex()\fR. It replaces unprintable characters (other than \s-1CR, LF\s0)
\&\fBASN1_STRING_print_ex()\fR. It replaces unprintable characters (other than CR, LF)
with '.'.
.PP
\&\fBASN1_tag2str()\fR returns a human-readable name of the specified \s-1ASN.1\s0 \fItag\fR.
.SH "NOTES"
\&\fBASN1_tag2str()\fR returns a human-readable name of the specified ASN.1 \fItag\fR.
.SH NOTES
.IX Header "NOTES"
\&\fBASN1_STRING_print()\fR is a deprecated function which should be avoided; use
\&\fBASN1_STRING_print_ex()\fR instead.
.PP
Although there are a large number of options frequently \fB\s-1ASN1_STRFLGS_RFC2253\s0\fR is
suitable, or on \s-1UTF8\s0 terminals \fB\s-1ASN1_STRFLGS_RFC2253 &\s0 ~ASN1_STRFLGS_ESC_MSB\fR.
Although there are a large number of options frequently \fBASN1_STRFLGS_RFC2253\fR is
suitable, or on UTF8 terminals \fBASN1_STRFLGS_RFC2253 & ~ASN1_STRFLGS_ESC_MSB\fR.
.PP
The complete set of supported options for \fIflags\fR is listed below.
.PP
Various characters can be escaped. If \fB\s-1ASN1_STRFLGS_ESC_2253\s0\fR is set the characters
determined by \s-1RFC2253\s0 are escaped. If \fB\s-1ASN1_STRFLGS_ESC_CTRL\s0\fR is set control
characters are escaped. If \fB\s-1ASN1_STRFLGS_ESC_MSB\s0\fR is set characters with the
\&\s-1MSB\s0 set are escaped: this option should \fBnot\fR be used if the terminal correctly
interprets \s-1UTF8\s0 sequences.
Various characters can be escaped. If \fBASN1_STRFLGS_ESC_2253\fR is set the characters
determined by RFC2253 are escaped. If \fBASN1_STRFLGS_ESC_CTRL\fR is set control
characters are escaped. If \fBASN1_STRFLGS_ESC_MSB\fR is set characters with the
MSB set are escaped: this option should \fBnot\fR be used if the terminal correctly
interprets UTF8 sequences.
.PP
Escaping takes several forms.
.PP
If the character being escaped is a 16 bit character then the form \*(L"\eUXXXX\*(R" is used
If the character being escaped is a 16 bit character then the form "\eUXXXX" is used
using exactly four characters for the hex representation. If it is 32 bits then
\&\*(L"\eWXXXXXXXX\*(R" is used using eight characters of its hex representation. These forms
will only be used if \s-1UTF8\s0 conversion is not set (see below).
"\eWXXXXXXXX" is used using eight characters of its hex representation. These forms
will only be used if UTF8 conversion is not set (see below).
.PP
Printable characters are normally escaped using the backslash '\e' character. If
\&\fB\s-1ASN1_STRFLGS_ESC_QUOTE\s0\fR is set then the whole string is instead surrounded by
\&\fBASN1_STRFLGS_ESC_QUOTE\fR is set then the whole string is instead surrounded by
double quote characters: this is arguably more readable than the backslash
notation. Other characters use the \*(L"\eXX\*(R" using exactly two characters of the hex
notation. Other characters use the "\eXX" using exactly two characters of the hex
representation.
.PP
If \fB\s-1ASN1_STRFLGS_UTF8_CONVERT\s0\fR is set then characters are converted to \s-1UTF8\s0
format first. If the terminal supports the display of \s-1UTF8\s0 sequences then this
If \fBASN1_STRFLGS_UTF8_CONVERT\fR is set then characters are converted to UTF8
format first. If the terminal supports the display of UTF8 sequences then this
option will correctly display multi byte characters.
.PP
If \fB\s-1ASN1_STRFLGS_IGNORE_TYPE\s0\fR is set then the string type is not interpreted at
If \fBASN1_STRFLGS_IGNORE_TYPE\fR is set then the string type is not interpreted at
all: everything is assumed to be one byte per character. This is primarily for
debugging purposes and can result in confusing output in multi character strings.
.PP
If \fB\s-1ASN1_STRFLGS_SHOW_TYPE\s0\fR is set then the string type itself is printed out
before its value (for example \*(L"\s-1BMPSTRING\*(R"\s0), this actually uses \fBASN1_tag2str()\fR.
If \fBASN1_STRFLGS_SHOW_TYPE\fR is set then the string type itself is printed out
before its value (for example "BMPSTRING"), this actually uses \fBASN1_tag2str()\fR.
.PP
The content of a string instead of being interpreted can be \*(L"dumped\*(R": this just
The content of a string instead of being interpreted can be "dumped": this just
outputs the value of the string using the form #XXXX using hex format for each
octet.
.PP
If \fB\s-1ASN1_STRFLGS_DUMP_ALL\s0\fR is set then any type is dumped.
If \fBASN1_STRFLGS_DUMP_ALL\fR is set then any type is dumped.
.PP
Normally non character string types (such as \s-1OCTET STRING\s0) are assumed to be
one byte per character, if \fB\s-1ASN1_STRFLGS_DUMP_UNKNOWN\s0\fR is set then they will
Normally non character string types (such as OCTET STRING) are assumed to be
one byte per character, if \fBASN1_STRFLGS_DUMP_UNKNOWN\fR is set then they will
be dumped instead.
.PP
When a type is dumped normally just the content octets are printed, if
\&\fB\s-1ASN1_STRFLGS_DUMP_DER\s0\fR is set then the complete encoding is dumped
\&\fBASN1_STRFLGS_DUMP_DER\fR is set then the complete encoding is dumped
instead (including tag and length octets).
.PP
\&\fB\s-1ASN1_STRFLGS_RFC2253\s0\fR includes all the flags required by \s-1RFC2253.\s0 It is
\&\fBASN1_STRFLGS_RFC2253\fR includes all the flags required by RFC2253. It is
equivalent to:
\s-1ASN1_STRFLGS_ESC_2253\s0 | \s-1ASN1_STRFLGS_ESC_CTRL\s0 | \s-1ASN1_STRFLGS_ESC_MSB\s0 |
\s-1ASN1_STRFLGS_UTF8_CONVERT\s0 | \s-1ASN1_STRFLGS_DUMP_UNKNOWN ASN1_STRFLGS_DUMP_DER\s0
ASN1_STRFLGS_ESC_2253 | ASN1_STRFLGS_ESC_CTRL | ASN1_STRFLGS_ESC_MSB |
ASN1_STRFLGS_UTF8_CONVERT | ASN1_STRFLGS_DUMP_UNKNOWN ASN1_STRFLGS_DUMP_DER
.SH "RETURN VALUES"
.IX Header "RETURN VALUES"
\&\fBASN1_STRING_print_ex()\fR and \fBASN1_STRING_print_ex_fp()\fR return the number of
@ -229,16 +153,16 @@ characters written or \-1 if an error occurred.
.PP
\&\fBASN1_STRING_print()\fR returns 1 on success or 0 on error.
.PP
\&\fBASN1_tag2str()\fR returns a human-readable name of the specified \s-1ASN.1\s0 \fItag\fR.
\&\fBASN1_tag2str()\fR returns a human-readable name of the specified ASN.1 \fItag\fR.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBX509_NAME_print_ex\fR\|(3),
\&\fBASN1_tag2str\fR\|(3)
.SH "COPYRIGHT"
.SH COPYRIGHT
.IX Header "COPYRIGHT"
Copyright 2002\-2018 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
in the file LICENSE in the source distribution or at
<https://www.openssl.org/source/license.html>.

194
secure/lib/libcrypto/man/man3/ASN1_TIME_set.3
View file

@ -1,4 +1,5 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\" -*- mode: troff; coding: utf-8 -*-
.\" Automatically generated by Pod::Man 5.0102 (Pod::Simple 3.45)
.\"
.\" Standard preamble:
.\" ========================================================================
@ -15,29 +16,12 @@
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.\" \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>.
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
@ -68,75 +52,15 @@
. \}
.\}
.rr rF
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "ASN1_TIME_SET 3ossl"
.TH ASN1_TIME_SET 3ossl "2023-09-19" "3.0.11" "OpenSSL"
.TH ASN1_TIME_SET 3ossl 2025-07-01 3.5.1 OpenSSL
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
.SH NAME
ASN1_TIME_set, ASN1_UTCTIME_set, ASN1_GENERALIZEDTIME_set,
ASN1_TIME_adj, ASN1_UTCTIME_adj, ASN1_GENERALIZEDTIME_adj,
ASN1_TIME_check, ASN1_UTCTIME_check, ASN1_GENERALIZEDTIME_check,
@ -150,7 +74,7 @@ ASN1_TIME_cmp_time_t, ASN1_UTCTIME_cmp_time_t,
ASN1_TIME_compare,
ASN1_TIME_to_generalizedtime,
ASN1_TIME_dup, ASN1_UTCTIME_dup, ASN1_GENERALIZEDTIME_dup \- ASN.1 Time functions
.SH "SYNOPSIS"
.SH SYNOPSIS
.IX Header "SYNOPSIS"
.Vb 4
\& ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s, time_t t);
@ -199,60 +123,60 @@ ASN1_TIME_dup, ASN1_UTCTIME_dup, ASN1_GENERALIZEDTIME_dup \- ASN.1 Time function
\& ASN1_UTCTIME *ASN1_UTCTIME_dup(const ASN1_UTCTIME *t);
\& ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_dup(const ASN1_GENERALIZEDTIME *t);
.Ve
.SH "DESCRIPTION"
.SH DESCRIPTION
.IX Header "DESCRIPTION"
The \fBASN1_TIME_set()\fR, \fBASN1_UTCTIME_set()\fR and \fBASN1_GENERALIZEDTIME_set()\fR
functions set the structure \fIs\fR to the time represented by the time_t
value \fIt\fR. If \fIs\fR is \s-1NULL\s0 a new time structure is allocated and returned.
value \fIt\fR. If \fIs\fR is NULL a new time structure is allocated and returned.
.PP
The \fBASN1_TIME_adj()\fR, \fBASN1_UTCTIME_adj()\fR and \fBASN1_GENERALIZEDTIME_adj()\fR
functions set the time structure \fIs\fR to the time represented
by the time \fIoffset_day\fR and \fIoffset_sec\fR after the time_t value \fIt\fR.
The values of \fIoffset_day\fR or \fIoffset_sec\fR can be negative to set a
time before \fIt\fR. The \fIoffset_sec\fR value can also exceed the number of
seconds in a day. If \fIs\fR is \s-1NULL\s0 a new structure is allocated
seconds in a day. If \fIs\fR is NULL a new structure is allocated
and returned.
.PP
The \fBASN1_TIME_set_string()\fR, \fBASN1_UTCTIME_set_string()\fR and
\&\fBASN1_GENERALIZEDTIME_set_string()\fR functions set the time structure \fIs\fR
to the time represented by string \fIstr\fR which must be in appropriate \s-1ASN.1\s0
time format (for example \s-1YYMMDDHHMMSSZ\s0 or \s-1YYYYMMDDHHMMSSZ\s0). If \fIs\fR is \s-1NULL\s0
to the time represented by string \fIstr\fR which must be in appropriate ASN.1
time format (for example YYMMDDHHMMSSZ or YYYYMMDDHHMMSSZ). If \fIs\fR is NULL
this function performs a format check on \fIstr\fR only. The string \fIstr\fR
is copied into \fIs\fR.
.PP
\&\fBASN1_TIME_set_string_X509()\fR sets \fB\s-1ASN1_TIME\s0\fR structure \fIs\fR to the time
\&\fBASN1_TIME_set_string_X509()\fR sets \fBASN1_TIME\fR structure \fIs\fR to the time
represented by string \fIstr\fR which must be in appropriate time format
that \s-1RFC 5280\s0 requires, which means it only allows \s-1YYMMDDHHMMSSZ\s0 and
\&\s-1YYYYMMDDHHMMSSZ\s0 (leap second is rejected), all other \s-1ASN.1\s0 time format
are not allowed. If \fIs\fR is \s-1NULL\s0 this function performs a format check
that RFC 5280 requires, which means it only allows YYMMDDHHMMSSZ and
YYYYMMDDHHMMSSZ (leap second is rejected), all other ASN.1 time format
are not allowed. If \fIs\fR is NULL this function performs a format check
on \fIstr\fR only.
.PP
The \fBASN1_TIME_normalize()\fR function converts an \fB\s-1ASN1_GENERALIZEDTIME\s0\fR or
\&\fB\s-1ASN1_UTCTIME\s0\fR into a time value that can be used in a certificate. It
The \fBASN1_TIME_normalize()\fR function converts an \fBASN1_GENERALIZEDTIME\fR or
\&\fBASN1_UTCTIME\fR into a time value that can be used in a certificate. It
should be used after the \fBASN1_TIME_set_string()\fR functions and before
\&\fBASN1_TIME_print()\fR functions to get consistent (i.e. \s-1GMT\s0) results.
\&\fBASN1_TIME_print()\fR functions to get consistent (i.e. GMT) results.
.PP
The \fBASN1_TIME_check()\fR, \fBASN1_UTCTIME_check()\fR and \fBASN1_GENERALIZEDTIME_check()\fR
functions check the syntax of the time structure \fIs\fR.
.PP
The \fBASN1_TIME_print()\fR, \fBASN1_UTCTIME_print()\fR and \fBASN1_GENERALIZEDTIME_print()\fR
functions print the time structure \fIs\fR to \s-1BIO\s0 \fIb\fR in human readable
format. It will be of the format \s-1MMM DD HH:MM:SS YYYY\s0 [\s-1GMT\s0], for example
\&\*(L"Feb 3 00:55:52 2015 \s-1GMT\*(R",\s0 which does not include a newline.
If the time structure has invalid format it prints out \*(L"Bad time value\*(R" and
functions print the time structure \fIs\fR to BIO \fIb\fR in human readable
format. It will be of the format MMM DD HH:MM:SS[.s*] YYYY GMT, for example
"Feb 3 00:55:52 2015 GMT", which does not include a newline.
If the time structure has invalid format it prints out "Bad time value" and
returns an error. The output for generalized time may include a fractional part
following the second.
.PP
\&\fBASN1_TIME_print_ex()\fR provides \fIflags\fR to specify the output format of the
datetime. This can be either \fB\s-1ASN1_DTFLGS_RFC822\s0\fR or \fB\s-1ASN1_DTFLGS_ISO8601\s0\fR.
datetime. This can be either \fBASN1_DTFLGS_RFC822\fR or \fBASN1_DTFLGS_ISO8601\fR.
.PP
\&\fBASN1_TIME_to_tm()\fR converts the time \fIs\fR to the standard \fItm\fR structure.
If \fIs\fR is \s-1NULL,\s0 then the current time is converted. The output time is \s-1GMT.\s0
If \fIs\fR is NULL, then the current time is converted. The output time is GMT.
The \fItm_sec\fR, \fItm_min\fR, \fItm_hour\fR, \fItm_mday\fR, \fItm_wday\fR, \fItm_yday\fR,
\&\fItm_mon\fR and \fItm_year\fR fields of \fItm\fR structure are set to proper values,
whereas all other fields are set to 0. If \fItm\fR is \s-1NULL\s0 this function performs
whereas all other fields are set to 0. If \fItm\fR is NULL this function performs
a format check on \fIs\fR only. If \fIs\fR is in Generalized format with fractional
seconds, e.g. \s-1YYYYMMDDHHMMSS.SSSZ,\s0 the fractional seconds will be lost while
seconds, e.g. YYYYMMDDHHMMSS.SSSZ, the fractional seconds will be lost while
converting \fIs\fR to \fItm\fR structure.
.PP
\&\fBASN1_TIME_diff()\fR sets \fI*pday\fR and \fI*psec\fR to the time difference between
@ -263,7 +187,7 @@ one or both of \fI*pday\fR and \fI*psec\fR will be negative. If \fIto\fR and \fI
represent the same time then \fI*pday\fR and \fI*psec\fR will both be zero.
If both \fI*pday\fR and \fI*psec\fR are nonzero they will always have the same
sign. The value of \fI*psec\fR will always be less than the number of seconds
in a day. If \fIfrom\fR or \fIto\fR is \s-1NULL\s0 the current time is used.
in a day. If \fIfrom\fR or \fIto\fR is NULL the current time is used.
.PP
The \fBASN1_TIME_cmp_time_t()\fR and \fBASN1_UTCTIME_cmp_time_t()\fR functions compare
the two times represented by the time structure \fIs\fR and the time_t \fIt\fR.
@ -271,29 +195,29 @@ the two times represented by the time structure \fIs\fR and the time_t \fIt\fR.
The \fBASN1_TIME_compare()\fR function compares the two times represented by the
time structures \fIa\fR and \fIb\fR.
.PP
The \fBASN1_TIME_to_generalizedtime()\fR function converts an \fB\s-1ASN1_TIME\s0\fR to an
\&\fB\s-1ASN1_GENERALIZEDTIME\s0\fR, regardless of year. If either \fIout\fR or
\&\fI*out\fR are \s-1NULL,\s0 then a new object is allocated and must be freed after use.
The \fBASN1_TIME_to_generalizedtime()\fR function converts an \fBASN1_TIME\fR to an
\&\fBASN1_GENERALIZEDTIME\fR, regardless of year. If either \fIout\fR or
\&\fI*out\fR are NULL, then a new object is allocated and must be freed after use.
.PP
The \fBASN1_TIME_dup()\fR, \fBASN1_UTCTIME_dup()\fR and \fBASN1_GENERALIZEDTIME_dup()\fR functions
duplicate the time structure \fIt\fR and return the duplicated result
correspondingly.
.SH "NOTES"
.SH NOTES
.IX Header "NOTES"
The \fB\s-1ASN1_TIME\s0\fR structure corresponds to the \s-1ASN.1\s0 structure \fBTime\fR
defined in \s-1RFC5280\s0 et al. The time setting functions obey the rules outlined
in \s-1RFC5280:\s0 if the date can be represented by UTCTime it is used, else
The \fBASN1_TIME\fR structure corresponds to the ASN.1 structure \fBTime\fR
defined in RFC5280 et al. The time setting functions obey the rules outlined
in RFC5280: if the date can be represented by UTCTime it is used, else
GeneralizedTime is used.
.PP
The \fB\s-1ASN1_TIME\s0\fR, \fB\s-1ASN1_UTCTIME\s0\fR and \fB\s-1ASN1_GENERALIZEDTIME\s0\fR structures are
represented as an \fB\s-1ASN1_STRING\s0\fR internally and can be freed up using
The \fBASN1_TIME\fR, \fBASN1_UTCTIME\fR and \fBASN1_GENERALIZEDTIME\fR structures are
represented as an \fBASN1_STRING\fR internally and can be freed up using
\&\fBASN1_STRING_free()\fR.
.PP
The \fB\s-1ASN1_TIME\s0\fR structure can represent years from 0000 to 9999 but no attempt
The \fBASN1_TIME\fR structure can represent years from 0000 to 9999 but no attempt
is made to correct ancient calendar changes (for example from Julian to
Gregorian calendars).
.PP
\&\fB\s-1ASN1_UTCTIME\s0\fR is limited to a year range of 1950 through 2049.
\&\fBASN1_UTCTIME\fR is limited to a year range of 1950 through 2049.
.PP
Some applications add offset times directly to a time_t value and pass the
results to \fBASN1_TIME_set()\fR (or equivalent). This can cause problems as the
@ -302,33 +226,37 @@ New applications should use \fBASN1_TIME_adj()\fR instead and pass the offset va
in the \fIoffset_sec\fR and \fIoffset_day\fR parameters instead of directly
manipulating a time_t value.
.PP
\&\fBASN1_TIME_adj()\fR may change the type from \fB\s-1ASN1_GENERALIZEDTIME\s0\fR to
\&\fB\s-1ASN1_UTCTIME\s0\fR, or vice versa, based on the resulting year.
\&\fBASN1_TIME_adj()\fR may change the type from \fBASN1_GENERALIZEDTIME\fR to
\&\fBASN1_UTCTIME\fR, or vice versa, based on the resulting year.
\&\fBASN1_GENERALIZEDTIME_adj()\fR and \fBASN1_UTCTIME_adj()\fR will not modify the type
of the return structure.
.PP
It is recommended that functions starting with \fB\s-1ASN1_TIME\s0\fR be used instead of
those starting with \fB\s-1ASN1_UTCTIME\s0\fR or \fB\s-1ASN1_GENERALIZEDTIME\s0\fR. The functions
starting with \fB\s-1ASN1_UTCTIME\s0\fR and \fB\s-1ASN1_GENERALIZEDTIME\s0\fR act only on that
specific time format. The functions starting with \fB\s-1ASN1_TIME\s0\fR will operate on
It is recommended that functions starting with \fBASN1_TIME\fR be used instead of
those starting with \fBASN1_UTCTIME\fR or \fBASN1_GENERALIZEDTIME\fR. The functions
starting with \fBASN1_UTCTIME\fR and \fBASN1_GENERALIZEDTIME\fR act only on that
specific time format. The functions starting with \fBASN1_TIME\fR will operate on
either format.
.SH "BUGS"
.PP
Users familiar with RFC822 should note that when specifying the flag
\&\fBASN1_DTFLGS_RFC822\fR the year will be formatted as documented above,
i.e., using 4 digits, not 2 as specified in RFC822.
.SH BUGS
.IX Header "BUGS"
\&\fBASN1_TIME_print()\fR, \fBASN1_UTCTIME_print()\fR and \fBASN1_GENERALIZEDTIME_print()\fR do
not print out the timezone: it either prints out \*(L"\s-1GMT\*(R"\s0 or nothing. But all
certificates complying with \s-1RFC5280\s0 et al use \s-1GMT\s0 anyway.
not print out the timezone: it either prints out "GMT" or nothing. But all
certificates complying with RFC5280 et al use GMT anyway.
.PP
\&\fBASN1_TIME_print()\fR, \fBASN1_TIME_print_ex()\fR, \fBASN1_UTCTIME_print()\fR and
\&\fBASN1_GENERALIZEDTIME_print()\fR do not distinguish if they fail because
of an I/O error or invalid time format.
.PP
Use the \fBASN1_TIME_normalize()\fR function to normalize the time value before
printing to get \s-1GMT\s0 results.
printing to get GMT results.
.SH "RETURN VALUES"
.IX Header "RETURN VALUES"
\&\fBASN1_TIME_set()\fR, \fBASN1_UTCTIME_set()\fR, \fBASN1_GENERALIZEDTIME_set()\fR,
\&\fBASN1_TIME_adj()\fR, \fBASN1_UTCTIME_adj()\fR and \fBASN1_GENERALIZEDTIME_set()\fR return
a pointer to a time structure or \s-1NULL\s0 if an error occurred.
a pointer to a time structure or NULL if an error occurred.
.PP
\&\fBASN1_TIME_set_string()\fR, \fBASN1_UTCTIME_set_string()\fR,
\&\fBASN1_GENERALIZEDTIME_set_string()\fR and \fBASN1_TIME_set_string_X509()\fR return
@ -357,11 +285,11 @@ on error.
or 1 if \fIa\fR is after \fIb\fR. \-2 is returned on error.
.PP
\&\fBASN1_TIME_to_generalizedtime()\fR returns a pointer to the appropriate time
structure on success or \s-1NULL\s0 if an error occurred.
structure on success or NULL if an error occurred.
.PP
\&\fBASN1_TIME_dup()\fR, \fBASN1_UTCTIME_dup()\fR and \fBASN1_GENERALIZEDTIME_dup()\fR return a
pointer to a time structure or \s-1NULL\s0 if an error occurred.
.SH "EXAMPLES"
pointer to a time structure or NULL if an error occurred.
.SH EXAMPLES
.IX Header "EXAMPLES"
Set a time structure to one hour after the current time and print it out:
.PP
@ -396,18 +324,18 @@ Determine if one time is later or sooner than the current time:
\& else
\& printf("Same\en");
.Ve
.SH "HISTORY"
.SH HISTORY
.IX Header "HISTORY"
The \fBASN1_TIME_to_tm()\fR function was added in OpenSSL 1.1.1.
The \fBASN1_TIME_set_string_X509()\fR function was added in OpenSSL 1.1.1.
The \fBASN1_TIME_normalize()\fR function was added in OpenSSL 1.1.1.
The \fBASN1_TIME_cmp_time_t()\fR function was added in OpenSSL 1.1.1.
The \fBASN1_TIME_compare()\fR function was added in OpenSSL 1.1.1.
.SH "COPYRIGHT"
.SH COPYRIGHT
.IX Header "COPYRIGHT"
Copyright 2015\-2021 The OpenSSL Project Authors. All Rights Reserved.
Copyright 2015\-2025 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
in the file LICENSE in the source distribution or at
<https://www.openssl.org/source/license.html>.

160
secure/lib/libcrypto/man/man3/ASN1_TYPE_get.3
View file

@ -1,4 +1,5 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\" -*- mode: troff; coding: utf-8 -*-
.\" Automatically generated by Pod::Man 5.0102 (Pod::Simple 3.45)
.\"
.\" Standard preamble:
.\" ========================================================================
@ -15,29 +16,12 @@
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.\" \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>.
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
@ -68,78 +52,18 @@
. \}
.\}
.rr rF
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "ASN1_TYPE_GET 3ossl"
.TH ASN1_TYPE_GET 3ossl "2023-09-19" "3.0.11" "OpenSSL"
.TH ASN1_TYPE_GET 3ossl 2025-07-01 3.5.1 OpenSSL
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
.SH NAME
ASN1_TYPE_get, ASN1_TYPE_set, ASN1_TYPE_set1, ASN1_TYPE_cmp, ASN1_TYPE_unpack_sequence, ASN1_TYPE_pack_sequence \- ASN1_TYPE utility
functions
.SH "SYNOPSIS"
.SH SYNOPSIS
.IX Header "SYNOPSIS"
.Vb 1
\& #include <openssl/asn1.h>
@ -153,11 +77,11 @@ functions
\& ASN1_TYPE *ASN1_TYPE_pack_sequence(const ASN1_ITEM *it, void *s,
\& ASN1_TYPE **t);
.Ve
.SH "DESCRIPTION"
.SH DESCRIPTION
.IX Header "DESCRIPTION"
These functions allow an \fB\s-1ASN1_TYPE\s0\fR structure to be manipulated. The
\&\fB\s-1ASN1_TYPE\s0\fR structure can contain any \s-1ASN.1\s0 type or constructed type
such as a \s-1SEQUENCE:\s0 it is effectively equivalent to the \s-1ASN.1 ANY\s0 type.
These functions allow an \fBASN1_TYPE\fR structure to be manipulated. The
\&\fBASN1_TYPE\fR structure can contain any ASN.1 type or constructed type
such as a SEQUENCE: it is effectively equivalent to the ASN.1 ANY type.
.PP
\&\fBASN1_TYPE_get()\fR returns the type of \fIa\fR or 0 if it fails.
.PP
@ -167,48 +91,48 @@ up after the call.
.PP
\&\fBASN1_TYPE_set1()\fR sets the value of \fIa\fR to \fItype\fR a copy of \fIvalue\fR.
.PP
\&\fBASN1_TYPE_cmp()\fR compares \s-1ASN.1\s0 types \fIa\fR and \fIb\fR and returns 0 if
\&\fBASN1_TYPE_cmp()\fR compares ASN.1 types \fIa\fR and \fIb\fR and returns 0 if
they are identical and nonzero otherwise.
.PP
\&\fBASN1_TYPE_unpack_sequence()\fR attempts to parse the \s-1SEQUENCE\s0 present in
\&\fIt\fR using the \s-1ASN.1\s0 structure \fIit\fR. If successful it returns a pointer
to the \s-1ASN.1\s0 structure corresponding to \fIit\fR which must be freed by the
caller. If it fails it return \s-1NULL.\s0
\&\fBASN1_TYPE_unpack_sequence()\fR attempts to parse the SEQUENCE present in
\&\fIt\fR using the ASN.1 structure \fIit\fR. If successful it returns a pointer
to the ASN.1 structure corresponding to \fIit\fR which must be freed by the
caller. If it fails it return NULL.
.PP
\&\fBASN1_TYPE_pack_sequence()\fR attempts to encode the \s-1ASN.1\s0 structure \fIs\fR
corresponding to \fIit\fR into an \fB\s-1ASN1_TYPE\s0\fR. If successful the encoded
\&\fB\s-1ASN1_TYPE\s0\fR is returned. If \fIt\fR and \fI*t\fR are not \s-1NULL\s0 the encoded type
is written to \fIt\fR overwriting any existing data. If \fIt\fR is not \s-1NULL\s0
but \fI*t\fR is \s-1NULL\s0 the returned \fB\s-1ASN1_TYPE\s0\fR is written to \fI*t\fR.
.SH "NOTES"
\&\fBASN1_TYPE_pack_sequence()\fR attempts to encode the ASN.1 structure \fIs\fR
corresponding to \fIit\fR into an \fBASN1_TYPE\fR. If successful the encoded
\&\fBASN1_TYPE\fR is returned. If \fIt\fR and \fI*t\fR are not NULL the encoded type
is written to \fIt\fR overwriting any existing data. If \fIt\fR is not NULL
but \fI*t\fR is NULL the returned \fBASN1_TYPE\fR is written to \fI*t\fR.
.SH NOTES
.IX Header "NOTES"
The type and meaning of the \fIvalue\fR parameter for \fBASN1_TYPE_set()\fR and
\&\fBASN1_TYPE_set1()\fR is determined by the \fItype\fR parameter.
If \fItype\fR is \fBV_ASN1_NULL\fR \fIvalue\fR is ignored. If \fItype\fR is
\&\fBV_ASN1_BOOLEAN\fR
then the boolean is set to \s-1TRUE\s0 if \fIvalue\fR is not \s-1NULL.\s0 If \fItype\fR is
\&\fBV_ASN1_OBJECT\fR then value is an \fB\s-1ASN1_OBJECT\s0\fR structure. Otherwise \fItype\fR
is and \fB\s-1ASN1_STRING\s0\fR structure. If \fItype\fR corresponds to a primitive type
(or a string type) then the contents of the \fB\s-1ASN1_STRING\s0\fR contain the content
then the boolean is set to TRUE if \fIvalue\fR is not NULL. If \fItype\fR is
\&\fBV_ASN1_OBJECT\fR then value is an \fBASN1_OBJECT\fR structure. Otherwise \fItype\fR
is and \fBASN1_STRING\fR structure. If \fItype\fR corresponds to a primitive type
(or a string type) then the contents of the \fBASN1_STRING\fR contain the content
octets of the type. If \fItype\fR corresponds to a constructed type or
a tagged type (\fBV_ASN1_SEQUENCE\fR, \fBV_ASN1_SET\fR or \fBV_ASN1_OTHER\fR) then the
\&\fB\s-1ASN1_STRING\s0\fR contains the entire \s-1ASN.1\s0 encoding verbatim (including tag and
\&\fBASN1_STRING\fR contains the entire ASN.1 encoding verbatim (including tag and
length octets).
.PP
\&\fBASN1_TYPE_cmp()\fR may not return zero if two types are equivalent but have
different encodings. For example the single content octet of the boolean \s-1TRUE\s0
value under \s-1BER\s0 can have any nonzero encoding but \fBASN1_TYPE_cmp()\fR will
different encodings. For example the single content octet of the boolean TRUE
value under BER can have any nonzero encoding but \fBASN1_TYPE_cmp()\fR will
only return zero if the values are the same.
.PP
If either or both of the parameters passed to \fBASN1_TYPE_cmp()\fR is \s-1NULL\s0 the
return value is nonzero. Technically if both parameters are \s-1NULL\s0 the two
types could be absent \s-1OPTIONAL\s0 fields and so should match, however, passing
\&\s-1NULL\s0 values could also indicate a programming error (for example an
unparsable type which returns \s-1NULL\s0) for types which do \fBnot\fR match. So
If either or both of the parameters passed to \fBASN1_TYPE_cmp()\fR is NULL the
return value is nonzero. Technically if both parameters are NULL the two
types could be absent OPTIONAL fields and so should match, however, passing
NULL values could also indicate a programming error (for example an
unparsable type which returns NULL) for types which do \fBnot\fR match. So
applications should handle the case of two absent values separately.
.SH "RETURN VALUES"
.IX Header "RETURN VALUES"
\&\fBASN1_TYPE_get()\fR returns the type of the \fB\s-1ASN1_TYPE\s0\fR argument.
\&\fBASN1_TYPE_get()\fR returns the type of the \fBASN1_TYPE\fR argument.
.PP
\&\fBASN1_TYPE_set()\fR does not return a value.
.PP
@ -216,16 +140,16 @@ applications should handle the case of two absent values separately.
.PP
\&\fBASN1_TYPE_cmp()\fR returns 0 if the types are identical and nonzero otherwise.
.PP
\&\fBASN1_TYPE_unpack_sequence()\fR returns a pointer to an \s-1ASN.1\s0 structure or
\&\s-1NULL\s0 on failure.
\&\fBASN1_TYPE_unpack_sequence()\fR returns a pointer to an ASN.1 structure or
NULL on failure.
.PP
\&\fBASN1_TYPE_pack_sequence()\fR return an \fB\s-1ASN1_TYPE\s0\fR structure if it succeeds or
\&\s-1NULL\s0 on failure.
.SH "COPYRIGHT"
\&\fBASN1_TYPE_pack_sequence()\fR return an \fBASN1_TYPE\fR structure if it succeeds or
NULL on failure.
.SH COPYRIGHT
.IX Header "COPYRIGHT"
Copyright 2015\-2021 The OpenSSL Project Authors. All Rights Reserved.
Copyright 2015\-2020 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
in the file LICENSE in the source distribution or at
<https://www.openssl.org/source/license.html>.

304
secure/lib/libcrypto/man/man3/ASN1_aux_cb.3
View file

@ -1,4 +1,5 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\" -*- mode: troff; coding: utf-8 -*-
.\" Automatically generated by Pod::Man 5.0102 (Pod::Simple 3.45)
.\"
.\" Standard preamble:
.\" ========================================================================
@ -15,29 +16,12 @@
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.\" \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>.
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
@ -68,78 +52,18 @@
. \}
.\}
.rr rF
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "ASN1_AUX_CB 3ossl"
.TH ASN1_AUX_CB 3ossl "2023-09-19" "3.0.11" "OpenSSL"
.TH ASN1_AUX_CB 3ossl 2025-07-01 3.5.1 OpenSSL
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
.SH NAME
ASN1_AUX, ASN1_PRINT_ARG, ASN1_STREAM_ARG, ASN1_aux_cb, ASN1_aux_const_cb
\&\- ASN.1 auxiliary data
.SH "SYNOPSIS"
.SH SYNOPSIS
.IX Header "SYNOPSIS"
.Vb 1
\& #include <openssl/asn1t.h>
@ -174,175 +98,175 @@ ASN1_AUX, ASN1_PRINT_ARG, ASN1_STREAM_ARG, ASN1_aux_cb, ASN1_aux_const_cb
\& typedef int ASN1_aux_const_cb(int operation, const ASN1_VALUE **in,
\& const ASN1_ITEM *it, void *exarg);
.Ve
.SH "DESCRIPTION"
.SH DESCRIPTION
.IX Header "DESCRIPTION"
\&\s-1ASN.1\s0 data structures can be associated with an \fB\s-1ASN1_AUX\s0\fR object to supply
additional information about the \s-1ASN.1\s0 structure. An \fB\s-1ASN1_AUX\s0\fR structure is
associated with the structure during the definition of the \s-1ASN.1\s0 template. For
example an \fB\s-1ASN1_AUX\s0\fR structure will be associated by using one of the various
\&\s-1ASN.1\s0 template definition macros that supply auxiliary information such as
ASN.1 data structures can be associated with an \fBASN1_AUX\fR object to supply
additional information about the ASN.1 structure. An \fBASN1_AUX\fR structure is
associated with the structure during the definition of the ASN.1 template. For
example an \fBASN1_AUX\fR structure will be associated by using one of the various
ASN.1 template definition macros that supply auxiliary information such as
\&\fBASN1_SEQUENCE_enc()\fR, \fBASN1_SEQUENCE_ref()\fR, \fBASN1_SEQUENCE_cb_const_cb()\fR,
\&\fBASN1_SEQUENCE_const_cb()\fR, \fBASN1_SEQUENCE_cb()\fR or \fBASN1_NDEF_SEQUENCE_cb()\fR.
.PP
An \fB\s-1ASN1_AUX\s0\fR structure contains the following information.
.IP "\fIapp_data\fR" 4
An \fBASN1_AUX\fR structure contains the following information.
.IP \fIapp_data\fR 4
.IX Item "app_data"
Arbitrary application data
.IP "\fIflags\fR" 4
.IP \fIflags\fR 4
.IX Item "flags"
Flags which indicate the auxiliarly functionality supported.
.Sp
The \fB\s-1ASN1_AFLG_REFCOUNT\s0\fR flag indicates that objects support reference counting.
The \fBASN1_AFLG_REFCOUNT\fR flag indicates that objects support reference counting.
.Sp
The \fB\s-1ASN1_AFLG_ENCODING\s0\fR flag indicates that the original encoding of the
The \fBASN1_AFLG_ENCODING\fR flag indicates that the original encoding of the
object will be saved.
.Sp
The \fB\s-1ASN1_AFLG_BROKEN\s0\fR flag is a work around for broken encoders where the
The \fBASN1_AFLG_BROKEN\fR flag is a work around for broken encoders where the
sequence length value may not be correct. This should generally not be used.
.Sp
The \fB\s-1ASN1_AFLG_CONST_CB\s0\fR flag indicates that the \*(L"const\*(R" form of the
\&\fB\s-1ASN1_AUX\s0\fR callback should be used in preference to the non-const form.
.IP "\fIref_offset\fR" 4
The \fBASN1_AFLG_CONST_CB\fR flag indicates that the "const" form of the
\&\fBASN1_AUX\fR callback should be used in preference to the non-const form.
.IP \fIref_offset\fR 4
.IX Item "ref_offset"
If the \fB\s-1ASN1_AFLG_REFCOUNT\s0\fR flag is set then this value is assumed to be an
offset into the \fB\s-1ASN1_VALUE\s0\fR structure where a \fB\s-1CRYPTO_REF_COUNT\s0\fR may be
If the \fBASN1_AFLG_REFCOUNT\fR flag is set then this value is assumed to be an
offset into the \fBASN1_VALUE\fR structure where a \fBCRYPTO_REF_COUNT\fR may be
found for the purposes of reference counting.
.IP "\fIref_lock\fR" 4
.IP \fIref_lock\fR 4
.IX Item "ref_lock"
If the \fB\s-1ASN1_AFLG_REFCOUNT\s0\fR flag is set then this value is assumed to be an
offset into the \fB\s-1ASN1_VALUE\s0\fR structure where a \fB\s-1CRYPTO_RWLOCK\s0\fR may be
If the \fBASN1_AFLG_REFCOUNT\fR flag is set then this value is assumed to be an
offset into the \fBASN1_VALUE\fR structure where a \fBCRYPTO_RWLOCK\fR may be
found for the purposes of reference counting.
.IP "\fIasn1_cb\fR" 4
.IP \fIasn1_cb\fR 4
.IX Item "asn1_cb"
A callback that will be invoked at various points during the processing of
the the \fB\s-1ASN1_VALLUE\s0\fR. See below for further details.
.IP "\fIenc_offset\fR" 4
the \fBASN1_VALUE\fR. See below for further details.
.IP \fIenc_offset\fR 4
.IX Item "enc_offset"
Offset into the \fB\s-1ASN1_VALUE\s0\fR object where the original encoding of the object
will be saved if the \fB\s-1ASN1_AFLG_ENCODING\s0\fR flag has been set.
.IP "\fIasn1_const_cb\fR" 4
Offset into the \fBASN1_VALUE\fR object where the original encoding of the object
will be saved if the \fBASN1_AFLG_ENCODING\fR flag has been set.
.IP \fIasn1_const_cb\fR 4
.IX Item "asn1_const_cb"
A callback that will be invoked at various points during the processing of
the the \fB\s-1ASN1_VALLUE\s0\fR. This is used in preference to the \fIasn1_cb\fR callback if
the \fB\s-1ASN1_AFLG_CONST_CB\s0\fR flag is set. See below for further details.
the \fBASN1_VALUE\fR. This is used in preference to the \fIasn1_cb\fR callback if
the \fBASN1_AFLG_CONST_CB\fR flag is set. See below for further details.
.PP
During the processing of an \fB\s-1ASN1_VALUE\s0\fR object the callbacks set via
During the processing of an \fBASN1_VALUE\fR object the callbacks set via
\&\fIasn1_cb\fR or \fIasn1_const_cb\fR will be invoked as a result of various events
indicated via the \fIoperation\fR parameter. The value of \fI*in\fR will be the
\&\fB\s-1ASN1_VALUE\s0\fR object being processed based on the template in \fIit\fR. An
\&\fBASN1_VALUE\fR object being processed based on the template in \fIit\fR. An
additional operation specific parameter may be passed in \fIexarg\fR. The currently
supported operations are as follows. The callbacks should return a positive
value on success or zero on error, unless otherwise noted below.
.IP "\fB\s-1ASN1_OP_NEW_PRE\s0\fR" 4
.IP \fBASN1_OP_NEW_PRE\fR 4
.IX Item "ASN1_OP_NEW_PRE"
Invoked when processing a \fB\s-1CHOICE\s0\fR, \fB\s-1SEQUENCE\s0\fR or \fB\s-1NDEF_SEQUENCE\s0\fR structure
prior to an \fB\s-1ASN1_VALUE\s0\fR object being allocated. The callback may allocate the
\&\fB\s-1ASN1_VALUE\s0\fR itself and store it in \fI*pval\fR. If it does so it should return 2
Invoked when processing a \fBCHOICE\fR, \fBSEQUENCE\fR or \fBNDEF_SEQUENCE\fR structure
prior to an \fBASN1_VALUE\fR object being allocated. The callback may allocate the
\&\fBASN1_VALUE\fR itself and store it in \fI*pval\fR. If it does so it should return 2
from the callback. On error it should return 0.
.IP "\fB\s-1ASN1_OP_NEW_POST\s0\fR" 4
.IP \fBASN1_OP_NEW_POST\fR 4
.IX Item "ASN1_OP_NEW_POST"
Invoked when processing a \fB\s-1CHOICE\s0\fR, \fB\s-1SEQUENCE\s0\fR or \fB\s-1NDEF_SEQUENCE\s0\fR structure
after an \fB\s-1ASN1_VALUE\s0\fR object has been allocated. The allocated object is in
Invoked when processing a \fBCHOICE\fR, \fBSEQUENCE\fR or \fBNDEF_SEQUENCE\fR structure
after an \fBASN1_VALUE\fR object has been allocated. The allocated object is in
\&\fI*pval\fR.
.IP "\fB\s-1ASN1_OP_FREE_PRE\s0\fR" 4
.IP \fBASN1_OP_FREE_PRE\fR 4
.IX Item "ASN1_OP_FREE_PRE"
Invoked when processing a \fB\s-1CHOICE\s0\fR, \fB\s-1SEQUENCE\s0\fR or \fB\s-1NDEF_SEQUENCE\s0\fR structure
immediately before an \fB\s-1ASN1_VALUE\s0\fR is freed. If the callback originally
constructed the \fB\s-1ASN1_VALUE\s0\fR via \fB\s-1ASN1_OP_NEW_PRE\s0\fR then it should free it at
Invoked when processing a \fBCHOICE\fR, \fBSEQUENCE\fR or \fBNDEF_SEQUENCE\fR structure
immediately before an \fBASN1_VALUE\fR is freed. If the callback originally
constructed the \fBASN1_VALUE\fR via \fBASN1_OP_NEW_PRE\fR then it should free it at
this point and return 2 from the callback. Otherwise it should return 1 for
success or 0 on error.
.IP "\fB\s-1ASN1_OP_FREE_POST\s0\fR" 4
.IP \fBASN1_OP_FREE_POST\fR 4
.IX Item "ASN1_OP_FREE_POST"
Invoked when processing a \fB\s-1CHOICE\s0\fR, \fB\s-1SEQUENCE\s0\fR or \fB\s-1NDEF_SEQUENCE\s0\fR structure
immediately after \fB\s-1ASN1_VALUE\s0\fR sub-structures are freed.
.IP "\fB\s-1ASN1_OP_D2I_PRE\s0\fR" 4
Invoked when processing a \fBCHOICE\fR, \fBSEQUENCE\fR or \fBNDEF_SEQUENCE\fR structure
immediately after \fBASN1_VALUE\fR sub-structures are freed.
.IP \fBASN1_OP_D2I_PRE\fR 4
.IX Item "ASN1_OP_D2I_PRE"
Invoked when processing a \fB\s-1CHOICE\s0\fR, \fB\s-1SEQUENCE\s0\fR or \fB\s-1NDEF_SEQUENCE\s0\fR structure
immediately before a \*(L"d2i\*(R" operation for the \fB\s-1ASN1_VALUE\s0\fR.
.IP "\fB\s-1ASN1_OP_D2I_POST\s0\fR" 4
Invoked when processing a \fBCHOICE\fR, \fBSEQUENCE\fR or \fBNDEF_SEQUENCE\fR structure
immediately before a "d2i" operation for the \fBASN1_VALUE\fR.
.IP \fBASN1_OP_D2I_POST\fR 4
.IX Item "ASN1_OP_D2I_POST"
Invoked when processing a \fB\s-1CHOICE\s0\fR, \fB\s-1SEQUENCE\s0\fR or \fB\s-1NDEF_SEQUENCE\s0\fR structure
immediately after a \*(L"d2i\*(R" operation for the \fB\s-1ASN1_VALUE\s0\fR.
.IP "\fB\s-1ASN1_OP_I2D_PRE\s0\fR" 4
Invoked when processing a \fBCHOICE\fR, \fBSEQUENCE\fR or \fBNDEF_SEQUENCE\fR structure
immediately after a "d2i" operation for the \fBASN1_VALUE\fR.
.IP \fBASN1_OP_I2D_PRE\fR 4
.IX Item "ASN1_OP_I2D_PRE"
Invoked when processing a \fB\s-1CHOICE\s0\fR, \fB\s-1SEQUENCE\s0\fR or \fB\s-1NDEF_SEQUENCE\s0\fR structure
immediately before a \*(L"i2d\*(R" operation for the \fB\s-1ASN1_VALUE\s0\fR.
.IP "\fB\s-1ASN1_OP_I2D_POST\s0\fR" 4
Invoked when processing a \fBCHOICE\fR, \fBSEQUENCE\fR or \fBNDEF_SEQUENCE\fR structure
immediately before a "i2d" operation for the \fBASN1_VALUE\fR.
.IP \fBASN1_OP_I2D_POST\fR 4
.IX Item "ASN1_OP_I2D_POST"
Invoked when processing a \fB\s-1CHOICE\s0\fR, \fB\s-1SEQUENCE\s0\fR or \fB\s-1NDEF_SEQUENCE\s0\fR structure
immediately after a \*(L"i2d\*(R" operation for the \fB\s-1ASN1_VALUE\s0\fR.
.IP "\fB\s-1ASN1_OP_PRINT_PRE\s0\fR" 4
Invoked when processing a \fBCHOICE\fR, \fBSEQUENCE\fR or \fBNDEF_SEQUENCE\fR structure
immediately after a "i2d" operation for the \fBASN1_VALUE\fR.
.IP \fBASN1_OP_PRINT_PRE\fR 4
.IX Item "ASN1_OP_PRINT_PRE"
Invoked when processing a \fB\s-1SEQUENCE\s0\fR or \fB\s-1NDEF_SEQUENCE\s0\fR structure immediately
before printing the \fB\s-1ASN1_VALUE\s0\fR. The \fIexarg\fR argument will be a pointer to an
\&\fB\s-1ASN1_PRINT_ARG\s0\fR structure (see below).
.IP "\fB\s-1ASN1_OP_PRINT_POST\s0\fR" 4
Invoked when processing a \fBSEQUENCE\fR or \fBNDEF_SEQUENCE\fR structure immediately
before printing the \fBASN1_VALUE\fR. The \fIexarg\fR argument will be a pointer to an
\&\fBASN1_PRINT_ARG\fR structure (see below).
.IP \fBASN1_OP_PRINT_POST\fR 4
.IX Item "ASN1_OP_PRINT_POST"
Invoked when processing a \fB\s-1SEQUENCE\s0\fR or \fB\s-1NDEF_SEQUENCE\s0\fR structure immediately
after printing the \fB\s-1ASN1_VALUE\s0\fR. The \fIexarg\fR argument will be a pointer to an
\&\fB\s-1ASN1_PRINT_ARG\s0\fR structure (see below).
.IP "\fB\s-1ASN1_OP_STREAM_PRE\s0\fR" 4
Invoked when processing a \fBSEQUENCE\fR or \fBNDEF_SEQUENCE\fR structure immediately
after printing the \fBASN1_VALUE\fR. The \fIexarg\fR argument will be a pointer to an
\&\fBASN1_PRINT_ARG\fR structure (see below).
.IP \fBASN1_OP_STREAM_PRE\fR 4
.IX Item "ASN1_OP_STREAM_PRE"
Invoked immediately prior to streaming the \fB\s-1ASN1_VALUE\s0\fR data using indefinite
length encoding. The \fIexarg\fR argument will be a pointer to a \fB\s-1ASN1_STREAM_ARG\s0\fR
Invoked immediately prior to streaming the \fBASN1_VALUE\fR data using indefinite
length encoding. The \fIexarg\fR argument will be a pointer to a \fBASN1_STREAM_ARG\fR
structure (see below).
.IP "\fB\s-1ASN1_OP_STREAM_POST\s0\fR" 4
.IP \fBASN1_OP_STREAM_POST\fR 4
.IX Item "ASN1_OP_STREAM_POST"
Invoked immediately after streaming the \fB\s-1ASN1_VALUE\s0\fR data using indefinite
length encoding. The \fIexarg\fR argument will be a pointer to a \fB\s-1ASN1_STREAM_ARG\s0\fR
Invoked immediately after streaming the \fBASN1_VALUE\fR data using indefinite
length encoding. The \fIexarg\fR argument will be a pointer to a \fBASN1_STREAM_ARG\fR
structure (see below).
.IP "\fB\s-1ASN1_OP_DETACHED_PRE\s0\fR" 4
.IP \fBASN1_OP_DETACHED_PRE\fR 4
.IX Item "ASN1_OP_DETACHED_PRE"
Invoked immediately prior to processing the \fB\s-1ASN1_VALUE\s0\fR data as a \*(L"detached\*(R"
value (as used in \s-1CMS\s0 and \s-1PKCS7\s0). The \fIexarg\fR argument will be a pointer to a
\&\fB\s-1ASN1_STREAM_ARG\s0\fR structure (see below).
.IP "\fB\s-1ASN1_OP_DETACHED_POST\s0\fR" 4
Invoked immediately prior to processing the \fBASN1_VALUE\fR data as a "detached"
value (as used in CMS and PKCS7). The \fIexarg\fR argument will be a pointer to a
\&\fBASN1_STREAM_ARG\fR structure (see below).
.IP \fBASN1_OP_DETACHED_POST\fR 4
.IX Item "ASN1_OP_DETACHED_POST"
Invoked immediately after processing the \fB\s-1ASN1_VALUE\s0\fR data as a \*(L"detached\*(R"
value (as used in \s-1CMS\s0 and \s-1PKCS7\s0). The \fIexarg\fR argument will be a pointer to a
\&\fB\s-1ASN1_STREAM_ARG\s0\fR structure (see below).
.IP "\fB\s-1ASN1_OP_DUP_PRE\s0\fR" 4
Invoked immediately after processing the \fBASN1_VALUE\fR data as a "detached"
value (as used in CMS and PKCS7). The \fIexarg\fR argument will be a pointer to a
\&\fBASN1_STREAM_ARG\fR structure (see below).
.IP \fBASN1_OP_DUP_PRE\fR 4
.IX Item "ASN1_OP_DUP_PRE"
Invoked immediate prior to an \s-1ASN1_VALUE\s0 being duplicated via a call to
Invoked immediate prior to an ASN1_VALUE being duplicated via a call to
\&\fBASN1_item_dup()\fR.
.IP "\fB\s-1ASN1_OP_DUP_POST\s0\fR" 4
.IP \fBASN1_OP_DUP_POST\fR 4
.IX Item "ASN1_OP_DUP_POST"
Invoked immediate after to an \s-1ASN1_VALUE\s0 has been duplicated via a call to
Invoked immediate after to an ASN1_VALUE has been duplicated via a call to
\&\fBASN1_item_dup()\fR.
.IP "\fB\s-1ASN1_OP_GET0_LIBCTX\s0\fR" 4
.IP \fBASN1_OP_GET0_LIBCTX\fR 4
.IX Item "ASN1_OP_GET0_LIBCTX"
Invoked in order to obtain the \fB\s-1OSSL_LIB_CTX\s0\fR associated with an \fB\s-1ASN1_VALUE\s0\fR
if any. A pointer to an \fB\s-1OSSL_LIB_CTX\s0\fR should be stored in \fI*exarg\fR if such
Invoked in order to obtain the \fBOSSL_LIB_CTX\fR associated with an \fBASN1_VALUE\fR
if any. A pointer to an \fBOSSL_LIB_CTX\fR should be stored in \fI*exarg\fR if such
a value exists.
.IP "\fB\s-1ASN1_OP_GET0_PROPQ\s0\fR" 4
.IP \fBASN1_OP_GET0_PROPQ\fR 4
.IX Item "ASN1_OP_GET0_PROPQ"
Invoked in order to obtain the property query string associated with an
\&\fB\s-1ASN1_VALUE\s0\fR if any. A pointer to the property query string should be stored in
\&\fBASN1_VALUE\fR if any. A pointer to the property query string should be stored in
\&\fI*exarg\fR if such a value exists.
.PP
An \fB\s-1ASN1_PRINT_ARG\s0\fR object is used during processing of \fB\s-1ASN1_OP_PRINT_PRE\s0\fR
and \fB\s-1ASN1_OP_PRINT_POST\s0\fR callback operations. It contains the following
An \fBASN1_PRINT_ARG\fR object is used during processing of \fBASN1_OP_PRINT_PRE\fR
and \fBASN1_OP_PRINT_POST\fR callback operations. It contains the following
information.
.IP "\fIout\fR" 4
.IP \fIout\fR 4
.IX Item "out"
The \fB\s-1BIO\s0\fR being used to print the data out.
.IP "\fIndef_bio\fR" 4
The \fBBIO\fR being used to print the data out.
.IP \fIndef_bio\fR 4
.IX Item "ndef_bio"
The current number of indent spaces that should be used for printing this data.
.IP "\fIpctx\fR" 4
.IP \fIpctx\fR 4
.IX Item "pctx"
The context for the \fB\s-1ASN1_PCTX\s0\fR operation.
The context for the \fBASN1_PCTX\fR operation.
.PP
An \fB\s-1ASN1_STREAM_ARG\s0\fR object is used during processing of \fB\s-1ASN1_OP_STREAM_PRE\s0\fR,
\&\fB\s-1ASN1_OP_STREAM_POST\s0\fR, \fB\s-1ASN1_OP_DETACHED_PRE\s0\fR and \fB\s-1ASN1_OP_DETACHED_POST\s0\fR
An \fBASN1_STREAM_ARG\fR object is used during processing of \fBASN1_OP_STREAM_PRE\fR,
\&\fBASN1_OP_STREAM_POST\fR, \fBASN1_OP_DETACHED_PRE\fR and \fBASN1_OP_DETACHED_POST\fR
callback operations. It contains the following information.
.IP "\fIout\fR" 4
.IP \fIout\fR 4
.IX Item "out"
The \fB\s-1BIO\s0\fR to stream through
.IP "\fIndef_bio\fR" 4
The \fBBIO\fR to stream through
.IP \fIndef_bio\fR 4
.IX Item "ndef_bio"
The \fB\s-1BIO\s0\fR with filters appended
.IP "\fIboundary\fR" 4
The \fBBIO\fR with filters appended
.IP \fIboundary\fR 4
.IX Item "boundary"
The streaming I/O boundary.
.SH "RETURN VALUES"
@ -352,15 +276,15 @@ require specific positive success values as noted above.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBASN1_item_new_ex\fR\|(3)
.SH "HISTORY"
.SH HISTORY
.IX Header "HISTORY"
The \fBASN1_aux_const_cb()\fR callback and the \fB\s-1ASN1_OP_GET0_LIBCTX\s0\fR and
\&\fB\s-1ASN1_OP_GET0_PROPQ\s0\fR operation types were added in OpenSSL 3.0.
.SH "COPYRIGHT"
The \fBASN1_aux_const_cb()\fR callback and the \fBASN1_OP_GET0_LIBCTX\fR and
\&\fBASN1_OP_GET0_PROPQ\fR operation types were added in OpenSSL 3.0.
.SH COPYRIGHT
.IX Header "COPYRIGHT"
Copyright 2021\-2023 The OpenSSL Project Authors. All Rights Reserved.
Copyright 2021\-2025 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
in the file LICENSE in the source distribution or at
<https://www.openssl.org/source/license.html>.

210
secure/lib/libcrypto/man/man3/ASN1_generate_nconf.3
View file

@ -1,4 +1,5 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\" -*- mode: troff; coding: utf-8 -*-
.\" Automatically generated by Pod::Man 5.0102 (Pod::Simple 3.45)
.\"
.\" Standard preamble:
.\" ========================================================================
@ -15,29 +16,12 @@
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.\" \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>.
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
@ -68,77 +52,17 @@
. \}
.\}
.rr rF
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "ASN1_GENERATE_NCONF 3ossl"
.TH ASN1_GENERATE_NCONF 3ossl "2023-09-19" "3.0.11" "OpenSSL"
.TH ASN1_GENERATE_NCONF 3ossl 2025-07-01 3.5.1 OpenSSL
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
.SH NAME
ASN1_generate_nconf, ASN1_generate_v3 \- ASN1 string generation functions
.SH "SYNOPSIS"
.SH SYNOPSIS
.IX Header "SYNOPSIS"
.Vb 1
\& #include <openssl/asn1.h>
@ -146,24 +70,24 @@ ASN1_generate_nconf, ASN1_generate_v3 \- ASN1 string generation functions
\& ASN1_TYPE *ASN1_generate_nconf(const char *str, CONF *nconf);
\& ASN1_TYPE *ASN1_generate_v3(const char *str, X509V3_CTX *cnf);
.Ve
.SH "DESCRIPTION"
.SH DESCRIPTION
.IX Header "DESCRIPTION"
These functions generate the \s-1ASN1\s0 encoding of a string
in an \fB\s-1ASN1_TYPE\s0\fR structure.
These functions generate the ASN1 encoding of a string
in an \fBASN1_TYPE\fR structure.
.PP
\&\fIstr\fR contains the string to encode. \fInconf\fR or \fIcnf\fR contains
the optional configuration information where additional strings
will be read from. \fInconf\fR will typically come from a config
file whereas \fIcnf\fR is obtained from an \fBX509V3_CTX\fR structure,
which will typically be used by X509 v3 certificate extension
functions. \fIcnf\fR or \fInconf\fR can be set to \s-1NULL\s0 if no additional
functions. \fIcnf\fR or \fInconf\fR can be set to NULL if no additional
configuration will be used.
.SH "GENERATION STRING FORMAT"
.IX Header "GENERATION STRING FORMAT"
The actual data encoded is determined by the string \fIstr\fR and
the configuration information. The general format of the string
is:
.IP "[\fImodifier\fR,]\fItype\fR[:\fIvalue\fR]" 4
.IP [\fImodifier\fR,]\fItype\fR[:\fIvalue\fR] 4
.IX Item "[modifier,]type[:value]"
.PP
That is zero or more comma separated modifiers followed by a type
@ -173,103 +97,103 @@ followed by an optional colon and a value. The formats of \fItype\fR,
.IX Subsection "Supported Types"
The supported types are listed below.
Case is not significant in the type names.
Unless otherwise specified only the \fB\s-1ASCII\s0\fR format is permissible.
.IP "\fB\s-1BOOLEAN\s0\fR, \fB\s-1BOOL\s0\fR" 4
Unless otherwise specified only the \fBASCII\fR format is permissible.
.IP "\fBBOOLEAN\fR, \fBBOOL\fR" 4
.IX Item "BOOLEAN, BOOL"
This encodes a boolean type. The \fIvalue\fR string is mandatory and
should be \fB\s-1TRUE\s0\fR or \fB\s-1FALSE\s0\fR. Additionally \fB\s-1TRUE\s0\fR, \fBtrue\fR, \fBY\fR,
\&\fBy\fR, \fB\s-1YES\s0\fR, \fByes\fR, \fB\s-1FALSE\s0\fR, \fBfalse\fR, \fBN\fR, \fBn\fR, \fB\s-1NO\s0\fR and \fBno\fR
should be \fBTRUE\fR or \fBFALSE\fR. Additionally \fBTRUE\fR, \fBtrue\fR, \fBY\fR,
\&\fBy\fR, \fBYES\fR, \fByes\fR, \fBFALSE\fR, \fBfalse\fR, \fBN\fR, \fBn\fR, \fBNO\fR and \fBno\fR
are acceptable.
.IP "\fB\s-1NULL\s0\fR" 4
.IP \fBNULL\fR 4
.IX Item "NULL"
Encode the \fB\s-1NULL\s0\fR type, the \fIvalue\fR string must not be present.
.IP "\fB\s-1INTEGER\s0\fR, \fB\s-1INT\s0\fR" 4
Encode the \fBNULL\fR type, the \fIvalue\fR string must not be present.
.IP "\fBINTEGER\fR, \fBINT\fR" 4
.IX Item "INTEGER, INT"
Encodes an \s-1ASN1\s0 \fB\s-1INTEGER\s0\fR type. The \fIvalue\fR string represents
Encodes an ASN1 \fBINTEGER\fR type. The \fIvalue\fR string represents
the value of the integer, it can be prefaced by a minus sign and
is normally interpreted as a decimal value unless the prefix \fB0x\fR
is included.
.IP "\fB\s-1ENUMERATED\s0\fR, \fB\s-1ENUM\s0\fR" 4
.IP "\fBENUMERATED\fR, \fBENUM\fR" 4
.IX Item "ENUMERATED, ENUM"
Encodes the \s-1ASN1\s0 \fB\s-1ENUMERATED\s0\fR type, it is otherwise identical to
\&\fB\s-1INTEGER\s0\fR.
.IP "\fB\s-1OBJECT\s0\fR, \fB\s-1OID\s0\fR" 4
Encodes the ASN1 \fBENUMERATED\fR type, it is otherwise identical to
\&\fBINTEGER\fR.
.IP "\fBOBJECT\fR, \fBOID\fR" 4
.IX Item "OBJECT, OID"
Encodes an \s-1ASN1\s0 \fB\s-1OBJECT IDENTIFIER\s0\fR, the \fIvalue\fR string can be
Encodes an ASN1 \fBOBJECT IDENTIFIER\fR, the \fIvalue\fR string can be
a short name, a long name or numerical format.
.IP "\fB\s-1UTCTIME\s0\fR, \fB\s-1UTC\s0\fR" 4
.IP "\fBUTCTIME\fR, \fBUTC\fR" 4
.IX Item "UTCTIME, UTC"
Encodes an \s-1ASN1\s0 \fBUTCTime\fR structure, the value should be in
the format \fB\s-1YYMMDDHHMMSSZ\s0\fR.
.IP "\fB\s-1GENERALIZEDTIME\s0\fR, \fB\s-1GENTIME\s0\fR" 4
Encodes an ASN1 \fBUTCTime\fR structure, the value should be in
the format \fBYYMMDDHHMMSSZ\fR.
.IP "\fBGENERALIZEDTIME\fR, \fBGENTIME\fR" 4
.IX Item "GENERALIZEDTIME, GENTIME"
Encodes an \s-1ASN1\s0 \fBGeneralizedTime\fR structure, the value should be in
the format \fB\s-1YYYYMMDDHHMMSSZ\s0\fR.
.IP "\fB\s-1OCTETSTRING\s0\fR, \fB\s-1OCT\s0\fR" 4
Encodes an ASN1 \fBGeneralizedTime\fR structure, the value should be in
the format \fBYYYYMMDDHHMMSSZ\fR.
.IP "\fBOCTETSTRING\fR, \fBOCT\fR" 4
.IX Item "OCTETSTRING, OCT"
Encodes an \s-1ASN1\s0 \fB\s-1OCTET STRING\s0\fR. \fIvalue\fR represents the contents
of this structure, the format strings \fB\s-1ASCII\s0\fR and \fB\s-1HEX\s0\fR can be
Encodes an ASN1 \fBOCTET STRING\fR. \fIvalue\fR represents the contents
of this structure, the format strings \fBASCII\fR and \fBHEX\fR can be
used to specify the format of \fIvalue\fR.
.IP "\fB\s-1BITSTRING\s0\fR, \fB\s-1BITSTR\s0\fR" 4
.IP "\fBBITSTRING\fR, \fBBITSTR\fR" 4
.IX Item "BITSTRING, BITSTR"
Encodes an \s-1ASN1\s0 \fB\s-1BIT STRING\s0\fR. \fIvalue\fR represents the contents
of this structure, the format strings \fB\s-1ASCII\s0\fR, \fB\s-1HEX\s0\fR and \fB\s-1BITLIST\s0\fR
Encodes an ASN1 \fBBIT STRING\fR. \fIvalue\fR represents the contents
of this structure, the format strings \fBASCII\fR, \fBHEX\fR and \fBBITLIST\fR
can be used to specify the format of \fIvalue\fR.
.Sp
If the format is anything other than \fB\s-1BITLIST\s0\fR the number of unused
If the format is anything other than \fBBITLIST\fR the number of unused
bits is set to zero.
.IP "\fB\s-1UNIVERSALSTRING\s0\fR, \fB\s-1UNIV\s0\fR, \fB\s-1IA5\s0\fR, \fB\s-1IA5STRING\s0\fR, \fB\s-1UTF8\s0\fR, \fBUTF8String\fR, \fB\s-1BMP\s0\fR, \fB\s-1BMPSTRING\s0\fR, \fB\s-1VISIBLESTRING\s0\fR, \fB\s-1VISIBLE\s0\fR, \fB\s-1PRINTABLESTRING\s0\fR, \fB\s-1PRINTABLE\s0\fR, \fBT61\fR, \fBT61STRING\fR, \fB\s-1TELETEXSTRING\s0\fR, \fBGeneralString\fR, \fB\s-1NUMERICSTRING\s0\fR, \fB\s-1NUMERIC\s0\fR" 4
.IP "\fBUNIVERSALSTRING\fR, \fBUNIV\fR, \fBIA5\fR, \fBIA5STRING\fR, \fBUTF8\fR, \fBUTF8String\fR, \fBBMP\fR, \fBBMPSTRING\fR, \fBVISIBLESTRING\fR, \fBVISIBLE\fR, \fBPRINTABLESTRING\fR, \fBPRINTABLE\fR, \fBT61\fR, \fBT61STRING\fR, \fBTELETEXSTRING\fR, \fBGeneralString\fR, \fBNUMERICSTRING\fR, \fBNUMERIC\fR" 4
.IX Item "UNIVERSALSTRING, UNIV, IA5, IA5STRING, UTF8, UTF8String, BMP, BMPSTRING, VISIBLESTRING, VISIBLE, PRINTABLESTRING, PRINTABLE, T61, T61STRING, TELETEXSTRING, GeneralString, NUMERICSTRING, NUMERIC"
These encode the corresponding string types. \fIvalue\fR represents the
contents of this structure. The format can be \fB\s-1ASCII\s0\fR or \fB\s-1UTF8\s0\fR.
.IP "\fB\s-1SEQUENCE\s0\fR, \fB\s-1SEQ\s0\fR, \fB\s-1SET\s0\fR" 4
contents of this structure. The format can be \fBASCII\fR or \fBUTF8\fR.
.IP "\fBSEQUENCE\fR, \fBSEQ\fR, \fBSET\fR" 4
.IX Item "SEQUENCE, SEQ, SET"
Formats the result as an \s-1ASN1\s0 \fB\s-1SEQUENCE\s0\fR or \fB\s-1SET\s0\fR type. \fIvalue\fR
Formats the result as an ASN1 \fBSEQUENCE\fR or \fBSET\fR type. \fIvalue\fR
should be a section name which will contain the contents. The
field names in the section are ignored and the values are in the
generated string format. If \fIvalue\fR is absent then an empty \s-1SEQUENCE\s0
generated string format. If \fIvalue\fR is absent then an empty SEQUENCE
will be encoded.
.SS "Modifiers"
.SS Modifiers
.IX Subsection "Modifiers"
Modifiers affect the following structure, they can be used to
add \s-1EXPLICIT\s0 or \s-1IMPLICIT\s0 tagging, add wrappers or to change
add EXPLICIT or IMPLICIT tagging, add wrappers or to change
the string format of the final type and value. The supported
formats are documented below.
.IP "\fB\s-1EXPLICIT\s0\fR, \fB\s-1EXP\s0\fR" 4
.IP "\fBEXPLICIT\fR, \fBEXP\fR" 4
.IX Item "EXPLICIT, EXP"
Add an explicit tag to the following structure. This string
should be followed by a colon and the tag value to use as a
decimal value.
.Sp
By following the number with \fBU\fR, \fBA\fR, \fBP\fR or \fBC\fR \s-1UNIVERSAL,
APPLICATION, PRIVATE\s0 or \s-1CONTEXT SPECIFIC\s0 tagging can be used,
the default is \s-1CONTEXT SPECIFIC.\s0
.IP "\fB\s-1IMPLICIT\s0\fR, \fB\s-1IMP\s0\fR" 4
By following the number with \fBU\fR, \fBA\fR, \fBP\fR or \fBC\fR UNIVERSAL,
APPLICATION, PRIVATE or CONTEXT SPECIFIC tagging can be used,
the default is CONTEXT SPECIFIC.
.IP "\fBIMPLICIT\fR, \fBIMP\fR" 4
.IX Item "IMPLICIT, IMP"
This is the same as \fB\s-1EXPLICIT\s0\fR except \s-1IMPLICIT\s0 tagging is used
This is the same as \fBEXPLICIT\fR except IMPLICIT tagging is used
instead.
.IP "\fB\s-1OCTWRAP\s0\fR, \fB\s-1SEQWRAP\s0\fR, \fB\s-1SETWRAP\s0\fR, \fB\s-1BITWRAP\s0\fR" 4
.IP "\fBOCTWRAP\fR, \fBSEQWRAP\fR, \fBSETWRAP\fR, \fBBITWRAP\fR" 4
.IX Item "OCTWRAP, SEQWRAP, SETWRAP, BITWRAP"
The following structure is surrounded by an \s-1OCTET STRING,\s0 a \s-1SEQUENCE,\s0
a \s-1SET\s0 or a \s-1BIT STRING\s0 respectively. For a \s-1BIT STRING\s0 the number of unused
The following structure is surrounded by an OCTET STRING, a SEQUENCE,
a SET or a BIT STRING respectively. For a BIT STRING the number of unused
bits is set to zero.
.IP "\fB\s-1FORMAT\s0\fR" 4
.IP \fBFORMAT\fR 4
.IX Item "FORMAT"
This specifies the format of the ultimate value. It should be followed
by a colon and one of the strings \fB\s-1ASCII\s0\fR, \fB\s-1UTF8\s0\fR, \fB\s-1HEX\s0\fR or \fB\s-1BITLIST\s0\fR.
by a colon and one of the strings \fBASCII\fR, \fBUTF8\fR, \fBHEX\fR or \fBBITLIST\fR.
.Sp
If no format specifier is included then \fB\s-1ASCII\s0\fR is used. If \fB\s-1UTF8\s0\fR is
specified then the value string must be a valid \fB\s-1UTF8\s0\fR string. For \fB\s-1HEX\s0\fR the
output must be a set of hex digits. \fB\s-1BITLIST\s0\fR (which is only valid for a \s-1BIT
STRING\s0) is a comma separated list of the indices of the set bits, all other
If no format specifier is included then \fBASCII\fR is used. If \fBUTF8\fR is
specified then the value string must be a valid \fBUTF8\fR string. For \fBHEX\fR the
output must be a set of hex digits. \fBBITLIST\fR (which is only valid for a BIT
STRING) is a comma separated list of the indices of the set bits, all other
bits are zero.
.SH "RETURN VALUES"
.IX Header "RETURN VALUES"
\&\fBASN1_generate_nconf()\fR and \fBASN1_generate_v3()\fR return the encoded
data as an \fB\s-1ASN1_TYPE\s0\fR structure or \s-1NULL\s0 if an error occurred.
data as an \fBASN1_TYPE\fR structure or NULL if an error occurred.
.PP
The error codes that can be obtained by \fBERR_get_error\fR\|(3).
.SH "EXAMPLES"
.SH EXAMPLES
.IX Header "EXAMPLES"
A simple IA5String:
.PP
@ -283,20 +207,20 @@ An IA5String explicitly tagged:
\& EXPLICIT:0,IA5STRING:Hello World
.Ve
.PP
An IA5String explicitly tagged using \s-1APPLICATION\s0 tagging:
An IA5String explicitly tagged using APPLICATION tagging:
.PP
.Vb 1
\& EXPLICIT:0A,IA5STRING:Hello World
.Ve
.PP
A \s-1BITSTRING\s0 with bits 1 and 5 set and all others zero:
A BITSTRING with bits 1 and 5 set and all others zero:
.PP
.Vb 1
\& FORMAT:BITLIST,BITSTRING:1,5
.Ve
.PP
A more complex example using a config file to produce a
\&\s-1SEQUENCE\s0 consisting of a \s-1BOOL\s0 an \s-1OID\s0 and a UTF8String:
SEQUENCE consisting of a BOOL an OID and a UTF8String:
.PP
.Vb 1
\& asn1 = SEQUENCE:seq_section
@ -370,11 +294,11 @@ structure:
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBERR_get_error\fR\|(3)
.SH "COPYRIGHT"
.SH COPYRIGHT
.IX Header "COPYRIGHT"
Copyright 2002\-2021 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
in the file LICENSE in the source distribution or at
<https://www.openssl.org/source/license.html>.

173
secure/lib/libcrypto/man/man3/ASN1_item_d2i_bio.3
View file

@ -1,4 +1,5 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\" -*- mode: troff; coding: utf-8 -*-
.\" Automatically generated by Pod::Man 5.0102 (Pod::Simple 3.45)
.\"
.\" Standard preamble:
.\" ========================================================================
@ -15,29 +16,12 @@
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.\" \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>.
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
@ -68,79 +52,20 @@
. \}
.\}
.rr rF
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "ASN1_ITEM_D2I_BIO 3ossl"
.TH ASN1_ITEM_D2I_BIO 3ossl "2023-09-19" "3.0.11" "OpenSSL"
.TH ASN1_ITEM_D2I_BIO 3ossl 2025-07-01 3.5.1 OpenSSL
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
.SH NAME
ASN1_item_d2i_ex, ASN1_item_d2i, ASN1_item_d2i_bio_ex, ASN1_item_d2i_bio,
ASN1_item_d2i_fp_ex, ASN1_item_d2i_fp, ASN1_item_i2d_mem_bio
ASN1_item_d2i_fp_ex, ASN1_item_d2i_fp, ASN1_item_i2d_mem_bio,
ASN1_item_pack, ASN1_item_unpack_ex, ASN1_item_unpack
\&\- decode and encode DER\-encoded ASN.1 structures
.SH "SYNOPSIS"
.SH SYNOPSIS
.IX Header "SYNOPSIS"
.Vb 1
\& #include <openssl/asn1.h>
@ -160,59 +85,85 @@ ASN1_item_d2i_fp_ex, ASN1_item_d2i_fp, ASN1_item_i2d_mem_bio
\& void *ASN1_item_d2i_fp(const ASN1_ITEM *it, FILE *in, void *x);
\&
\& BIO *ASN1_item_i2d_mem_bio(const ASN1_ITEM *it, const ASN1_VALUE *val);
\&
\& ASN1_STRING *ASN1_item_pack(void *obj, const ASN1_ITEM *it, ASN1_STRING **oct);
\&
\& void *ASN1_item_unpack(const ASN1_STRING *oct, const ASN1_ITEM *it);
\&
\& void *ASN1_item_unpack_ex(const ASN1_STRING *oct, const ASN1_ITEM *it,
\& OSSL_LIB_CTX *libctx, const char *propq);
.Ve
.SH "DESCRIPTION"
.SH DESCRIPTION
.IX Header "DESCRIPTION"
\&\fBASN1_item_d2i_ex()\fR decodes the contents of the data stored in \fI*in\fR of length
\&\fIlen\fR which must be a DER-encoded \s-1ASN.1\s0 structure, using the \s-1ASN.1\s0 template
\&\fIit\fR. It places the result in \fI*pval\fR unless \fIpval\fR is \s-1NULL.\s0 If \fI*pval\fR is
non-NULL on entry then the \fB\s-1ASN1_VALUE\s0\fR present there will be reused. Otherwise
a new \fB\s-1ASN1_VALUE\s0\fR will be allocated. If any algorithm fetches are required
during the process then they will use the \fB\s-1OSSL_LIB_CTX\s0\fRprovided in the
\&\fIlen\fR which must be a DER-encoded ASN.1 structure, using the ASN.1 template
\&\fIit\fR. It places the result in \fI*pval\fR unless \fIpval\fR is NULL. If \fI*pval\fR is
non-NULL on entry then the \fBASN1_VALUE\fR present there will be reused. Otherwise
a new \fBASN1_VALUE\fR will be allocated. If any algorithm fetches are required
during the process then they will use the \fBOSSL_LIB_CTX\fRprovided in the
\&\fIlibctx\fR parameter and the property query string in \fIpropq\fR. See
\&\*(L"\s-1ALGORITHM FETCHING\*(R"\s0 in \fBcrypto\fR\|(7) for more information about algorithm fetching.
"ALGORITHM FETCHING" in \fBcrypto\fR\|(7) for more information about algorithm fetching.
On exit \fI*in\fR will be updated to point to the next byte in the buffer after the
decoded structure.
.PP
\&\fBASN1_item_d2i()\fR is the same as \fBASN1_item_d2i_ex()\fR except that the default
\&\s-1OSSL_LIB_CTX\s0 is used (i.e. \s-1NULL\s0) and with a \s-1NULL\s0 property query string.
OSSL_LIB_CTX is used (i.e. NULL) and with a NULL property query string.
.PP
\&\fBASN1_item_d2i_bio_ex()\fR decodes the contents of its input \s-1BIO\s0 \fIin\fR,
which must be a DER-encoded \s-1ASN.1\s0 structure, using the \s-1ASN.1\s0 template \fIit\fR
and places the result in \fI*pval\fR unless \fIpval\fR is \s-1NULL.\s0
If \fIin\fR is \s-1NULL\s0 it returns \s-1NULL,\s0 else a pointer to the parsed structure. If any
\&\fBASN1_item_d2i_bio_ex()\fR decodes the contents of its input BIO \fIin\fR,
which must be a DER-encoded ASN.1 structure, using the ASN.1 template \fIit\fR
and places the result in \fI*pval\fR unless \fIpval\fR is NULL.
If \fIin\fR is NULL it returns NULL, else a pointer to the parsed structure. If any
algorithm fetches are required during the process then they will use the
\&\fB\s-1OSSL_LIB_CTX\s0\fR provided in the \fIlibctx\fR parameter and the property query
string in \fIpropq\fR. See \*(L"\s-1ALGORITHM FETCHING\*(R"\s0 in \fBcrypto\fR\|(7) for more information
\&\fBOSSL_LIB_CTX\fR provided in the \fIlibctx\fR parameter and the property query
string in \fIpropq\fR. See "ALGORITHM FETCHING" in \fBcrypto\fR\|(7) for more information
about algorithm fetching.
.PP
\&\fBASN1_item_d2i_bio()\fR is the same as \fBASN1_item_d2i_bio_ex()\fR except that the
default \fB\s-1OSSL_LIB_CTX\s0\fR is used (i.e. \s-1NULL\s0) and with a \s-1NULL\s0 property query
default \fBOSSL_LIB_CTX\fR is used (i.e. NULL) and with a NULL property query
string.
.PP
\&\fBASN1_item_d2i_fp_ex()\fR is the same as \fBASN1_item_d2i_bio_ex()\fR except that a \s-1FILE\s0
pointer is provided instead of a \s-1BIO.\s0
\&\fBASN1_item_d2i_fp_ex()\fR is the same as \fBASN1_item_d2i_bio_ex()\fR except that a FILE
pointer is provided instead of a BIO.
.PP
\&\fBASN1_item_d2i_fp()\fR is the same as \fBASN1_item_d2i_fp_ex()\fR except that the
default \fB\s-1OSSL_LIB_CTX\s0\fR is used (i.e. \s-1NULL\s0) and with a \s-1NULL\s0 property query
default \fBOSSL_LIB_CTX\fR is used (i.e. NULL) and with a NULL property query
string.
.PP
\&\fBASN1_item_i2d_mem_bio()\fR encodes the given \s-1ASN.1\s0 value \fIval\fR
using the \s-1ASN.1\s0 template \fIit\fR and returns the result in a memory \s-1BIO.\s0
\&\fBASN1_item_i2d_mem_bio()\fR encodes the given ASN.1 value \fIval\fR
using the ASN.1 template \fIit\fR and returns the result in a memory BIO.
.PP
\&\fBASN1_item_pack()\fR encodes the given ASN.1 value in \fIobj\fR using the
ASN.1 template \fIit\fR and returns an \fBASN1_STRING\fR object. If the passed in
\&\fI*oct\fR is not NULL then this is used to store the returned result, otherwise
a new \fBASN1_STRING\fR object is created. If \fIoct\fR is not NULL and \fI*oct\fR is NULL
then the returned return is also set into \fI*oct\fR. If there is an error the optional
passed in \fBASN1_STRING\fR will not be freed, but the previous value may be cleared when
ASN1_STRING_set0(*oct, NULL, 0) is called internally.
.PP
\&\fBASN1_item_unpack()\fR uses \fBASN1_item_d2i()\fR to decode the DER-encoded \fBASN1_STRING\fR
\&\fIoct\fR using the ASN.1 template \fIit\fR.
.PP
\&\fBASN1_item_unpack_ex()\fR is similar to \fBASN1_item_unpack()\fR, but uses \fBASN1_item_d2i_ex()\fR so
that the \fIlibctx\fR and \fIpropq\fR can be used when doing algorithm fetching.
.SH "RETURN VALUES"
.IX Header "RETURN VALUES"
\&\fBASN1_item_d2i_bio()\fR returns a pointer to an \fB\s-1ASN1_VALUE\s0\fR or \s-1NULL.\s0
\&\fBASN1_item_d2i_bio()\fR, \fBASN1_item_unpack_ex()\fR and \fBASN1_item_unpack()\fR return a pointer to
an \fBASN1_VALUE\fR or NULL on error.
.PP
\&\fBASN1_item_i2d_mem_bio()\fR returns a pointer to a memory \s-1BIO\s0 or \s-1NULL\s0 on error.
.SH "HISTORY"
\&\fBASN1_item_i2d_mem_bio()\fR returns a pointer to a memory BIO or NULL on error.
.PP
\&\fBASN1_item_pack()\fR returns a pointer to an \fBASN1_STRING\fR or NULL on error.
.SH HISTORY
.IX Header "HISTORY"
The functions \fBASN1_item_d2i_ex()\fR, \fBASN1_item_d2i_bio_ex()\fR, \fBASN1_item_d2i_fp_ex()\fR
and \fBASN1_item_i2d_mem_bio()\fR were added in OpenSSL 3.0.
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2021 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
The function \fBASN1_item_unpack_ex()\fR was added in OpenSSL 3.2.
.SH COPYRIGHT
.IX Header "COPYRIGHT"
Copyright 2021\-2023 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
in the file LICENSE in the source distribution or at
<https://www.openssl.org/source/license.html>.

110
secure/lib/libcrypto/man/man3/ASN1_item_new.3
View file

@ -1,4 +1,5 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\" -*- mode: troff; coding: utf-8 -*-
.\" Automatically generated by Pod::Man 5.0102 (Pod::Simple 3.45)
.\"
.\" Standard preamble:
.\" ========================================================================
@ -15,29 +16,12 @@
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.\" \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>.
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
@ -68,78 +52,18 @@
. \}
.\}
.rr rF
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "ASN1_ITEM_NEW 3ossl"
.TH ASN1_ITEM_NEW 3ossl "2023-09-19" "3.0.11" "OpenSSL"
.TH ASN1_ITEM_NEW 3ossl 2025-07-01 3.5.1 OpenSSL
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
.SH NAME
ASN1_item_new_ex, ASN1_item_new
\&\- create new ASN.1 values
.SH "SYNOPSIS"
.SH SYNOPSIS
.IX Header "SYNOPSIS"
.Vb 1
\& #include <openssl/asn1.h>
@ -148,28 +72,28 @@ ASN1_item_new_ex, ASN1_item_new
\& const char *propq);
\& ASN1_VALUE *ASN1_item_new(const ASN1_ITEM *it);
.Ve
.SH "DESCRIPTION"
.SH DESCRIPTION
.IX Header "DESCRIPTION"
\&\fBASN1_item_new_ex()\fR creates a new \fB\s-1ASN1_VALUE\s0\fR structure based on the
\&\fB\s-1ASN1_ITEM\s0\fR template given in the \fIit\fR parameter. If any algorithm fetches are
required during the process then they will use the \fB\s-1OSSL_LIB_CTX\s0\fR provided in
\&\fBASN1_item_new_ex()\fR creates a new \fBASN1_VALUE\fR structure based on the
\&\fBASN1_ITEM\fR template given in the \fIit\fR parameter. If any algorithm fetches are
required during the process then they will use the \fBOSSL_LIB_CTX\fR provided in
the \fIlibctx\fR parameter and the property query string in \fIpropq\fR. See
\&\*(L"\s-1ALGORITHM FETCHING\*(R"\s0 in \fBcrypto\fR\|(7) for more information about algorithm fetching.
"ALGORITHM FETCHING" in \fBcrypto\fR\|(7) for more information about algorithm fetching.
.PP
\&\fBASN1_item_new()\fR is the same as \fBASN1_item_new_ex()\fR except that the default
\&\fB\s-1OSSL_LIB_CTX\s0\fR is used (i.e. \s-1NULL\s0) and with a \s-1NULL\s0 property query string.
\&\fBOSSL_LIB_CTX\fR is used (i.e. NULL) and with a NULL property query string.
.SH "RETURN VALUES"
.IX Header "RETURN VALUES"
\&\fBASN1_item_new_ex()\fR and \fBASN1_item_new()\fR return a pointer to the newly created
\&\fB\s-1ASN1_VALUE\s0\fR or \s-1NULL\s0 on error.
.SH "HISTORY"
\&\fBASN1_VALUE\fR or NULL on error.
.SH HISTORY
.IX Header "HISTORY"
The function \fBASN1_item_new_ex()\fR was added in OpenSSL 3.0.
.SH "COPYRIGHT"
.SH COPYRIGHT
.IX Header "COPYRIGHT"
Copyright 2021 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
in the file LICENSE in the source distribution or at
<https://www.openssl.org/source/license.html>.

130
secure/lib/libcrypto/man/man3/ASN1_item_sign.3
View file

@ -1,4 +1,5 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\" -*- mode: troff; coding: utf-8 -*-
.\" Automatically generated by Pod::Man 5.0102 (Pod::Simple 3.45)
.\"
.\" Standard preamble:
.\" ========================================================================
@ -15,29 +16,12 @@
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.\" \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>.
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
@ -68,79 +52,19 @@
. \}
.\}
.rr rF
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "ASN1_ITEM_SIGN 3ossl"
.TH ASN1_ITEM_SIGN 3ossl "2023-09-19" "3.0.11" "OpenSSL"
.TH ASN1_ITEM_SIGN 3ossl 2025-07-01 3.5.1 OpenSSL
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
.SH NAME
ASN1_item_sign, ASN1_item_sign_ex, ASN1_item_sign_ctx,
ASN1_item_verify, ASN1_item_verify_ex, ASN1_item_verify_ctx \-
ASN1 sign and verify
.SH "SYNOPSIS"
.SH SYNOPSIS
.IX Header "SYNOPSIS"
.Vb 1
\& #include <openssl/x509.h>
@ -172,30 +96,30 @@ ASN1 sign and verify
\& const ASN1_BIT_STRING *signature, const void *data,
\& EVP_MD_CTX *ctx);
.Ve
.SH "DESCRIPTION"
.SH DESCRIPTION
.IX Header "DESCRIPTION"
\&\fBASN1_item_sign_ex()\fR is used to sign arbitrary \s-1ASN1\s0 data using a data object
\&\fIdata\fR, the \s-1ASN.1\s0 structure \fIit\fR, private key \fIpkey\fR and message digest \fImd\fR.
\&\fBASN1_item_sign_ex()\fR is used to sign arbitrary ASN1 data using a data object
\&\fIdata\fR, the ASN.1 structure \fIit\fR, private key \fIpkey\fR and message digest \fImd\fR.
The data that is signed is formed by taking the data object in \fIdata\fR and
converting it to der format using the \s-1ASN.1\s0 structure \fIit\fR.
converting it to der format using the ASN.1 structure \fIit\fR.
The \fIdata\fR that will be signed, and a structure containing the signature may
both have a copy of the \fBX509_ALGOR\fR. The \fBASN1_item_sign_ex()\fR function will
write the correct \fBX509_ALGOR\fR to the structs based on the algorithms and
parameters that have been set up. If one of \fIalgor1\fR or \fIalgor2\fR points to the
\&\fBX509_ALGOR\fR of the \fIdata\fR to be signed, then that \fBX509_ALGOR\fR will first be
written before the signature is generated.
Examples of valid values that can be used by the \s-1ASN.1\s0 structure \fIit\fR are
Examples of valid values that can be used by the ASN.1 structure \fIit\fR are
ASN1_ITEM_rptr(X509_CINF), ASN1_ITEM_rptr(X509_REQ_INFO) and
ASN1_ITEM_rptr(X509_CRL_INFO).
The \fB\s-1OSSL_LIB_CTX\s0\fR specified in \fIlibctx\fR and the property query string
The \fBOSSL_LIB_CTX\fR specified in \fIlibctx\fR and the property query string
specified in \fIprops\fR are used when searching for algorithms in providers.
The generated signature is set into \fIsignature\fR.
The optional parameter \fIid\fR can be \s-1NULL,\s0 but can be set for special key types.
The optional parameter \fIid\fR can be NULL, but can be set for special key types.
See \fBEVP_PKEY_CTX_set1_id()\fR for further info. The output parameters <algor1> and
\&\fIalgor2\fR are ignored if they are \s-1NULL.\s0
\&\fIalgor2\fR are ignored if they are NULL.
.PP
\&\fBASN1_item_sign()\fR is similar to \fBASN1_item_sign_ex()\fR but uses default values of
\&\s-1NULL\s0 for the \fIid\fR, \fIlibctx\fR and \fIpropq\fR.
NULL for the \fIid\fR, \fIlibctx\fR and \fIpropq\fR.
.PP
\&\fBASN1_item_sign_ctx()\fR is similar to \fBASN1_item_sign()\fR but uses the parameters
contained in digest context \fIctx\fR.
@ -203,14 +127,14 @@ contained in digest context \fIctx\fR.
\&\fBASN1_item_verify_ex()\fR is used to verify the signature \fIsignature\fR of internal
data \fIdata\fR using the public key \fIpkey\fR and algorithm identifier \fIalg\fR.
The data that is verified is formed by taking the data object in \fIdata\fR and
converting it to der format using the \s-1ASN.1\s0 structure \fIit\fR.
The \fB\s-1OSSL_LIB_CTX\s0\fR specified in \fIlibctx\fR and the property query string
converting it to der format using the ASN.1 structure \fIit\fR.
The \fBOSSL_LIB_CTX\fR specified in \fIlibctx\fR and the property query string
specified in \fIprops\fR are used when searching for algorithms in providers.
The optional parameter \fIid\fR can be \s-1NULL,\s0 but can be set for special key types.
The optional parameter \fIid\fR can be NULL, but can be set for special key types.
See \fBEVP_PKEY_CTX_set1_id()\fR for further info.
.PP
\&\fBASN1_item_verify()\fR is similar to \fBASN1_item_verify_ex()\fR but uses default values of
\&\s-1NULL\s0 for the \fIid\fR, \fIlibctx\fR and \fIpropq\fR.
NULL for the \fIid\fR, \fIlibctx\fR and \fIpropq\fR.
.PP
\&\fBASN1_item_verify_ctx()\fR is similar to \fBASN1_item_verify()\fR but uses the parameters
contained in digest context \fIctx\fR.
@ -222,11 +146,11 @@ zero for failure.
All verify functions return 1 if the signature is valid and 0 if the signature
check fails. If the signature could not be checked at all because it was
ill-formed or some other error occurred then \-1 is returned.
.SH "EXAMPLES"
.SH EXAMPLES
.IX Header "EXAMPLES"
In the following example a 'MyObject' object is signed using the key contained
in an \s-1EVP_MD_CTX.\s0 The signature is written to MyObject.signature. The object is
then output in \s-1DER\s0 format and then loaded back in and verified.
in an EVP_MD_CTX. The signature is written to MyObject.signature. The object is
then output in DER format and then loaded back in and verified.
.PP
.Vb 2
\& #include <openssl/x509.h>
@ -342,14 +266,14 @@ then output in \s-1DER\s0 format and then loaded back in and verified.
.IX Header "SEE ALSO"
\&\fBX509_sign\fR\|(3),
\&\fBX509_verify\fR\|(3)
.SH "HISTORY"
.SH HISTORY
.IX Header "HISTORY"
\&\fBASN1_item_sign_ex()\fR and \fBASN1_item_verify_ex()\fR were added in OpenSSL 3.0.
.SH "COPYRIGHT"
.SH COPYRIGHT
.IX Header "COPYRIGHT"
Copyright 2020\-2023 The OpenSSL Project Authors. All Rights Reserved.
Copyright 2020\-2022 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
in the file LICENSE in the source distribution or at
<https://www.openssl.org/source/license.html>.

183
secure/lib/libcrypto/man/man3/ASYNC_WAIT_CTX_new.3
View file

@ -1,4 +1,5 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\" -*- mode: troff; coding: utf-8 -*-
.\" Automatically generated by Pod::Man 5.0102 (Pod::Simple 3.45)
.\"
.\" Standard preamble:
.\" ========================================================================
@ -15,29 +16,12 @@
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.\" \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>.
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
@ -68,75 +52,15 @@
. \}
.\}
.rr rF
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "ASYNC_WAIT_CTX_NEW 3ossl"
.TH ASYNC_WAIT_CTX_NEW 3ossl "2023-09-19" "3.0.11" "OpenSSL"
.TH ASYNC_WAIT_CTX_NEW 3ossl 2025-07-01 3.5.1 OpenSSL
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
.SH NAME
ASYNC_WAIT_CTX_new, ASYNC_WAIT_CTX_free, ASYNC_WAIT_CTX_set_wait_fd,
ASYNC_WAIT_CTX_get_fd, ASYNC_WAIT_CTX_get_all_fds,
ASYNC_WAIT_CTX_get_changed_fds, ASYNC_WAIT_CTX_clear_fd,
@ -145,7 +69,7 @@ ASYNC_WAIT_CTX_set_status, ASYNC_WAIT_CTX_get_status, ASYNC_callback_fn,
ASYNC_STATUS_UNSUPPORTED, ASYNC_STATUS_ERR, ASYNC_STATUS_OK,
ASYNC_STATUS_EAGAIN
\&\- functions to manage waiting for asynchronous jobs to complete
.SH "SYNOPSIS"
.SH SYNOPSIS
.IX Header "SYNOPSIS"
.Vb 1
\& #include <openssl/async.h>
@ -179,28 +103,28 @@ ASYNC_STATUS_EAGAIN
\& int ASYNC_WAIT_CTX_set_status(ASYNC_WAIT_CTX *ctx, int status);
\& int ASYNC_WAIT_CTX_get_status(ASYNC_WAIT_CTX *ctx);
.Ve
.SH "DESCRIPTION"
.SH DESCRIPTION
.IX Header "DESCRIPTION"
For an overview of how asynchronous operations are implemented in OpenSSL see
\&\fBASYNC_start_job\fR\|(3). An \fB\s-1ASYNC_WAIT_CTX\s0\fR object represents an asynchronous
\&\*(L"session\*(R", i.e. a related set of crypto operations. For example in \s-1SSL\s0 terms
this would have a one-to-one correspondence with an \s-1SSL\s0 connection.
\&\fBASYNC_start_job\fR\|(3). An \fBASYNC_WAIT_CTX\fR object represents an asynchronous
"session", i.e. a related set of crypto operations. For example in SSL terms
this would have a one-to-one correspondence with an SSL connection.
.PP
Application code must create an \fB\s-1ASYNC_WAIT_CTX\s0\fR using the \fBASYNC_WAIT_CTX_new()\fR
Application code must create an \fBASYNC_WAIT_CTX\fR using the \fBASYNC_WAIT_CTX_new()\fR
function prior to calling \fBASYNC_start_job()\fR (see \fBASYNC_start_job\fR\|(3)). When
the job is started it is associated with the \fB\s-1ASYNC_WAIT_CTX\s0\fR for the duration
of that job. An \fB\s-1ASYNC_WAIT_CTX\s0\fR should only be used for one \fB\s-1ASYNC_JOB\s0\fR at
any one time, but can be reused after an \fB\s-1ASYNC_JOB\s0\fR has finished for a
subsequent \fB\s-1ASYNC_JOB\s0\fR. When the session is complete (e.g. the \s-1SSL\s0 connection
the job is started it is associated with the \fBASYNC_WAIT_CTX\fR for the duration
of that job. An \fBASYNC_WAIT_CTX\fR should only be used for one \fBASYNC_JOB\fR at
any one time, but can be reused after an \fBASYNC_JOB\fR has finished for a
subsequent \fBASYNC_JOB\fR. When the session is complete (e.g. the SSL connection
is closed), application code cleans up with \fBASYNC_WAIT_CTX_free()\fR.
.PP
\&\fB\s-1ASYNC_WAIT_CTX\s0\fRs can have \*(L"wait\*(R" file descriptors associated with them.
\&\fBASYNC_WAIT_CTX\fRs can have "wait" file descriptors associated with them.
Calling \fBASYNC_WAIT_CTX_get_all_fds()\fR and passing in a pointer to an
\&\fB\s-1ASYNC_WAIT_CTX\s0\fR in the \fIctx\fR parameter will return the wait file descriptors
\&\fBASYNC_WAIT_CTX\fR in the \fIctx\fR parameter will return the wait file descriptors
associated with that job in \fI*fd\fR. The number of file descriptors returned will
be stored in \fI*numfds\fR. It is the caller's responsibility to ensure that
sufficient memory has been allocated in \fI*fd\fR to receive all the file
descriptors. Calling \fBASYNC_WAIT_CTX_get_all_fds()\fR with a \s-1NULL\s0 \fIfd\fR value will
descriptors. Calling \fBASYNC_WAIT_CTX_get_all_fds()\fR with a NULL \fIfd\fR value will
return no file descriptors but will still populate \fI*numfds\fR. Therefore,
application code is typically expected to call this function twice: once to get
the number of fds, and then again when sufficient memory has been allocated. If
@ -209,26 +133,26 @@ ever return one fd. If multiple asynchronous engines are being used then more
could be returned.
.PP
The function \fBASYNC_WAIT_CTX_get_changed_fds()\fR can be used to detect if any fds
have changed since the last call time \fBASYNC_start_job()\fR returned \fB\s-1ASYNC_PAUSE\s0\fR
(or since the \fB\s-1ASYNC_WAIT_CTX\s0\fR was created if no \fB\s-1ASYNC_PAUSE\s0\fR result has
have changed since the last call time \fBASYNC_start_job()\fR returned \fBASYNC_PAUSE\fR
(or since the \fBASYNC_WAIT_CTX\fR was created if no \fBASYNC_PAUSE\fR result has
been received). The \fInumaddfds\fR and \fInumdelfds\fR parameters will be populated
with the number of fds added or deleted respectively. \fI*addfd\fR and \fI*delfd\fR
will be populated with the list of added and deleted fds respectively. Similarly
to \fBASYNC_WAIT_CTX_get_all_fds()\fR either of these can be \s-1NULL,\s0 but if they are not
\&\s-1NULL\s0 then the caller is responsible for ensuring sufficient memory is allocated.
to \fBASYNC_WAIT_CTX_get_all_fds()\fR either of these can be NULL, but if they are not
NULL then the caller is responsible for ensuring sufficient memory is allocated.
.PP
Implementers of async aware code (e.g. engines) are encouraged to return a
stable fd for the lifetime of the \fB\s-1ASYNC_WAIT_CTX\s0\fR in order to reduce the
\&\*(L"churn\*(R" of regularly changing fds \- although no guarantees of this are provided
stable fd for the lifetime of the \fBASYNC_WAIT_CTX\fR in order to reduce the
"churn" of regularly changing fds \- although no guarantees of this are provided
to applications.
.PP
Applications can wait for the file descriptor to be ready for \*(L"read\*(R" using a
system function call such as select or poll (being ready for \*(L"read\*(R" indicates
Applications can wait for the file descriptor to be ready for "read" using a
system function call such as select or poll (being ready for "read" indicates
that the job should be resumed). If no file descriptor is made available then an
application will have to periodically \*(L"poll\*(R" the job by attempting to restart it
application will have to periodically "poll" the job by attempting to restart it
to see if it is ready to continue.
.PP
Async aware code (e.g. engines) can get the current \fB\s-1ASYNC_WAIT_CTX\s0\fR from the
Async aware code (e.g. engines) can get the current \fBASYNC_WAIT_CTX\fR from the
job via \fBASYNC_get_wait_ctx\fR\|(3) and provide a file descriptor to use for
waiting on by calling \fBASYNC_WAIT_CTX_set_wait_fd()\fR. Typically this would be done
by an engine immediately prior to calling \fBASYNC_pause_job()\fR and not by end user
@ -236,29 +160,29 @@ code. An existing association with a file descriptor can be obtained using
\&\fBASYNC_WAIT_CTX_get_fd()\fR and cleared using \fBASYNC_WAIT_CTX_clear_fd()\fR. Both of
these functions requires a \fIkey\fR value which is unique to the async aware
code. This could be any unique value but a good candidate might be the
\&\fB\s-1ENGINE\s0 *\fR for the engine. The \fIcustom_data\fR parameter can be any value, and
\&\fBENGINE *\fR for the engine. The \fIcustom_data\fR parameter can be any value, and
will be returned in a subsequent call to \fBASYNC_WAIT_CTX_get_fd()\fR. The
\&\fBASYNC_WAIT_CTX_set_wait_fd()\fR function also expects a pointer to a \*(L"cleanup\*(R"
routine. This can be \s-1NULL\s0 but if provided will automatically get called when
the \fB\s-1ASYNC_WAIT_CTX\s0\fR is freed, and gives the engine the opportunity to close
the fd or any other resources. Note: The \*(L"cleanup\*(R" routine does not get called
\&\fBASYNC_WAIT_CTX_set_wait_fd()\fR function also expects a pointer to a "cleanup"
routine. This can be NULL but if provided will automatically get called when
the \fBASYNC_WAIT_CTX\fR is freed, and gives the engine the opportunity to close
the fd or any other resources. Note: The "cleanup" routine does not get called
if the fd is cleared directly via a call to \fBASYNC_WAIT_CTX_clear_fd()\fR.
.PP
An example of typical usage might be an async capable engine. User code would
initiate cryptographic operations. The engine would initiate those operations
asynchronously and then call \fBASYNC_WAIT_CTX_set_wait_fd()\fR followed by
\&\fBASYNC_pause_job()\fR to return control to the user code. The user code can then
perform other tasks or wait for the job to be ready by calling \*(L"select\*(R" or other
perform other tasks or wait for the job to be ready by calling "select" or other
similar function on the wait file descriptor. The engine can signal to the user
code that the job should be resumed by making the wait file descriptor
\&\*(L"readable\*(R". Once resumed the engine should clear the wake signal on the wait
"readable". Once resumed the engine should clear the wake signal on the wait
file descriptor.
.PP
As well as a file descriptor, user code may also be notified via a callback. The
callback and data pointers are stored within the \fB\s-1ASYNC_WAIT_CTX\s0\fR along with an
callback and data pointers are stored within the \fBASYNC_WAIT_CTX\fR along with an
additional status field that can be used for the notification of retries from an
engine. This additional method can be used when the user thinks that a file
descriptor is too costly in terms of \s-1CPU\s0 cycles or in some context where a file
descriptor is too costly in terms of CPU cycles or in some context where a file
descriptor is not appropriate.
.PP
\&\fBASYNC_WAIT_CTX_set_callback()\fR sets the callback and the callback argument. The
@ -267,31 +191,31 @@ cryptography operation. It is a requirement that the callback function is small
and nonblocking as it will be run in the context of a polling mechanism or an
interrupt.
.PP
\&\fBASYNC_WAIT_CTX_get_callback()\fR returns the callback set in the \fB\s-1ASYNC_WAIT_CTX\s0\fR
\&\fBASYNC_WAIT_CTX_get_callback()\fR returns the callback set in the \fBASYNC_WAIT_CTX\fR
structure.
.PP
\&\fBASYNC_WAIT_CTX_set_status()\fR allows an engine to set the current engine status.
The possible status values are the following:
.IP "\fB\s-1ASYNC_STATUS_UNSUPPORTED\s0\fR" 4
.IP \fBASYNC_STATUS_UNSUPPORTED\fR 4
.IX Item "ASYNC_STATUS_UNSUPPORTED"
The engine does not support the callback mechanism. This is the default value.
The engine must call \fBASYNC_WAIT_CTX_set_status()\fR to set the status to some value
other than \fB\s-1ASYNC_STATUS_UNSUPPORTED\s0\fR if it intends to enable the callback
other than \fBASYNC_STATUS_UNSUPPORTED\fR if it intends to enable the callback
mechanism.
.IP "\fB\s-1ASYNC_STATUS_ERR\s0\fR" 4
.IP \fBASYNC_STATUS_ERR\fR 4
.IX Item "ASYNC_STATUS_ERR"
The engine has a fatal problem with this request. The user code should clean up
this session.
.IP "\fB\s-1ASYNC_STATUS_OK\s0\fR" 4
.IP \fBASYNC_STATUS_OK\fR 4
.IX Item "ASYNC_STATUS_OK"
The request has been successfully submitted.
.IP "\fB\s-1ASYNC_STATUS_EAGAIN\s0\fR" 4
.IP \fBASYNC_STATUS_EAGAIN\fR 4
.IX Item "ASYNC_STATUS_EAGAIN"
The engine has some problem which will be recovered soon, such as a buffer is
full, so user code should resume the job.
.PP
\&\fBASYNC_WAIT_CTX_get_status()\fR allows user code to obtain the current status value.
If the status is any value other than \fB\s-1ASYNC_STATUS_OK\s0\fR then the user code
If the status is any value other than \fBASYNC_STATUS_OK\fR then the user code
should not expect to receive a callback from the engine even if one has been
set.
.PP
@ -303,17 +227,20 @@ that, user code can perform other tasks. When the hardware completes the
operation, normally it is detected by a polling function or an interrupt, as the
user code set a callback by calling \fBASYNC_WAIT_CTX_set_callback()\fR previously,
then the registered callback will be called.
.PP
\&\fBASYNC_WAIT_CTX_free()\fR frees up a single \fBASYNC_WAIT_CTX\fR object.
If the argument is NULL, nothing is done.
.SH "RETURN VALUES"
.IX Header "RETURN VALUES"
\&\fBASYNC_WAIT_CTX_new()\fR returns a pointer to the newly allocated \fB\s-1ASYNC_WAIT_CTX\s0\fR
or \s-1NULL\s0 on error.
\&\fBASYNC_WAIT_CTX_new()\fR returns a pointer to the newly allocated \fBASYNC_WAIT_CTX\fR
or NULL on error.
.PP
ASYNC_WAIT_CTX_set_wait_fd, ASYNC_WAIT_CTX_get_fd, ASYNC_WAIT_CTX_get_all_fds,
ASYNC_WAIT_CTX_get_changed_fds, ASYNC_WAIT_CTX_clear_fd,
ASYNC_WAIT_CTX_set_callback, ASYNC_WAIT_CTX_get_callback and
ASYNC_WAIT_CTX_set_status all return 1 on success or 0 on error.
\&\fBASYNC_WAIT_CTX_get_status()\fR returns the engine status.
.SH "NOTES"
.SH NOTES
.IX Header "NOTES"
On Windows platforms the \fI<openssl/async.h>\fR header is dependent on some
of the types customarily made available by including \fI<windows.h>\fR. The
@ -324,7 +251,7 @@ it is defined as an application developer's responsibility to include
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBcrypto\fR\|(7), \fBASYNC_start_job\fR\|(3)
.SH "HISTORY"
.SH HISTORY
.IX Header "HISTORY"
\&\fBASYNC_WAIT_CTX_new()\fR, \fBASYNC_WAIT_CTX_free()\fR, \fBASYNC_WAIT_CTX_set_wait_fd()\fR,
\&\fBASYNC_WAIT_CTX_get_fd()\fR, \fBASYNC_WAIT_CTX_get_all_fds()\fR,
@ -334,11 +261,11 @@ were added in OpenSSL 1.1.0.
\&\fBASYNC_WAIT_CTX_set_callback()\fR, \fBASYNC_WAIT_CTX_get_callback()\fR,
\&\fBASYNC_WAIT_CTX_set_status()\fR, and \fBASYNC_WAIT_CTX_get_status()\fR
were added in OpenSSL 3.0.
.SH "COPYRIGHT"
.SH COPYRIGHT
.IX Header "COPYRIGHT"
Copyright 2016\-2023 The OpenSSL Project Authors. All Rights Reserved.
Copyright 2016\-2024 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
in the file LICENSE in the source distribution or at
<https://www.openssl.org/source/license.html>.

233
secure/lib/libcrypto/man/man3/ASYNC_start_job.3
View file

@ -1,4 +1,5 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\" -*- mode: troff; coding: utf-8 -*-
.\" Automatically generated by Pod::Man 5.0102 (Pod::Simple 3.45)
.\"
.\" Standard preamble:
.\" ========================================================================
@ -15,29 +16,12 @@
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.\" \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>.
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
@ -68,80 +52,21 @@
. \}
.\}
.rr rF
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "ASYNC_START_JOB 3ossl"
.TH ASYNC_START_JOB 3ossl "2023-09-19" "3.0.11" "OpenSSL"
.TH ASYNC_START_JOB 3ossl 2025-07-01 3.5.1 OpenSSL
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
.SH NAME
ASYNC_get_wait_ctx,
ASYNC_init_thread, ASYNC_cleanup_thread, ASYNC_start_job, ASYNC_pause_job,
ASYNC_get_current_job, ASYNC_block_pause, ASYNC_unblock_pause, ASYNC_is_capable
ASYNC_get_current_job, ASYNC_block_pause, ASYNC_unblock_pause, ASYNC_is_capable,
ASYNC_stack_alloc_fn, ASYNC_stack_free_fn, ASYNC_set_mem_functions, ASYNC_get_mem_functions
\&\- asynchronous job management functions
.SH "SYNOPSIS"
.SH SYNOPSIS
.IX Header "SYNOPSIS"
.Vb 1
\& #include <openssl/async.h>
@ -159,15 +84,23 @@ ASYNC_get_current_job, ASYNC_block_pause, ASYNC_unblock_pause, ASYNC_is_capable
\& void ASYNC_unblock_pause(void);
\&
\& int ASYNC_is_capable(void);
\&
\& typedef void *(*ASYNC_stack_alloc_fn)(size_t *num);
\& typedef void (*ASYNC_stack_free_fn)(void *addr);
\& int ASYNC_set_mem_functions(ASYNC_stack_alloc_fn alloc_fn,
\& ASYNC_stack_free_fn free_fn);
\& void ASYNC_get_mem_functions(ASYNC_stack_alloc_fn *alloc_fn,
\& ASYNC_stack_free_fn *free_fn);
.Ve
.SH "DESCRIPTION"
.SH DESCRIPTION
.IX Header "DESCRIPTION"
OpenSSL implements asynchronous capabilities through an \fB\s-1ASYNC_JOB\s0\fR. This
OpenSSL implements asynchronous capabilities through an \fBASYNC_JOB\fR. This
represents code that can be started and executes until some event occurs. At
that point the code can be paused and control returns to user code until some
subsequent event indicates that the job can be resumed.
subsequent event indicates that the job can be resumed. It's OpenSSL
specific implementation of cooperative multitasking.
.PP
The creation of an \fB\s-1ASYNC_JOB\s0\fR is a relatively expensive operation. Therefore,
The creation of an \fBASYNC_JOB\fR is a relatively expensive operation. Therefore,
for efficiency reasons, jobs can be created up front and reused many times. They
are held in a pool until they are needed, at which point they are removed from
the pool, used, and then returned to the pool when the job completes. If the
@ -179,73 +112,76 @@ initiated by using \fBASYNC_cleanup_thread()\fR. No asynchronous jobs must be
outstanding for the thread when \fBASYNC_cleanup_thread()\fR is called. Failing to
ensure this will result in memory leaks.
.PP
The \fImax_size\fR argument limits the number of \fB\s-1ASYNC_JOB\s0\fRs that will be held in
The \fImax_size\fR argument limits the number of \fBASYNC_JOB\fRs that will be held in
the pool. If \fImax_size\fR is set to 0 then no upper limit is set. When an
\&\fB\s-1ASYNC_JOB\s0\fR is needed but there are none available in the pool already then one
will be automatically created, as long as the total of \fB\s-1ASYNC_JOB\s0\fRs managed by
\&\fBASYNC_JOB\fR is needed but there are none available in the pool already then one
will be automatically created, as long as the total of \fBASYNC_JOB\fRs managed by
the pool does not exceed \fImax_size\fR. When the pool is first initialised
\&\fIinit_size\fR \fB\s-1ASYNC_JOB\s0\fRs will be created immediately. If \fBASYNC_init_thread()\fR
\&\fIinit_size\fR \fBASYNC_JOB\fRs will be created immediately. If \fBASYNC_init_thread()\fR
is not called before the pool is first used then it will be called automatically
with a \fImax_size\fR of 0 (no upper limit) and an \fIinit_size\fR of 0 (no
\&\fB\s-1ASYNC_JOB\s0\fRs created up front).
\&\fBASYNC_JOB\fRs created up front).
.PP
An asynchronous job is started by calling the \fBASYNC_start_job()\fR function.
Initially \fI*job\fR should be \s-1NULL.\s0 \fIctx\fR should point to an \fB\s-1ASYNC_WAIT_CTX\s0\fR
Initially \fI*job\fR should be NULL. \fIctx\fR should point to an \fBASYNC_WAIT_CTX\fR
object created through the \fBASYNC_WAIT_CTX_new\fR\|(3) function. \fIret\fR should
point to a location where the return value of the asynchronous function should
be stored on completion of the job. \fIfunc\fR represents the function that should
be started asynchronously. The data pointed to by \fIargs\fR and of size \fIsize\fR
will be copied and then passed as an argument to \fIfunc\fR when the job starts.
ASYNC_start_job will return one of the following values:
.IP "\fB\s-1ASYNC_ERR\s0\fR" 4
.IP \fBASYNC_ERR\fR 4
.IX Item "ASYNC_ERR"
An error occurred trying to start the job. Check the OpenSSL error queue (e.g.
see \fBERR_print_errors\fR\|(3)) for more details.
.IP "\fB\s-1ASYNC_NO_JOBS\s0\fR" 4
.IP \fBASYNC_NO_JOBS\fR 4
.IX Item "ASYNC_NO_JOBS"
There are no jobs currently available in the pool. This call can be retried
again at a later time.
.IP "\fB\s-1ASYNC_PAUSE\s0\fR" 4
.IP \fBASYNC_PAUSE\fR 4
.IX Item "ASYNC_PAUSE"
The job was successfully started but was \*(L"paused\*(R" before it completed (see
The job was successfully started but was "paused" before it completed (see
\&\fBASYNC_pause_job()\fR below). A handle to the job is placed in \fI*job\fR. Other work
can be performed (if desired) and the job restarted at a later time. To restart
a job call \fBASYNC_start_job()\fR again passing the job handle in \fI*job\fR. The
\&\fIfunc\fR, \fIargs\fR and \fIsize\fR parameters will be ignored when restarting a job.
When restarting a job \fBASYNC_start_job()\fR \fBmust\fR be called from the same thread
that the job was originally started from.
.IP "\fB\s-1ASYNC_FINISH\s0\fR" 4
that the job was originally started from. \fBASYNC_WAIT_CTX\fR is used to
know when a job is ready to be restarted.
.IP \fBASYNC_FINISH\fR 4
.IX Item "ASYNC_FINISH"
The job completed. \fI*job\fR will be \s-1NULL\s0 and the return value from \fIfunc\fR will
The job completed. \fI*job\fR will be NULL and the return value from \fIfunc\fR will
be placed in \fI*ret\fR.
.PP
At any one time there can be a maximum of one job actively running per thread
(you can have many that are paused). \fBASYNC_get_current_job()\fR can be used to get
a pointer to the currently executing \fB\s-1ASYNC_JOB\s0\fR. If no job is currently
executing then this will return \s-1NULL.\s0
a pointer to the currently executing \fBASYNC_JOB\fR. If no job is currently
executing then this will return NULL.
.PP
If executing within the context of a job (i.e. having been called directly or
indirectly by the function \*(L"func\*(R" passed as an argument to \fBASYNC_start_job()\fR)
indirectly by the function "func" passed as an argument to \fBASYNC_start_job()\fR)
then \fBASYNC_pause_job()\fR will immediately return control to the calling
application with \fB\s-1ASYNC_PAUSE\s0\fR returned from the \fBASYNC_start_job()\fR call. A
subsequent call to ASYNC_start_job passing in the relevant \fB\s-1ASYNC_JOB\s0\fR in the
application with \fBASYNC_PAUSE\fR returned from the \fBASYNC_start_job()\fR call. A
subsequent call to ASYNC_start_job passing in the relevant \fBASYNC_JOB\fR in the
\&\fI*job\fR parameter will resume execution from the \fBASYNC_pause_job()\fR call. If
\&\fBASYNC_pause_job()\fR is called whilst not within the context of a job then no
action is taken and \fBASYNC_pause_job()\fR returns immediately.
.PP
\&\fBASYNC_get_wait_ctx()\fR can be used to get a pointer to the \fB\s-1ASYNC_WAIT_CTX\s0\fR
for the \fIjob\fR. \fB\s-1ASYNC_WAIT_CTX\s0\fRs contain two different ways to notify
applications that a job is ready to be resumed. One is a \*(L"wait\*(R" file
descriptor, and the other is a \*(L"callback\*(R" mechanism.
\&\fBASYNC_get_wait_ctx()\fR can be used to get a pointer to the \fBASYNC_WAIT_CTX\fR
for the \fIjob\fR (see \fBASYNC_WAIT_CTX_new\fR\|(3)).
\&\fBASYNC_WAIT_CTX\fRs contain two different ways to notify
applications that a job is ready to be resumed. One is a "wait" file
descriptor, and the other is a "callback" mechanism.
.PP
The \*(L"wait\*(R" file descriptor associated with \fB\s-1ASYNC_WAIT_CTX\s0\fR is used for
applications to wait for the file descriptor to be ready for \*(L"read\*(R" using a
system function call such as select or poll (being ready for \*(L"read\*(R" indicates
The "wait" file descriptor associated with \fBASYNC_WAIT_CTX\fR is used for
applications to wait for the file descriptor to be ready for "read" using a
system function call such as \fBselect\fR\|(2) or \fBpoll\fR\|(2) (being ready for "read"
indicates
that the job should be resumed). If no file descriptor is made available then
an application will have to periodically \*(L"poll\*(R" the job by attempting to restart
an application will have to periodically "poll" the job by attempting to restart
it to see if it is ready to continue.
.PP
\&\fB\s-1ASYNC_WAIT_CTX\s0\fRs also have a \*(L"callback\*(R" mechanism to notify applications. The
\&\fBASYNC_WAIT_CTX\fRs also have a "callback" mechanism to notify applications. The
callback is set by an application, and it will be automatically called when an
engine completes a cryptography operation, so that the application can resume
the paused work flow without polling. An engine could be written to look whether
@ -261,10 +197,10 @@ pausing. The block will remain in place until a subsequent call to
\&\fBASYNC_block_pause()\fR twice then you must call \fBASYNC_unblock_pause()\fR twice in
order to re-enable pausing. If these functions are called while there is no
currently active job then they have no effect. This functionality can be useful
to avoid deadlock scenarios. For example during the execution of an \fB\s-1ASYNC_JOB\s0\fR
to avoid deadlock scenarios. For example during the execution of an \fBASYNC_JOB\fR
an application acquires a lock. It then calls some cryptographic function which
invokes \fBASYNC_pause_job()\fR. This returns control back to the code that created
the \fB\s-1ASYNC_JOB\s0\fR. If that code then attempts to acquire the same lock before
the \fBASYNC_JOB\fR. If that code then attempts to acquire the same lock before
resuming the original job then a deadlock can occur. By calling
\&\fBASYNC_block_pause()\fR immediately after acquiring the lock and
\&\fBASYNC_unblock_pause()\fR immediately before releasing it then this situation cannot
@ -272,25 +208,37 @@ occur.
.PP
Some platforms cannot support async operations. The \fBASYNC_is_capable()\fR function
can be used to detect whether the current platform is async capable or not.
.PP
Custom memory allocation functions are supported for the POSIX platform.
Custom memory allocation functions allow alternative methods of allocating
stack memory such as mmap, or using stack memory from the current thread.
Using an ASYNC_stack_alloc_fn callback also allows manipulation of the stack
size, which defaults to 32k.
The stack size can be altered by allocating a stack of a size different to
the requested size, and passing back the new stack size in the callback's \fI*num\fR
parameter.
.SH "RETURN VALUES"
.IX Header "RETURN VALUES"
ASYNC_init_thread returns 1 on success or 0 otherwise.
.PP
ASYNC_start_job returns one of \fB\s-1ASYNC_ERR\s0\fR, \fB\s-1ASYNC_NO_JOBS\s0\fR, \fB\s-1ASYNC_PAUSE\s0\fR or
\&\fB\s-1ASYNC_FINISH\s0\fR as described above.
ASYNC_start_job returns one of \fBASYNC_ERR\fR, \fBASYNC_NO_JOBS\fR, \fBASYNC_PAUSE\fR or
\&\fBASYNC_FINISH\fR as described above.
.PP
ASYNC_pause_job returns 0 if an error occurred or 1 on success. If called when
not within the context of an \fB\s-1ASYNC_JOB\s0\fR then this is counted as success so 1
not within the context of an \fBASYNC_JOB\fR then this is counted as success so 1
is returned.
.PP
ASYNC_get_current_job returns a pointer to the currently executing \fB\s-1ASYNC_JOB\s0\fR
or \s-1NULL\s0 if not within the context of a job.
ASYNC_get_current_job returns a pointer to the currently executing \fBASYNC_JOB\fR
or NULL if not within the context of a job.
.PP
\&\fBASYNC_get_wait_ctx()\fR returns a pointer to the \fB\s-1ASYNC_WAIT_CTX\s0\fR for the job.
\&\fBASYNC_get_wait_ctx()\fR returns a pointer to the \fBASYNC_WAIT_CTX\fR for the job.
.PP
\&\fBASYNC_is_capable()\fR returns 1 if the current platform is async capable or 0
otherwise.
.SH "NOTES"
.PP
ASYNC_set_mem_functions returns 1 if custom stack allocators are supported by
the current platform and no allocations have already occurred or 0 otherwise.
.SH NOTES
.IX Header "NOTES"
On Windows platforms the \fI<openssl/async.h>\fR header is dependent on some
of the types customarily made available by including \fI<windows.h>\fR. The
@ -298,7 +246,7 @@ application developer is likely to require control over when the latter
is included, commonly as one of the first included headers. Therefore,
it is defined as an application developer's responsibility to include
\&\fI<windows.h>\fR prior to \fI<openssl/async.h>\fR.
.SH "EXAMPLES"
.SH EXAMPLES
.IX Header "EXAMPLES"
The following example demonstrates how to use most of the core async APIs:
.PP
@ -341,6 +289,13 @@ The following example demonstrates how to use most of the core async APIs:
\& msg = (unsigned char *)arg;
\& printf("Passed in message is: %s\en", msg);
\&
\& /*
\& * Create a way to inform the calling thread when this job is ready
\& * to resume, in this example we\*(Aqre using file descriptors.
\& * For offloading the task to an asynchronous ENGINE it\*(Aqs not necessary,
\& * the ENGINE should handle that internally.
\& */
\&
\& if (pipe(pipefds) != 0) {
\& printf("Failed to create pipe\en");
\& return 0;
@ -355,17 +310,23 @@ The following example demonstrates how to use most of the core async APIs:
\& pipefds[0], wptr, cleanup);
\&
\& /*
\& * Normally some external event would cause this to happen at some
\& * Normally some external event (like a network read being ready,
\& * disk access being finished, or some hardware offload operation
\& * completing) would cause this to happen at some
\& * later point \- but we do it here for demo purposes, i.e.
\& * immediately signalling that the job is ready to be woken up after
\& * we return to main via ASYNC_pause_job().
\& */
\& write(pipefds[1], &buf, 1);
\&
\& /* Return control back to main */
\& /*
\& * Return control back to main just before calling a blocking
\& * method. The main thread will wait until pipefds[0] is ready
\& * for reading before returning control to this thread.
\& */
\& ASYNC_pause_job();
\&
\& /* Clear the wake signal */
\& /* Perform the blocking call (it won\*(Aqt block with this example code) */
\& read(pipefds[0], &buf, 1);
\&
\& printf ("Resumed the job after a pause\en");
@ -405,7 +366,9 @@ The following example demonstrates how to use most of the core async APIs:
\& goto end;
\& }
\&
\& /* Wait for the job to be woken */
\& /* Get the file descriptor we can use to wait for the job
\& * to be ready to be woken up
\& */
\& printf("Waiting for the job to be woken up\en");
\&
\& if (!ASYNC_WAIT_CTX_get_all_fds(ctx, NULL, &numfds)
@ -416,6 +379,8 @@ The following example demonstrates how to use most of the core async APIs:
\& ASYNC_WAIT_CTX_get_all_fds(ctx, &waitfd, &numfds);
\& FD_ZERO(&waitfdset);
\& FD_SET(waitfd, &waitfdset);
\&
\& /* Wait for the job to be ready for wakeup */
\& select(waitfd + 1, &waitfdset, NULL, NULL, NULL);
\& }
\&
@ -442,17 +407,19 @@ The expected output from executing the above example program is:
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBcrypto\fR\|(7), \fBERR_print_errors\fR\|(3)
.SH "HISTORY"
.SH HISTORY
.IX Header "HISTORY"
ASYNC_init_thread, ASYNC_cleanup_thread,
ASYNC_start_job, ASYNC_pause_job, ASYNC_get_current_job, \fBASYNC_get_wait_ctx()\fR,
\&\fBASYNC_block_pause()\fR, \fBASYNC_unblock_pause()\fR and \fBASYNC_is_capable()\fR were first
added in OpenSSL 1.1.0.
.SH "COPYRIGHT"
\&\fBASYNC_set_mem_functions()\fR, \fBASYNC_get_mem_functions()\fR were added
in OpenSSL 3.2.
.SH COPYRIGHT
.IX Header "COPYRIGHT"
Copyright 2015\-2021 The OpenSSL Project Authors. All Rights Reserved.
Copyright 2015\-2024 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
in the file LICENSE in the source distribution or at
<https://www.openssl.org/source/license.html>.

130
secure/lib/libcrypto/man/man3/BF_encrypt.3
View file

@ -1,4 +1,5 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\" -*- mode: troff; coding: utf-8 -*-
.\" Automatically generated by Pod::Man 5.0102 (Pod::Simple 3.45)
.\"
.\" Standard preamble:
.\" ========================================================================
@ -15,29 +16,12 @@
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.\" \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>.
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
@ -68,85 +52,25 @@
. \}
.\}
.rr rF
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "BF_ENCRYPT 3ossl"
.TH BF_ENCRYPT 3ossl "2023-09-19" "3.0.11" "OpenSSL"
.TH BF_ENCRYPT 3ossl 2025-07-01 3.5.1 OpenSSL
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
.SH NAME
BF_set_key, BF_encrypt, BF_decrypt, BF_ecb_encrypt, BF_cbc_encrypt,
BF_cfb64_encrypt, BF_ofb64_encrypt, BF_options \- Blowfish encryption
.SH "SYNOPSIS"
.SH SYNOPSIS
.IX Header "SYNOPSIS"
.Vb 1
\& #include <openssl/blowfish.h>
.Ve
.PP
The following functions have been deprecated since OpenSSL 3.0, and can be
hidden entirely by defining \fB\s-1OPENSSL_API_COMPAT\s0\fR with a suitable version value,
hidden entirely by defining \fBOPENSSL_API_COMPAT\fR with a suitable version value,
see \fBopenssl_user_macros\fR\|(7):
.PP
.Vb 1
@ -168,7 +92,7 @@ see \fBopenssl_user_macros\fR\|(7):
\& void BF_encrypt(BF_LONG *data, const BF_KEY *key);
\& void BF_decrypt(BF_LONG *data, const BF_KEY *key);
.Ve
.SH "DESCRIPTION"
.SH DESCRIPTION
.IX Header "DESCRIPTION"
All of the functions described on this page are deprecated. Applications should
instead use \fBEVP_EncryptInit_ex\fR\|(3), \fBEVP_EncryptUpdate\fR\|(3) and
@ -180,20 +104,20 @@ by Counterpane (see http://www.counterpane.com/blowfish.html ).
Blowfish is a block cipher that operates on 64 bit (8 byte) blocks of data.
It uses a variable size key, but typically, 128 bit (16 byte) keys are
considered good for strong encryption. Blowfish can be used in the same
modes as \s-1DES\s0 (see \fBdes_modes\fR\|(7)). Blowfish is currently one
of the faster block ciphers. It is quite a bit faster than \s-1DES,\s0 and much
faster than \s-1IDEA\s0 or \s-1RC2.\s0
modes as DES (see \fBdes_modes\fR\|(7)). Blowfish is currently one
of the faster block ciphers. It is quite a bit faster than DES, and much
faster than IDEA or RC2.
.PP
Blowfish consists of a key setup phase and the actual encryption or decryption
phase.
.PP
\&\fBBF_set_key()\fR sets up the \fB\s-1BF_KEY\s0\fR \fBkey\fR using the \fBlen\fR bytes long key
\&\fBBF_set_key()\fR sets up the \fBBF_KEY\fR \fBkey\fR using the \fBlen\fR bytes long key
at \fBdata\fR.
.PP
\&\fBBF_ecb_encrypt()\fR is the basic Blowfish encryption and decryption function.
It encrypts or decrypts the first 64 bits of \fBin\fR using the key \fBkey\fR,
putting the result in \fBout\fR. \fBenc\fR decides if encryption (\fB\s-1BF_ENCRYPT\s0\fR)
or decryption (\fB\s-1BF_DECRYPT\s0\fR) shall be performed. The vector pointed at by
putting the result in \fBout\fR. \fBenc\fR decides if encryption (\fBBF_ENCRYPT\fR)
or decryption (\fBBF_DECRYPT\fR) shall be performed. The vector pointed at by
\&\fBin\fR and \fBout\fR must be 64 bits in length, no less. If they are larger,
everything after the first 64 bits is ignored.
.PP
@ -202,7 +126,7 @@ all operate on variable length data. They all take an initialization vector
\&\fBivec\fR which needs to be passed along into the next call of the same function
for the same message. \fBivec\fR may be initialized with anything, but the
recipient needs to know what it was initialized with, or it won't be able
to decrypt. Some programs and protocols simplify this, like \s-1SSH,\s0 where
to decrypt. Some programs and protocols simplify this, like SSH, where
\&\fBivec\fR is simply initialized to zero.
\&\fBBF_cbc_encrypt()\fR operates on data that is a multiple of 8 bytes long, while
\&\fBBF_cfb64_encrypt()\fR and \fBBF_ofb64_encrypt()\fR are used to encrypt a variable
@ -214,18 +138,18 @@ to zero when \fBivec\fR is initialized.
.PP
\&\fBBF_cbc_encrypt()\fR is the Cipher Block Chaining function for Blowfish. It
encrypts or decrypts the 64 bits chunks of \fBin\fR using the key \fBschedule\fR,
putting the result in \fBout\fR. \fBenc\fR decides if encryption (\s-1BF_ENCRYPT\s0) or
decryption (\s-1BF_DECRYPT\s0) shall be performed. \fBivec\fR must point at an 8 byte
putting the result in \fBout\fR. \fBenc\fR decides if encryption (BF_ENCRYPT) or
decryption (BF_DECRYPT) shall be performed. \fBivec\fR must point at an 8 byte
long initialization vector.
.PP
\&\fBBF_cfb64_encrypt()\fR is the \s-1CFB\s0 mode for Blowfish with 64 bit feedback.
\&\fBBF_cfb64_encrypt()\fR is the CFB mode for Blowfish with 64 bit feedback.
It encrypts or decrypts the bytes in \fBin\fR using the key \fBschedule\fR,
putting the result in \fBout\fR. \fBenc\fR decides if encryption (\fB\s-1BF_ENCRYPT\s0\fR)
or decryption (\fB\s-1BF_DECRYPT\s0\fR) shall be performed. \fBivec\fR must point at an
putting the result in \fBout\fR. \fBenc\fR decides if encryption (\fBBF_ENCRYPT\fR)
or decryption (\fBBF_DECRYPT\fR) shall be performed. \fBivec\fR must point at an
8 byte long initialization vector. \fBnum\fR must point at an integer which must
be initially zero.
.PP
\&\fBBF_ofb64_encrypt()\fR is the \s-1OFB\s0 mode for Blowfish with 64 bit feedback.
\&\fBBF_ofb64_encrypt()\fR is the OFB mode for Blowfish with 64 bit feedback.
It uses the same parameters as \fBBF_cfb64_encrypt()\fR, which must be initialized
the same way.
.PP
@ -239,7 +163,7 @@ platforms and big-endian on big-endian ones.
.SH "RETURN VALUES"
.IX Header "RETURN VALUES"
None of the functions presented here return any value.
.SH "NOTE"
.SH NOTE
.IX Header "NOTE"
Applications should use the higher level functions
\&\fBEVP_EncryptInit\fR\|(3) etc. instead of calling these
@ -248,14 +172,14 @@ functions directly.
.IX Header "SEE ALSO"
\&\fBEVP_EncryptInit\fR\|(3),
\&\fBdes_modes\fR\|(7)
.SH "HISTORY"
.SH HISTORY
.IX Header "HISTORY"
All of these functions were deprecated in OpenSSL 3.0.
.SH "COPYRIGHT"
.SH COPYRIGHT
.IX Header "COPYRIGHT"
Copyright 2000\-2021 The OpenSSL Project Authors. All Rights Reserved.
Copyright 2000\-2020 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
in the file LICENSE in the source distribution or at
<https://www.openssl.org/source/license.html>.

175
secure/lib/libcrypto/man/man3/BIO_ADDR.3
View file

@ -1,4 +1,5 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\" -*- mode: troff; coding: utf-8 -*-
.\" Automatically generated by Pod::Man 5.0102 (Pod::Simple 3.45)
.\"
.\" Standard preamble:
.\" ========================================================================
@ -15,29 +16,12 @@
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.\" \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>.
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
@ -68,80 +52,21 @@
. \}
.\}
.rr rF
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "BIO_ADDR 3ossl"
.TH BIO_ADDR 3ossl "2023-09-19" "3.0.11" "OpenSSL"
.TH BIO_ADDR 3ossl 2025-07-01 3.5.1 OpenSSL
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
BIO_ADDR, BIO_ADDR_new, BIO_ADDR_clear, BIO_ADDR_free, BIO_ADDR_rawmake,
.SH NAME
BIO_ADDR, BIO_ADDR_new, BIO_ADDR_copy, BIO_ADDR_dup, BIO_ADDR_clear,
BIO_ADDR_free, BIO_ADDR_rawmake,
BIO_ADDR_family, BIO_ADDR_rawaddress, BIO_ADDR_rawport,
BIO_ADDR_hostname_string, BIO_ADDR_service_string,
BIO_ADDR_path_string \- BIO_ADDR routines
.SH "SYNOPSIS"
.SH SYNOPSIS
.IX Header "SYNOPSIS"
.Vb 2
\& #include <sys/types.h>
@ -150,7 +75,9 @@ BIO_ADDR_path_string \- BIO_ADDR routines
\& typedef union bio_addr_st BIO_ADDR;
\&
\& BIO_ADDR *BIO_ADDR_new(void);
\& void BIO_ADDR_free(BIO_ADDR *);
\& int BIO_ADDR_copy(BIO_ADDR *dst, const BIO_ADDR *src);
\& BIO_ADDR *BIO_ADDR_dup(const BIO_ADDR *ap);
\& void BIO_ADDR_free(BIO_ADDR *ap);
\& void BIO_ADDR_clear(BIO_ADDR *ap);
\& int BIO_ADDR_rawmake(BIO_ADDR *ap, int family,
\& const void *where, size_t wherelen, unsigned short port);
@ -161,94 +88,106 @@ BIO_ADDR_path_string \- BIO_ADDR routines
\& char *BIO_ADDR_service_string(const BIO_ADDR *ap, int numeric);
\& char *BIO_ADDR_path_string(const BIO_ADDR *ap);
.Ve
.SH "DESCRIPTION"
.SH DESCRIPTION
.IX Header "DESCRIPTION"
The \fB\s-1BIO_ADDR\s0\fR type is a wrapper around all types of socket
The \fBBIO_ADDR\fR type is a wrapper around all types of socket
addresses that OpenSSL deals with, currently transparently
supporting \s-1AF_INET, AF_INET6\s0 and \s-1AF_UNIX\s0 according to what's
supporting AF_INET, AF_INET6 and AF_UNIX according to what's
available on the platform at hand.
.PP
\&\fBBIO_ADDR_new()\fR creates a new unfilled \fB\s-1BIO_ADDR\s0\fR, to be used
\&\fBBIO_ADDR_new()\fR creates a new unfilled \fBBIO_ADDR\fR, to be used
with routines that will fill it with information, such as
\&\fBBIO_accept_ex()\fR.
.PP
\&\fBBIO_ADDR_free()\fR frees a \fB\s-1BIO_ADDR\s0\fR created with \fBBIO_ADDR_new()\fR.
\&\fBBIO_ADDR_copy()\fR copies the contents of \fBsrc\fR into \fBdst\fR. Neither \fBsrc\fR or
\&\fBdst\fR can be NULL.
.PP
\&\fBBIO_ADDR_clear()\fR clears any data held within the provided \fB\s-1BIO_ADDR\s0\fR and sets
\&\fBBIO_ADDR_dup()\fR creates a new \fBBIO_ADDR\fR, with a copy of the
address data in \fBap\fR.
.PP
\&\fBBIO_ADDR_free()\fR frees a \fBBIO_ADDR\fR created with \fBBIO_ADDR_new()\fR
or \fBBIO_ADDR_dup()\fR. If the argument is NULL, nothing is done.
.PP
\&\fBBIO_ADDR_clear()\fR clears any data held within the provided \fBBIO_ADDR\fR and sets
it back to an uninitialised state.
.PP
\&\fBBIO_ADDR_rawmake()\fR takes a protocol \fBfamily\fR, a byte array of
size \fBwherelen\fR with an address in network byte order pointed at
by \fBwhere\fR and a port number in network byte order in \fBport\fR (except
for the \fB\s-1AF_UNIX\s0\fR protocol family, where \fBport\fR is meaningless and
therefore ignored) and populates the given \fB\s-1BIO_ADDR\s0\fR with them.
In case this creates a \fB\s-1AF_UNIX\s0\fR \fB\s-1BIO_ADDR\s0\fR, \fBwherelen\fR is expected
for the \fBAF_UNIX\fR protocol family, where \fBport\fR is meaningless and
therefore ignored) and populates the given \fBBIO_ADDR\fR with them.
In case this creates a \fBAF_UNIX\fR \fBBIO_ADDR\fR, \fBwherelen\fR is expected
to be the length of the path string (not including the terminating
\&\s-1NUL,\s0 such as the result of a call to \fBstrlen()\fR).
Read on about the addresses in \*(L"\s-1RAW ADDRESSES\*(R"\s0 below.
NUL, such as the result of a call to \fBstrlen()\fR).
Read on about the addresses in "RAW ADDRESSES" below.
.PP
\&\fBBIO_ADDR_family()\fR returns the protocol family of the given
\&\fB\s-1BIO_ADDR\s0\fR. The possible non-error results are one of the
constants \s-1AF_INET, AF_INET6\s0 and \s-1AF_UNIX.\s0 It will also return \s-1AF_UNSPEC\s0 if the
\&\s-1BIO_ADDR\s0 has not been initialised.
\&\fBBIO_ADDR\fR. The possible non-error results are one of the
constants AF_INET, AF_INET6 and AF_UNIX. It will also return AF_UNSPEC if the
BIO_ADDR has not been initialised.
.PP
\&\fBBIO_ADDR_rawaddress()\fR will write the raw address of the given
\&\fB\s-1BIO_ADDR\s0\fR in the area pointed at by \fBp\fR if \fBp\fR is non-NULL,
\&\fBBIO_ADDR\fR in the area pointed at by \fBp\fR if \fBp\fR is non-NULL,
and will set \fB*l\fR to be the amount of bytes the raw address
takes up if \fBl\fR is non-NULL.
A technique to only find out the size of the address is a call
with \fBp\fR set to \fB\s-1NULL\s0\fR. The raw address will be in network byte
with \fBp\fR set to \fBNULL\fR. The raw address will be in network byte
order, most significant byte first.
In case this is a \fB\s-1AF_UNIX\s0\fR \fB\s-1BIO_ADDR\s0\fR, \fBl\fR gets the length of the
path string (not including the terminating \s-1NUL,\s0 such as the result of
In case this is a \fBAF_UNIX\fR \fBBIO_ADDR\fR, \fBl\fR gets the length of the
path string (not including the terminating NUL, such as the result of
a call to \fBstrlen()\fR).
Read on about the addresses in \*(L"\s-1RAW ADDRESSES\*(R"\s0 below.
Read on about the addresses in "RAW ADDRESSES" below.
.PP
\&\fBBIO_ADDR_rawport()\fR returns the raw port of the given \fB\s-1BIO_ADDR\s0\fR.
\&\fBBIO_ADDR_rawport()\fR returns the raw port of the given \fBBIO_ADDR\fR.
The raw port will be in network byte order.
.PP
\&\fBBIO_ADDR_hostname_string()\fR returns a character string with the
hostname of the given \fB\s-1BIO_ADDR\s0\fR. If \fBnumeric\fR is 1, the string
hostname of the given \fBBIO_ADDR\fR. If \fBnumeric\fR is 1, the string
will contain the numerical form of the address. This only works for
\&\fB\s-1BIO_ADDR\s0\fR of the protocol families \s-1AF_INET\s0 and \s-1AF_INET6.\s0 The
\&\fBBIO_ADDR\fR of the protocol families AF_INET and AF_INET6. The
returned string has been allocated on the heap and must be freed
with \fBOPENSSL_free()\fR.
.PP
\&\fBBIO_ADDR_service_string()\fR returns a character string with the
service name of the port of the given \fB\s-1BIO_ADDR\s0\fR. If \fBnumeric\fR
service name of the port of the given \fBBIO_ADDR\fR. If \fBnumeric\fR
is 1, the string will contain the port number. This only works
for \fB\s-1BIO_ADDR\s0\fR of the protocol families \s-1AF_INET\s0 and \s-1AF_INET6.\s0 The
for \fBBIO_ADDR\fR of the protocol families AF_INET and AF_INET6. The
returned string has been allocated on the heap and must be freed
with \fBOPENSSL_free()\fR.
.PP
\&\fBBIO_ADDR_path_string()\fR returns a character string with the path
of the given \fB\s-1BIO_ADDR\s0\fR. This only works for \fB\s-1BIO_ADDR\s0\fR of the
protocol family \s-1AF_UNIX.\s0 The returned string has been allocated
of the given \fBBIO_ADDR\fR. This only works for \fBBIO_ADDR\fR of the
protocol family AF_UNIX. The returned string has been allocated
on the heap and must be freed with \fBOPENSSL_free()\fR.
.SH "RAW ADDRESSES"
.IX Header "RAW ADDRESSES"
Both \fBBIO_ADDR_rawmake()\fR and \fBBIO_ADDR_rawaddress()\fR take a pointer to a
network byte order address of a specific site. Internally, those are
treated as a pointer to \fBstruct in_addr\fR (for \fB\s-1AF_INET\s0\fR), \fBstruct
in6_addr\fR (for \fB\s-1AF_INET6\s0\fR) or \fBchar *\fR (for \fB\s-1AF_UNIX\s0\fR), all
treated as a pointer to \fBstruct in_addr\fR (for \fBAF_INET\fR), \fBstruct
in6_addr\fR (for \fBAF_INET6\fR) or \fBchar *\fR (for \fBAF_UNIX\fR), all
depending on the protocol family the address is for.
.SH "RETURN VALUES"
.IX Header "RETURN VALUES"
The string producing functions \fBBIO_ADDR_hostname_string()\fR,
\&\fBBIO_ADDR_service_string()\fR and \fBBIO_ADDR_path_string()\fR will
return \fB\s-1NULL\s0\fR on error and leave an error indication on the
return \fBNULL\fR on error and leave an error indication on the
OpenSSL error stack.
.PP
All other functions described here return 0 or \fB\s-1NULL\s0\fR when the
\&\fBBIO_ADDR_copy()\fR returns 1 on success or 0 on error.
.PP
All other functions described here return 0 or \fBNULL\fR when the
information they should return isn't available.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBBIO_connect\fR\|(3), \fBBIO_s_connect\fR\|(3)
.SH "COPYRIGHT"
.SH HISTORY
.IX Header "HISTORY"
\&\fBBIO_ADDR_copy()\fR and \fBBIO_ADDR_dup()\fR were added in OpenSSL 3.2.
.SH COPYRIGHT
.IX Header "COPYRIGHT"
Copyright 2016\-2020 The OpenSSL Project Authors. All Rights Reserved.
Copyright 2016\-2024 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
in the file LICENSE in the source distribution or at
<https://www.openssl.org/source/license.html>.

146
secure/lib/libcrypto/man/man3/BIO_ADDRINFO.3
View file

@ -1,4 +1,5 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\" -*- mode: troff; coding: utf-8 -*-
.\" Automatically generated by Pod::Man 5.0102 (Pod::Simple 3.45)
.\"
.\" Standard preamble:
.\" ========================================================================
@ -15,29 +16,12 @@
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.\" \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>.
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
@ -68,75 +52,15 @@
. \}
.\}
.rr rF
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "BIO_ADDRINFO 3ossl"
.TH BIO_ADDRINFO 3ossl "2023-09-19" "3.0.11" "OpenSSL"
.TH BIO_ADDRINFO 3ossl 2025-07-01 3.5.1 OpenSSL
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
.SH NAME
BIO_lookup_type,
BIO_ADDRINFO, BIO_ADDRINFO_next, BIO_ADDRINFO_free,
BIO_ADDRINFO_family, BIO_ADDRINFO_socktype, BIO_ADDRINFO_protocol,
@ -144,7 +68,7 @@ BIO_ADDRINFO_address,
BIO_lookup_ex,
BIO_lookup
\&\- BIO_ADDRINFO type and routines
.SH "SYNOPSIS"
.SH SYNOPSIS
.IX Header "SYNOPSIS"
.Vb 2
\& #include <sys/types.h>
@ -169,74 +93,74 @@ BIO_lookup
\& const BIO_ADDR *BIO_ADDRINFO_address(const BIO_ADDRINFO *bai);
\& void BIO_ADDRINFO_free(BIO_ADDRINFO *bai);
.Ve
.SH "DESCRIPTION"
.SH DESCRIPTION
.IX Header "DESCRIPTION"
The \fB\s-1BIO_ADDRINFO\s0\fR type is a wrapper for address information
The \fBBIO_ADDRINFO\fR type is a wrapper for address information
types provided on your platform.
.PP
\&\fB\s-1BIO_ADDRINFO\s0\fR normally forms a chain of several that can be
\&\fBBIO_ADDRINFO\fR normally forms a chain of several that can be
picked at one by one.
.PP
\&\fBBIO_lookup_ex()\fR looks up a specified \fBhost\fR and \fBservice\fR, and
uses \fBlookup_type\fR to determine what the default address should
be if \fBhost\fR is \fB\s-1NULL\s0\fR. \fBfamily\fR, \fBsocktype\fR and \fBprotocol\fR are used to
be if \fBhost\fR is \fBNULL\fR. \fBfamily\fR, \fBsocktype\fR and \fBprotocol\fR are used to
determine what protocol family, socket type and protocol should be used for
the lookup. \fBfamily\fR can be any of \s-1AF_INET, AF_INET6, AF_UNIX\s0 and
\&\s-1AF_UNSPEC.\s0 \fBsocktype\fR can be \s-1SOCK_STREAM, SOCK_DGRAM\s0 or 0. Specifying 0
the lookup. \fBfamily\fR can be any of AF_INET, AF_INET6, AF_UNIX and
AF_UNSPEC. \fBsocktype\fR can be SOCK_STREAM, SOCK_DGRAM or 0. Specifying 0
indicates that any type can be used. \fBprotocol\fR specifies a protocol such as
\&\s-1IPPROTO_TCP, IPPROTO_UDP\s0 or \s-1IPPORTO_SCTP.\s0 If set to 0 than any protocol can be
used. \fBres\fR points at a pointer to hold the start of a \fB\s-1BIO_ADDRINFO\s0\fR
IPPROTO_TCP, IPPROTO_UDP or IPPORTO_SCTP. If set to 0 than any protocol can be
used. \fBres\fR points at a pointer to hold the start of a \fBBIO_ADDRINFO\fR
chain.
.PP
For the family \fB\s-1AF_UNIX\s0\fR, \fBBIO_lookup_ex()\fR will ignore the \fBservice\fR
For the family \fBAF_UNIX\fR, \fBBIO_lookup_ex()\fR will ignore the \fBservice\fR
parameter and expects the \fBhost\fR parameter to hold the path to the socket file.
.PP
\&\fBBIO_lookup()\fR does the same as \fBBIO_lookup_ex()\fR but does not provide the ability
to select based on the protocol (any protocol may be returned).
.PP
\&\fBBIO_ADDRINFO_family()\fR returns the family of the given
\&\fB\s-1BIO_ADDRINFO\s0\fR. The result will be one of the constants
\&\s-1AF_INET, AF_INET6\s0 and \s-1AF_UNIX.\s0
\&\fBBIO_ADDRINFO\fR. The result will be one of the constants
AF_INET, AF_INET6 and AF_UNIX.
.PP
\&\fBBIO_ADDRINFO_socktype()\fR returns the socket type of the given
\&\fB\s-1BIO_ADDRINFO\s0\fR. The result will be one of the constants
\&\s-1SOCK_STREAM\s0 and \s-1SOCK_DGRAM.\s0
\&\fBBIO_ADDRINFO\fR. The result will be one of the constants
SOCK_STREAM and SOCK_DGRAM.
.PP
\&\fBBIO_ADDRINFO_protocol()\fR returns the protocol id of the given
\&\fB\s-1BIO_ADDRINFO\s0\fR. The result will be one of the constants
\&\s-1IPPROTO_TCP\s0 and \s-1IPPROTO_UDP.\s0
\&\fBBIO_ADDRINFO\fR. The result will be one of the constants
IPPROTO_TCP and IPPROTO_UDP.
.PP
\&\fBBIO_ADDRINFO_address()\fR returns the underlying \fB\s-1BIO_ADDR\s0\fR
of the given \fB\s-1BIO_ADDRINFO\s0\fR.
\&\fBBIO_ADDRINFO_address()\fR returns the underlying \fBBIO_ADDR\fR
of the given \fBBIO_ADDRINFO\fR.
.PP
\&\fBBIO_ADDRINFO_next()\fR returns the next \fB\s-1BIO_ADDRINFO\s0\fR in the chain
\&\fBBIO_ADDRINFO_next()\fR returns the next \fBBIO_ADDRINFO\fR in the chain
from the given one.
.PP
\&\fBBIO_ADDRINFO_free()\fR frees the chain of \fB\s-1BIO_ADDRINFO\s0\fR starting
with the given one.
\&\fBBIO_ADDRINFO_free()\fR frees the chain of \fBBIO_ADDRINFO\fR starting
with the given one. If the argument is NULL, nothing is done.
.SH "RETURN VALUES"
.IX Header "RETURN VALUES"
\&\fBBIO_lookup_ex()\fR and \fBBIO_lookup()\fR return 1 on success and 0 when an error
occurred, and will leave an error indication on the OpenSSL error stack in that
case.
.PP
All other functions described here return 0 or \fB\s-1NULL\s0\fR when the
All other functions described here return 0 or \fBNULL\fR when the
information they should return isn't available.
.SH "NOTES"
.SH NOTES
.IX Header "NOTES"
The \fBBIO_lookup_ex()\fR implementation uses the platform provided \fBgetaddrinfo()\fR
function. On Linux it is known that specifying 0 for the protocol will not
return any \s-1SCTP\s0 based addresses when calling \fBgetaddrinfo()\fR. Therefore, if an \s-1SCTP\s0
return any SCTP based addresses when calling \fBgetaddrinfo()\fR. Therefore, if an SCTP
address is required then the \fBprotocol\fR parameter to \fBBIO_lookup_ex()\fR should be
explicitly set to \s-1IPPROTO_SCTP.\s0 The same may be true on other platforms.
.SH "HISTORY"
explicitly set to IPPROTO_SCTP. The same may be true on other platforms.
.SH HISTORY
.IX Header "HISTORY"
The \fBBIO_lookup_ex()\fR function was added in OpenSSL 1.1.1.
.SH "COPYRIGHT"
.SH COPYRIGHT
.IX Header "COPYRIGHT"
Copyright 2016\-2021 The OpenSSL Project Authors. All Rights Reserved.
Copyright 2016\-2024 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
in the file LICENSE in the source distribution or at
<https://www.openssl.org/source/license.html>.

144
secure/lib/libcrypto/man/man3/BIO_connect.3
View file

@ -1,4 +1,5 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\" -*- mode: troff; coding: utf-8 -*-
.\" Automatically generated by Pod::Man 5.0102 (Pod::Simple 3.45)
.\"
.\" Standard preamble:
.\" ========================================================================
@ -15,29 +16,12 @@
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.\" \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>.
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
@ -68,78 +52,18 @@
. \}
.\}
.rr rF
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "BIO_CONNECT 3ossl"
.TH BIO_CONNECT 3ossl "2023-09-19" "3.0.11" "OpenSSL"
.TH BIO_CONNECT 3ossl 2025-07-01 3.5.1 OpenSSL
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
.SH NAME
BIO_socket, BIO_bind, BIO_connect, BIO_listen, BIO_accept_ex, BIO_closesocket \- BIO
socket communication setup routines
.SH "SYNOPSIS"
.SH SYNOPSIS
.IX Header "SYNOPSIS"
.Vb 1
\& #include <openssl/bio.h>
@ -151,7 +75,7 @@ socket communication setup routines
\& int BIO_accept_ex(int accept_sock, BIO_ADDR *peer, int options);
\& int BIO_closesocket(int sock);
.Ve
.SH "DESCRIPTION"
.SH DESCRIPTION
.IX Header "DESCRIPTION"
\&\fBBIO_socket()\fR creates a socket in the domain \fBdomain\fR, of type
\&\fBsocktype\fR and \fBprotocol\fR. Socket \fBoptions\fR are currently unused,
@ -159,47 +83,55 @@ but is present for future use.
.PP
\&\fBBIO_bind()\fR binds the source address and service to a socket and
may be useful before calling \fBBIO_connect()\fR. The options may include
\&\fB\s-1BIO_SOCK_REUSEADDR\s0\fR, which is described in \*(L"\s-1FLAGS\*(R"\s0 below.
\&\fBBIO_SOCK_REUSEADDR\fR, which is described in "FLAGS" below.
.PP
\&\fBBIO_connect()\fR connects \fBsock\fR to the address and service given by
\&\fBaddr\fR. Connection \fBoptions\fR may be zero or any combination of
\&\fB\s-1BIO_SOCK_KEEPALIVE\s0\fR, \fB\s-1BIO_SOCK_NONBLOCK\s0\fR and \fB\s-1BIO_SOCK_NODELAY\s0\fR.
The flags are described in \*(L"\s-1FLAGS\*(R"\s0 below.
\&\fBBIO_SOCK_KEEPALIVE\fR, \fBBIO_SOCK_NONBLOCK\fR and \fBBIO_SOCK_NODELAY\fR.
The flags are described in "FLAGS" below.
.PP
\&\fBBIO_listen()\fR has \fBsock\fR start listening on the address and service
given by \fBaddr\fR. Connection \fBoptions\fR may be zero or any
combination of \fB\s-1BIO_SOCK_KEEPALIVE\s0\fR, \fB\s-1BIO_SOCK_NONBLOCK\s0\fR,
\&\fB\s-1BIO_SOCK_NODELAY\s0\fR, \fB\s-1BIO_SOCK_REUSEADDR\s0\fR and \fB\s-1BIO_SOCK_V6_ONLY\s0\fR.
The flags are described in \*(L"\s-1FLAGS\*(R"\s0 below.
combination of \fBBIO_SOCK_KEEPALIVE\fR, \fBBIO_SOCK_NONBLOCK\fR,
\&\fBBIO_SOCK_NODELAY\fR, \fBBIO_SOCK_REUSEADDR\fR and \fBBIO_SOCK_V6_ONLY\fR.
The flags are described in "FLAGS" below.
.PP
\&\fBBIO_accept_ex()\fR waits for an incoming connections on the given
socket \fBaccept_sock\fR. When it gets a connection, the address and
port of the peer gets stored in \fBpeer\fR if that one is non-NULL.
Accept \fBoptions\fR may be zero or \fB\s-1BIO_SOCK_NONBLOCK\s0\fR, and is applied
on the accepted socket. The flags are described in \*(L"\s-1FLAGS\*(R"\s0 below.
Accept \fBoptions\fR may be zero or \fBBIO_SOCK_NONBLOCK\fR, and is applied
on the accepted socket. The flags are described in "FLAGS" below.
.PP
\&\fBBIO_closesocket()\fR closes \fBsock\fR.
.SH "FLAGS"
.SH FLAGS
.IX Header "FLAGS"
.IP "\s-1BIO_SOCK_KEEPALIVE\s0" 4
.IP BIO_SOCK_KEEPALIVE 4
.IX Item "BIO_SOCK_KEEPALIVE"
Enables regular sending of keep-alive messages.
.IP "\s-1BIO_SOCK_NONBLOCK\s0" 4
.IP BIO_SOCK_NONBLOCK 4
.IX Item "BIO_SOCK_NONBLOCK"
Sets the socket to nonblocking mode.
.IP "\s-1BIO_SOCK_NODELAY\s0" 4
.IP BIO_SOCK_NODELAY 4
.IX Item "BIO_SOCK_NODELAY"
Corresponds to \fB\s-1TCP_NODELAY\s0\fR, and disables the Nagle algorithm. With
Corresponds to \fBTCP_NODELAY\fR, and disables the Nagle algorithm. With
this set, any data will be sent as soon as possible instead of being
buffered until there's enough for the socket to send out in one go.
.IP "\s-1BIO_SOCK_REUSEADDR\s0" 4
.IP BIO_SOCK_REUSEADDR 4
.IX Item "BIO_SOCK_REUSEADDR"
Try to reuse the address and port combination for a recently closed
port.
.IP "\s-1BIO_SOCK_V6_ONLY\s0" 4
.IP BIO_SOCK_V6_ONLY 4
.IX Item "BIO_SOCK_V6_ONLY"
When creating an IPv6 socket, make it only listen for IPv6 addresses
and not IPv4 addresses mapped to IPv6.
.IP BIO_SOCK_TFO 4
.IX Item "BIO_SOCK_TFO"
Enables TCP Fast Open on the socket. Uses appropriate APIs on
supported operating systems, including Linux, macOS and FreeBSD. Can
be used with \fBBIO_connect()\fR, \fBBIO_set_conn_mode()\fR, \fBBIO_set_bind_mode()\fR,
and \fBBIO_listen()\fR.
On Linux kernels before 4.14, use \fBBIO_set_conn_address()\fR to specify
the peer address before starting the TLS handshake.
.PP
These flags are bit flags, so they are to be combined with the
\&\f(CW\*(C`|\*(C'\fR operator, for example:
@ -209,7 +141,7 @@ These flags are bit flags, so they are to be combined with the
.Ve
.SH "RETURN VALUES"
.IX Header "RETURN VALUES"
\&\fBBIO_socket()\fR returns the socket number on success or \fB\s-1INVALID_SOCKET\s0\fR
\&\fBBIO_socket()\fR returns the socket number on success or \fBINVALID_SOCKET\fR
(\-1) on error. When an error has occurred, the OpenSSL error stack
will hold the error data and errno has the system error.
.PP
@ -218,22 +150,22 @@ When an error has occurred, the OpenSSL error stack will hold the error
data and errno has the system error.
.PP
\&\fBBIO_accept_ex()\fR returns the accepted socket on success or
\&\fB\s-1INVALID_SOCKET\s0\fR (\-1) on error. When an error has occurred, the
\&\fBINVALID_SOCKET\fR (\-1) on error. When an error has occurred, the
OpenSSL error stack will hold the error data and errno has the system
error.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\s-1\fBBIO_ADDR\s0\fR\|(3)
.SH "HISTORY"
\&\fBBIO_ADDR\fR\|(3)
.SH HISTORY
.IX Header "HISTORY"
\&\fBBIO_gethostname()\fR, \fBBIO_get_port()\fR, \fBBIO_get_host_ip()\fR,
\&\fBBIO_get_accept_socket()\fR and \fBBIO_accept()\fR were deprecated in OpenSSL 1.1.0.
Use the functions described above instead.
.SH "COPYRIGHT"
.SH COPYRIGHT
.IX Header "COPYRIGHT"
Copyright 2016\-2020 The OpenSSL Project Authors. All Rights Reserved.
Copyright 2016\-2022 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
in the file LICENSE in the source distribution or at
<https://www.openssl.org/source/license.html>.

192
secure/lib/libcrypto/man/man3/BIO_ctrl.3
View file

@ -1,4 +1,5 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\" -*- mode: troff; coding: utf-8 -*-
.\" Automatically generated by Pod::Man 5.0102 (Pod::Simple 3.45)
.\"
.\" Standard preamble:
.\" ========================================================================
@ -15,29 +16,12 @@
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.\" \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>.
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
@ -68,82 +52,22 @@
. \}
.\}
.rr rF
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "BIO_CTRL 3ossl"
.TH BIO_CTRL 3ossl "2023-09-19" "3.0.11" "OpenSSL"
.TH BIO_CTRL 3ossl 2025-07-01 3.5.1 OpenSSL
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
.SH NAME
BIO_ctrl, BIO_callback_ctrl, BIO_ptr_ctrl, BIO_int_ctrl, BIO_reset,
BIO_seek, BIO_tell, BIO_flush, BIO_eof, BIO_set_close, BIO_get_close,
BIO_pending, BIO_wpending, BIO_ctrl_pending, BIO_ctrl_wpending,
BIO_get_info_callback, BIO_set_info_callback, BIO_info_cb, BIO_get_ktls_send,
BIO_get_ktls_recv
BIO_get_ktls_recv, BIO_set_conn_mode, BIO_get_conn_mode, BIO_set_tfo
\&\- BIO control operations
.SH "SYNOPSIS"
.SH SYNOPSIS
.IX Header "SYNOPSIS"
.Vb 1
\& #include <openssl/bio.h>
@ -172,36 +96,41 @@ BIO_get_ktls_recv
\&
\& int BIO_get_ktls_send(BIO *b);
\& int BIO_get_ktls_recv(BIO *b);
\&
\& int BIO_set_conn_mode(BIO *b, int mode);
\& int BIO_get_conn_mode(BIO *b);
\&
\& int BIO_set_tfo(BIO *b, int onoff);
.Ve
.SH "DESCRIPTION"
.SH DESCRIPTION
.IX Header "DESCRIPTION"
\&\fBBIO_ctrl()\fR, \fBBIO_callback_ctrl()\fR, \fBBIO_ptr_ctrl()\fR and \fBBIO_int_ctrl()\fR
are \s-1BIO\s0 \*(L"control\*(R" operations taking arguments of various types.
are BIO "control" operations taking arguments of various types.
These functions are not normally called directly, various macros
are used instead. The standard macros are described below, macros
specific to a particular type of \s-1BIO\s0 are described in the specific
specific to a particular type of BIO are described in the specific
BIOs manual page as well as any special features of the standard
calls.
.PP
\&\fBBIO_reset()\fR typically resets a \s-1BIO\s0 to some initial state, in the case
\&\fBBIO_reset()\fR typically resets a BIO to some initial state, in the case
of file related BIOs for example it rewinds the file pointer to the
start of the file.
.PP
\&\fBBIO_seek()\fR resets a file related \s-1BIO\s0's (that is file descriptor and
\&\s-1FILE\s0 BIOs) file position pointer to \fBofs\fR bytes from start of file.
\&\fBBIO_seek()\fR resets a file related BIO's (that is file descriptor and
FILE BIOs) file position pointer to \fBofs\fR bytes from start of file.
.PP
\&\fBBIO_tell()\fR returns the current file position of a file related \s-1BIO.\s0
\&\fBBIO_tell()\fR returns the current file position of a file related BIO.
.PP
\&\fBBIO_flush()\fR normally writes out any internally buffered data, in some
cases it is used to signal \s-1EOF\s0 and that no more data will be written.
cases it is used to signal EOF and that no more data will be written.
.PP
\&\fBBIO_eof()\fR returns 1 if the \s-1BIO\s0 has read \s-1EOF,\s0 the precise meaning of
\&\*(L"\s-1EOF\*(R"\s0 varies according to the \s-1BIO\s0 type.
\&\fBBIO_eof()\fR returns 1 if the BIO has read EOF, the precise meaning of
"EOF" varies according to the BIO type.
.PP
\&\fBBIO_set_close()\fR sets the \s-1BIO\s0 \fBb\fR close flag to \fBflag\fR. \fBflag\fR can
take the value \s-1BIO_CLOSE\s0 or \s-1BIO_NOCLOSE.\s0 Typically \s-1BIO_CLOSE\s0 is used
in a source/sink \s-1BIO\s0 to indicate that the underlying I/O stream should
be closed when the \s-1BIO\s0 is freed.
\&\fBBIO_set_close()\fR sets the BIO \fBb\fR close flag to \fBflag\fR. \fBflag\fR can
take the value BIO_CLOSE or BIO_NOCLOSE. Typically BIO_CLOSE is used
in a source/sink BIO to indicate that the underlying I/O stream should
be closed when the BIO is freed.
.PP
\&\fBBIO_get_close()\fR returns the BIOs close flag.
.PP
@ -211,10 +140,17 @@ Not all BIOs support these calls. \fBBIO_ctrl_pending()\fR and \fBBIO_ctrl_wpend
return a size_t type and are functions, \fBBIO_pending()\fR and \fBBIO_wpending()\fR are
macros which call \fBBIO_ctrl()\fR.
.PP
\&\fBBIO_get_ktls_send()\fR returns 1 if the \s-1BIO\s0 is using the Kernel \s-1TLS\s0 data-path for
\&\fBBIO_get_ktls_send()\fR returns 1 if the BIO is using the Kernel TLS data-path for
sending. Otherwise, it returns zero.
\&\fBBIO_get_ktls_recv()\fR returns 1 if the \s-1BIO\s0 is using the Kernel \s-1TLS\s0 data-path for
\&\fBBIO_get_ktls_recv()\fR returns 1 if the BIO is using the Kernel TLS data-path for
receiving. Otherwise, it returns zero.
.PP
\&\fBBIO_get_conn_mode()\fR returns the BIO connection mode. \fBBIO_set_conn_mode()\fR sets
the BIO connection mode.
.PP
\&\fBBIO_set_tfo()\fR disables TCP Fast Open when \fBonoff\fR is 0, and enables TCP Fast
Open when \fBonoff\fR is nonzero. Setting the value to 1 is equivalent to setting
\&\fBBIO_SOCK_TFO\fR in \fBBIO_set_conn_mode()\fR.
.SH "RETURN VALUES"
.IX Header "RETURN VALUES"
\&\fBBIO_reset()\fR normally returns 1 for success and <=0 for failure. File
@ -226,11 +162,11 @@ for success and \-1 for failure.
.PP
\&\fBBIO_flush()\fR returns 1 for success and <=0 for failure.
.PP
\&\fBBIO_eof()\fR returns 1 if \s-1EOF\s0 has been reached, 0 if not, or negative values for failure.
\&\fBBIO_eof()\fR returns 1 if EOF has been reached, 0 if not, or negative values for failure.
.PP
\&\fBBIO_set_close()\fR returns 1 on success or <=0 for failure.
.PP
\&\fBBIO_get_close()\fR returns the close flag value: \s-1BIO_CLOSE\s0 or \s-1BIO_NOCLOSE.\s0 It also
\&\fBBIO_get_close()\fR returns the close flag value: BIO_CLOSE or BIO_NOCLOSE. It also
returns other negative values if an error occurs.
.PP
\&\fBBIO_pending()\fR, \fBBIO_ctrl_pending()\fR, \fBBIO_wpending()\fR and \fBBIO_ctrl_wpending()\fR
@ -238,11 +174,26 @@ return the amount of pending data. \fBBIO_pending()\fR and \fBBIO_wpending()\fR
negative value or 0 on error. \fBBIO_ctrl_pending()\fR and \fBBIO_ctrl_wpending()\fR return
0 on error.
.PP
\&\fBBIO_get_ktls_send()\fR returns 1 if the \s-1BIO\s0 is using the Kernel \s-1TLS\s0 data-path for
\&\fBBIO_get_ktls_send()\fR returns 1 if the BIO is using the Kernel TLS data-path for
sending. Otherwise, it returns zero.
\&\fBBIO_get_ktls_recv()\fR returns 1 if the \s-1BIO\s0 is using the Kernel \s-1TLS\s0 data-path for
\&\fBBIO_get_ktls_recv()\fR returns 1 if the BIO is using the Kernel TLS data-path for
receiving. Otherwise, it returns zero.
.SH "NOTES"
.PP
\&\fBBIO_set_conn_mode()\fR returns 1 for success and 0 for failure. \fBBIO_get_conn_mode()\fR
returns the current connection mode. Which may contain the bitwise-or of the
following flags:
.PP
.Vb 6
\& BIO_SOCK_REUSEADDR
\& BIO_SOCK_V6_ONLY
\& BIO_SOCK_KEEPALIVE
\& BIO_SOCK_NONBLOCK
\& BIO_SOCK_NODELAY
\& BIO_SOCK_TFO
.Ve
.PP
\&\fBBIO_set_tfo()\fR returns 1 for success, and 0 for failure.
.SH NOTES
.IX Header "NOTES"
\&\fBBIO_flush()\fR, because it can write data may return 0 or \-1 indicating
that the call should be retried later in a similar manner to \fBBIO_write_ex()\fR.
@ -251,39 +202,42 @@ is the call fails.
.PP
The return values of \fBBIO_pending()\fR and \fBBIO_wpending()\fR may not reliably
determine the amount of pending data in all cases. For example in the
case of a file \s-1BIO\s0 some data may be available in the \s-1FILE\s0 structures
case of a file BIO some data may be available in the FILE structures
internal buffers but it is not possible to determine this in a
portably way. For other types of \s-1BIO\s0 they may not be supported.
portably way. For other types of BIO they may not be supported.
.PP
Filter BIOs if they do not internally handle a particular \fBBIO_ctrl()\fR
operation usually pass the operation to the next \s-1BIO\s0 in the chain.
This often means there is no need to locate the required \s-1BIO\s0 for
operation usually pass the operation to the next BIO in the chain.
This often means there is no need to locate the required BIO for
a particular operation, it can be called on a chain and it will
be automatically passed to the relevant \s-1BIO.\s0 However, this can cause
be automatically passed to the relevant BIO. However, this can cause
unexpected results: for example no current filter BIOs implement
\&\fBBIO_seek()\fR, but this may still succeed if the chain ends in a \s-1FILE\s0
or file descriptor \s-1BIO.\s0
\&\fBBIO_seek()\fR, but this may still succeed if the chain ends in a FILE
or file descriptor BIO.
.PP
Source/sink BIOs return an 0 if they do not recognize the \fBBIO_ctrl()\fR
operation.
.SH "BUGS"
.SH BUGS
.IX Header "BUGS"
Some of the return values are ambiguous and care should be taken. In
particular a return value of 0 can be returned if an operation is not
supported, if an error occurred, if \s-1EOF\s0 has not been reached and in
the case of \fBBIO_seek()\fR on a file \s-1BIO\s0 for a successful operation.
supported, if an error occurred, if EOF has not been reached and in
the case of \fBBIO_seek()\fR on a file BIO for a successful operation.
.PP
In older versions of OpenSSL the \fBBIO_ctrl_pending()\fR and
\&\fBBIO_ctrl_wpending()\fR could return values greater than \s-1INT_MAX\s0 on error.
.SH "HISTORY"
\&\fBBIO_ctrl_wpending()\fR could return values greater than INT_MAX on error.
.SH HISTORY
.IX Header "HISTORY"
The \fBBIO_get_ktls_send()\fR and \fBBIO_get_ktls_recv()\fR macros were added in
OpenSSL 3.0. They were modified to never return \-1 in OpenSSL 3.0.4.
.SH "COPYRIGHT"
.PP
The \fBBIO_get_conn_mode()\fR, \fBBIO_set_conn_mode()\fR and \fBBIO_set_tfo()\fR functions
were added in OpenSSL 3.2.
.SH COPYRIGHT
.IX Header "COPYRIGHT"
Copyright 2000\-2022 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
in the file LICENSE in the source distribution or at
<https://www.openssl.org/source/license.html>.

178
secure/lib/libcrypto/man/man3/BIO_f_base64.3
View file

@ -1,4 +1,5 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\" -*- mode: troff; coding: utf-8 -*-
.\" Automatically generated by Pod::Man 5.0102 (Pod::Simple 3.45)
.\"
.\" Standard preamble:
.\" ========================================================================
@ -15,29 +16,12 @@
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.\" \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>.
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
@ -68,77 +52,17 @@
. \}
.\}
.rr rF
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "BIO_F_BASE64 3ossl"
.TH BIO_F_BASE64 3ossl "2023-09-19" "3.0.11" "OpenSSL"
.TH BIO_F_BASE64 3ossl 2025-07-01 3.5.1 OpenSSL
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
.SH NAME
BIO_f_base64 \- base64 BIO filter
.SH "SYNOPSIS"
.SH SYNOPSIS
.IX Header "SYNOPSIS"
.Vb 2
\& #include <openssl/bio.h>
@ -146,43 +70,58 @@ BIO_f_base64 \- base64 BIO filter
\&
\& const BIO_METHOD *BIO_f_base64(void);
.Ve
.SH "DESCRIPTION"
.SH DESCRIPTION
.IX Header "DESCRIPTION"
\&\fBBIO_f_base64()\fR returns the base64 \s-1BIO\s0 method. This is a filter
\&\s-1BIO\s0 that base64 encodes any data written through it and decodes
\&\fBBIO_f_base64()\fR returns the base64 BIO method. This is a filter
BIO that base64 encodes any data written through it and decodes
any data read through it.
.PP
Base64 BIOs do not support \fBBIO_gets()\fR or \fBBIO_puts()\fR.
.PP
For writing, output is by default divided to lines of length 64
characters and there is always a newline at the end of output.
For writing, by default output is divided to lines of length 64
characters and there is a newline at the end of output.
This behavior can be changed with \fBBIO_FLAGS_BASE64_NO_NL\fR flag.
.PP
For reading, first line should be at most 1024
characters long. If it is longer then it is ignored completely.
Other input lines can be of any length. There must be a newline
at the end of input.
For reading, the first line of base64 content should be at most 1024 bytes long
including newline unless the flag \fBBIO_FLAGS_BASE64_NO_NL\fR is set.
Subsequent input lines can be of any length (i.e., newlines may appear anywhere
in the input) and a newline at the end of input is not needed.
.PP
This behavior can be changed with \s-1BIO_FLAGS_BASE64_NO_NL\s0 flag.
Also when reading, unless the flag \fBBIO_FLAGS_BASE64_NO_NL\fR is set, initial
lines that contain non\-base64 content (whitespace is tolerated and ignored) are
skipped, as are lines longer than 1024 bytes.
Decoding starts with the first line that is shorter than 1024 bytes (including
the newline) and consists of only (at least one) valid base64 characters plus
optional whitespace.
Decoding stops when base64 padding is encountered, a soft end-of-input
character (\fB\-\fR, see \fBEVP_DecodeUpdate\fR\|(3)) occurs as the first byte after a
complete group of 4 valid base64 characters is decoded, or when an error occurs
(e.g. due to input characters other than valid base64 or whitespace).
.PP
\&\fBBIO_flush()\fR on a base64 \s-1BIO\s0 that is being written through is
If decoding stops as a result of an error, the first \fBBIO_read\fR\|(3) that
returns no decoded data will typically return a negative result, rather
than 0 (which indicates normal end of input).
However, a negative return value can also occur if the underlying BIO
supports retries, see \fBBIO_should_read\fR\|(3) and \fBBIO_set_mem_eof_return\fR\|(3).
.PP
\&\fBBIO_flush()\fR on a base64 BIO that is being written through is
used to signal that no more data is to be encoded: this is used
to flush the final block through the \s-1BIO.\s0
to flush the final block through the BIO.
.PP
The flag \s-1BIO_FLAGS_BASE64_NO_NL\s0 can be set with \fBBIO_set_flags()\fR.
The flag \fBBIO_FLAGS_BASE64_NO_NL\fR can be set with \fBBIO_set_flags()\fR.
For writing, it causes all data to be written on one line without
newline at the end.
For reading, it expects the data to be all on one line (with or
without a trailing newline).
.SH "NOTES"
For reading, it removes all expectations on newlines in the input data.
.SH NOTES
.IX Header "NOTES"
Because of the format of base64 encoding the end of the encoded
block cannot always be reliably determined.
.SH "RETURN VALUES"
.IX Header "RETURN VALUES"
\&\fBBIO_f_base64()\fR returns the base64 \s-1BIO\s0 method.
.SH "EXAMPLES"
\&\fBBIO_f_base64()\fR returns the base64 BIO method.
.SH EXAMPLES
.IX Header "EXAMPLES"
Base64 encode the string \*(L"Hello World\en\*(R" and write the result
Base64 encode the string "Hello World\en" and write the result
to standard output:
.PP
.Vb 2
@ -198,7 +137,7 @@ to standard output:
\& BIO_free_all(b64);
.Ve
.PP
Read Base64 encoded data from standard input and write the decoded
Read base64 encoded data from standard input and write the decoded
data to standard output:
.PP
.Vb 3
@ -216,18 +155,35 @@ data to standard output:
\& BIO_flush(bio_out);
\& BIO_free_all(b64);
.Ve
.SH "BUGS"
.SH BUGS
.IX Header "BUGS"
The ambiguity of \s-1EOF\s0 in base64 encoded data can cause additional
data following the base64 encoded block to be misinterpreted.
The hyphen character (\fB\-\fR) is treated as an ad hoc soft end-of-input
character when it occurs at the start of a base64 group of 4 encoded
characters.
.PP
There should be some way of specifying a test that the \s-1BIO\s0 can perform
to reliably determine \s-1EOF\s0 (for example a \s-1MIME\s0 boundary).
.SH "COPYRIGHT"
This heuristic works to detect the ends of base64 blocks in PEM or
multi-part MIME, provided there are no stray hyphens in the middle
input.
But it is just a heuristic, and sufficiently unusual input could produce
unexpected results.
.PP
There should perhaps be some way of specifying a test that the BIO can perform
to reliably determine EOF (for example a MIME boundary).
.PP
It may be possible for \fBBIO_read\fR\|(3) to return zero, rather than \-1, even if
an error has been detected, more tests are needed to cover all the potential
error paths.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBBIO_read\fR\|(3),
\&\fBBIO_should_read\fR\|(3),
\&\fBBIO_set_mem_eof_return\fR\|(3),
\&\fBEVP_DecodeUpdate\fR\|(3).
.SH COPYRIGHT
.IX Header "COPYRIGHT"
Copyright 2000\-2022 The OpenSSL Project Authors. All Rights Reserved.
Copyright 2000\-2024 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
in the file LICENSE in the source distribution or at
<https://www.openssl.org/source/license.html>.

130
secure/lib/libcrypto/man/man3/BIO_f_buffer.3
View file

@ -1,4 +1,5 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\" -*- mode: troff; coding: utf-8 -*-
.\" Automatically generated by Pod::Man 5.0102 (Pod::Simple 3.45)
.\"
.\" Standard preamble:
.\" ========================================================================
@ -15,29 +16,12 @@
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.\" \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>.
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
@ -68,75 +52,15 @@
. \}
.\}
.rr rF
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "BIO_F_BUFFER 3ossl"
.TH BIO_F_BUFFER 3ossl "2023-09-19" "3.0.11" "OpenSSL"
.TH BIO_F_BUFFER 3ossl 2025-07-01 3.5.1 OpenSSL
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
.SH NAME
BIO_get_buffer_num_lines,
BIO_set_read_buffer_size,
BIO_set_write_buffer_size,
@ -144,7 +68,7 @@ BIO_set_buffer_size,
BIO_set_buffer_read_data,
BIO_f_buffer
\&\- buffering BIO
.SH "SYNOPSIS"
.SH SYNOPSIS
.IX Header "SYNOPSIS"
.Vb 1
\& #include <openssl/bio.h>
@ -157,55 +81,55 @@ BIO_f_buffer
\& long BIO_set_buffer_size(BIO *b, long size);
\& long BIO_set_buffer_read_data(BIO *b, void *buf, long num);
.Ve
.SH "DESCRIPTION"
.SH DESCRIPTION
.IX Header "DESCRIPTION"
\&\fBBIO_f_buffer()\fR returns the buffering \s-1BIO\s0 method.
\&\fBBIO_f_buffer()\fR returns the buffering BIO method.
.PP
Data written to a buffering \s-1BIO\s0 is buffered and periodically written
to the next \s-1BIO\s0 in the chain. Data read from a buffering \s-1BIO\s0 comes from
an internal buffer which is filled from the next \s-1BIO\s0 in the chain.
Data written to a buffering BIO is buffered and periodically written
to the next BIO in the chain. Data read from a buffering BIO comes from
an internal buffer which is filled from the next BIO in the chain.
Both \fBBIO_gets()\fR and \fBBIO_puts()\fR are supported.
.PP
Calling \fBBIO_reset()\fR on a buffering \s-1BIO\s0 clears any buffered data.
Calling \fBBIO_reset()\fR on a buffering BIO clears any buffered data.
.PP
\&\fBBIO_get_buffer_num_lines()\fR returns the number of lines currently buffered.
.PP
\&\fBBIO_set_read_buffer_size()\fR, \fBBIO_set_write_buffer_size()\fR and \fBBIO_set_buffer_size()\fR
set the read, write or both read and write buffer sizes to \fBsize\fR. The initial
buffer size is \s-1DEFAULT_BUFFER_SIZE,\s0 currently 4096. Any attempt to reduce the
buffer size below \s-1DEFAULT_BUFFER_SIZE\s0 is ignored. Any buffered data is cleared
buffer size is DEFAULT_BUFFER_SIZE, currently 4096. Any attempt to reduce the
buffer size below DEFAULT_BUFFER_SIZE is ignored. Any buffered data is cleared
when the buffer is resized.
.PP
\&\fBBIO_set_buffer_read_data()\fR clears the read buffer and fills it with \fBnum\fR
bytes of \fBbuf\fR. If \fBnum\fR is larger than the current buffer size the buffer
is expanded.
.SH "NOTES"
.SH NOTES
.IX Header "NOTES"
These functions, other than \fBBIO_f_buffer()\fR, are implemented as macros.
.PP
Buffering BIOs implement \fBBIO_read_ex()\fR and \fBBIO_gets()\fR by using
\&\fBBIO_read_ex()\fR operations on the next \s-1BIO\s0 in the chain and storing the
\&\fBBIO_read_ex()\fR operations on the next BIO in the chain and storing the
result in an internal buffer, from which bytes are given back to the
caller as appropriate for the call; a \fBBIO_gets()\fR is guaranteed to give
the caller a whole line, and \fBBIO_read_ex()\fR is guaranteed to give the
caller the number of bytes it asks for, unless there's an error or end
of communication is reached in the next \s-1BIO.\s0 By prepending a
buffering \s-1BIO\s0 to a chain it is therefore possible to provide
of communication is reached in the next BIO. By prepending a
buffering BIO to a chain it is therefore possible to provide
\&\fBBIO_gets()\fR or exact size \fBBIO_read_ex()\fR functionality if the following
BIOs do not support it.
.PP
Do not add more than one \fBBIO_f_buffer()\fR to a \s-1BIO\s0 chain. The result of
Do not add more than one \fBBIO_f_buffer()\fR to a BIO chain. The result of
doing so will force a full read of the size of the internal buffer of
the top \fBBIO_f_buffer()\fR, which is 4 KiB at a minimum.
.PP
Data is only written to the next \s-1BIO\s0 in the chain when the write buffer fills
Data is only written to the next BIO in the chain when the write buffer fills
or when \fBBIO_flush()\fR is called. It is therefore important to call \fBBIO_flush()\fR
whenever any pending data should be written such as when removing a buffering
\&\s-1BIO\s0 using \fBBIO_pop()\fR. \fBBIO_flush()\fR may need to be retried if the ultimate
source/sink \s-1BIO\s0 is non blocking.
BIO using \fBBIO_pop()\fR. \fBBIO_flush()\fR may need to be retried if the ultimate
source/sink BIO is non blocking.
.SH "RETURN VALUES"
.IX Header "RETURN VALUES"
\&\fBBIO_f_buffer()\fR returns the buffering \s-1BIO\s0 method.
\&\fBBIO_f_buffer()\fR returns the buffering BIO method.
.PP
\&\fBBIO_get_buffer_num_lines()\fR returns the number of lines buffered (may be 0) or
a negative value in case of errors.
@ -222,11 +146,11 @@ there was an error.
\&\fBBIO_flush\fR\|(3),
\&\fBBIO_pop\fR\|(3),
\&\fBBIO_ctrl\fR\|(3).
.SH "COPYRIGHT"
.SH COPYRIGHT
.IX Header "COPYRIGHT"
Copyright 2000\-2021 The OpenSSL Project Authors. All Rights Reserved.
Copyright 2000\-2020 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
in the file LICENSE in the source distribution or at
<https://www.openssl.org/source/license.html>.

128
secure/lib/libcrypto/man/man3/BIO_f_cipher.3
View file

@ -1,4 +1,5 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\" -*- mode: troff; coding: utf-8 -*-
.\" Automatically generated by Pod::Man 5.0102 (Pod::Simple 3.45)
.\"
.\" Standard preamble:
.\" ========================================================================
@ -15,29 +16,12 @@
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.\" \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>.
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
@ -68,77 +52,17 @@
. \}
.\}
.rr rF
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "BIO_F_CIPHER 3ossl"
.TH BIO_F_CIPHER 3ossl "2023-09-19" "3.0.11" "OpenSSL"
.TH BIO_F_CIPHER 3ossl 2025-07-01 3.5.1 OpenSSL
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
.SH NAME
BIO_f_cipher, BIO_set_cipher, BIO_get_cipher_status, BIO_get_cipher_ctx \- cipher BIO filter
.SH "SYNOPSIS"
.SH SYNOPSIS
.IX Header "SYNOPSIS"
.Vb 2
\& #include <openssl/bio.h>
@ -150,48 +74,48 @@ BIO_f_cipher, BIO_set_cipher, BIO_get_cipher_status, BIO_get_cipher_ctx \- ciphe
\& int BIO_get_cipher_status(BIO *b);
\& int BIO_get_cipher_ctx(BIO *b, EVP_CIPHER_CTX **pctx);
.Ve
.SH "DESCRIPTION"
.SH DESCRIPTION
.IX Header "DESCRIPTION"
\&\fBBIO_f_cipher()\fR returns the cipher \s-1BIO\s0 method. This is a filter
\&\s-1BIO\s0 that encrypts any data written through it, and decrypts any data
read from it. It is a \s-1BIO\s0 wrapper for the cipher routines
\&\fBBIO_f_cipher()\fR returns the cipher BIO method. This is a filter
BIO that encrypts any data written through it, and decrypts any data
read from it. It is a BIO wrapper for the cipher routines
\&\fBEVP_CipherInit()\fR, \fBEVP_CipherUpdate()\fR and \fBEVP_CipherFinal()\fR.
.PP
Cipher BIOs do not support \fBBIO_gets()\fR or \fBBIO_puts()\fR.
.PP
\&\fBBIO_flush()\fR on an encryption \s-1BIO\s0 that is being written through is
\&\fBBIO_flush()\fR on an encryption BIO that is being written through is
used to signal that no more data is to be encrypted: this is used
to flush and possibly pad the final block through the \s-1BIO.\s0
to flush and possibly pad the final block through the BIO.
.PP
\&\fBBIO_set_cipher()\fR sets the cipher of \s-1BIO\s0 \fBb\fR to \fBcipher\fR using key \fBkey\fR
and \s-1IV\s0 \fBiv\fR. \fBenc\fR should be set to 1 for encryption and zero for
\&\fBBIO_set_cipher()\fR sets the cipher of BIO \fBb\fR to \fBcipher\fR using key \fBkey\fR
and IV \fBiv\fR. \fBenc\fR should be set to 1 for encryption and zero for
decryption.
.PP
When reading from an encryption \s-1BIO\s0 the final block is automatically
decrypted and checked when \s-1EOF\s0 is detected. \fBBIO_get_cipher_status()\fR
When reading from an encryption BIO the final block is automatically
decrypted and checked when EOF is detected. \fBBIO_get_cipher_status()\fR
is a \fBBIO_ctrl()\fR macro which can be called to determine whether the
decryption operation was successful.
.PP
\&\fBBIO_get_cipher_ctx()\fR is a \fBBIO_ctrl()\fR macro which retrieves the internal
\&\s-1BIO\s0 cipher context. The retrieved context can be used in conjunction
BIO cipher context. The retrieved context can be used in conjunction
with the standard cipher routines to set it up. This is useful when
\&\fBBIO_set_cipher()\fR is not flexible enough for the applications needs.
.SH "NOTES"
.SH NOTES
.IX Header "NOTES"
When encrypting \fBBIO_flush()\fR \fBmust\fR be called to flush the final block
through the \s-1BIO.\s0 If it is not then the final block will fail a subsequent
through the BIO. If it is not then the final block will fail a subsequent
decrypt.
.PP
When decrypting an error on the final block is signaled by a zero
return value from the read operation. A successful decrypt followed
by \s-1EOF\s0 will also return zero for the final read. \fBBIO_get_cipher_status()\fR
by EOF will also return zero for the final read. \fBBIO_get_cipher_status()\fR
should be called to determine if the decrypt was successful.
.PP
As always, if \fBBIO_gets()\fR or \fBBIO_puts()\fR support is needed then it can
be achieved by preceding the cipher \s-1BIO\s0 with a buffering \s-1BIO.\s0
be achieved by preceding the cipher BIO with a buffering BIO.
.SH "RETURN VALUES"
.IX Header "RETURN VALUES"
\&\fBBIO_f_cipher()\fR returns the cipher \s-1BIO\s0 method.
\&\fBBIO_f_cipher()\fR returns the cipher BIO method.
.PP
\&\fBBIO_set_cipher()\fR returns 1 for success and 0 for failure.
.PP
@ -199,11 +123,11 @@ be achieved by preceding the cipher \s-1BIO\s0 with a buffering \s-1BIO.\s0
for failure.
.PP
\&\fBBIO_get_cipher_ctx()\fR returns 1 for success and <=0 for failure.
.SH "COPYRIGHT"
.SH COPYRIGHT
.IX Header "COPYRIGHT"
Copyright 2000\-2021 The OpenSSL Project Authors. All Rights Reserved.
Copyright 2000\-2020 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
in the file LICENSE in the source distribution or at
<https://www.openssl.org/source/license.html>.

142
secure/lib/libcrypto/man/man3/BIO_f_md.3
View file

@ -1,4 +1,5 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\" -*- mode: troff; coding: utf-8 -*-
.\" Automatically generated by Pod::Man 5.0102 (Pod::Simple 3.45)
.\"
.\" Standard preamble:
.\" ========================================================================
@ -15,29 +16,12 @@
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.\" \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>.
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
@ -68,77 +52,17 @@
. \}
.\}
.rr rF
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "BIO_F_MD 3ossl"
.TH BIO_F_MD 3ossl "2023-09-19" "3.0.11" "OpenSSL"
.TH BIO_F_MD 3ossl 2025-07-01 3.5.1 OpenSSL
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
.SH NAME
BIO_f_md, BIO_set_md, BIO_get_md, BIO_get_md_ctx \- message digest BIO filter
.SH "SYNOPSIS"
.SH SYNOPSIS
.IX Header "SYNOPSIS"
.Vb 2
\& #include <openssl/bio.h>
@ -149,31 +73,31 @@ BIO_f_md, BIO_set_md, BIO_get_md, BIO_get_md_ctx \- message digest BIO filter
\& int BIO_get_md(BIO *b, EVP_MD **mdp);
\& int BIO_get_md_ctx(BIO *b, EVP_MD_CTX **mdcp);
.Ve
.SH "DESCRIPTION"
.SH DESCRIPTION
.IX Header "DESCRIPTION"
\&\fBBIO_f_md()\fR returns the message digest \s-1BIO\s0 method. This is a filter
\&\s-1BIO\s0 that digests any data passed through it, it is a \s-1BIO\s0 wrapper
\&\fBBIO_f_md()\fR returns the message digest BIO method. This is a filter
BIO that digests any data passed through it. It is a BIO wrapper
for the digest routines \fBEVP_DigestInit()\fR, \fBEVP_DigestUpdate()\fR
and \fBEVP_DigestFinal()\fR.
.PP
Any data written or read through a digest \s-1BIO\s0 using \fBBIO_read_ex()\fR and
Any data written or read through a digest BIO using \fBBIO_read_ex()\fR and
\&\fBBIO_write_ex()\fR is digested.
.PP
\&\fBBIO_gets()\fR, if its \fBsize\fR parameter is large enough finishes the
digest calculation and returns the digest value. \fBBIO_puts()\fR is
not supported.
.PP
\&\fBBIO_reset()\fR reinitialises a digest \s-1BIO.\s0
\&\fBBIO_reset()\fR reinitialises a digest BIO.
.PP
\&\fBBIO_set_md()\fR sets the message digest of \s-1BIO\s0 \fBb\fR to \fBmd\fR: this
must be called to initialize a digest \s-1BIO\s0 before any data is
\&\fBBIO_set_md()\fR sets the message digest of BIO \fBb\fR to \fBmd\fR: this
must be called to initialize a digest BIO before any data is
passed through it. It is a \fBBIO_ctrl()\fR macro.
.PP
\&\fBBIO_get_md()\fR places the a pointer to the digest BIOs digest method
in \fBmdp\fR, it is a \fBBIO_ctrl()\fR macro.
\&\fBBIO_get_md()\fR places a pointer to the digest BIOs digest method
in \fBmdp\fR. It is a \fBBIO_ctrl()\fR macro.
.PP
\&\fBBIO_get_md_ctx()\fR returns the digest BIOs context into \fBmdcp\fR.
.SH "NOTES"
.SH NOTES
.IX Header "NOTES"
The context returned by \fBBIO_get_md_ctx()\fR can be used in calls
to \fBEVP_DigestFinal()\fR and also the signature routines \fBEVP_SignFinal()\fR
@ -181,30 +105,30 @@ and \fBEVP_VerifyFinal()\fR.
.PP
The context returned by \fBBIO_get_md_ctx()\fR is an internal context
structure. Changes made to this context will affect the digest
\&\s-1BIO\s0 itself and the context pointer will become invalid when the digest
\&\s-1BIO\s0 is freed.
BIO itself and the context pointer will become invalid when the digest
BIO is freed.
.PP
After the digest has been retrieved from a digest \s-1BIO\s0 it must be
After the digest has been retrieved from a digest BIO it must be
reinitialized by calling \fBBIO_reset()\fR, or \fBBIO_set_md()\fR before any more
data is passed through it.
.PP
If an application needs to call \fBBIO_gets()\fR or \fBBIO_puts()\fR through
a chain containing digest BIOs then this can be done by prepending
a buffering \s-1BIO.\s0
a buffering BIO.
.PP
Calling \fBBIO_get_md_ctx()\fR will return the context and initialize the \s-1BIO\s0
Calling \fBBIO_get_md_ctx()\fR will return the context and initialize the BIO
state. This allows applications to initialize the context externally
if the standard calls such as \fBBIO_set_md()\fR are not sufficiently flexible.
.SH "RETURN VALUES"
.IX Header "RETURN VALUES"
\&\fBBIO_f_md()\fR returns the digest \s-1BIO\s0 method.
\&\fBBIO_f_md()\fR returns the digest BIO method.
.PP
\&\fBBIO_set_md()\fR, \fBBIO_get_md()\fR and \fBBIO_md_ctx()\fR return 1 for success and
<=0 for failure.
.SH "EXAMPLES"
.SH EXAMPLES
.IX Header "EXAMPLES"
The following example creates a \s-1BIO\s0 chain containing an \s-1SHA1\s0 and \s-1MD5\s0
digest \s-1BIO\s0 and passes the string \*(L"Hello World\*(R" through it. Error
The following example creates a BIO chain containing an SHA1 and MD5
digest BIO and passes the string "Hello World" through it. Error
checking has been omitted for clarity.
.PP
.Vb 2
@ -246,7 +170,7 @@ The next example digests data by reading through a chain instead:
\& } while (rdlen > 0);
.Ve
.PP
This next example retrieves the message digests from a \s-1BIO\s0 chain and
This next example retrieves the message digests from a BIO chain and
outputs them. This could be used with the examples above.
.PP
.Vb 4
@ -272,22 +196,22 @@ outputs them. This could be used with the examples above.
\&
\& BIO_free_all(bio);
.Ve
.SH "BUGS"
.SH BUGS
.IX Header "BUGS"
The lack of support for \fBBIO_puts()\fR and the non standard behaviour of
\&\fBBIO_gets()\fR could be regarded as anomalous. It could be argued that \fBBIO_gets()\fR
and \fBBIO_puts()\fR should be passed to the next \s-1BIO\s0 in the chain and digest
and \fBBIO_puts()\fR should be passed to the next BIO in the chain and digest
the data passed through and that digests should be retrieved using a
separate \fBBIO_ctrl()\fR call.
.SH "HISTORY"
.SH HISTORY
.IX Header "HISTORY"
Before OpenSSL 1.0.0., the call to \fBBIO_get_md_ctx()\fR would only work if the
\&\s-1BIO\s0 was initialized first.
.SH "COPYRIGHT"
BIO was initialized first.
.SH COPYRIGHT
.IX Header "COPYRIGHT"
Copyright 2000\-2021 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
in the file LICENSE in the source distribution or at
<https://www.openssl.org/source/license.html>.

110
secure/lib/libcrypto/man/man3/BIO_f_null.3
View file

@ -1,4 +1,5 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\" -*- mode: troff; coding: utf-8 -*-
.\" Automatically generated by Pod::Man 5.0102 (Pod::Simple 3.45)
.\"
.\" Standard preamble:
.\" ========================================================================
@ -15,29 +16,12 @@
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.\" \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>.
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
@ -68,102 +52,42 @@
. \}
.\}
.rr rF
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "BIO_F_NULL 3ossl"
.TH BIO_F_NULL 3ossl "2023-09-19" "3.0.11" "OpenSSL"
.TH BIO_F_NULL 3ossl 2025-07-01 3.5.1 OpenSSL
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
.SH NAME
BIO_f_null \- null filter
.SH "SYNOPSIS"
.SH SYNOPSIS
.IX Header "SYNOPSIS"
.Vb 1
\& #include <openssl/bio.h>
\&
\& const BIO_METHOD *BIO_f_null(void);
.Ve
.SH "DESCRIPTION"
.SH DESCRIPTION
.IX Header "DESCRIPTION"
\&\fBBIO_f_null()\fR returns the null filter \s-1BIO\s0 method. This is a filter \s-1BIO\s0
\&\fBBIO_f_null()\fR returns the null filter BIO method. This is a filter BIO
that does nothing.
.PP
All requests to a null filter \s-1BIO\s0 are passed through to the next \s-1BIO\s0 in
the chain: this means that a \s-1BIO\s0 chain containing a null filter \s-1BIO\s0
behaves just as though the \s-1BIO\s0 was not there.
.SH "NOTES"
All requests to a null filter BIO are passed through to the next BIO in
the chain: this means that a BIO chain containing a null filter BIO
behaves just as though the BIO was not there.
.SH NOTES
.IX Header "NOTES"
As may be apparent a null filter \s-1BIO\s0 is not particularly useful.
As may be apparent a null filter BIO is not particularly useful.
.SH "RETURN VALUES"
.IX Header "RETURN VALUES"
\&\fBBIO_f_null()\fR returns the null filter \s-1BIO\s0 method.
.SH "COPYRIGHT"
\&\fBBIO_f_null()\fR returns the null filter BIO method.
.SH COPYRIGHT
.IX Header "COPYRIGHT"
Copyright 2000\-2016 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
in the file LICENSE in the source distribution or at
<https://www.openssl.org/source/license.html>.

108
secure/lib/libcrypto/man/man3/BIO_f_prefix.3
View file

@ -1,4 +1,5 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\" -*- mode: troff; coding: utf-8 -*-
.\" Automatically generated by Pod::Man 5.0102 (Pod::Simple 3.45)
.\"
.\" Standard preamble:
.\" ========================================================================
@ -15,29 +16,12 @@
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.\" \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>.
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
@ -68,78 +52,18 @@
. \}
.\}
.rr rF
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "BIO_F_PREFIX 3ossl"
.TH BIO_F_PREFIX 3ossl "2023-09-19" "3.0.11" "OpenSSL"
.TH BIO_F_PREFIX 3ossl 2025-07-01 3.5.1 OpenSSL
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
.SH NAME
BIO_f_prefix, BIO_set_prefix, BIO_set_indent, BIO_get_indent
\&\- prefix BIO filter
.SH "SYNOPSIS"
.SH SYNOPSIS
.IX Header "SYNOPSIS"
.Vb 1
\& #include <openssl/bio.h>
@ -149,9 +73,9 @@ BIO_f_prefix, BIO_set_prefix, BIO_set_indent, BIO_get_indent
\& long BIO_set_indent(BIO *b, long indent);
\& long BIO_get_indent(BIO *b);
.Ve
.SH "DESCRIPTION"
.SH DESCRIPTION
.IX Header "DESCRIPTION"
\&\fBBIO_f_cipher()\fR returns the prefix \s-1BIO\s0 method. This is a filter for
\&\fBBIO_f_cipher()\fR returns the prefix BIO method. This is a filter for
text output, where each line gets automatically prefixed and indented
according to user input.
.PP
@ -163,21 +87,21 @@ itself.
By default, there is no prefix, and indentation is set to 0.
.PP
\&\fBBIO_set_prefix()\fR sets the prefix to be used for future lines of
text, using \fIprefix\fR. \fIprefix\fR may be \s-1NULL,\s0 signifying that there
should be no prefix. If \fIprefix\fR isn't \s-1NULL,\s0 this function makes a
text, using \fIprefix\fR. \fIprefix\fR may be NULL, signifying that there
should be no prefix. If \fIprefix\fR isn't NULL, this function makes a
copy of it.
.PP
\&\fBBIO_set_indent()\fR sets the indentation to be used for future lines of
text, using \fIindent\fR. Negative values are not allowed.
.PP
\&\fBBIO_get_indent()\fR gets the current indentation.
.SH "NOTES"
.SH NOTES
.IX Header "NOTES"
\&\fBBIO_set_prefix()\fR, \fBBIO_set_indent()\fR and \fBBIO_get_indent()\fR are
implemented as macros.
.SH "RETURN VALUES"
.IX Header "RETURN VALUES"
\&\fBBIO_f_prefix()\fR returns the prefix \s-1BIO\s0 method.
\&\fBBIO_f_prefix()\fR returns the prefix BIO method.
.PP
\&\fBBIO_set_prefix()\fR returns 1 if the prefix was correctly set, or <=0 on
failure.
@ -189,11 +113,11 @@ failure.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBbio\fR\|(7)
.SH "COPYRIGHT"
.SH COPYRIGHT
.IX Header "COPYRIGHT"
Copyright 2019\-2021 The OpenSSL Project Authors. All Rights Reserved.
Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
in the file LICENSE in the source distribution or at
<https://www.openssl.org/source/license.html>.

120
secure/lib/libcrypto/man/man3/BIO_f_readbuffer.3
View file

@ -1,4 +1,5 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\" -*- mode: troff; coding: utf-8 -*-
.\" Automatically generated by Pod::Man 5.0102 (Pod::Simple 3.45)
.\"
.\" Standard preamble:
.\" ========================================================================
@ -15,29 +16,12 @@
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.\" \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>.
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
@ -68,111 +52,51 @@
. \}
.\}
.rr rF
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "BIO_F_READBUFFER 3ossl"
.TH BIO_F_READBUFFER 3ossl "2023-09-19" "3.0.11" "OpenSSL"
.TH BIO_F_READBUFFER 3ossl 2025-07-01 3.5.1 OpenSSL
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
.SH NAME
BIO_f_readbuffer
\&\- read only buffering BIO that supports BIO_tell() and BIO_seek()
.SH "SYNOPSIS"
.SH SYNOPSIS
.IX Header "SYNOPSIS"
.Vb 1
\& #include <openssl/bio.h>
\&
\& const BIO_METHOD *BIO_f_readbuffer(void);
.Ve
.SH "DESCRIPTION"
.SH DESCRIPTION
.IX Header "DESCRIPTION"
\&\fBBIO_f_readbuffer()\fR returns the read buffering \s-1BIO\s0 method.
\&\fBBIO_f_readbuffer()\fR returns the read buffering BIO method.
.PP
This \s-1BIO\s0 filter can be inserted on top of \s-1BIO\s0's that do not support \fBBIO_tell()\fR
or \fBBIO_seek()\fR (e.g. A file \s-1BIO\s0 that uses stdin).
This BIO filter can be inserted on top of BIO's that do not support \fBBIO_tell()\fR
or \fBBIO_seek()\fR (e.g. A file BIO that uses stdin).
.PP
Data read from a read buffering \s-1BIO\s0 comes from an internal buffer which is
filled from the next \s-1BIO\s0 in the chain.
Data read from a read buffering BIO comes from an internal buffer which is
filled from the next BIO in the chain.
.PP
\&\fBBIO_gets()\fR is supported for read buffering BIOs.
Writing data to a read buffering \s-1BIO\s0 is not supported.
Writing data to a read buffering BIO is not supported.
.PP
Calling \fBBIO_reset()\fR on a read buffering \s-1BIO\s0 does not clear any buffered data.
.SH "NOTES"
Calling \fBBIO_reset()\fR on a read buffering BIO does not clear any buffered data.
.SH NOTES
.IX Header "NOTES"
Read buffering BIOs implement \fBBIO_read_ex()\fR by using \fBBIO_read_ex()\fR operations
on the next \s-1BIO\s0 (e.g. a file \s-1BIO\s0) in the chain and storing the result in an
on the next BIO (e.g. a file BIO) in the chain and storing the result in an
internal buffer, from which bytes are given back to the caller as appropriate
for the call. \fBBIO_read_ex()\fR is guaranteed to give the caller the number of bytes
it asks for, unless there's an error or end of communication is reached in the
next \s-1BIO.\s0 The internal buffer can grow to cache the entire contents of the next
\&\s-1BIO\s0 in the chain. \fBBIO_seek()\fR uses the internal buffer, so that it can only seek
next BIO. The internal buffer can grow to cache the entire contents of the next
BIO in the chain. \fBBIO_seek()\fR uses the internal buffer, so that it can only seek
into data that is already read.
.SH "RETURN VALUES"
.IX Header "RETURN VALUES"
\&\fBBIO_f_readbuffer()\fR returns the read buffering \s-1BIO\s0 method.
\&\fBBIO_f_readbuffer()\fR returns the read buffering BIO method.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBbio\fR\|(7),
@ -180,11 +104,11 @@ into data that is already read.
\&\fBBIO_gets\fR\|(3),
\&\fBBIO_reset\fR\|(3),
\&\fBBIO_ctrl\fR\|(3).
.SH "COPYRIGHT"
.SH COPYRIGHT
.IX Header "COPYRIGHT"
Copyright 2021 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
in the file LICENSE in the source distribution or at
<https://www.openssl.org/source/license.html>.

210
secure/lib/libcrypto/man/man3/BIO_f_ssl.3
View file

@ -1,4 +1,5 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\" -*- mode: troff; coding: utf-8 -*-
.\" Automatically generated by Pod::Man 5.0102 (Pod::Simple 3.45)
.\"
.\" Standard preamble:
.\" ========================================================================
@ -15,29 +16,12 @@
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.\" \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>.
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
@ -68,82 +52,22 @@
. \}
.\}
.rr rF
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "BIO_F_SSL 3ossl"
.TH BIO_F_SSL 3ossl "2023-09-19" "3.0.11" "OpenSSL"
.TH BIO_F_SSL 3ossl 2025-07-01 3.5.1 OpenSSL
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
.SH NAME
BIO_do_handshake,
BIO_f_ssl, BIO_set_ssl, BIO_get_ssl, BIO_set_ssl_mode,
BIO_set_ssl_renegotiate_bytes,
BIO_get_num_renegotiates, BIO_set_ssl_renegotiate_timeout, BIO_new_ssl,
BIO_new_ssl_connect, BIO_new_buffer_ssl_connect, BIO_ssl_copy_session_id,
BIO_ssl_shutdown \- SSL BIO
.SH "SYNOPSIS"
.SH SYNOPSIS
.IX Header "SYNOPSIS"
.Vb 2
\& #include <openssl/bio.h>
@ -166,94 +90,94 @@ BIO_ssl_shutdown \- SSL BIO
\&
\& long BIO_do_handshake(BIO *b);
.Ve
.SH "DESCRIPTION"
.SH DESCRIPTION
.IX Header "DESCRIPTION"
\&\fBBIO_f_ssl()\fR returns the \s-1SSL BIO\s0 method. This is a filter \s-1BIO\s0 which
is a wrapper round the OpenSSL \s-1SSL\s0 routines adding a \s-1BIO\s0 \*(L"flavour\*(R" to
\&\s-1SSL I/O.\s0
\&\fBBIO_f_ssl()\fR returns the SSL BIO method. This is a filter BIO which
is a wrapper round the OpenSSL SSL routines adding a BIO "flavour" to
SSL I/O.
.PP
I/O performed on an \s-1SSL BIO\s0 communicates using the \s-1SSL\s0 protocol with
the SSLs read and write BIOs. If an \s-1SSL\s0 connection is not established
I/O performed on an SSL BIO communicates using the SSL protocol with
the SSLs read and write BIOs. If an SSL connection is not established
then an attempt is made to establish one on the first I/O call.
.PP
If a \s-1BIO\s0 is appended to an \s-1SSL BIO\s0 using \fBBIO_push()\fR it is automatically
used as the \s-1SSL\s0 BIOs read and write BIOs.
If a BIO is appended to an SSL BIO using \fBBIO_push()\fR it is automatically
used as the SSL BIOs read and write BIOs.
.PP
Calling \fBBIO_reset()\fR on an \s-1SSL BIO\s0 closes down any current \s-1SSL\s0 connection
by calling \fBSSL_shutdown()\fR. \fBBIO_reset()\fR is then sent to the next \s-1BIO\s0 in
Calling \fBBIO_reset()\fR on an SSL BIO closes down any current SSL connection
by calling \fBSSL_shutdown()\fR. \fBBIO_reset()\fR is then sent to the next BIO in
the chain: this will typically disconnect the underlying transport.
The \s-1SSL BIO\s0 is then reset to the initial accept or connect state.
The SSL BIO is then reset to the initial accept or connect state.
.PP
If the close flag is set when an \s-1SSL BIO\s0 is freed then the internal
\&\s-1SSL\s0 structure is also freed using \fBSSL_free()\fR.
If the close flag is set when an SSL BIO is freed then the internal
SSL structure is also freed using \fBSSL_free()\fR.
.PP
\&\fBBIO_set_ssl()\fR sets the internal \s-1SSL\s0 pointer of \s-1SSL BIO\s0 \fBb\fR to \fBssl\fR using
\&\fBBIO_set_ssl()\fR sets the internal SSL pointer of SSL BIO \fBb\fR to \fBssl\fR using
the close flag \fBc\fR.
.PP
\&\fBBIO_get_ssl()\fR retrieves the \s-1SSL\s0 pointer of \s-1SSL BIO\s0 \fBb\fR, it can then be
manipulated using the standard \s-1SSL\s0 library functions.
\&\fBBIO_get_ssl()\fR retrieves the SSL pointer of SSL BIO \fBb\fR, it can then be
manipulated using the standard SSL library functions.
.PP
\&\fBBIO_set_ssl_mode()\fR sets the \s-1SSL BIO\s0 mode to \fBclient\fR. If \fBclient\fR
\&\fBBIO_set_ssl_mode()\fR sets the SSL BIO mode to \fBclient\fR. If \fBclient\fR
is 1 client mode is set. If \fBclient\fR is 0 server mode is set.
.PP
\&\fBBIO_set_ssl_renegotiate_bytes()\fR sets the renegotiate byte count of \s-1SSL BIO\s0 \fBb\fR
\&\fBBIO_set_ssl_renegotiate_bytes()\fR sets the renegotiate byte count of SSL BIO \fBb\fR
to \fBnum\fR. When set after every \fBnum\fR bytes of I/O (read and write)
the \s-1SSL\s0 session is automatically renegotiated. \fBnum\fR must be at
the SSL session is automatically renegotiated. \fBnum\fR must be at
least 512 bytes.
.PP
\&\fBBIO_set_ssl_renegotiate_timeout()\fR sets the renegotiate timeout of \s-1SSL BIO\s0 \fBb\fR
\&\fBBIO_set_ssl_renegotiate_timeout()\fR sets the renegotiate timeout of SSL BIO \fBb\fR
to \fBseconds\fR.
When the renegotiate timeout elapses the session is automatically renegotiated.
.PP
\&\fBBIO_get_num_renegotiates()\fR returns the total number of session
renegotiations due to I/O or timeout of \s-1SSL BIO\s0 \fBb\fR.
renegotiations due to I/O or timeout of SSL BIO \fBb\fR.
.PP
\&\fBBIO_new_ssl()\fR allocates an \s-1SSL BIO\s0 using \s-1SSL_CTX\s0 \fBctx\fR and using
\&\fBBIO_new_ssl()\fR allocates an SSL BIO using SSL_CTX \fBctx\fR and using
client mode if \fBclient\fR is non zero.
.PP
\&\fBBIO_new_ssl_connect()\fR creates a new \s-1BIO\s0 chain consisting of an
\&\s-1SSL BIO\s0 (using \fBctx\fR) followed by a connect \s-1BIO.\s0
\&\fBBIO_new_ssl_connect()\fR creates a new BIO chain consisting of an
SSL BIO (using \fBctx\fR) followed by a connect BIO.
.PP
\&\fBBIO_new_buffer_ssl_connect()\fR creates a new \s-1BIO\s0 chain consisting
of a buffering \s-1BIO,\s0 an \s-1SSL BIO\s0 (using \fBctx\fR), and a connect \s-1BIO.\s0
\&\fBBIO_new_buffer_ssl_connect()\fR creates a new BIO chain consisting
of a buffering BIO, an SSL BIO (using \fBctx\fR), and a connect BIO.
.PP
\&\fBBIO_ssl_copy_session_id()\fR copies an \s-1SSL\s0 session id between
\&\s-1BIO\s0 chains \fBfrom\fR and \fBto\fR. It does this by locating the
\&\s-1SSL\s0 BIOs in each chain and calling \fBSSL_copy_session_id()\fR on
the internal \s-1SSL\s0 pointer.
\&\fBBIO_ssl_copy_session_id()\fR copies an SSL session id between
BIO chains \fBfrom\fR and \fBto\fR. It does this by locating the
SSL BIOs in each chain and calling \fBSSL_copy_session_id()\fR on
the internal SSL pointer.
.PP
\&\fBBIO_ssl_shutdown()\fR closes down an \s-1SSL\s0 connection on \s-1BIO\s0
chain \fBbio\fR. It does this by locating the \s-1SSL BIO\s0 in the
chain and calling \fBSSL_shutdown()\fR on its internal \s-1SSL\s0
\&\fBBIO_ssl_shutdown()\fR closes down an SSL connection on BIO
chain \fBbio\fR. It does this by locating the SSL BIO in the
chain and calling \fBSSL_shutdown()\fR on its internal SSL
pointer.
.PP
\&\fBBIO_do_handshake()\fR attempts to complete an \s-1SSL\s0 handshake on the
supplied \s-1BIO\s0 and establish the \s-1SSL\s0 connection.
For non-SSL BIOs the connection is done typically at \s-1TCP\s0 level.
If domain name resolution yields multiple \s-1IP\s0 addresses all of them are tried
\&\fBBIO_do_handshake()\fR attempts to complete an SSL handshake on the
supplied BIO and establish the SSL connection.
For non-SSL BIOs the connection is done typically at TCP level.
If domain name resolution yields multiple IP addresses all of them are tried
after \fBconnect()\fR failures.
The function returns 1 if the connection was established successfully.
A zero or negative value is returned if the connection could not be established.
The call \fBBIO_should_retry()\fR should be used for nonblocking connect BIOs
to determine if the call should be retried.
If a connection has already been established this call has no effect.
.SH "NOTES"
.SH NOTES
.IX Header "NOTES"
\&\s-1SSL\s0 BIOs are exceptional in that if the underlying transport
SSL BIOs are exceptional in that if the underlying transport
is non blocking they can still request a retry in exceptional
circumstances. Specifically this will happen if a session
renegotiation takes place during a \fBBIO_read_ex()\fR operation, one
case where this happens is when step up occurs.
.PP
The \s-1SSL\s0 flag \s-1SSL_AUTO_RETRY\s0 can be
The SSL flag SSL_AUTO_RETRY can be
set to disable this behaviour. That is when this flag is set
an \s-1SSL BIO\s0 using a blocking transport will never request a
an SSL BIO using a blocking transport will never request a
retry.
.PP
Since unknown \fBBIO_ctrl()\fR operations are sent through filter
BIOs the servers name and port can be set using \fBBIO_set_host()\fR
on the \s-1BIO\s0 returned by \fBBIO_new_ssl_connect()\fR without having
to locate the connect \s-1BIO\s0 first.
on the BIO returned by \fBBIO_new_ssl_connect()\fR without having
to locate the connect BIO first.
.PP
Applications do not have to call \fBBIO_do_handshake()\fR but may wish
to do so to separate the handshake process from other I/O
@ -262,25 +186,29 @@ processing.
\&\fBBIO_set_ssl()\fR, \fBBIO_get_ssl()\fR, \fBBIO_set_ssl_mode()\fR,
\&\fBBIO_set_ssl_renegotiate_bytes()\fR, \fBBIO_set_ssl_renegotiate_timeout()\fR,
\&\fBBIO_get_num_renegotiates()\fR, and \fBBIO_do_handshake()\fR are implemented as macros.
.PP
\&\fBBIO_ssl_copy_session_id()\fR is not currently supported on QUIC SSL objects and
fails if called on such an object.
.SH "RETURN VALUES"
.IX Header "RETURN VALUES"
\&\fBBIO_f_ssl()\fR returns the \s-1SSL\s0 \fB\s-1BIO_METHOD\s0\fR structure.
\&\fBBIO_f_ssl()\fR returns the SSL \fBBIO_METHOD\fR structure.
.PP
\&\fBBIO_set_ssl()\fR, \fBBIO_get_ssl()\fR, \fBBIO_set_ssl_mode()\fR, \fBBIO_set_ssl_renegotiate_bytes()\fR,
\&\fBBIO_set_ssl_renegotiate_timeout()\fR and \fBBIO_get_num_renegotiates()\fR return 1 on
success or a value which is less than or equal to 0 if an error occurred.
.PP
\&\fBBIO_new_ssl()\fR, \fBBIO_new_ssl_connect()\fR and \fBBIO_new_buffer_ssl_connect()\fR return
a valid \fB\s-1BIO\s0\fR structure on success or \fB\s-1NULL\s0\fR if an error occurred.
a valid \fBBIO\fR structure on success or \fBNULL\fR if an error occurred.
.PP
\&\fBBIO_ssl_copy_session_id()\fR returns 1 on success or 0 on error.
\&\fBBIO_ssl_copy_session_id()\fR returns 1 on success or 0 on error, or if called
on a QUIC SSL object.
.PP
\&\fBBIO_do_handshake()\fR returns 1 if the connection was established successfully.
A zero or negative value is returned if the connection could not be established.
.SH "EXAMPLES"
.SH EXAMPLES
.IX Header "EXAMPLES"
This \s-1SSL/TLS\s0 client example attempts to retrieve a page from an
\&\s-1SSL/TLS\s0 web server. The I/O routines are identical to those of the
This SSL/TLS client example attempts to retrieve a page from an
SSL/TLS web server. The I/O routines are identical to those of the
unencrypted example in \fBBIO_s_connect\fR\|(3).
.PP
.Vb 5
@ -330,7 +258,7 @@ unencrypted example in \fBBIO_s_connect\fR\|(3).
.Ve
.PP
Here is a simple server example. It makes use of a buffering
\&\s-1BIO\s0 to allow lines to be read from the \s-1SSL BIO\s0 using BIO_gets.
BIO to allow lines to be read from the SSL BIO using BIO_gets.
It creates a pseudo web page containing the actual request from
a client and also echoes the request to standard output.
.PP
@ -386,7 +314,7 @@ a client and also echoes the request to standard output.
.PP
/* Second call to \fBBIO_do_accept()\fR waits for incoming connection */
if (BIO_do_accept(acpt) <= 0) {
fprintf(stderr, \*(L"Error accepting connection\en\*(R");
fprintf(stderr, "Error accepting connection\en");
ERR_print_errors_fp(stderr);
\fBexit\fR\|(1);
}
@ -422,19 +350,19 @@ a client and also echoes the request to standard output.
\& BIO_flush(sbio);
\& BIO_free_all(sbio);
.Ve
.SH "HISTORY"
.SH HISTORY
.IX Header "HISTORY"
In OpenSSL before 1.0.0 the \fBBIO_pop()\fR call was handled incorrectly,
the I/O \s-1BIO\s0 reference count was incorrectly incremented (instead of
decremented) and dissociated with the \s-1SSL BIO\s0 even if the \s-1SSL BIO\s0 was not
the I/O BIO reference count was incorrectly incremented (instead of
decremented) and dissociated with the SSL BIO even if the SSL BIO was not
explicitly being popped (e.g. a pop higher up the chain). Applications which
included workarounds for this bug (e.g. freeing BIOs more than once) should
be modified to handle this fix or they may free up an already freed \s-1BIO.\s0
.SH "COPYRIGHT"
be modified to handle this fix or they may free up an already freed BIO.
.SH COPYRIGHT
.IX Header "COPYRIGHT"
Copyright 2000\-2022 The OpenSSL Project Authors. All Rights Reserved.
Copyright 2000\-2023 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
in the file LICENSE in the source distribution or at
<https://www.openssl.org/source/license.html>.

124
secure/lib/libcrypto/man/man3/BIO_find_type.3
View file

@ -1,4 +1,5 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\" -*- mode: troff; coding: utf-8 -*-
.\" Automatically generated by Pod::Man 5.0102 (Pod::Simple 3.45)
.\"
.\" Standard preamble:
.\" ========================================================================
@ -15,29 +16,12 @@
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.\" \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>.
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
@ -68,77 +52,17 @@
. \}
.\}
.rr rF
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "BIO_FIND_TYPE 3ossl"
.TH BIO_FIND_TYPE 3ossl "2023-09-19" "3.0.11" "OpenSSL"
.TH BIO_FIND_TYPE 3ossl 2025-07-01 3.5.1 OpenSSL
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
.SH NAME
BIO_find_type, BIO_next, BIO_method_type \- BIO chain traversal
.SH "SYNOPSIS"
.SH SYNOPSIS
.IX Header "SYNOPSIS"
.Vb 1
\& #include <openssl/bio.h>
@ -147,33 +71,33 @@ BIO_find_type, BIO_next, BIO_method_type \- BIO chain traversal
\& BIO *BIO_next(BIO *b);
\& int BIO_method_type(const BIO *b);
.Ve
.SH "DESCRIPTION"
.SH DESCRIPTION
.IX Header "DESCRIPTION"
The \fBBIO_find_type()\fR searches for a \s-1BIO\s0 of a given type in a chain, starting
at \s-1BIO\s0 \fBb\fR. If \fBtype\fR is a specific type (such as \fB\s-1BIO_TYPE_MEM\s0\fR) then a search
is made for a \s-1BIO\s0 of that type. If \fBtype\fR is a general type (such as
\&\fB\s-1BIO_TYPE_SOURCE_SINK\s0\fR) then the next matching \s-1BIO\s0 of the given general type is
searched for. \fBBIO_find_type()\fR returns the next matching \s-1BIO\s0 or \s-1NULL\s0 if none is
found.
The \fBBIO_find_type()\fR searches for a \fBBIO\fR of a given type in a chain, starting
at \fBBIO\fR \fIb\fR. If \fItype\fR is a specific type (such as \fBBIO_TYPE_MEM\fR) then a
search is made for a \fBBIO\fR of that type. If \fItype\fR is a general type (such as
\&\fBBIO_TYPE_SOURCE_SINK\fR) then the next matching \fBBIO\fR of the given general type is
searched for. \fBBIO_find_type()\fR returns the next matching \fBBIO\fR or NULL if none is
found. If \fItype\fR is \fBBIO_TYPE_NONE\fR it will not find a match.
.PP
The following general types are defined:
\&\fB\s-1BIO_TYPE_DESCRIPTOR\s0\fR, \fB\s-1BIO_TYPE_FILTER\s0\fR, and \fB\s-1BIO_TYPE_SOURCE_SINK\s0\fR.
\&\fBBIO_TYPE_DESCRIPTOR\fR, \fBBIO_TYPE_FILTER\fR, and \fBBIO_TYPE_SOURCE_SINK\fR.
.PP
For a list of the specific types, see the \fI<openssl/bio.h>\fR header file.
.PP
\&\fBBIO_next()\fR returns the next \s-1BIO\s0 in a chain. It can be used to traverse all BIOs
\&\fBBIO_next()\fR returns the next BIO in a chain. It can be used to traverse all BIOs
in a chain or used in conjunction with \fBBIO_find_type()\fR to find all BIOs of a
certain type.
.PP
\&\fBBIO_method_type()\fR returns the type of a \s-1BIO.\s0
\&\fBBIO_method_type()\fR returns the type of a BIO.
.SH "RETURN VALUES"
.IX Header "RETURN VALUES"
\&\fBBIO_find_type()\fR returns a matching \s-1BIO\s0 or \s-1NULL\s0 for no match.
\&\fBBIO_find_type()\fR returns a matching BIO or NULL for no match.
.PP
\&\fBBIO_next()\fR returns the next \s-1BIO\s0 in a chain.
\&\fBBIO_next()\fR returns the next BIO in a chain.
.PP
\&\fBBIO_method_type()\fR returns the type of the \s-1BIO\s0 \fBb\fR.
.SH "EXAMPLES"
\&\fBBIO_method_type()\fR returns the type of the BIO \fIb\fR.
.SH EXAMPLES
.IX Header "EXAMPLES"
Traverse a chain looking for digest BIOs:
.PP
@ -191,11 +115,11 @@ Traverse a chain looking for digest BIOs:
\& btmp = BIO_next(btmp);
\& } while (btmp);
.Ve
.SH "COPYRIGHT"
.SH COPYRIGHT
.IX Header "COPYRIGHT"
Copyright 2000\-2021 The OpenSSL Project Authors. All Rights Reserved.
Copyright 2000\-2024 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
in the file LICENSE in the source distribution or at
<https://www.openssl.org/source/license.html>.

120
secure/lib/libcrypto/man/man3/BIO_get_data.3
View file

@ -1,4 +1,5 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\" -*- mode: troff; coding: utf-8 -*-
.\" Automatically generated by Pod::Man 5.0102 (Pod::Simple 3.45)
.\"
.\" Standard preamble:
.\" ========================================================================
@ -15,29 +16,12 @@
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.\" \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>.
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
@ -68,78 +52,18 @@
. \}
.\}
.rr rF
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "BIO_GET_DATA 3ossl"
.TH BIO_GET_DATA 3ossl "2023-09-19" "3.0.11" "OpenSSL"
.TH BIO_GET_DATA 3ossl 2025-07-01 3.5.1 OpenSSL
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
.SH NAME
BIO_set_data, BIO_get_data, BIO_set_init, BIO_get_init, BIO_set_shutdown,
BIO_get_shutdown \- functions for managing BIO state information
.SH "SYNOPSIS"
.SH SYNOPSIS
.IX Header "SYNOPSIS"
.Vb 1
\& #include <openssl/bio.h>
@ -151,44 +75,44 @@ BIO_get_shutdown \- functions for managing BIO state information
\& void BIO_set_shutdown(BIO *a, int shut);
\& int BIO_get_shutdown(BIO *a);
.Ve
.SH "DESCRIPTION"
.SH DESCRIPTION
.IX Header "DESCRIPTION"
These functions are mainly useful when implementing a custom \s-1BIO.\s0
These functions are mainly useful when implementing a custom BIO.
.PP
The \fBBIO_set_data()\fR function associates the custom data pointed to by \fBptr\fR with
the \s-1BIO.\s0 This data can subsequently be retrieved via a call to \fBBIO_get_data()\fR.
the BIO. This data can subsequently be retrieved via a call to \fBBIO_get_data()\fR.
This can be used by custom BIOs for storing implementation specific information.
.PP
The \fBBIO_set_init()\fR function sets the value of the \s-1BIO\s0's \*(L"init\*(R" flag to indicate
whether initialisation has been completed for this \s-1BIO\s0 or not. A nonzero value
The \fBBIO_set_init()\fR function sets the value of the BIO's "init" flag to indicate
whether initialisation has been completed for this BIO or not. A nonzero value
indicates that initialisation is complete, whilst zero indicates that it is not.
Often initialisation will complete during initial construction of the \s-1BIO.\s0 For
Often initialisation will complete during initial construction of the BIO. For
some BIOs however, initialisation may not complete until after additional steps
have occurred (for example through calling custom ctrls). The \fBBIO_get_init()\fR
function returns the value of the \*(L"init\*(R" flag.
function returns the value of the "init" flag.
.PP
The \fBBIO_set_shutdown()\fR and \fBBIO_get_shutdown()\fR functions set and get the state of
this \s-1BIO\s0's shutdown (i.e. \s-1BIO_CLOSE\s0) flag. If set then the underlying resource
is also closed when the \s-1BIO\s0 is freed.
this BIO's shutdown (i.e. BIO_CLOSE) flag. If set then the underlying resource
is also closed when the BIO is freed.
.SH "RETURN VALUES"
.IX Header "RETURN VALUES"
\&\fBBIO_get_data()\fR returns a pointer to the implementation specific custom data
associated with this \s-1BIO,\s0 or \s-1NULL\s0 if none has been set.
associated with this BIO, or NULL if none has been set.
.PP
\&\fBBIO_get_init()\fR returns the state of the \s-1BIO\s0's init flag.
\&\fBBIO_get_init()\fR returns the state of the BIO's init flag.
.PP
\&\fBBIO_get_shutdown()\fR returns the stat of the \s-1BIO\s0's shutdown (i.e. \s-1BIO_CLOSE\s0) flag.
\&\fBBIO_get_shutdown()\fR returns the stat of the BIO's shutdown (i.e. BIO_CLOSE) flag.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBbio\fR\|(7), \fBBIO_meth_new\fR\|(3)
.SH "HISTORY"
.SH HISTORY
.IX Header "HISTORY"
The functions described here were added in OpenSSL 1.1.0.
.SH "COPYRIGHT"
.SH COPYRIGHT
.IX Header "COPYRIGHT"
Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
in the file LICENSE in the source distribution or at
<https://www.openssl.org/source/license.html>.

114
secure/lib/libcrypto/man/man3/BIO_get_ex_new_index.3
View file

@ -1,4 +1,5 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\" -*- mode: troff; coding: utf-8 -*-
.\" Automatically generated by Pod::Man 5.0102 (Pod::Simple 3.45)
.\"
.\" Standard preamble:
.\" ========================================================================
@ -15,29 +16,12 @@
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.\" \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>.
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
@ -68,75 +52,15 @@
. \}
.\}
.rr rF
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "BIO_GET_EX_NEW_INDEX 3ossl"
.TH BIO_GET_EX_NEW_INDEX 3ossl "2023-09-19" "3.0.11" "OpenSSL"
.TH BIO_GET_EX_NEW_INDEX 3ossl 2025-07-01 3.5.1 OpenSSL
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
.SH NAME
BIO_get_ex_new_index, BIO_set_ex_data, BIO_get_ex_data,
BIO_set_app_data, BIO_get_app_data,
DH_get_ex_new_index, DH_set_ex_data, DH_get_ex_data,
@ -159,7 +83,7 @@ X509_STORE_CTX_set_app_data, X509_STORE_CTX_get_app_data,
X509_STORE_get_ex_new_index, X509_STORE_set_ex_data, X509_STORE_get_ex_data,
X509_get_ex_new_index, X509_set_ex_data, X509_get_ex_data
\&\- application\-specific data
.SH "SYNOPSIS"
.SH SYNOPSIS
.IX Header "SYNOPSIS"
.Vb 1
\& #include <openssl/x509.h>
@ -178,7 +102,7 @@ X509_get_ex_new_index, X509_set_ex_data, X509_get_ex_data
.Ve
.PP
The following functions have been deprecated since OpenSSL 3.0, and can be
hidden entirely by defining \fB\s-1OPENSSL_API_COMPAT\s0\fR with a suitable version value,
hidden entirely by defining \fBOPENSSL_API_COMPAT\fR with a suitable version value,
see \fBopenssl_user_macros\fR\|(7):
.PP
.Vb 10
@ -205,16 +129,16 @@ see \fBopenssl_user_macros\fR\|(7):
\& int ENGINE_set_ex_data(ENGINE *type, int idx, void *arg);
\& void *ENGINE_get_ex_data(ENGINE *type, int idx);
.Ve
.SH "DESCRIPTION"
.SH DESCRIPTION
.IX Header "DESCRIPTION"
In the description here, \fI\s-1TYPE\s0\fR is used a placeholder
In the description here, \fITYPE\fR is used a placeholder
for any of the OpenSSL datatypes listed in \fBCRYPTO_get_ex_new_index\fR\|(3).
.PP
All functions with a \fI\s-1TYPE\s0\fR of \fB\s-1DH\s0\fR, \fB\s-1DSA\s0\fR, \fB\s-1RSA\s0\fR and \fB\s-1EC_KEY\s0\fR are deprecated.
All functions with a \fITYPE\fR of \fBDH\fR, \fBDSA\fR, \fBRSA\fR and \fBEC_KEY\fR are deprecated.
Applications should instead use \fBEVP_PKEY_set_ex_data()\fR,
\&\fBEVP_PKEY_get_ex_data()\fR and \fBEVP_PKEY_get_ex_new_index()\fR.
.PP
All functions with a \fI\s-1TYPE\s0\fR of \fB\s-1ENGINE\s0\fR are deprecated.
All functions with a \fITYPE\fR of \fBENGINE\fR are deprecated.
Applications using engines should be replaced by providers.
.PP
These functions handle application-specific data for OpenSSL data
@ -224,13 +148,13 @@ structures.
with the correct \fBindex\fR value.
.PP
\&\fBTYPE_set_ex_data()\fR is a function that calls \fBCRYPTO_set_ex_data()\fR with
an offset into the opaque exdata part of the \s-1TYPE\s0 object.
an offset into the opaque exdata part of the TYPE object. \fId\fR \fBMUST NOT\fR be NULL.
.PP
\&\fBTYPE_get_ex_data()\fR is a function that calls \fBCRYPTO_get_ex_data()\fR with
an offset into the opaque exdata part of the \s-1TYPE\s0 object.
an offset into the opaque exdata part of the TYPE object. \fId\fR \fBMUST NOT\fR be NULL.
.PP
For compatibility with previous releases, the exdata index of zero is
reserved for \*(L"application data.\*(R" There are two convenience functions for
reserved for "application data." There are two convenience functions for
this.
\&\fBTYPE_set_app_data()\fR is a macro that invokes \fBTYPE_set_ex_data()\fR with
\&\fBidx\fR set to zero.
@ -242,11 +166,11 @@ this.
.PP
\&\fBTYPE_set_ex_data()\fR returns 1 on success or 0 on error.
.PP
\&\fBTYPE_get_ex_data()\fR returns the application data or \s-1NULL\s0 if an error occurred.
\&\fBTYPE_get_ex_data()\fR returns the application data or NULL if an error occurred.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBCRYPTO_get_ex_new_index\fR\|(3).
.SH "HISTORY"
.SH HISTORY
.IX Header "HISTORY"
The functions \fBDH_get_ex_new_index()\fR, \fBDH_set_ex_data()\fR, \fBDH_get_ex_data()\fR,
\&\fBDSA_get_ex_new_index()\fR, \fBDSA_set_ex_data()\fR, \fBDSA_get_ex_data()\fR,
@ -254,11 +178,11 @@ The functions \fBDH_get_ex_new_index()\fR, \fBDH_set_ex_data()\fR, \fBDH_get_ex_
\&\fBENGINE_get_ex_new_index()\fR, \fBENGINE_set_ex_data()\fR, \fBENGINE_get_ex_data()\fR,
\&\fBRSA_get_ex_new_index()\fR, \fBRSA_set_ex_data()\fR, \fBRSA_get_ex_data()\fR,
\&\fBRSA_set_app_data()\fR and \fBRSA_get_app_data()\fR were deprecated in OpenSSL 3.0.
.SH "COPYRIGHT"
.SH COPYRIGHT
.IX Header "COPYRIGHT"
Copyright 2015\-2021 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
in the file LICENSE in the source distribution or at
<https://www.openssl.org/source/license.html>.

158
secure/lib/libcrypto/man/man3/BIO_get_rpoll_descriptor.3 Normal file
View file

@ -0,0 +1,158 @@
.\" -*- mode: troff; coding: utf-8 -*-
.\" Automatically generated by Pod::Man 5.0102 (Pod::Simple 3.45)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>.
.ie n \{\
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\" ========================================================================
.\"
.IX Title "BIO_GET_RPOLL_DESCRIPTOR 3ossl"
.TH BIO_GET_RPOLL_DESCRIPTOR 3ossl 2025-07-01 3.5.1 OpenSSL
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH NAME
BIO_get_rpoll_descriptor, BIO_get_wpoll_descriptor \- obtain a structure which
can be used to determine when a BIO object can next be read or written
.SH SYNOPSIS
.IX Header "SYNOPSIS"
.Vb 1
\& #include <openssl/bio.h>
\&
\& typedef struct bio_poll_descriptor_st {
\& uint32_t type;
\& union {
\& int fd;
\& void *custom;
\& uintptr_t custom_ui;
\& } value;
\& } BIO_POLL_DESCRIPTOR;
\&
\& int BIO_get_rpoll_descriptor(BIO *b, BIO_POLL_DESCRIPTOR *desc);
\& int BIO_get_wpoll_descriptor(BIO *b, BIO_POLL_DESCRIPTOR *desc);
.Ve
.SH DESCRIPTION
.IX Header "DESCRIPTION"
\&\fBBIO_get_rpoll_descriptor()\fR and \fBBIO_get_wpoll_descriptor()\fR, on success, fill
\&\fI*desc\fR with a poll descriptor. A poll descriptor is a tagged union structure
which represents some kind of OS or non-OS resource which can be used to
synchronise on I/O availability events.
.PP
\&\fBBIO_get_rpoll_descriptor()\fR outputs a descriptor which can be used to determine
when the BIO can (potentially) next be read, and \fBBIO_get_wpoll_descriptor()\fR
outputs a descriptor which can be used to determine when the BIO can
(potentially) next be written.
.PP
It is permissible for \fBBIO_get_rpoll_descriptor()\fR and \fBBIO_get_wpoll_descriptor()\fR
to output the same descriptor.
.PP
Poll descriptors can represent different kinds of information. A typical kind of
resource which might be represented by a poll descriptor is an OS file
descriptor which can be used with APIs such as \fBselect()\fR.
.PP
The kinds of poll descriptor defined by OpenSSL are:
.IP BIO_POLL_DESCRIPTOR_TYPE_NONE 4
.IX Item "BIO_POLL_DESCRIPTOR_TYPE_NONE"
Represents the absence of a valid poll descriptor. It may be used by
\&\fBBIO_get_rpoll_descriptor()\fR or \fBBIO_get_wpoll_descriptor()\fR to indicate that the
BIO is not pollable for readability or writeability respectively.
.Sp
For this type, no field within the \fIvalue\fR field of the \fBBIO_POLL_DESCRIPTOR\fR
is valid.
.IP BIO_POLL_DESCRIPTOR_TYPE_SOCK_FD 4
.IX Item "BIO_POLL_DESCRIPTOR_TYPE_SOCK_FD"
The poll descriptor represents an OS socket resource. The field \fIvalue.fd\fR
in the \fBBIO_POLL_DESCRIPTOR\fR is valid if it is not set to \-1.
.Sp
The resource is whatever kind of handle is used by a given OS to represent
sockets, which may vary by OS. For example, on Windows, the value is a \fBSOCKET\fR
for use with the Winsock API. On POSIX-like platforms, it is a file descriptor.
.Sp
Where a poll descriptor of this type is output by \fBBIO_get_rpoll_descriptor()\fR, it
should be polled for readability to determine when the BIO might next be able to
successfully complete a \fBBIO_read()\fR operation; likewise, where a poll descriptor
of this type is output by \fBBIO_get_wpoll_descriptor()\fR, it should be polled for
writeability to determine when the BIO might next be able to successfully
complete a \fBBIO_write()\fR operation.
.IP BIO_POLL_DESCRIPTOR_CUSTOM_START 4
.IX Item "BIO_POLL_DESCRIPTOR_CUSTOM_START"
Type values beginning with this value (inclusive) are reserved for application
allocation for custom poll descriptor types. Any of the definitions in the union
field \fIvalue\fR can be used by the application arbitrarily as opaque values.
.PP
Because poll descriptors are a tagged union structure, they can represent
different kinds of information. New types of poll descriptor may be defined,
including by applications, according to their needs.
.SH "RETURN VALUES"
.IX Header "RETURN VALUES"
The functions \fBBIO_get_rpoll_descriptor()\fR and \fBBIO_get_wpoll_descriptor()\fR return 1
on success and 0 on failure.
.PP
These functions are permitted to succeed and initialise \fI*desc\fR with a poll
descriptor of type \fBBIO_POLL_DESCRIPTOR_TYPE_NONE\fR to indicate that the BIO is
not pollable for readability or writeability respectively.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBSSL_handle_events\fR\|(3), \fBSSL_get_event_timeout\fR\|(3), \fBSSL_get_rpoll_descriptor\fR\|(3),
\&\fBSSL_get_wpoll_descriptor\fR\|(3), \fBbio\fR\|(7)
.SH HISTORY
.IX Header "HISTORY"
The \fBBIO_get_rpoll_descriptor()\fR and \fBBIO_get_wpoll_descriptor()\fR functions were
added in OpenSSL 3.2.
.SH COPYRIGHT
.IX Header "COPYRIGHT"
Copyright 2022\-2024 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file LICENSE in the source distribution or at
<https://www.openssl.org/source/license.html>.

246
secure/lib/libcrypto/man/man3/BIO_meth_new.3
View file

@ -1,4 +1,5 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\" -*- mode: troff; coding: utf-8 -*-
.\" Automatically generated by Pod::Man 5.0102 (Pod::Simple 3.45)
.\"
.\" Standard preamble:
.\" ========================================================================
@ -15,29 +16,12 @@
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.\" \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>.
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
@ -68,75 +52,15 @@
. \}
.\}
.rr rF
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "BIO_METH_NEW 3ossl"
.TH BIO_METH_NEW 3ossl "2023-09-19" "3.0.11" "OpenSSL"
.TH BIO_METH_NEW 3ossl 2025-07-01 3.5.1 OpenSSL
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
.SH NAME
BIO_get_new_index,
BIO_meth_new, BIO_meth_free, BIO_meth_get_read_ex, BIO_meth_set_read_ex,
BIO_meth_get_write_ex, BIO_meth_set_write_ex, BIO_meth_get_write,
@ -144,8 +68,9 @@ BIO_meth_set_write, BIO_meth_get_read, BIO_meth_set_read, BIO_meth_get_puts,
BIO_meth_set_puts, BIO_meth_get_gets, BIO_meth_set_gets, BIO_meth_get_ctrl,
BIO_meth_set_ctrl, BIO_meth_get_create, BIO_meth_set_create,
BIO_meth_get_destroy, BIO_meth_set_destroy, BIO_meth_get_callback_ctrl,
BIO_meth_set_callback_ctrl \- Routines to build up BIO methods
.SH "SYNOPSIS"
BIO_meth_set_callback_ctrl, BIO_meth_set_sendmmsg, BIO_meth_get_sendmmsg,
BIO_meth_set_recvmmsg, BIO_meth_get_recvmmsg \- Routines to build up BIO methods
.SH SYNOPSIS
.IX Header "SYNOPSIS"
.Vb 1
\& #include <openssl/bio.h>
@ -156,65 +81,95 @@ BIO_meth_set_callback_ctrl \- Routines to build up BIO methods
\&
\& void BIO_meth_free(BIO_METHOD *biom);
\&
\& int (*BIO_meth_get_write_ex(const BIO_METHOD *biom))(BIO *, const char *, size_t,
\& size_t *);
\& int (*BIO_meth_get_write(const BIO_METHOD *biom))(BIO *, const char *, int);
\& int BIO_meth_set_write_ex(BIO_METHOD *biom,
\& int (*bwrite)(BIO *, const char *, size_t, size_t *));
\& int BIO_meth_set_write(BIO_METHOD *biom,
\& int (*write)(BIO *, const char *, int));
\&
\& int (*BIO_meth_get_read_ex(const BIO_METHOD *biom))(BIO *, char *, size_t, size_t *);
\& int (*BIO_meth_get_read(const BIO_METHOD *biom))(BIO *, char *, int);
\& int BIO_meth_set_read_ex(BIO_METHOD *biom,
\& int (*bread)(BIO *, char *, size_t, size_t *));
\& int BIO_meth_set_read(BIO_METHOD *biom, int (*read)(BIO *, char *, int));
\&
\& int (*BIO_meth_get_puts(const BIO_METHOD *biom))(BIO *, const char *);
\& int BIO_meth_set_puts(BIO_METHOD *biom, int (*puts)(BIO *, const char *));
\&
\& int (*BIO_meth_get_gets(const BIO_METHOD *biom))(BIO *, char *, int);
\& int BIO_meth_set_gets(BIO_METHOD *biom,
\& int (*gets)(BIO *, char *, int));
\&
\& long (*BIO_meth_get_ctrl(const BIO_METHOD *biom))(BIO *, int, long, void *);
\& int BIO_meth_set_ctrl(BIO_METHOD *biom,
\& long (*ctrl)(BIO *, int, long, void *));
\&
\& int (*BIO_meth_get_create(const BIO_METHOD *bion))(BIO *);
\& int BIO_meth_set_create(BIO_METHOD *biom, int (*create)(BIO *));
\&
\& int (*BIO_meth_get_destroy(const BIO_METHOD *biom))(BIO *);
\& int BIO_meth_set_destroy(BIO_METHOD *biom, int (*destroy)(BIO *));
\&
\& long (*BIO_meth_get_callback_ctrl(const BIO_METHOD *biom))(BIO *, int, BIO_info_cb *);
\& int BIO_meth_set_callback_ctrl(BIO_METHOD *biom,
\& long (*callback_ctrl)(BIO *, int, BIO_info_cb *));
\&
\& int BIO_meth_set_sendmmsg(BIO_METHOD *biom,
\& ossl_ssize_t (*f) (BIO *, BIO_MSG *, size_t,
\& size_t, uint64_t));
\& int BIO_meth_set_recvmmsg(BIO_METHOD *biom,
\& ossl_ssize_t (*f) (BIO *, BIO_MSG *, size_t,
\& size_t, uint64_t));
.Ve
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
The \fB\s-1BIO_METHOD\s0\fR type is a structure used for the implementation of new \s-1BIO\s0
types. It provides a set of functions used by OpenSSL for the implementation
of the various \s-1BIO\s0 capabilities. See the \fBbio\fR\|(7) page for more information.
.PP
\&\fBBIO_meth_new()\fR creates a new \fB\s-1BIO_METHOD\s0\fR structure. It should be given a
unique integer \fBtype\fR and a string that represents its \fBname\fR.
Use \fBBIO_get_new_index()\fR to get the value for \fBtype\fR.
The following functions have been deprecated since OpenSSL 3.5:
.PP
.Vb 3
\& int (*BIO_meth_get_write_ex(const BIO_METHOD *biom))(BIO *, const char *, size_t,
\& size_t *);
\& int (*BIO_meth_get_write(const BIO_METHOD *biom))(BIO *, const char *, int);
\&
\& int (*BIO_meth_get_read_ex(const BIO_METHOD *biom))(BIO *, char *, size_t, size_t *);
\& int (*BIO_meth_get_read(const BIO_METHOD *biom))(BIO *, char *, int);
\&
\& int (*BIO_meth_get_puts(const BIO_METHOD *biom))(BIO *, const char *);
\& int (*BIO_meth_get_gets(const BIO_METHOD *biom))(BIO *, char *, int);
\&
\& long (*BIO_meth_get_ctrl(const BIO_METHOD *biom))(BIO *, int, long, void *);
\&
\& int (*BIO_meth_get_create(const BIO_METHOD *bion))(BIO *);
\& int (*BIO_meth_get_destroy(const BIO_METHOD *biom))(BIO *);
\&
\& long (*BIO_meth_get_callback_ctrl(const BIO_METHOD *biom))(BIO *, int, BIO_info_cb *);
\&
\& ossl_ssize_t (*BIO_meth_get_sendmmsg(const BIO_METHOD *biom))(BIO *,
\& BIO_MSG *,
\& size_t,
\& size_t,
\& uint64_t);
\& ossl_ssize_t (*BIO_meth_get_recvmmsg(const BIO_METHOD *biom))(BIO *,
\& BIO_MSG *,
\& size_t,
\& size_t,
\& uint64_t);
.Ve
.SH DESCRIPTION
.IX Header "DESCRIPTION"
The \fBBIO_METHOD\fR type is a structure used for the implementation of new BIO
types. It provides a set of functions used by OpenSSL for the implementation
of the various BIO capabilities. See the \fBbio\fR\|(7) page for more information.
.PP
\&\fBBIO_meth_new()\fR creates a new \fBBIO_METHOD\fR structure that contains a type
identifier \fItype\fR and a string that represents its \fBname\fR.
\&\fBtype\fR can be set to either \fBBIO_TYPE_NONE\fR or via \fBBIO_get_new_index()\fR if
a unique type is required for searching (See \fBBIO_find_type\fR\|(3))
.PP
Note that \fBBIO_get_new_index()\fR can only be used 127 times before it returns an
error.
.PP
The set of
standard OpenSSL provided \s-1BIO\s0 types is provided in \fI<openssl/bio.h>\fR.
Some examples include \fB\s-1BIO_TYPE_BUFFER\s0\fR and \fB\s-1BIO_TYPE_CIPHER\s0\fR. Filter BIOs
should have a type which have the \*(L"filter\*(R" bit set (\fB\s-1BIO_TYPE_FILTER\s0\fR).
Source/sink BIOs should have the \*(L"source/sink\*(R" bit set (\fB\s-1BIO_TYPE_SOURCE_SINK\s0\fR).
standard OpenSSL provided BIO types is provided in \fI<openssl/bio.h>\fR.
Some examples include \fBBIO_TYPE_BUFFER\fR and \fBBIO_TYPE_CIPHER\fR. Filter BIOs
should have a type which have the "filter" bit set (\fBBIO_TYPE_FILTER\fR).
Source/sink BIOs should have the "source/sink" bit set (\fBBIO_TYPE_SOURCE_SINK\fR).
File descriptor based BIOs (e.g. socket, fd, connect, accept etc) should
additionally have the \*(L"descriptor\*(R" bit set (\fB\s-1BIO_TYPE_DESCRIPTOR\s0\fR). See the
additionally have the "descriptor" bit set (\fBBIO_TYPE_DESCRIPTOR\fR). See the
\&\fBBIO_find_type\fR\|(3) page for more information.
.PP
\&\fBBIO_meth_free()\fR destroys a \fB\s-1BIO_METHOD\s0\fR structure and frees up any memory
associated with it.
\&\fBBIO_meth_free()\fR destroys a \fBBIO_METHOD\fR structure and frees up any memory
associated with it. If the argument is NULL, nothing is done.
.PP
\&\fBBIO_meth_get_write_ex()\fR and \fBBIO_meth_set_write_ex()\fR get and set the function
used for writing arbitrary length data to the \s-1BIO\s0 respectively. This function
used for writing arbitrary length data to the BIO respectively. This function
will be called in response to the application calling \fBBIO_write_ex()\fR or
\&\fBBIO_write()\fR. The parameters for the function have the same meaning as for
\&\fBBIO_write_ex()\fR. Older code may call \fBBIO_meth_get_write()\fR and
@ -223,7 +178,7 @@ will be called in response to the application calling \fBBIO_write_ex()\fR or
when the function was set with \fBBIO_meth_set_write_ex()\fR.
.PP
\&\fBBIO_meth_get_read_ex()\fR and \fBBIO_meth_set_read_ex()\fR get and set the function used
for reading arbitrary length data from the \s-1BIO\s0 respectively. This function will
for reading arbitrary length data from the BIO respectively. This function will
be called in response to the application calling \fBBIO_read_ex()\fR or \fBBIO_read()\fR.
The parameters for the function have the same meaning as for \fBBIO_read_ex()\fR.
Older code may call \fBBIO_meth_get_read()\fR and \fBBIO_meth_set_read()\fR instead.
@ -232,65 +187,88 @@ or call \fBBIO_meth_get_read()\fR when the function was set with
\&\fBBIO_meth_set_read_ex()\fR.
.PP
\&\fBBIO_meth_get_puts()\fR and \fBBIO_meth_set_puts()\fR get and set the function used for
writing a \s-1NULL\s0 terminated string to the \s-1BIO\s0 respectively. This function will be
writing a NULL terminated string to the BIO respectively. This function will be
called in response to the application calling \fBBIO_puts()\fR. The parameters for
the function have the same meaning as for \fBBIO_puts()\fR.
.PP
\&\fBBIO_meth_get_gets()\fR and \fBBIO_meth_set_gets()\fR get and set the function typically
used for reading a line of data from the \s-1BIO\s0 respectively (see the \fBBIO_gets\fR\|(3)
used for reading a line of data from the BIO respectively (see the \fBBIO_gets\fR\|(3)
page for more information). This function will be called in response to the
application calling \fBBIO_gets()\fR. The parameters for the function have the same
meaning as for \fBBIO_gets()\fR.
.PP
\&\fBBIO_meth_get_ctrl()\fR and \fBBIO_meth_set_ctrl()\fR get and set the function used for
processing ctrl messages in the \s-1BIO\s0 respectively. See the \fBBIO_ctrl\fR\|(3) page for
processing ctrl messages in the BIO respectively. See the \fBBIO_ctrl\fR\|(3) page for
more information. This function will be called in response to the application
calling \fBBIO_ctrl()\fR. The parameters for the function have the same meaning as for
\&\fBBIO_ctrl()\fR.
.PP
\&\fBBIO_meth_get_create()\fR and \fBBIO_meth_set_create()\fR get and set the function used
for creating a new instance of the \s-1BIO\s0 respectively. This function will be
for creating a new instance of the BIO respectively. This function will be
called in response to the application calling \fBBIO_new()\fR and passing
in a pointer to the current \s-1BIO_METHOD.\s0 The \fBBIO_new()\fR function will allocate the
memory for the new \s-1BIO,\s0 and a pointer to this newly allocated structure will
in a pointer to the current BIO_METHOD. The \fBBIO_new()\fR function will allocate the
memory for the new BIO, and a pointer to this newly allocated structure will
be passed as a parameter to the function. If a create function is set,
\&\fBBIO_new()\fR will not mark the \s-1BIO\s0 as initialised on allocation.
\&\fBBIO_new()\fR will not mark the BIO as initialised on allocation.
\&\fBBIO_set_init\fR\|(3) must then be called either by the create function, or later,
by a \s-1BIO\s0 ctrl function, once \s-1BIO\s0 initialisation is complete.
by a BIO ctrl function, once BIO initialisation is complete.
.PP
\&\fBBIO_meth_get_destroy()\fR and \fBBIO_meth_set_destroy()\fR get and set the function used
for destroying an instance of a \s-1BIO\s0 respectively. This function will be
called in response to the application calling \fBBIO_free()\fR. A pointer to the \s-1BIO\s0
for destroying an instance of a BIO respectively. This function will be
called in response to the application calling \fBBIO_free()\fR. A pointer to the BIO
to be destroyed is passed as a parameter. The destroy function should be used
for \s-1BIO\s0 specific clean up. The memory for the \s-1BIO\s0 itself should not be freed by
for BIO specific clean up. The memory for the BIO itself should not be freed by
this function.
.PP
\&\fBBIO_meth_get_callback_ctrl()\fR and \fBBIO_meth_set_callback_ctrl()\fR get and set the
function used for processing callback ctrl messages in the \s-1BIO\s0 respectively. See
function used for processing callback ctrl messages in the BIO respectively. See
the \fBBIO_callback_ctrl\fR\|(3) page for more information. This function will be called
in response to the application calling \fBBIO_callback_ctrl()\fR. The parameters for
the function have the same meaning as for \fBBIO_callback_ctrl()\fR.
.PP
\&\fBBIO_meth_get_sendmmsg()\fR, \fBBIO_meth_set_sendmmsg()\fR, \fBBIO_meth_get_recvmmsg()\fR and
\&\fBBIO_meth_set_recvmmsg()\fR get and set the functions used for handling
\&\fBBIO_sendmmsg()\fR and \fBBIO_recvmmsg()\fR calls respectively. See \fBBIO_sendmmsg\fR\|(3) for
more information.
.SH "RETURN VALUES"
.IX Header "RETURN VALUES"
\&\fBBIO_get_new_index()\fR returns the new \s-1BIO\s0 type value or \-1 if an error occurred.
\&\fBBIO_get_new_index()\fR returns the new BIO type value or \-1 if an error occurred.
.PP
BIO_meth_new(int type, const char *name) returns a valid \fB\s-1BIO_METHOD\s0\fR or \s-1NULL\s0
BIO_meth_new(int type, const char *name) returns a valid \fBBIO_METHOD\fR or NULL
if an error occurred.
.PP
The \fBBIO_meth_set\fR functions return 1 on success or 0 on error.
.PP
The \fBBIO_meth_get\fR functions return the corresponding function pointers.
.SH BUGS
.IX Header "BUGS"
It is not safe to use \f(CW\*(C`BIO_meth_get_\*(C'\fR functions to reuse the \fBBIO\fR
implementation of \fBBIO\fRs implemented by OpenSSL itself with
application-implemented \fBBIO\fRs. Instead either the applications ought to
implement these functions themselves or they should implement a filter BIO.
.PP
For more details please see <https://github.com/openssl/openssl/issues/26047>.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBbio\fR\|(7), \fBBIO_find_type\fR\|(3), \fBBIO_ctrl\fR\|(3), \fBBIO_read_ex\fR\|(3), \fBBIO_new\fR\|(3)
.SH "HISTORY"
.SH HISTORY
.IX Header "HISTORY"
The functions described here were added in OpenSSL 1.1.0.
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2016\-2022 The OpenSSL Project Authors. All Rights Reserved.
The functions \fBBIO_meth_get_sendmmsg()\fR, \fBBIO_meth_set_sendmmsg()\fR,
\&\fBBIO_meth_get_recvmmsg()\fR and \fBBIO_meth_set_recvmmsg()\fR were added in OpenSSL 3.2.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
All the other functions described here were added in OpenSSL 1.1.0.
.PP
The functions \fBBIO_meth_get_read_ex()\fR, \fBBIO_meth_get_write_ex()\fR,
\&\fBBIO_meth_get_write()\fR, \fBBIO_meth_get_read()\fR, \fBBIO_meth_get_puts()\fR,
\&\fBBIO_meth_get_gets()\fR, \fBBIO_meth_get_ctrl()\fR, \fBBIO_meth_get_create()\fR,
\&\fBBIO_meth_get_destroy()\fR, \fBBIO_meth_get_callback_ctrl()\fR,
\&\fBBIO_meth_get_sendmmsg()\fR and \fBBIO_meth_get_recvmmsg()\fR are deprecated since
OpenSSL 3.5.
.SH COPYRIGHT
.IX Header "COPYRIGHT"
Copyright 2016\-2024 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
in the file LICENSE in the source distribution or at
<https://www.openssl.org/source/license.html>.

132
secure/lib/libcrypto/man/man3/BIO_new.3
View file

@ -1,4 +1,5 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\" -*- mode: troff; coding: utf-8 -*-
.\" Automatically generated by Pod::Man 5.0102 (Pod::Simple 3.45)
.\"
.\" Standard preamble:
.\" ========================================================================
@ -15,29 +16,12 @@
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.\" \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>.
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
@ -68,78 +52,18 @@
. \}
.\}
.rr rF
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "BIO_NEW 3ossl"
.TH BIO_NEW 3ossl "2023-09-19" "3.0.11" "OpenSSL"
.TH BIO_NEW 3ossl 2025-07-01 3.5.1 OpenSSL
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
.SH NAME
BIO_new_ex, BIO_new, BIO_up_ref, BIO_free, BIO_vfree, BIO_free_all
\&\- BIO allocation and freeing functions
.SH "SYNOPSIS"
.SH SYNOPSIS
.IX Header "SYNOPSIS"
.Vb 1
\& #include <openssl/bio.h>
@ -151,59 +75,59 @@ BIO_new_ex, BIO_new, BIO_up_ref, BIO_free, BIO_vfree, BIO_free_all
\& void BIO_vfree(BIO *a);
\& void BIO_free_all(BIO *a);
.Ve
.SH "DESCRIPTION"
.SH DESCRIPTION
.IX Header "DESCRIPTION"
The \fBBIO_new_ex()\fR function returns a new \s-1BIO\s0 using method \fBtype\fR associated with
the library context \fIlibctx\fR (see \s-1\fBOSSL_LIB_CTX\s0\fR\|(3)). The library context may be
\&\s-1NULL\s0 to indicate the default library context.
The \fBBIO_new_ex()\fR function returns a new BIO using method \fBtype\fR associated with
the library context \fIlibctx\fR (see \fBOSSL_LIB_CTX\fR\|(3)). The library context may be
NULL to indicate the default library context. \fItype\fR \fBMUST NOT\fR be NULL.
.PP
The \fBBIO_new()\fR is the same as \fBBIO_new_ex()\fR except the default library context is
always used.
.PP
\&\fBBIO_up_ref()\fR increments the reference count associated with the \s-1BIO\s0 object.
\&\fBBIO_up_ref()\fR increments the reference count associated with the BIO object.
.PP
\&\fBBIO_free()\fR frees up a single \s-1BIO,\s0 \fBBIO_vfree()\fR also frees up a single \s-1BIO\s0
\&\fBBIO_free()\fR frees up a single BIO, \fBBIO_vfree()\fR also frees up a single BIO
but it does not return a value.
If \fBa\fR is \s-1NULL\s0 nothing is done.
If \fBa\fR is NULL nothing is done.
Calling \fBBIO_free()\fR may also have some effect
on the underlying I/O structure, for example it may close the file being
referred to under certain circumstances. For more details see the individual
\&\s-1BIO_METHOD\s0 descriptions.
BIO_METHOD descriptions.
.PP
\&\fBBIO_free_all()\fR frees up an entire \s-1BIO\s0 chain, it does not halt if an error
occurs freeing up an individual \s-1BIO\s0 in the chain.
If \fBa\fR is \s-1NULL\s0 nothing is done.
\&\fBBIO_free_all()\fR frees up an entire BIO chain, it does not halt if an error
occurs freeing up an individual BIO in the chain.
If \fBa\fR is NULL nothing is done.
.SH "RETURN VALUES"
.IX Header "RETURN VALUES"
\&\fBBIO_new_ex()\fR and \fBBIO_new()\fR return a newly created \s-1BIO\s0 or \s-1NULL\s0 if the call fails.
\&\fBBIO_new_ex()\fR and \fBBIO_new()\fR return a newly created BIO or NULL if the call fails.
.PP
\&\fBBIO_up_ref()\fR and \fBBIO_free()\fR return 1 for success and 0 for failure.
.PP
\&\fBBIO_free_all()\fR and \fBBIO_vfree()\fR do not return values.
.SH "NOTES"
.SH NOTES
.IX Header "NOTES"
If \fBBIO_free()\fR is called on a \s-1BIO\s0 chain it will only free one \s-1BIO\s0 resulting
If \fBBIO_free()\fR is called on a BIO chain it will only free one BIO resulting
in a memory leak.
.PP
Calling \fBBIO_free_all()\fR on a single \s-1BIO\s0 has the same effect as calling \fBBIO_free()\fR
Calling \fBBIO_free_all()\fR on a single BIO has the same effect as calling \fBBIO_free()\fR
on it other than the discarded return value.
.SH "HISTORY"
.SH HISTORY
.IX Header "HISTORY"
\&\fBBIO_set()\fR was removed in OpenSSL 1.1.0 as \s-1BIO\s0 type is now opaque.
\&\fBBIO_set()\fR was removed in OpenSSL 1.1.0 as BIO type is now opaque.
.PP
\&\fBBIO_new_ex()\fR was added in OpenSSL 3.0.
.SH "EXAMPLES"
.SH EXAMPLES
.IX Header "EXAMPLES"
Create a memory \s-1BIO:\s0
Create a memory BIO:
.PP
.Vb 1
\& BIO *mem = BIO_new(BIO_s_mem());
.Ve
.SH "COPYRIGHT"
.SH COPYRIGHT
.IX Header "COPYRIGHT"
Copyright 2000\-2021 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
in the file LICENSE in the source distribution or at
<https://www.openssl.org/source/license.html>.

120
secure/lib/libcrypto/man/man3/BIO_new_CMS.3
View file

@ -1,4 +1,5 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\" -*- mode: troff; coding: utf-8 -*-
.\" Automatically generated by Pod::Man 5.0102 (Pod::Simple 3.45)
.\"
.\" Standard preamble:
.\" ========================================================================
@ -15,29 +16,12 @@
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.\" \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>.
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
@ -68,97 +52,37 @@
. \}
.\}
.rr rF
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "BIO_NEW_CMS 3ossl"
.TH BIO_NEW_CMS 3ossl "2023-09-19" "3.0.11" "OpenSSL"
.TH BIO_NEW_CMS 3ossl 2025-07-01 3.5.1 OpenSSL
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
.SH NAME
BIO_new_CMS \- CMS streaming filter BIO
.SH "SYNOPSIS"
.SH SYNOPSIS
.IX Header "SYNOPSIS"
.Vb 1
\& #include <openssl/cms.h>
\&
\& BIO *BIO_new_CMS(BIO *out, CMS_ContentInfo *cms);
.Ve
.SH "DESCRIPTION"
.SH DESCRIPTION
.IX Header "DESCRIPTION"
\&\fBBIO_new_CMS()\fR returns a streaming filter \s-1BIO\s0 chain based on \fBcms\fR. The output
\&\fBBIO_new_CMS()\fR returns a streaming filter BIO chain based on \fBcms\fR. The output
of the filter is written to \fBout\fR. Any data written to the chain is
automatically translated to a \s-1BER\s0 format \s-1CMS\s0 structure of the appropriate type.
.SH "NOTES"
automatically translated to a BER format CMS structure of the appropriate type.
.SH NOTES
.IX Header "NOTES"
The chain returned by this function behaves like a standard filter \s-1BIO.\s0 It
The chain returned by this function behaves like a standard filter BIO. It
supports non blocking I/O. Content is processed and streamed on the fly and not
all held in memory at once: so it is possible to encode very large structures.
After all content has been written through the chain \fBBIO_flush()\fR must be called
to finalise the structure.
.PP
The \fB\s-1CMS_STREAM\s0\fR flag must be included in the corresponding \fBflags\fR
The \fBCMS_STREAM\fR flag must be included in the corresponding \fBflags\fR
parameter of the \fBcms\fR creation function.
.PP
If an application wishes to write additional data to \fBout\fR BIOs should be
@ -175,28 +99,28 @@ responsibility to set the inner content type of any outer CMS_ContentInfo
structures.
.PP
Large numbers of small writes through the chain should be avoided as this will
produce an output consisting of lots of \s-1OCTET STRING\s0 structures. Prepending
a \fBBIO_f_buffer()\fR buffering \s-1BIO\s0 will prevent this.
.SH "BUGS"
produce an output consisting of lots of OCTET STRING structures. Prepending
a \fBBIO_f_buffer()\fR buffering BIO will prevent this.
.SH BUGS
.IX Header "BUGS"
There is currently no corresponding inverse \s-1BIO:\s0 i.e. one which can decode
a \s-1CMS\s0 structure on the fly.
There is currently no corresponding inverse BIO: i.e. one which can decode
a CMS structure on the fly.
.SH "RETURN VALUES"
.IX Header "RETURN VALUES"
\&\fBBIO_new_CMS()\fR returns a \s-1BIO\s0 chain when successful or \s-1NULL\s0 if an error
\&\fBBIO_new_CMS()\fR returns a BIO chain when successful or NULL if an error
occurred. The error can be obtained from \fBERR_get_error\fR\|(3).
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBERR_get_error\fR\|(3), \fBCMS_sign\fR\|(3),
\&\fBCMS_encrypt\fR\|(3)
.SH "HISTORY"
.SH HISTORY
.IX Header "HISTORY"
The \fBBIO_new_CMS()\fR function was added in OpenSSL 1.0.0.
.SH "COPYRIGHT"
.SH COPYRIGHT
.IX Header "COPYRIGHT"
Copyright 2008\-2016 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
in the file LICENSE in the source distribution or at
<https://www.openssl.org/source/license.html>.

102
secure/lib/libcrypto/man/man3/BIO_parse_hostserv.3
View file

@ -1,4 +1,5 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\" -*- mode: troff; coding: utf-8 -*-
.\" Automatically generated by Pod::Man 5.0102 (Pod::Simple 3.45)
.\"
.\" Standard preamble:
.\" ========================================================================
@ -15,29 +16,12 @@
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.\" \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>.
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
@ -68,79 +52,19 @@
. \}
.\}
.rr rF
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "BIO_PARSE_HOSTSERV 3ossl"
.TH BIO_PARSE_HOSTSERV 3ossl "2023-09-19" "3.0.11" "OpenSSL"
.TH BIO_PARSE_HOSTSERV 3ossl 2025-07-01 3.5.1 OpenSSL
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
.SH NAME
BIO_hostserv_priorities,
BIO_parse_hostserv
\&\- utility routines to parse a standard host and service string
.SH "SYNOPSIS"
.SH SYNOPSIS
.IX Header "SYNOPSIS"
.Vb 1
\& #include <openssl/bio.h>
@ -151,7 +75,7 @@ BIO_parse_hostserv
\& int BIO_parse_hostserv(const char *hostserv, char **host, char **service,
\& enum BIO_hostserv_priorities hostserv_prio);
.Ve
.SH "DESCRIPTION"
.SH DESCRIPTION
.IX Header "DESCRIPTION"
\&\fBBIO_parse_hostserv()\fR will parse the information given in \fBhostserv\fR,
create strings with the hostname and service name and give those
@ -172,8 +96,8 @@ The syntax the \fBBIO_parse_hostserv()\fR recognises is:
\& service
.Ve
.PP
The host part can be a name or an \s-1IP\s0 address. If it's a IPv6
address, it \s-1MUST\s0 be enclosed in brackets, such as '[::1]'.
The host part can be a name or an IP address. If it's a IPv6
address, it MUST be enclosed in brackets, such as '[::1]'.
.PP
The service part can be a service name or its port number. A service name
will be mapped to a port number using the system function \fBgetservbyname()\fR.
@ -202,12 +126,12 @@ and \fBhostserv_prio\fR, as follows:
\&\fBBIO_parse_hostserv()\fR returns 1 on success or 0 on error.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\s-1\fBBIO_ADDRINFO\s0\fR\|(3)
.SH "COPYRIGHT"
\&\fBBIO_ADDRINFO\fR\|(3)
.SH COPYRIGHT
.IX Header "COPYRIGHT"
Copyright 2016\-2021 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
in the file LICENSE in the source distribution or at
<https://www.openssl.org/source/license.html>.

102
secure/lib/libcrypto/man/man3/BIO_printf.3
View file

@ -1,4 +1,5 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\" -*- mode: troff; coding: utf-8 -*-
.\" Automatically generated by Pod::Man 5.0102 (Pod::Simple 3.45)
.\"
.\" Standard preamble:
.\" ========================================================================
@ -15,29 +16,12 @@
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.\" \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>.
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
@ -68,78 +52,18 @@
. \}
.\}
.rr rF
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "BIO_PRINTF 3ossl"
.TH BIO_PRINTF 3ossl "2023-09-19" "3.0.11" "OpenSSL"
.TH BIO_PRINTF 3ossl 2025-07-01 3.5.1 OpenSSL
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
.SH NAME
BIO_printf, BIO_vprintf, BIO_snprintf, BIO_vsnprintf
\&\- formatted output to a BIO
.SH "SYNOPSIS"
.SH SYNOPSIS
.IX Header "SYNOPSIS"
.Vb 1
\& #include <openssl/bio.h>
@ -150,14 +74,14 @@ BIO_printf, BIO_vprintf, BIO_snprintf, BIO_vsnprintf
\& int BIO_snprintf(char *buf, size_t n, const char *format, ...);
\& int BIO_vsnprintf(char *buf, size_t n, const char *format, va_list args);
.Ve
.SH "DESCRIPTION"
.SH DESCRIPTION
.IX Header "DESCRIPTION"
\&\fBBIO_printf()\fR is similar to the standard C \fBprintf()\fR function, except that
the output is sent to the specified \s-1BIO,\s0 \fIbio\fR, rather than standard
the output is sent to the specified BIO, \fIbio\fR, rather than standard
output. All common format specifiers are supported.
.PP
\&\fBBIO_vprintf()\fR is similar to the \fBvprintf()\fR function found on many platforms,
the output is sent to the specified \s-1BIO,\s0 \fIbio\fR, rather than standard
the output is sent to the specified BIO, \fIbio\fR, rather than standard
output. All common format specifiers are supported. The argument
list \fIargs\fR is a stdarg argument list.
.PP
@ -171,17 +95,17 @@ specifies the size of the output buffer.
All functions return the number of bytes written, or \-1 on error.
For \fBBIO_snprintf()\fR and \fBBIO_vsnprintf()\fR this includes when the output
buffer is too small.
.SH "NOTES"
.SH NOTES
.IX Header "NOTES"
Except when \fIn\fR is 0, both \fBBIO_snprintf()\fR and \fBBIO_vsnprintf()\fR always
terminate their output with \f(CW\*(Aq\e0\*(Aq\fR. This includes cases where \-1 is
returned, such as when there is insufficient space to output the whole
string.
.SH "COPYRIGHT"
.SH COPYRIGHT
.IX Header "COPYRIGHT"
Copyright 2017\-2021 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
in the file LICENSE in the source distribution or at
<https://www.openssl.org/source/license.html>.

132
secure/lib/libcrypto/man/man3/BIO_push.3
View file

@ -1,4 +1,5 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\" -*- mode: troff; coding: utf-8 -*-
.\" Automatically generated by Pod::Man 5.0102 (Pod::Simple 3.45)
.\"
.\" Standard preamble:
.\" ========================================================================
@ -15,29 +16,12 @@
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.\" \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>.
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
@ -68,77 +52,17 @@
. \}
.\}
.rr rF
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "BIO_PUSH 3ossl"
.TH BIO_PUSH 3ossl "2023-09-19" "3.0.11" "OpenSSL"
.TH BIO_PUSH 3ossl 2025-07-01 3.5.1 OpenSSL
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
.SH NAME
BIO_push, BIO_pop, BIO_set_next \- add and remove BIOs from a chain
.SH "SYNOPSIS"
.SH SYNOPSIS
.IX Header "SYNOPSIS"
.Vb 1
\& #include <openssl/bio.h>
@ -147,44 +71,44 @@ BIO_push, BIO_pop, BIO_set_next \- add and remove BIOs from a chain
\& BIO *BIO_pop(BIO *b);
\& void BIO_set_next(BIO *b, BIO *next);
.Ve
.SH "DESCRIPTION"
.SH DESCRIPTION
.IX Header "DESCRIPTION"
\&\fBBIO_push()\fR pushes \fIb\fR on \fInext\fR.
If \fIb\fR is \s-1NULL\s0 the function does nothing and returns \fInext\fR.
Otherwise it prepends \fIb\fR, which may be a single \s-1BIO\s0 or a chain of BIOs,
to \fInext\fR (unless \fInext\fR is \s-1NULL\s0).
If \fIb\fR is NULL the function does nothing and returns \fInext\fR.
Otherwise it prepends \fIb\fR, which may be a single BIO or a chain of BIOs,
to \fInext\fR (unless \fInext\fR is NULL).
It then makes a control call on \fIb\fR and returns \fIb\fR.
.PP
\&\fBBIO_pop()\fR removes the \s-1BIO\s0 \fIb\fR from any chain is is part of.
If \fIb\fR is \s-1NULL\s0 the function does nothing and returns \s-1NULL.\s0
\&\fBBIO_pop()\fR removes the BIO \fIb\fR from any chain is is part of.
If \fIb\fR is NULL the function does nothing and returns NULL.
Otherwise it makes a control call on \fIb\fR and
returns the next \s-1BIO\s0 in the chain, or \s-1NULL\s0 if there is no next \s-1BIO.\s0
The removed \s-1BIO\s0 becomes a single \s-1BIO\s0 with no association with
returns the next BIO in the chain, or NULL if there is no next BIO.
The removed BIO becomes a single BIO with no association with
the original chain, it can thus be freed or be made part of a different chain.
.PP
\&\fBBIO_set_next()\fR replaces the existing next \s-1BIO\s0 in a chain with the \s-1BIO\s0 pointed to
\&\fBBIO_set_next()\fR replaces the existing next BIO in a chain with the BIO pointed to
by \fInext\fR. The new chain may include some of the same BIOs from the old chain
or it may be completely different.
.SH "NOTES"
.SH NOTES
.IX Header "NOTES"
The names of these functions are perhaps a little misleading. \fBBIO_push()\fR
joins two \s-1BIO\s0 chains whereas \fBBIO_pop()\fR deletes a single \s-1BIO\s0 from a chain,
the deleted \s-1BIO\s0 does not need to be at the end of a chain.
joins two BIO chains whereas \fBBIO_pop()\fR deletes a single BIO from a chain,
the deleted BIO does not need to be at the end of a chain.
.PP
The process of calling \fBBIO_push()\fR and \fBBIO_pop()\fR on a \s-1BIO\s0 may have additional
The process of calling \fBBIO_push()\fR and \fBBIO_pop()\fR on a BIO may have additional
consequences (a control call is made to the affected BIOs).
Any effects will be noted in the descriptions of individual BIOs.
.SH "RETURN VALUES"
.IX Header "RETURN VALUES"
\&\fBBIO_push()\fR returns the head of the chain,
which usually is \fIb\fR, or \fInext\fR if \fIb\fR is \s-1NULL.\s0
which usually is \fIb\fR, or \fInext\fR if \fIb\fR is NULL.
.PP
\&\fBBIO_pop()\fR returns the next \s-1BIO\s0 in the chain,
or \s-1NULL\s0 if there is no next \s-1BIO.\s0
.SH "EXAMPLES"
\&\fBBIO_pop()\fR returns the next BIO in the chain,
or NULL if there is no next BIO.
.SH EXAMPLES
.IX Header "EXAMPLES"
For these examples suppose \fImd1\fR and \fImd2\fR are digest BIOs,
\&\fIb64\fR is a base64 \s-1BIO\s0 and \fIf\fR is a file \s-1BIO.\s0
\&\fIb64\fR is a base64 BIO and \fIf\fR is a file BIO.
.PP
If the call:
.PP
@ -218,14 +142,14 @@ except that \fImd2\fR will no more be applied.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBbio\fR\|(7)
.SH "HISTORY"
.SH HISTORY
.IX Header "HISTORY"
The \fBBIO_set_next()\fR function was added in OpenSSL 1.1.0.
.SH "COPYRIGHT"
.SH COPYRIGHT
.IX Header "COPYRIGHT"
Copyright 2000\-2021 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
in the file LICENSE in the source distribution or at
<https://www.openssl.org/source/license.html>.

148
secure/lib/libcrypto/man/man3/BIO_read.3
View file

@ -1,4 +1,5 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\" -*- mode: troff; coding: utf-8 -*-
.\" Automatically generated by Pod::Man 5.0102 (Pod::Simple 3.45)
.\"
.\" Standard preamble:
.\" ========================================================================
@ -15,29 +16,12 @@
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.\" \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>.
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
@ -68,79 +52,19 @@
. \}
.\}
.rr rF
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "BIO_READ 3ossl"
.TH BIO_READ 3ossl "2023-09-19" "3.0.11" "OpenSSL"
.TH BIO_READ 3ossl 2025-07-01 3.5.1 OpenSSL
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
.SH NAME
BIO_read_ex, BIO_write_ex, BIO_read, BIO_write,
BIO_gets, BIO_get_line, BIO_puts
\&\- BIO I/O functions
.SH "SYNOPSIS"
.SH SYNOPSIS
.IX Header "SYNOPSIS"
.Vb 1
\& #include <openssl/bio.h>
@ -154,40 +78,40 @@ BIO_gets, BIO_get_line, BIO_puts
\& int BIO_write(BIO *b, const void *data, int dlen);
\& int BIO_puts(BIO *b, const char *buf);
.Ve
.SH "DESCRIPTION"
.SH DESCRIPTION
.IX Header "DESCRIPTION"
\&\fBBIO_read_ex()\fR attempts to read \fIdlen\fR bytes from \s-1BIO\s0 \fIb\fR and places the data
\&\fBBIO_read_ex()\fR attempts to read \fIdlen\fR bytes from BIO \fIb\fR and places the data
in \fIdata\fR. If any bytes were successfully read then the number of bytes read is
stored in \fI*readbytes\fR.
.PP
\&\fBBIO_write_ex()\fR attempts to write \fIdlen\fR bytes from \fIdata\fR to \s-1BIO\s0 \fIb\fR.
\&\fBBIO_write_ex()\fR attempts to write \fIdlen\fR bytes from \fIdata\fR to BIO \fIb\fR.
If successful then the number of bytes written is stored in \fI*written\fR
unless \fIwritten\fR is \s-1NULL.\s0
unless \fIwritten\fR is NULL.
.PP
\&\fBBIO_read()\fR attempts to read \fIlen\fR bytes from \s-1BIO\s0 \fIb\fR and places
\&\fBBIO_read()\fR attempts to read \fIlen\fR bytes from BIO \fIb\fR and places
the data in \fIbuf\fR.
.PP
\&\fBBIO_gets()\fR performs the BIOs \*(L"gets\*(R" operation and places the data
\&\fBBIO_gets()\fR performs the BIOs "gets" operation and places the data
in \fIbuf\fR. Usually this operation will attempt to read a line of data
from the \s-1BIO\s0 of maximum length \fIsize\-1\fR. There are exceptions to this,
however; for example, \fBBIO_gets()\fR on a digest \s-1BIO\s0 will calculate and
from the BIO of maximum length \fIsize\-1\fR. There are exceptions to this,
however; for example, \fBBIO_gets()\fR on a digest BIO will calculate and
return the digest and other BIOs may not support \fBBIO_gets()\fR at all.
The returned string is always NUL-terminated and the '\en' is preserved
if present in the input data.
On binary input there may be \s-1NUL\s0 characters within the string;
On binary input there may be NUL characters within the string;
in this case the return value (if nonnegative) may give an incorrect length.
.PP
\&\fBBIO_get_line()\fR attempts to read from \s-1BIO\s0 \fIb\fR a line of data up to the next '\en'
\&\fBBIO_get_line()\fR attempts to read from BIO \fIb\fR a line of data up to the next '\en'
or the maximum length \fIsize\-1\fR is reached and places the data in \fIbuf\fR.
The returned string is always NUL-terminated and the '\en' is preserved
if present in the input data.
On binary input there may be \s-1NUL\s0 characters within the string;
On binary input there may be NUL characters within the string;
in this case the return value (if nonnegative) gives the actual length read.
For implementing this, unfortunately the data needs to be read byte-by-byte.
.PP
\&\fBBIO_write()\fR attempts to write \fIlen\fR bytes from \fIbuf\fR to \s-1BIO\s0 \fIb\fR.
\&\fBBIO_write()\fR attempts to write \fIlen\fR bytes from \fIbuf\fR to BIO \fIb\fR.
.PP
\&\fBBIO_puts()\fR attempts to write a NUL-terminated string \fIbuf\fR to \s-1BIO\s0 \fIb\fR.
\&\fBBIO_puts()\fR attempts to write a NUL-terminated string \fIbuf\fR to BIO \fIb\fR.
.SH "RETURN VALUES"
.IX Header "RETURN VALUES"
\&\fBBIO_read_ex()\fR returns 1 if data was successfully read, and 0 otherwise.
@ -195,24 +119,24 @@ For implementing this, unfortunately the data needs to be read byte-by-byte.
\&\fBBIO_write_ex()\fR returns 1 if no error was encountered writing data, 0 otherwise.
Requesting to write 0 bytes is not considered an error.
.PP
\&\fBBIO_write()\fR returns \-2 if the \*(L"write\*(R" operation is not implemented by the \s-1BIO\s0
\&\fBBIO_write()\fR returns \-2 if the "write" operation is not implemented by the BIO
or \-1 on other errors.
Otherwise it returns the number of bytes written.
This may be 0 if the \s-1BIO\s0 \fIb\fR is \s-1NULL\s0 or \fIdlen <= 0\fR.
This may be 0 if the BIO \fIb\fR is NULL or \fIdlen <= 0\fR.
.PP
\&\fBBIO_gets()\fR returns \-2 if the \*(L"gets\*(R" operation is not implemented by the \s-1BIO\s0
\&\fBBIO_gets()\fR returns \-2 if the "gets" operation is not implemented by the BIO
or \-1 on other errors.
Otherwise it typically returns the amount of data read,
but depending on the implementation it may return only the length up to
the first \s-1NUL\s0 character contained in the data read.
In any case the trailing \s-1NUL\s0 that is added after the data read
the first NUL character contained in the data read.
In any case the trailing NUL that is added after the data read
is not included in the length returned.
.PP
All other functions return either the amount of data successfully read or
written (if the return value is positive) or that no data was successfully
read or written if the result is 0 or \-1. If the return value is \-2 then
the operation is not implemented in the specific \s-1BIO\s0 type.
.SH "NOTES"
the operation is not implemented in the specific BIO type.
.SH NOTES
.IX Header "NOTES"
A 0 or \-1 return is not necessarily an indication of an error. In
particular when the source/sink is nonblocking or of a certain type
@ -224,7 +148,7 @@ One technique sometimes used with blocking sockets is to use a system call
and then call \fBread()\fR to read the data. The equivalent with BIOs (that is call
\&\fBselect()\fR on the underlying I/O structure and then call \fBBIO_read()\fR to
read the data) should \fBnot\fR be used because a single call to \fBBIO_read()\fR
can cause several reads (and writes in the case of \s-1SSL\s0 BIOs) on the underlying
can cause several reads (and writes in the case of SSL BIOs) on the underlying
I/O structure and may block as a result. Instead \fBselect()\fR (or equivalent)
should be combined with non blocking I/O so successive reads will request
a retry instead of blocking.
@ -232,26 +156,26 @@ a retry instead of blocking.
See \fBBIO_should_retry\fR\|(3) for details of how to
determine the cause of a retry and other I/O issues.
.PP
If the \*(L"gets\*(R" method is not supported by a \s-1BIO\s0 then \fBBIO_get_line()\fR can be used.
It is also possible to make \fBBIO_gets()\fR usable even if the \*(L"gets\*(R" method is not
supported by adding a buffering \s-1BIO\s0 \fBBIO_f_buffer\fR\|(3) to the chain.
If the "gets" method is not supported by a BIO then \fBBIO_get_line()\fR can be used.
It is also possible to make \fBBIO_gets()\fR usable even if the "gets" method is not
supported by adding a buffering BIO \fBBIO_f_buffer\fR\|(3) to the chain.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBBIO_should_retry\fR\|(3)
.SH "HISTORY"
.SH HISTORY
.IX Header "HISTORY"
\&\fBBIO_gets()\fR on 1.1.0 and older when called on \fBBIO_fd()\fR based \s-1BIO\s0 did not
\&\fBBIO_gets()\fR on 1.1.0 and older when called on \fBBIO_fd()\fR based BIO did not
keep the '\en' at the end of the line in the buffer.
.PP
\&\fBBIO_get_line()\fR was added in OpenSSL 3.0.
.PP
\&\fBBIO_write_ex()\fR returns 1 if the size of the data to write is 0 and the
\&\fIwritten\fR parameter of the function can be \s-1NULL\s0 since OpenSSL 3.0.
.SH "COPYRIGHT"
\&\fIwritten\fR parameter of the function can be NULL since OpenSSL 3.0.
.SH COPYRIGHT
.IX Header "COPYRIGHT"
Copyright 2000\-2023 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
in the file LICENSE in the source distribution or at
<https://www.openssl.org/source/license.html>.

211
secure/lib/libcrypto/man/man3/BIO_s_accept.3
View file

@ -1,4 +1,5 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\" -*- mode: troff; coding: utf-8 -*-
.\" Automatically generated by Pod::Man 5.0102 (Pod::Simple 3.45)
.\"
.\" Standard preamble:
.\" ========================================================================
@ -15,29 +16,12 @@
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.\" \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>.
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
@ -68,81 +52,21 @@
. \}
.\}
.rr rF
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "BIO_S_ACCEPT 3ossl"
.TH BIO_S_ACCEPT 3ossl "2023-09-19" "3.0.11" "OpenSSL"
.TH BIO_S_ACCEPT 3ossl 2025-07-01 3.5.1 OpenSSL
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
.SH NAME
BIO_s_accept, BIO_set_accept_name, BIO_set_accept_port, BIO_get_accept_name,
BIO_get_accept_port, BIO_new_accept, BIO_set_nbio_accept, BIO_set_accept_bios,
BIO_get_accept_port, BIO_new_accept, BIO_set_nbio_accept, BIO_set_tfo_accept, BIO_set_accept_bios,
BIO_get_peer_name, BIO_get_peer_port,
BIO_get_accept_ip_family, BIO_set_accept_ip_family,
BIO_set_bind_mode, BIO_get_bind_mode, BIO_do_accept \- accept BIO
.SH "SYNOPSIS"
.SH SYNOPSIS
.IX Header "SYNOPSIS"
.Vb 1
\& #include <openssl/bio.h>
@ -158,6 +82,7 @@ BIO_set_bind_mode, BIO_get_bind_mode, BIO_do_accept \- accept BIO
\& BIO *BIO_new_accept(char *host_port);
\&
\& long BIO_set_nbio_accept(BIO *b, int n);
\& long BIO_set_tfo_accept(BIO *b, int n);
\& long BIO_set_accept_bios(BIO *b, char *bio);
\&
\& char *BIO_get_peer_name(BIO *b);
@ -170,45 +95,45 @@ BIO_set_bind_mode, BIO_get_bind_mode, BIO_do_accept \- accept BIO
\&
\& int BIO_do_accept(BIO *b);
.Ve
.SH "DESCRIPTION"
.SH DESCRIPTION
.IX Header "DESCRIPTION"
\&\fBBIO_s_accept()\fR returns the accept \s-1BIO\s0 method. This is a wrapper
round the platform's \s-1TCP/IP\s0 socket accept routines.
\&\fBBIO_s_accept()\fR returns the accept BIO method. This is a wrapper
round the platform's TCP/IP socket accept routines.
.PP
Using accept BIOs, \s-1TCP/IP\s0 connections can be accepted and data
transferred using only \s-1BIO\s0 routines. In this way any platform
specific operations are hidden by the \s-1BIO\s0 abstraction.
Using accept BIOs, TCP/IP connections can be accepted and data
transferred using only BIO routines. In this way any platform
specific operations are hidden by the BIO abstraction.
.PP
Read and write operations on an accept \s-1BIO\s0 will perform I/O
Read and write operations on an accept BIO will perform I/O
on the underlying connection. If no connection is established
and the port (see below) is set up properly then the \s-1BIO\s0
and the port (see below) is set up properly then the BIO
waits for an incoming connection.
.PP
Accept BIOs support \fBBIO_puts()\fR but not \fBBIO_gets()\fR.
.PP
If the close flag is set on an accept \s-1BIO\s0 then any active
If the close flag is set on an accept BIO then any active
connection on that chain is shutdown and the socket closed when
the \s-1BIO\s0 is freed.
the BIO is freed.
.PP
Calling \fBBIO_reset()\fR on an accept \s-1BIO\s0 will close any active
connection and reset the \s-1BIO\s0 into a state where it awaits another
Calling \fBBIO_reset()\fR on an accept BIO will close any active
connection and reset the BIO into a state where it awaits another
incoming connection.
.PP
\&\fBBIO_get_fd()\fR and \fBBIO_set_fd()\fR can be called to retrieve or set
the accept socket. See \fBBIO_s_fd\fR\|(3)
.PP
\&\fBBIO_set_accept_name()\fR uses the string \fBname\fR to set the accept
name. The name is represented as a string of the form \*(L"host:port\*(R",
where \*(L"host\*(R" is the interface to use and \*(L"port\*(R" is the port.
The host can be \*(L"*\*(R" or empty which is interpreted as meaning
name. The name is represented as a string of the form "host:port",
where "host" is the interface to use and "port" is the port.
The host can be "*" or empty which is interpreted as meaning
any interface. If the host is an IPv6 address, it has to be
enclosed in brackets, for example \*(L"[::1]:https\*(R". \*(L"port\*(R" has the
enclosed in brackets, for example "[::1]:https". "port" has the
same syntax as the port specified in \fBBIO_set_conn_port()\fR for
connect BIOs, that is it can be a numerical port string or a
string to lookup using \fBgetservbyname()\fR and a string table.
.PP
\&\fBBIO_set_accept_port()\fR uses the string \fBport\fR to set the accept
port of \s-1BIO\s0 \fIb\fR. \*(L"port\*(R" has the same syntax as the port specified in
port of BIO \fIb\fR. "port" has the same syntax as the port specified in
\&\fBBIO_set_conn_port()\fR for connect BIOs, that is it can be a numerical
port string or a string to lookup using \fBgetservbyname()\fR and a string
table.
@ -216,58 +141,65 @@ If the given port is \f(CW0\fR then a random available port is chosen.
It may be queried using \fBBIO_sock_info()\fR and \fBBIO_ADDR_service_string\fR\|(3).
.PP
\&\fBBIO_new_accept()\fR combines \fBBIO_new()\fR and \fBBIO_set_accept_name()\fR into
a single call: that is it creates a new accept \s-1BIO\s0 with port
a single call: that is it creates a new accept BIO with port
\&\fBhost_port\fR.
.PP
\&\fBBIO_set_nbio_accept()\fR sets the accept socket to blocking mode
(the default) if \fBn\fR is 0 or non blocking mode if \fBn\fR is 1.
.PP
\&\fBBIO_set_tfo_accept()\fR enables TCP Fast Open on the accept socket
if \fBn\fR is 1 or disables TCP Fast Open if \fBn\fR is 0 (the default).
Setting the value to 1 is equivalent to setting \fBBIO_SOCK_TFO\fR
in \fBBIO_set_bind_mode()\fR.
.PP
\&\fBBIO_set_accept_bios()\fR can be used to set a chain of BIOs which
will be duplicated and prepended to the chain when an incoming
connection is received. This is useful if, for example, a
buffering or \s-1SSL BIO\s0 is required for each connection. The
buffering or SSL BIO is required for each connection. The
chain of BIOs must not be freed after this call, they will
be automatically freed when the accept \s-1BIO\s0 is freed.
be automatically freed when the accept BIO is freed.
.PP
\&\fBBIO_get_accept_ip_family()\fR returns the \s-1IP\s0 family accepted by the \s-1BIO\s0 \fIb\fR,
which may be \fB\s-1BIO_FAMILY_IPV4\s0\fR, \fB\s-1BIO_FAMILY_IPV6\s0\fR, or \fB\s-1BIO_FAMILY_IPANY\s0\fR.
\&\fBBIO_get_accept_ip_family()\fR returns the IP family accepted by the BIO \fIb\fR,
which may be \fBBIO_FAMILY_IPV4\fR, \fBBIO_FAMILY_IPV6\fR, or \fBBIO_FAMILY_IPANY\fR.
.PP
\&\fBBIO_set_accept_ip_family()\fR sets the \s-1IP\s0 family \fIfamily\fR accepted by \s-1BIO\s0 \fIb\fR.
The default is \fB\s-1BIO_FAMILY_IPANY\s0\fR.
\&\fBBIO_set_accept_ip_family()\fR sets the IP family \fIfamily\fR accepted by BIO \fIb\fR.
The default is \fBBIO_FAMILY_IPANY\fR.
.PP
\&\fBBIO_set_bind_mode()\fR and \fBBIO_get_bind_mode()\fR set and retrieve
the current bind mode. If \fB\s-1BIO_BIND_NORMAL\s0\fR (the default) is set
the current bind mode. If \fBBIO_BIND_NORMAL\fR (the default) is set
then another socket cannot be bound to the same port. If
\&\fB\s-1BIO_BIND_REUSEADDR\s0\fR is set then other sockets can bind to the
same port. If \fB\s-1BIO_BIND_REUSEADDR_IF_UNUSED\s0\fR is set then and
attempt is first made to use \s-1BIO_BIN_NORMAL,\s0 if this fails
\&\fBBIO_BIND_REUSEADDR\fR is set then other sockets can bind to the
same port. If \fBBIO_BIND_REUSEADDR_IF_UNUSED\fR is set then and
attempt is first made to use BIO_BIN_NORMAL, if this fails
and the port is not in use then a second attempt is made
using \fB\s-1BIO_BIND_REUSEADDR\s0\fR.
using \fBBIO_BIND_REUSEADDR\fR. If \fBBIO_SOCK_TFO\fR is set, then
the socket will be configured to accept TCP Fast Open
connections.
.PP
\&\fBBIO_do_accept()\fR serves two functions. When it is first
called, after the accept \s-1BIO\s0 has been setup, it will attempt
called, after the accept BIO has been setup, it will attempt
to create the accept socket and bind an address to it. Second
and subsequent calls to \fBBIO_do_accept()\fR will await an incoming
connection, or request a retry in non blocking mode.
.SH "NOTES"
.SH NOTES
.IX Header "NOTES"
When an accept \s-1BIO\s0 is at the end of a chain it will await an
When an accept BIO is at the end of a chain it will await an
incoming connection before processing I/O calls. When an accept
\&\s-1BIO\s0 is not at then end of a chain it passes I/O calls to the next
\&\s-1BIO\s0 in the chain.
BIO is not at then end of a chain it passes I/O calls to the next
BIO in the chain.
.PP
When a connection is established a new socket \s-1BIO\s0 is created for
When a connection is established a new socket BIO is created for
the connection and appended to the chain. That is the chain is now
accept\->socket. This effectively means that attempting I/O on
an initial accept socket will await an incoming connection then
perform I/O on it.
.PP
If any additional BIOs have been set using \fBBIO_set_accept_bios()\fR
then they are placed between the socket and the accept \s-1BIO,\s0
then they are placed between the socket and the accept BIO,
that is the chain will be accept\->otherbios\->socket.
.PP
If a server wishes to process multiple connections (as is normally
the case) then the accept \s-1BIO\s0 must be made available for further
the case) then the accept BIO must be made available for further
incoming connections. This can be done by waiting for a connection and
then calling:
.PP
@ -275,21 +207,21 @@ then calling:
\& connection = BIO_pop(accept);
.Ve
.PP
After this call \fBconnection\fR will contain a \s-1BIO\s0 for the recently
established connection and \fBaccept\fR will now be a single \s-1BIO\s0
After this call \fBconnection\fR will contain a BIO for the recently
established connection and \fBaccept\fR will now be a single BIO
again which can be used to await further incoming connections.
If no further connections will be accepted the \fBaccept\fR can
be freed using \fBBIO_free()\fR.
.PP
If only a single connection will be processed it is possible to
perform I/O using the accept \s-1BIO\s0 itself. This is often undesirable
however because the accept \s-1BIO\s0 will still accept additional incoming
perform I/O using the accept BIO itself. This is often undesirable
however because the accept BIO will still accept additional incoming
connections. This can be resolved by using \fBBIO_pop()\fR (see above)
and freeing up the accept \s-1BIO\s0 after the initial connection.
and freeing up the accept BIO after the initial connection.
.PP
If the underlying accept socket is nonblocking and \fBBIO_do_accept()\fR is
called to await an incoming connection it is possible for
\&\fBBIO_should_io_special()\fR with the reason \s-1BIO_RR_ACCEPT.\s0 If this happens
\&\fBBIO_should_io_special()\fR with the reason BIO_RR_ACCEPT. If this happens
then it is an indication that an accept attempt would block: the application
should take appropriate action to wait until the underlying socket has
accepted a connection and retry the call.
@ -304,19 +236,19 @@ accepted a connection and retry the call.
\&\fBBIO_do_accept()\fR,
\&\fBBIO_set_accept_name()\fR, \fBBIO_set_accept_port()\fR, \fBBIO_set_nbio_accept()\fR,
\&\fBBIO_set_accept_bios()\fR, \fBBIO_set_accept_ip_family()\fR, and \fBBIO_set_bind_mode()\fR
return 1 for success and <=0 for failure.
return 1 for success and <= 0 for failure.
.PP
\&\fBBIO_get_accept_name()\fR returns the accept name or \s-1NULL\s0 on error.
\&\fBBIO_get_peer_name()\fR returns the peer name or \s-1NULL\s0 on error.
\&\fBBIO_get_accept_name()\fR returns the accept name or NULL on error.
\&\fBBIO_get_peer_name()\fR returns the peer name or NULL on error.
.PP
\&\fBBIO_get_accept_port()\fR returns the accept port as a string or \s-1NULL\s0 on error.
\&\fBBIO_get_peer_port()\fR returns the peer port as a string or \s-1NULL\s0 on error.
\&\fBBIO_get_accept_ip_family()\fR returns the \s-1IP\s0 family or <=0 on error.
\&\fBBIO_get_accept_port()\fR returns the accept port as a string or NULL on error.
\&\fBBIO_get_peer_port()\fR returns the peer port as a string or NULL on error.
\&\fBBIO_get_accept_ip_family()\fR returns the IP family or <= 0 on error.
.PP
\&\fBBIO_get_bind_mode()\fR returns the set of \fB\s-1BIO_BIND\s0\fR flags, or <=0 on failure.
\&\fBBIO_get_bind_mode()\fR returns the set of \fBBIO_BIND\fR flags, or <= 0 on failure.
.PP
\&\fBBIO_new_accept()\fR returns a \s-1BIO\s0 or \s-1NULL\s0 on error.
.SH "EXAMPLES"
\&\fBBIO_new_accept()\fR returns a BIO or NULL on error.
.SH EXAMPLES
.IX Header "EXAMPLES"
This example accepts two connections on port 4444, sends messages
down each and finally closes both down.
@ -365,11 +297,14 @@ down each and finally closes both down.
\& BIO_free(cbio);
\& BIO_free(cbio2);
.Ve
.SH "COPYRIGHT"
.SH HISTORY
.IX Header "HISTORY"
\&\fBBIO_set_tfo_accept()\fR was added in OpenSSL 3.2.
.SH COPYRIGHT
.IX Header "COPYRIGHT"
Copyright 2000\-2022 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
in the file LICENSE in the source distribution or at
<https://www.openssl.org/source/license.html>.

152
secure/lib/libcrypto/man/man3/BIO_s_bio.3
View file

@ -1,4 +1,5 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\" -*- mode: troff; coding: utf-8 -*-
.\" Automatically generated by Pod::Man 5.0102 (Pod::Simple 3.45)
.\"
.\" Standard preamble:
.\" ========================================================================
@ -15,29 +16,12 @@
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.\" \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>.
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
@ -68,80 +52,20 @@
. \}
.\}
.rr rF
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "BIO_S_BIO 3ossl"
.TH BIO_S_BIO 3ossl "2023-09-19" "3.0.11" "OpenSSL"
.TH BIO_S_BIO 3ossl 2025-07-01 3.5.1 OpenSSL
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
.SH NAME
BIO_s_bio, BIO_make_bio_pair, BIO_destroy_bio_pair, BIO_shutdown_wr,
BIO_set_write_buf_size, BIO_get_write_buf_size, BIO_new_bio_pair,
BIO_get_write_guarantee, BIO_ctrl_get_write_guarantee, BIO_get_read_request,
BIO_ctrl_get_read_request, BIO_ctrl_reset_read_request \- BIO pair BIO
.SH "SYNOPSIS"
.SH SYNOPSIS
.IX Header "SYNOPSIS"
.Vb 1
\& #include <openssl/bio.h>
@ -163,20 +87,20 @@ BIO_ctrl_get_read_request, BIO_ctrl_reset_read_request \- BIO pair BIO
\& size_t BIO_ctrl_get_read_request(BIO *b);
\& int BIO_ctrl_reset_read_request(BIO *b);
.Ve
.SH "DESCRIPTION"
.SH DESCRIPTION
.IX Header "DESCRIPTION"
\&\fBBIO_s_bio()\fR returns the method for a \s-1BIO\s0 pair. A \s-1BIO\s0 pair is a pair of source/sink
\&\fBBIO_s_bio()\fR returns the method for a BIO pair. A BIO pair is a pair of source/sink
BIOs where data written to either half of the pair is buffered and can be read from
the other half. Both halves must usually by handled by the same application thread
since no locking is done on the internal data structures.
.PP
Since \s-1BIO\s0 chains typically end in a source/sink \s-1BIO\s0 it is possible to make this
one half of a \s-1BIO\s0 pair and have all the data processed by the chain under application
Since BIO chains typically end in a source/sink BIO it is possible to make this
one half of a BIO pair and have all the data processed by the chain under application
control.
.PP
One typical use of \s-1BIO\s0 pairs is to place \s-1TLS/SSL I/O\s0 under application control, this
One typical use of BIO pairs is to place TLS/SSL I/O under application control, this
can be used when the application wishes to use a non standard transport for
\&\s-1TLS/SSL\s0 or the normal socket routines are inappropriate.
TLS/SSL or the normal socket routines are inappropriate.
.PP
Calls to \fBBIO_read_ex()\fR will read data from the buffer or request a retry if no
data is available.
@ -194,14 +118,14 @@ determine the amount of pending data in the read or write buffer.
\&\fBBIO_destroy_pair()\fR destroys the association between two connected BIOs. Freeing
up any half of the pair will automatically destroy the association.
.PP
\&\fBBIO_shutdown_wr()\fR is used to close down a \s-1BIO\s0 \fBb\fR. After this call no further
writes on \s-1BIO\s0 \fBb\fR are allowed (they will return an error). Reads on the other
half of the pair will return any pending data or \s-1EOF\s0 when all pending data has
\&\fBBIO_shutdown_wr()\fR is used to close down a BIO \fBb\fR. After this call no further
writes on BIO \fBb\fR are allowed (they will return an error). Reads on the other
half of the pair will return any pending data or EOF when all pending data has
been read.
.PP
\&\fBBIO_set_write_buf_size()\fR sets the write buffer size of \s-1BIO\s0 \fBb\fR to \fBsize\fR.
\&\fBBIO_set_write_buf_size()\fR sets the write buffer size of BIO \fBb\fR to \fBsize\fR.
If the size is not initialized a default value is used. This is currently
17K, sufficient for a maximum size \s-1TLS\s0 record.
17K, sufficient for a maximum size TLS record.
.PP
\&\fBBIO_get_write_buf_size()\fR returns the size of the write buffer.
.PP
@ -209,21 +133,21 @@ If the size is not initialized a default value is used. This is currently
\&\fBBIO_set_write_buf_size()\fR to create a connected pair of BIOs \fBbio1\fR, \fBbio2\fR
with write buffer sizes \fBwritebuf1\fR and \fBwritebuf2\fR. If either size is
zero then the default size is used. \fBBIO_new_bio_pair()\fR does not check whether
\&\fBbio1\fR or \fBbio2\fR do point to some other \s-1BIO,\s0 the values are overwritten,
\&\fBbio1\fR or \fBbio2\fR do point to some other BIO, the values are overwritten,
\&\fBBIO_free()\fR is not called.
.PP
\&\fBBIO_get_write_guarantee()\fR and \fBBIO_ctrl_get_write_guarantee()\fR return the maximum
length of data that can be currently written to the \s-1BIO.\s0 Writes larger than this
length of data that can be currently written to the BIO. Writes larger than this
value will return a value from \fBBIO_write_ex()\fR less than the amount requested or
if the buffer is full request a retry. \fBBIO_ctrl_get_write_guarantee()\fR is a
function whereas \fBBIO_get_write_guarantee()\fR is a macro.
.PP
\&\fBBIO_get_read_request()\fR and \fBBIO_ctrl_get_read_request()\fR return the
amount of data requested, or the buffer size if it is less, if the
last read attempt at the other half of the \s-1BIO\s0 pair failed due to an
last read attempt at the other half of the BIO pair failed due to an
empty buffer. This can be used to determine how much data should be
written to the \s-1BIO\s0 so the next read will succeed: this is most useful
in \s-1TLS/SSL\s0 applications where the amount of data read is usually
written to the BIO so the next read will succeed: this is most useful
in TLS/SSL applications where the amount of data read is usually
meaningful rather than just a buffer size. After a successful read
this call will return zero. It also will return zero once new data
has been written satisfying the read request or part of it.
@ -232,12 +156,12 @@ than that returned by \fBBIO_get_write_guarantee()\fR.
.PP
\&\fBBIO_ctrl_reset_read_request()\fR can also be used to reset the value returned by
\&\fBBIO_get_read_request()\fR to zero.
.SH "NOTES"
.SH NOTES
.IX Header "NOTES"
Both halves of a \s-1BIO\s0 pair should be freed. That is even if one half is implicit
Both halves of a BIO pair should be freed. That is even if one half is implicit
freed due to a \fBBIO_free_all()\fR or \fBSSL_free()\fR call the other half needs to be freed.
.PP
When used in bidirectional applications (such as \s-1TLS/SSL\s0) care should be taken to
When used in bidirectional applications (such as TLS/SSL) care should be taken to
flush any data in the write buffer. This can be done by calling \fBBIO_pending()\fR
on the other half of the pair and, if any data is pending, reading it and sending
it to the underlying transport. This must be done before any normal processing
@ -245,13 +169,13 @@ it to the underlying transport. This must be done before any normal processing
.PP
To see why this is important consider a case where a request is sent using
\&\fBBIO_write_ex()\fR and a response read with \fBBIO_read_ex()\fR, this can occur during an
\&\s-1TLS/SSL\s0 handshake for example. \fBBIO_write_ex()\fR will succeed and place data in the
TLS/SSL handshake for example. \fBBIO_write_ex()\fR will succeed and place data in the
write buffer. \fBBIO_read_ex()\fR will initially fail and \fBBIO_should_read()\fR will be
true. If the application then waits for data to be available on the underlying
transport before flushing the write buffer it will never succeed because the
request was never sent!
.PP
\&\fBBIO_eof()\fR is true if no data is in the peer \s-1BIO\s0 and the peer \s-1BIO\s0 has been
\&\fBBIO_eof()\fR is true if no data is in the peer BIO and the peer BIO has been
shutdown.
.PP
\&\fBBIO_make_bio_pair()\fR, \fBBIO_destroy_bio_pair()\fR, \fBBIO_shutdown_wr()\fR,
@ -261,13 +185,13 @@ as macros.
.SH "RETURN VALUES"
.IX Header "RETURN VALUES"
\&\fBBIO_new_bio_pair()\fR returns 1 on success, with the new BIOs available in
\&\fBbio1\fR and \fBbio2\fR, or 0 on failure, with \s-1NULL\s0 pointers stored into the
\&\fBbio1\fR and \fBbio2\fR, or 0 on failure, with NULL pointers stored into the
locations for \fBbio1\fR and \fBbio2\fR. Check the error stack for more information.
.PP
[\s-1XXXXX:\s0 More return values need to be added here]
.SH "EXAMPLES"
[XXXXX: More return values need to be added here]
.SH EXAMPLES
.IX Header "EXAMPLES"
The \s-1BIO\s0 pair can be used to have full control over the network access of an
The BIO pair can be used to have full control over the network access of an
application. The application can call \fBselect()\fR on the socket as required
without having to go through the SSL-interface.
.PP
@ -300,18 +224,18 @@ without having to go through the SSL-interface.
\& ...
.Ve
.PP
As the \s-1BIO\s0 pair will only buffer the data and never directly access the
As the BIO pair will only buffer the data and never directly access the
connection, it behaves nonblocking and will return as soon as the write
buffer is full or the read buffer is drained. Then the application has to
flush the write buffer and/or fill the read buffer.
.PP
Use the \fBBIO_ctrl_pending()\fR, to find out whether data is buffered in the \s-1BIO\s0
Use the \fBBIO_ctrl_pending()\fR, to find out whether data is buffered in the BIO
and must be transferred to the network. Use \fBBIO_ctrl_get_read_request()\fR to
find out, how many bytes must be written into the buffer before the
\&\fBSSL_operation()\fR can successfully be continued.
.SH "WARNINGS"
.SH WARNINGS
.IX Header "WARNINGS"
As the data is buffered, \fBSSL_operation()\fR may return with an \s-1ERROR_SSL_WANT_READ\s0
As the data is buffered, \fBSSL_operation()\fR may return with an ERROR_SSL_WANT_READ
condition, but there is still data in the write buffer. An application must
not rely on the error value of \fBSSL_operation()\fR but must assure that the
write buffer is always flushed first. Otherwise a deadlock may occur as
@ -320,11 +244,11 @@ the peer might be waiting for the data before being able to continue.
.IX Header "SEE ALSO"
\&\fBSSL_set_bio\fR\|(3), \fBssl\fR\|(7), \fBbio\fR\|(7),
\&\fBBIO_should_retry\fR\|(3), \fBBIO_read_ex\fR\|(3)
.SH "COPYRIGHT"
.SH COPYRIGHT
.IX Header "COPYRIGHT"
Copyright 2000\-2020 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
in the file LICENSE in the source distribution or at
<https://www.openssl.org/source/license.html>.

192
secure/lib/libcrypto/man/man3/BIO_s_connect.3
View file

@ -1,4 +1,5 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\" -*- mode: troff; coding: utf-8 -*-
.\" Automatically generated by Pod::Man 5.0102 (Pod::Simple 3.45)
.\"
.\" Standard preamble:
.\" ========================================================================
@ -15,29 +16,12 @@
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.\" \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>.
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
@ -68,82 +52,23 @@
. \}
.\}
.rr rF
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "BIO_S_CONNECT 3ossl"
.TH BIO_S_CONNECT 3ossl "2023-09-19" "3.0.11" "OpenSSL"
.TH BIO_S_CONNECT 3ossl 2025-07-01 3.5.1 OpenSSL
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
.SH NAME
BIO_s_connect, BIO_new_connect,
BIO_set_conn_hostname, BIO_set_conn_port,
BIO_set_conn_address, BIO_set_conn_ip_family,
BIO_get_conn_hostname, BIO_get_conn_port,
BIO_get_conn_address, BIO_get_conn_ip_family,
BIO_set_nbio, BIO_do_connect \- connect BIO
.SH "SYNOPSIS"
BIO_set_nbio, BIO_set_sock_type, BIO_get_sock_type, BIO_get0_dgram_bio,
BIO_do_connect \- connect BIO
.SH SYNOPSIS
.IX Header "SYNOPSIS"
.Vb 1
\& #include <openssl/bio.h>
@ -163,61 +88,65 @@ BIO_set_nbio, BIO_do_connect \- connect BIO
\&
\& long BIO_set_nbio(BIO *b, long n);
\&
\& int BIO_set_sock_type(BIO *b, int sock_type);
\& int BIO_get_sock_type(BIO *b);
\& int BIO_get0_dgram_bio(BIO *B, BIO **dgram_bio);
\&
\& long BIO_do_connect(BIO *b);
.Ve
.SH "DESCRIPTION"
.SH DESCRIPTION
.IX Header "DESCRIPTION"
\&\fBBIO_s_connect()\fR returns the connect \s-1BIO\s0 method. This is a wrapper
round the platform's \s-1TCP/IP\s0 socket connection routines.
\&\fBBIO_s_connect()\fR returns the connect BIO method. This is a wrapper
round the platform's TCP/IP socket connection routines.
.PP
Using connect BIOs, \s-1TCP/IP\s0 connections can be made and data
transferred using only \s-1BIO\s0 routines. In this way any platform
specific operations are hidden by the \s-1BIO\s0 abstraction.
Using connect BIOs, TCP/IP connections can be made and data
transferred using only BIO routines. In this way any platform
specific operations are hidden by the BIO abstraction.
.PP
Read and write operations on a connect \s-1BIO\s0 will perform I/O
Read and write operations on a connect BIO will perform I/O
on the underlying connection. If no connection is established
and the port and hostname (see below) is set up properly then
a connection is established first.
.PP
Connect BIOs support \fBBIO_puts()\fR but not \fBBIO_gets()\fR.
Connect BIOs support \fBBIO_puts()\fR and \fBBIO_gets()\fR.
.PP
If the close flag is set on a connect \s-1BIO\s0 then any active
connection is shutdown and the socket closed when the \s-1BIO\s0
If the close flag is set on a connect BIO then any active
connection is shutdown and the socket closed when the BIO
is freed.
.PP
Calling \fBBIO_reset()\fR on a connect \s-1BIO\s0 will close any active
connection and reset the \s-1BIO\s0 into a state where it can connect
Calling \fBBIO_reset()\fR on a connect BIO will close any active
connection and reset the BIO into a state where it can connect
to the same host again.
.PP
\&\fBBIO_new_connect()\fR combines \fBBIO_new()\fR and \fBBIO_set_conn_hostname()\fR into
a single call: that is it creates a new connect \s-1BIO\s0 with hostname \fBname\fR.
a single call: that is it creates a new connect BIO with hostname \fBname\fR.
.PP
\&\fBBIO_set_conn_hostname()\fR uses the string \fBname\fR to set the hostname.
The hostname can be an \s-1IP\s0 address; if the address is an IPv6 one, it
must be enclosed with brackets \f(CW\*(C`[\*(C'\fR and \f(CW\*(C`]\*(C'\fR.
The hostname can be an IP address; if the address is an IPv6 one, it
must be enclosed in brackets \f(CW\*(C`[\*(C'\fR and \f(CW\*(C`]\*(C'\fR.
The hostname can also include the port in the form hostname:port;
see \fBBIO_parse_hostserv\fR\|(3) and \fBBIO_set_conn_port()\fR for details.
.PP
\&\fBBIO_set_conn_port()\fR sets the port to \fBport\fR. \fBport\fR can be the
numerical form or a service string such as \*(L"http\*(R", which
numerical form or a service string such as "http", which
will be mapped to a port number using the system function \fBgetservbyname()\fR.
.PP
\&\fBBIO_set_conn_address()\fR sets the address and port information using
a \s-1\fBBIO_ADDR\s0\fR\|(3ssl).
a \fBBIO_ADDR\fR\|(3ssl).
.PP
\&\fBBIO_set_conn_ip_family()\fR sets the \s-1IP\s0 family.
\&\fBBIO_set_conn_ip_family()\fR sets the IP family.
.PP
\&\fBBIO_get_conn_hostname()\fR returns the hostname of the connect \s-1BIO\s0 or
\&\s-1NULL\s0 if the \s-1BIO\s0 is initialized but no hostname is set.
\&\fBBIO_get_conn_hostname()\fR returns the hostname of the connect BIO or
NULL if the BIO is initialized but no hostname is set.
This return value is an internal pointer which should not be modified.
.PP
\&\fBBIO_get_conn_port()\fR returns the port as a string.
This return value is an internal pointer which should not be modified.
.PP
\&\fBBIO_get_conn_address()\fR returns the address information as a \s-1BIO_ADDR.\s0
\&\fBBIO_get_conn_address()\fR returns the address information as a BIO_ADDR.
This return value is an internal pointer which should not be modified.
.PP
\&\fBBIO_get_conn_ip_family()\fR returns the \s-1IP\s0 family of the connect \s-1BIO.\s0
\&\fBBIO_get_conn_ip_family()\fR returns the IP family of the connect BIO.
.PP
\&\fBBIO_set_nbio()\fR sets the non blocking I/O flag to \fBn\fR. If \fBn\fR is
zero then blocking I/O is set. If \fBn\fR is 1 then non blocking I/O
@ -225,17 +154,30 @@ is set. Blocking I/O is the default. The call to \fBBIO_set_nbio()\fR
should be made before the connection is established because
non blocking I/O is set during the connect process.
.PP
\&\fBBIO_do_connect()\fR attempts to connect the supplied \s-1BIO.\s0
This performs an \s-1SSL/TLS\s0 handshake as far as supported by the \s-1BIO.\s0
For non-SSL BIOs the connection is done typically at \s-1TCP\s0 level.
If domain name resolution yields multiple \s-1IP\s0 addresses all of them are tried
\&\fBBIO_do_connect()\fR attempts to connect the supplied BIO.
This performs an SSL/TLS handshake as far as supported by the BIO.
For non-SSL BIOs the connection is done typically at TCP level.
If domain name resolution yields multiple IP addresses all of them are tried
after \fBconnect()\fR failures.
The function returns 1 if the connection was established successfully.
A zero or negative value is returned if the connection could not be established.
The call \fBBIO_should_retry()\fR should be used for non blocking connect BIOs
to determine if the call should be retried.
If a connection has already been established this call has no effect.
.SH "NOTES"
.PP
\&\fBBIO_set_sock_type()\fR can be used to set a socket type value as would be passed in
a call to \fBsocket\fR\|(2). The only currently supported values are \fBSOCK_STREAM\fR (the
default) and \fBSOCK_DGRAM\fR. If \fBSOCK_DGRAM\fR is configured, the connection
created is a UDP datagram socket handled via \fBBIO_s_datagram\fR\|(3).
I/O calls such as \fBBIO_read\fR\|(3) and \fBBIO_write\fR\|(3) are forwarded transparently
to an internal \fBBIO_s_datagram\fR\|(3) instance. The created \fBBIO_s_datagram\fR\|(3)
instance can be retrieved using \fBBIO_get0_dgram_bio()\fR if desired, which writes
a pointer to the \fBBIO_s_datagram\fR\|(3) instance to \fI*dgram_bio\fR. The lifetime
of the internal \fBBIO_s_datagram\fR\|(3) is managed by \fBBIO_s_connect()\fR and does not
need to be freed by the caller.
.PP
\&\fBBIO_get_sock_type()\fR retrieves the value set using \fBBIO_set_sock_type()\fR.
.SH NOTES
.IX Header "NOTES"
If blocking I/O is set then a non positive return value from any
I/O call is caused by an error condition, although a zero return
@ -260,7 +202,7 @@ If non blocking I/O is set then retries will be requested as appropriate.
.PP
It addition to \fBBIO_should_read()\fR and \fBBIO_should_write()\fR it is also
possible for \fBBIO_should_io_special()\fR to be true during the initial
connection process with the reason \s-1BIO_RR_CONNECT.\s0 If this is returned
connection process with the reason BIO_RR_CONNECT. If this is returned
then this is an indication that a connection attempt would block,
the application should then take appropriate action to wait until
the underlying socket has connected and retry the call.
@ -271,29 +213,35 @@ the underlying socket has connected and retry the call.
\&\fBBIO_set_nbio()\fR, and \fBBIO_do_connect()\fR are macros.
.SH "RETURN VALUES"
.IX Header "RETURN VALUES"
\&\fBBIO_s_connect()\fR returns the connect \s-1BIO\s0 method.
\&\fBBIO_s_connect()\fR returns the connect BIO method.
.PP
\&\fBBIO_set_conn_address()\fR, \fBBIO_set_conn_port()\fR, and \fBBIO_set_conn_ip_family()\fR
return 1 or <=0 if an error occurs.
.PP
\&\fBBIO_set_conn_hostname()\fR returns 1 on success and <=0 on failure.
.PP
\&\fBBIO_get_conn_address()\fR returns the address information or \s-1NULL\s0 if none
\&\fBBIO_get_conn_address()\fR returns the address information or NULL if none
was set.
.PP
\&\fBBIO_get_conn_hostname()\fR returns the connected hostname or \s-1NULL\s0 if
\&\fBBIO_get_conn_hostname()\fR returns the connected hostname or NULL if
none was set.
.PP
\&\fBBIO_get_conn_ip_family()\fR returns the address family or \-1 if none was set.
.PP
\&\fBBIO_get_conn_port()\fR returns a string representing the connected
port or \s-1NULL\s0 if not set.
port or NULL if not set.
.PP
\&\fBBIO_set_nbio()\fR returns 1 or <=0 if an error occurs.
.PP
\&\fBBIO_do_connect()\fR returns 1 if the connection was successfully
established and <=0 if the connection failed.
.SH "EXAMPLES"
.PP
\&\fBBIO_set_sock_type()\fR returns 1 on success or 0 on failure.
.PP
\&\fBBIO_get_sock_type()\fR returns a socket type or 0 if the call is not supported.
.PP
\&\fBBIO_get0_dgram_bio()\fR returns 1 on success or 0 on failure.
.SH EXAMPLES
.IX Header "EXAMPLES"
This is example connects to a webserver on the local host and attempts
to retrieve a page and copy the result to standard output.
@ -322,17 +270,19 @@ to retrieve a page and copy the result to standard output.
.Ve
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\s-1\fBBIO_ADDR\s0\fR\|(3), \fBBIO_parse_hostserv\fR\|(3)
.SH "HISTORY"
\&\fBBIO_ADDR\fR\|(3), \fBBIO_parse_hostserv\fR\|(3)
.SH HISTORY
.IX Header "HISTORY"
\&\fBBIO_set_conn_int_port()\fR, \fBBIO_get_conn_int_port()\fR, \fBBIO_set_conn_ip()\fR, and \fBBIO_get_conn_ip()\fR
were removed in OpenSSL 1.1.0.
Use \fBBIO_set_conn_address()\fR and \fBBIO_get_conn_address()\fR instead.
.SH "COPYRIGHT"
.PP
Connect BIOs support \fBBIO_gets()\fR since OpenSSL 3.2.
.SH COPYRIGHT
.IX Header "COPYRIGHT"
Copyright 2000\-2023 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
in the file LICENSE in the source distribution or at
<https://www.openssl.org/source/license.html>.

128
secure/lib/libcrypto/man/man3/BIO_s_core.3
View file

@ -1,4 +1,5 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\" -*- mode: troff; coding: utf-8 -*-
.\" Automatically generated by Pod::Man 5.0102 (Pod::Simple 3.45)
.\"
.\" Standard preamble:
.\" ========================================================================
@ -15,29 +16,12 @@
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.\" \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>.
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
@ -68,77 +52,17 @@
. \}
.\}
.rr rF
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "BIO_S_CORE 3ossl"
.TH BIO_S_CORE 3ossl "2023-09-19" "3.0.11" "OpenSSL"
.TH BIO_S_CORE 3ossl 2025-07-01 3.5.1 OpenSSL
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
.SH NAME
BIO_s_core, BIO_new_from_core_bio \- OSSL_CORE_BIO functions
.SH "SYNOPSIS"
.SH SYNOPSIS
.IX Header "SYNOPSIS"
.Vb 1
\& #include <openssl/bio.h>
@ -147,38 +71,38 @@ BIO_s_core, BIO_new_from_core_bio \- OSSL_CORE_BIO functions
\&
\& BIO *BIO_new_from_core_bio(OSSL_LIB_CTX *libctx, OSSL_CORE_BIO *corebio);
.Ve
.SH "DESCRIPTION"
.SH DESCRIPTION
.IX Header "DESCRIPTION"
\&\fBBIO_s_core()\fR returns the core \s-1BIO\s0 method function.
\&\fBBIO_s_core()\fR returns the core BIO method function.
.PP
A core \s-1BIO\s0 is treated as source/sink \s-1BIO\s0 which communicates to some external
\&\s-1BIO.\s0 This is primarily useful to provider authors. A number of calls from
libcrypto into a provider supply an \s-1OSSL_CORE_BIO\s0 parameter. This represents
a \s-1BIO\s0 within libcrypto, but cannot be used directly by a provider. Instead it
A core BIO is treated as source/sink BIO which communicates to some external
BIO. This is primarily useful to provider authors. A number of calls from
libcrypto into a provider supply an OSSL_CORE_BIO parameter. This represents
a BIO within libcrypto, but cannot be used directly by a provider. Instead it
should be wrapped using a \fBBIO_s_core()\fR.
.PP
Once a \s-1BIO\s0 is constructed based on \fBBIO_s_core()\fR, the associated \s-1OSSL_CORE_BIO\s0
object should be set on it using \fBBIO_set_data\fR\|(3). Note that the \s-1BIO\s0 will only
Once a BIO is constructed based on \fBBIO_s_core()\fR, the associated OSSL_CORE_BIO
object should be set on it using \fBBIO_set_data\fR\|(3). Note that the BIO will only
operate correctly if it is associated with a library context constructed using
\&\fBOSSL_LIB_CTX_new_from_dispatch\fR\|(3). To associate the \s-1BIO\s0 with a library context
\&\fBOSSL_LIB_CTX_new_from_dispatch\fR\|(3). To associate the BIO with a library context
construct it using \fBBIO_new_ex\fR\|(3).
.PP
\&\fBBIO_new_from_core_bio()\fR is a convenience function that constructs a new \s-1BIO\s0
\&\fBBIO_new_from_core_bio()\fR is a convenience function that constructs a new BIO
based on \fBBIO_s_core()\fR and that is associated with the given library context. It
then also sets the \s-1OSSL_CORE_BIO\s0 object on the \s-1BIO\s0 using \fBBIO_set_data\fR\|(3).
then also sets the OSSL_CORE_BIO object on the BIO using \fBBIO_set_data\fR\|(3).
.SH "RETURN VALUES"
.IX Header "RETURN VALUES"
\&\fBBIO_s_core()\fR return a core \s-1BIO\s0 \fB\s-1BIO_METHOD\s0\fR structure.
\&\fBBIO_s_core()\fR return a core BIO \fBBIO_METHOD\fR structure.
.PP
\&\fBBIO_new_from_core_bio()\fR returns a \s-1BIO\s0 structure on success or \s-1NULL\s0 on failure.
\&\fBBIO_new_from_core_bio()\fR returns a BIO structure on success or NULL on failure.
A failure will most commonly be because the library context was not constructed
using \fBOSSL_LIB_CTX_new_from_dispatch\fR\|(3).
.SH "HISTORY"
.SH HISTORY
.IX Header "HISTORY"
\&\fBBIO_s_core()\fR and \fBBIO_new_from_core_bio()\fR were added in OpenSSL 3.0.
.SH "EXAMPLES"
.SH EXAMPLES
.IX Header "EXAMPLES"
Create a core \s-1BIO\s0 and write some data to it:
Create a core BIO and write some data to it:
.PP
.Vb 2
\& int some_function(OSSL_LIB_CTX *libctx, OSSL_CORE_BIO *corebio) {
@ -193,11 +117,11 @@ Create a core \s-1BIO\s0 and write some data to it:
\& return 1;
\& }
.Ve
.SH "COPYRIGHT"
.SH COPYRIGHT
.IX Header "COPYRIGHT"
Copyright 2021\-2023 The OpenSSL Project Authors. All Rights Reserved.
Copyright 2021\-2022 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
in the file LICENSE in the source distribution or at
<https://www.openssl.org/source/license.html>.

227
secure/lib/libcrypto/man/man3/BIO_s_datagram.3
View file

@ -1,4 +1,5 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\" -*- mode: troff; coding: utf-8 -*-
.\" Automatically generated by Pod::Man 5.0102 (Pod::Simple 3.45)
.\"
.\" Standard preamble:
.\" ========================================================================
@ -15,29 +16,12 @@
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.\" \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>.
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
@ -68,75 +52,15 @@
. \}
.\}
.rr rF
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "BIO_S_DATAGRAM 3ossl"
.TH BIO_S_DATAGRAM 3ossl "2023-09-19" "3.0.11" "OpenSSL"
.TH BIO_S_DATAGRAM 3ossl 2025-07-01 3.5.1 OpenSSL
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
.SH NAME
BIO_s_datagram, BIO_new_dgram,
BIO_ctrl_dgram_connect,
BIO_ctrl_set_connected,
@ -144,8 +68,9 @@ BIO_dgram_recv_timedout,
BIO_dgram_send_timedout,
BIO_dgram_get_peer,
BIO_dgram_set_peer,
BIO_dgram_detect_peer_addr,
BIO_dgram_get_mtu_overhead \- Network BIO with datagram semantics
.SH "SYNOPSIS"
.SH SYNOPSIS
.IX Header "SYNOPSIS"
.Vb 1
\& #include <openssl/bio.h>
@ -160,100 +85,126 @@ BIO_dgram_get_mtu_overhead \- Network BIO with datagram semantics
\& int BIO_dgram_get_peer(BIO *bio, BIO_ADDR *peer);
\& int BIO_dgram_set_peer(BIO *bio, const BIO_ADDR *peer);
\& int BIO_dgram_get_mtu_overhead(BIO *bio);
\& int BIO_dgram_detect_peer_addr(BIO *bio, BIO_ADDR *peer);
.Ve
.SH "DESCRIPTION"
.SH DESCRIPTION
.IX Header "DESCRIPTION"
\&\fBBIO_s_datagram()\fR is a \s-1BIO\s0 implementation designed for use with network sockets
which provide datagram semantics, such as \s-1UDP\s0 sockets. It is suitable for use
with DTLSv1.
\&\fBBIO_s_datagram()\fR is a BIO implementation designed for use with network sockets
which provide datagram semantics, such as UDP sockets. It is suitable for use
with DTLSv1 or QUIC.
.PP
Because \fBBIO_s_datagram()\fR has datagram semantics, a single \fBBIO_write()\fR call sends
a single datagram and a single \fBBIO_read()\fR call receives a single datagram. If
the size of the buffer passed to \fBBIO_read()\fR is inadequate, the datagram is
silently truncated.
.PP
For a memory-based BIO which provides datagram semantics identical to those of
\&\fBBIO_s_datagram()\fR, see \fBBIO_s_dgram_pair\fR\|(3).
.PP
This BIO supports the \fBBIO_sendmmsg\fR\|(3) and \fBBIO_recvmmsg\fR\|(3) functions.
.PP
When using \fBBIO_s_datagram()\fR, it is important to note that:
.IP "\(bu" 4
This \s-1BIO\s0 can be used with either a connected or unconnected network socket. A
.IP \(bu 4
This BIO can be used with either a connected or unconnected network socket. A
connected socket is a network socket which has had \fBBIO_connect\fR\|(3) or a
similar OS-specific function called on it. Such a socket can only receive
datagrams from the specified peer. Any other socket is an unconnected socket and
can receive datagrams from any host.
.IP "\(bu" 4
.IP \(bu 4
Despite their naming,
neither \fBBIO_ctrl_dgram_connect()\fR nor \fBBIO_ctrl_set_connected()\fR cause a socket
to become connected. These controls are provided to indicate to the \s-1BIO\s0 how
to become connected. These controls are provided to indicate to the BIO how
the underlying socket is configured and how it is to be used; see below.
.IP "\(bu" 4
.IP \(bu 4
Use of \fBBIO_s_datagram()\fR with an unconnected network socket is hazardous hecause
any successful call to \fBBIO_read()\fR results in the peer address used for any
subsequent call to \fBBIO_write()\fR being set to the source address of the datagram
received by that call to \fBBIO_read()\fR. Thus, unless the caller calls
\&\fBBIO_dgram_set_peer()\fR immediately prior to every call to \fBBIO_write()\fR, or never
calls \fBBIO_read()\fR, any host on the network may cause future datagrams written to
be redirected to that host. Therefore, it is recommended that users use
\&\fBBIO_s_dgram()\fR only with a connected socket. An exception is where
be redirected to that host. Therefore, it is recommended that users either use
\&\fBBIO_s_dgram()\fR only with a connected socket, or, if using \fBBIO_s_dgram()\fR with an
unconnected socket, to use the \fBBIO_sendmmsg\fR\|(3) and \fBBIO_recvmmsg\fR\|(3) methods
only and forego use of \fBBIO_read\fR\|(3) and \fBBIO_write\fR\|(3). An exception is where
\&\fBDTLSv1_listen\fR\|(3) must be used; see \fBDTLSv1_listen\fR\|(3) for further
discussion.
.IP \(bu 4
Unlike \fBBIO_read\fR\|(3) and \fBBIO_write\fR\|(3), the \fBBIO_sendmmsg\fR\|(3) and
\&\fBBIO_recvmmsg\fR\|(3) methods are stateless and do not cause the internal state of
the \fBBIO_s_datagram()\fR to change.
.PP
Various controls are available for configuring the \fBBIO_s_datagram()\fR using
\&\fBBIO_ctrl\fR\|(3):
.IP "BIO_ctrl_dgram_connect (\s-1BIO_CTRL_DGRAM_CONNECT\s0)" 4
.IP "BIO_ctrl_dgram_connect (BIO_CTRL_DGRAM_CONNECT)" 4
.IX Item "BIO_ctrl_dgram_connect (BIO_CTRL_DGRAM_CONNECT)"
This is equivalent to calling \fBBIO_dgram_set_peer\fR\|(3).
.Sp
Despite its name, this function does not cause the underlying socket to become
connected.
.IP "BIO_ctrl_set_connected (\s-1BIO_CTRL_SET_CONNECTED\s0)" 4
.IP "BIO_ctrl_set_connected (BIO_CTRL_SET_CONNECTED)" 4
.IX Item "BIO_ctrl_set_connected (BIO_CTRL_SET_CONNECTED)"
This informs the \fBBIO_s_datagram()\fR whether the underlying socket has been
connected, and therefore how the \fBBIO_s_datagram()\fR should attempt to use the
socket.
.Sp
If the \fIpeer\fR argument is non-NULL, \fBBIO_s_datagram()\fR assumes that the
underlying socket has been connected and will attempt to use the socket using \s-1OS\s0
underlying socket has been connected and will attempt to use the socket using OS
APIs which do not specify peer addresses (for example, \fBsend\fR\|(3) and \fBrecv\fR\|(3) or
similar). The \fIpeer\fR argument should specify the peer address to which the socket
is connected.
.Sp
If the \fIpeer\fR argument is \s-1NULL,\s0 \fBBIO_s_datagram()\fR assumes that the underlying
socket is not connected and will attempt to use the socket using an \s-1OS\s0 APIs
If the \fIpeer\fR argument is NULL, \fBBIO_s_datagram()\fR assumes that the underlying
socket is not connected and will attempt to use the socket using an OS APIs
which specify peer addresses (for example, \fBsendto\fR\|(3) and \fBrecvfrom\fR\|(3)).
.IP "BIO_dgram_get_peer (\s-1BIO_CTRL_DGRAM_GET_PEER\s0)" 4
.Sp
This control does not affect the operation of \fBBIO_sendmmsg\fR\|(3) or
\&\fBBIO_recvmmsg\fR\|(3).
.IP "BIO_dgram_get_peer (BIO_CTRL_DGRAM_GET_PEER)" 4
.IX Item "BIO_dgram_get_peer (BIO_CTRL_DGRAM_GET_PEER)"
This outputs a \fB\s-1BIO_ADDR\s0\fR which specifies one of the following values,
This outputs a \fBBIO_ADDR\fR which specifies one of the following values,
whichever happened most recently:
.RS 4
.IP "\(bu" 4
.IP \(bu 4
The peer address last passed to \fBBIO_dgram_set_peer()\fR, \fBBIO_ctrl_dgram_connect()\fR
or \fBBIO_ctrl_set_connected()\fR.
.IP "\(bu" 4
.IP \(bu 4
The peer address of the datagram last received by a call to \fBBIO_read()\fR.
.RE
.RS 4
.RE
.IP "BIO_dgram_set_peer (\s-1BIO_CTRL_DGRAM_SET_PEER\s0)" 4
.IP "BIO_dgram_set_peer (BIO_CTRL_DGRAM_SET_PEER)" 4
.IX Item "BIO_dgram_set_peer (BIO_CTRL_DGRAM_SET_PEER)"
Sets the peer address to be used for subsequent writes to this \s-1BIO.\s0
Sets the peer address to be used for subsequent writes to this BIO.
.Sp
Warning: When used with an unconnected network socket, the value set may be
modified by future calls to \fBBIO_read\fR\|(3), making use of \fBBIO_s_datagram()\fR
hazardous when used with unconnected network sockets; see above.
.IP "BIO_dgram_recv_timeout (\s-1BIO_CTRL_DGRAM_GET_RECV_TIMER_EXP\s0)" 4
.Sp
This does not affect the operation of \fBBIO_sendmmsg\fR\|(3).
\&\fBBIO_recvmmsg\fR\|(3) does not affect the value set by \fBBIO_dgram_set_peer()\fR.
.IP "BIO_dgram_detect_peer_addr (BIO_CTRL_DGRAM_DETECT_PEER_ADDR)" 4
.IX Item "BIO_dgram_detect_peer_addr (BIO_CTRL_DGRAM_DETECT_PEER_ADDR)"
This is similar to \fBBIO_dgram_get_peer()\fR except that if the peer address has not
been set on the BIO object, an OS call such as \fBgetpeername\fR\|(2) will be attempted
to try and autodetect the peer address to which the underlying socket is
connected. Other BIOs may also implement this control if they are capable of
sensing a peer address, without necessarily also implementing
\&\fBBIO_dgram_set_peer()\fR and \fBBIO_dgram_get_peer()\fR.
.IP "BIO_dgram_recv_timeout (BIO_CTRL_DGRAM_GET_RECV_TIMER_EXP)" 4
.IX Item "BIO_dgram_recv_timeout (BIO_CTRL_DGRAM_GET_RECV_TIMER_EXP)"
Returns 1 if the last I/O operation performed on the \s-1BIO\s0 (for example, via a
Returns 1 if the last I/O operation performed on the BIO (for example, via a
call to \fBBIO_read\fR\|(3)) may have been caused by a receive timeout.
.IP "BIO_dgram_send_timedout (\s-1BIO_CTRL_DGRAM_GET_SEND_TIMER_EXP\s0)" 4
.IP "BIO_dgram_send_timedout (BIO_CTRL_DGRAM_GET_SEND_TIMER_EXP)" 4
.IX Item "BIO_dgram_send_timedout (BIO_CTRL_DGRAM_GET_SEND_TIMER_EXP)"
Returns 1 if the last I/O operation performed on the \s-1BIO\s0 (for example, via a
Returns 1 if the last I/O operation performed on the BIO (for example, via a
call to \fBBIO_write\fR\|(3)) may have been caused by a send timeout.
.IP "BIO_dgram_get_mtu_overhead (\s-1BIO_CTRL_DGRAM_GET_MTU_OVERHEAD\s0)" 4
.IP "BIO_dgram_get_mtu_overhead (BIO_CTRL_DGRAM_GET_MTU_OVERHEAD)" 4
.IX Item "BIO_dgram_get_mtu_overhead (BIO_CTRL_DGRAM_GET_MTU_OVERHEAD)"
Returns a quantity in bytes which is a rough estimate of the number of bytes of
overhead which should typically be added to a datagram payload size in order to
estimate the final size of the Layer 3 (e.g. \s-1IP\s0) packet which will contain the
estimate the final size of the Layer 3 (e.g. IP) packet which will contain the
datagram. In most cases, the maximum datagram payload size which can be
transmitted can be determined by determining the link \s-1MTU\s0 in bytes and
transmitted can be determined by determining the link MTU in bytes and
subtracting the value returned by this call.
.Sp
The value returned by this call depends on the network layer protocol being
@ -262,58 +213,64 @@ used.
The value returned is not fully reliable because datagram overheads can be
higher in atypical network configurations, for example where IPv6 extension
headers or IPv4 options are used.
.IP "\s-1BIO_CTRL_DGRAM_SET_DONT_FRAG\s0" 4
.IP BIO_CTRL_DGRAM_SET_DONT_FRAG 4
.IX Item "BIO_CTRL_DGRAM_SET_DONT_FRAG"
If \fInum\fR is nonzero, configures the underlying network socket to enable Don't
Fragment mode, in which datagrams will be set with the \s-1IP\s0 Don't Fragment (\s-1DF\s0)
Fragment mode, in which datagrams will be set with the IP Don't Fragment (DF)
bit set. If \fInum\fR is zero, Don't Fragment mode is disabled.
.IP "\s-1BIO_CTRL_DGRAM_QUERY_MTU\s0" 4
.IP BIO_CTRL_DGRAM_QUERY_MTU 4
.IX Item "BIO_CTRL_DGRAM_QUERY_MTU"
Queries the \s-1OS\s0 for its assessment of the Path \s-1MTU\s0 for the destination to which
the underlying network socket, and returns that Path \s-1MTU\s0 in bytes. This control
Queries the OS for its assessment of the Path MTU for the destination to which
the underlying network socket, and returns that Path MTU in bytes. This control
can only be used with a connected socket.
.Sp
This is not supported on all platforms and depends on \s-1OS\s0 support being
This is not supported on all platforms and depends on OS support being
available. Returns 0 on failure.
.IP "\s-1BIO_CTRL_DGRAM_MTU_DISCOVER\s0" 4
.IP BIO_CTRL_DGRAM_MTU_DISCOVER 4
.IX Item "BIO_CTRL_DGRAM_MTU_DISCOVER"
This control requests that Path \s-1MTU\s0 discovery be enabled on the underlying
This control requests that Path MTU discovery be enabled on the underlying
network socket.
.IP "\s-1BIO_CTRL_DGRAM_GET_FALLBACK_MTU\s0" 4
.IP BIO_CTRL_DGRAM_GET_FALLBACK_MTU 4
.IX Item "BIO_CTRL_DGRAM_GET_FALLBACK_MTU"
Returns the estimated minimum size of datagram payload which should always be
supported on the \s-1BIO.\s0 This size is determined by the minimum \s-1MTU\s0 required to be
supported on the BIO. This size is determined by the minimum MTU required to be
supported by the applicable underlying network layer. Use of datagrams of this
size may lead to suboptimal performance, but should be routable in all
circumstances. The value returned is the datagram payload size in bytes and does
not include the size of layer 3 or layer 4 protocol headers.
.IP "\s-1BIO_CTRL_DGRAM_MTU_EXCEEDED\s0" 4
.IP BIO_CTRL_DGRAM_MTU_EXCEEDED 4
.IX Item "BIO_CTRL_DGRAM_MTU_EXCEEDED"
Returns 1 if the last attempted write to the \s-1BIO\s0 failed due to the size of the
attempted write exceeding the applicable \s-1MTU.\s0
.IP "\s-1BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT\s0" 4
Returns 1 if the last attempted write to the BIO failed due to the size of the
attempted write exceeding the applicable MTU.
.IP BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT 4
.IX Item "BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT"
Accepts a pointer to a \fBstruct timeval\fR. If the time specified is zero,
disables receive timeouts. Otherwise, configures the specified time interval as
the receive timeout for the socket for the purposes of future \fBBIO_read\fR\|(3)
calls.
.IP "\s-1BIO_CTRL_DGRAM_SET_PEEK_MODE\s0" 4
.IP BIO_CTRL_DGRAM_SET_PEEK_MODE 4
.IX Item "BIO_CTRL_DGRAM_SET_PEEK_MODE"
If \fBnum\fR is nonzero, enables peek mode; otherwise, disables peek mode. Where
peek mode is enabled, calls to \fBBIO_read\fR\|(3) read datagrams from the underlying
network socket in peek mode, meaning that a future call to \fBBIO_read\fR\|(3) will
yield the same datagram until peek mode is disabled.
.Sp
\&\fBBIO_recvmmsg\fR\|(3) is not affected by this control.
.PP
\&\fBBIO_new_dgram()\fR is a helper function which instantiates a \fBBIO_s_datagram()\fR and
sets the \s-1BIO\s0 to use the socket given in \fIfd\fR by calling \fBBIO_set_fd()\fR.
sets the BIO to use the socket given in \fIfd\fR by calling \fBBIO_set_fd()\fR.
.SH "RETURN VALUES"
.IX Header "RETURN VALUES"
\&\fBBIO_s_datagram()\fR returns a \s-1BIO\s0 method.
\&\fBBIO_s_datagram()\fR returns a BIO method.
.PP
\&\fBBIO_new_dgram()\fR returns a \s-1BIO\s0 on success and \s-1NULL\s0 on failure.
\&\fBBIO_new_dgram()\fR returns a BIO on success and NULL on failure.
.PP
\&\fBBIO_ctrl_dgram_connect()\fR, \fBBIO_ctrl_set_connected()\fR,
\&\fBBIO_dgram_get_peer()\fR, \fBBIO_dgram_set_peer()\fR return 1 on success and 0 on failure.
\&\fBBIO_ctrl_dgram_connect()\fR, \fBBIO_ctrl_set_connected()\fR and \fBBIO_dgram_set_peer()\fR
return 1 on success and 0 on failure.
.PP
\&\fBBIO_dgram_get_peer()\fR and \fBBIO_dgram_detect_peer_addr()\fR return 0 on failure and
the number of bytes for the outputted address representation (a positive value)
on success.
.PP
\&\fBBIO_dgram_recv_timedout()\fR and \fBBIO_dgram_send_timedout()\fR return 0 or 1 depending
on the circumstance; see discussion above.
@ -321,12 +278,12 @@ on the circumstance; see discussion above.
\&\fBBIO_dgram_get_mtu_overhead()\fR returns a value in bytes.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBDTLSv1_listen\fR\|(3), \fBbio\fR\|(7)
.SH "COPYRIGHT"
\&\fBBIO_sendmmsg\fR\|(3), \fBBIO_s_dgram_pair\fR\|(3), \fBDTLSv1_listen\fR\|(3), \fBbio\fR\|(7)
.SH COPYRIGHT
.IX Header "COPYRIGHT"
Copyright 2022\-2023 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
in the file LICENSE in the source distribution or at
<https://www.openssl.org/source/license.html>.

280
secure/lib/libcrypto/man/man3/BIO_s_dgram_pair.3 Normal file
View file

@ -0,0 +1,280 @@
.\" -*- mode: troff; coding: utf-8 -*-
.\" Automatically generated by Pod::Man 5.0102 (Pod::Simple 3.45)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>.
.ie n \{\
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\" ========================================================================
.\"
.IX Title "BIO_S_DGRAM_PAIR 3ossl"
.TH BIO_S_DGRAM_PAIR 3ossl 2025-07-01 3.5.1 OpenSSL
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH NAME
BIO_s_dgram_pair, BIO_new_bio_dgram_pair, BIO_dgram_set_no_trunc,
BIO_dgram_get_no_trunc, BIO_dgram_get_effective_caps, BIO_dgram_get_caps,
BIO_dgram_set_caps, BIO_dgram_set_mtu, BIO_dgram_get_mtu,
BIO_dgram_set0_local_addr \- datagram pair BIO
.SH SYNOPSIS
.IX Header "SYNOPSIS"
.Vb 1
\& #include <openssl/bio.h>
\&
\& const BIO_METHOD *BIO_s_dgram_pair(void);
\&
\& int BIO_new_bio_dgram_pair(BIO **bio1, size_t writebuf1,
\& BIO **bio2, size_t writebuf2);
\& int BIO_dgram_set_no_trunc(BIO *bio, int enable);
\& int BIO_dgram_get_no_trunc(BIO *bio);
\& uint32_t BIO_dgram_get_effective_caps(BIO *bio);
\& uint32_t BIO_dgram_get_caps(BIO *bio);
\& int BIO_dgram_set_caps(BIO *bio, uint32_t caps);
\& int BIO_dgram_set_mtu(BIO *bio, unsigned int mtu);
\& unsigned int BIO_dgram_get_mtu(BIO *bio);
\& int BIO_dgram_set0_local_addr(BIO *bio, BIO_ADDR *addr);
.Ve
.SH DESCRIPTION
.IX Header "DESCRIPTION"
\&\fBBIO_s_dgram_pair()\fR returns the method for a BIO datagram pair. A BIO datagram
pair is similar to a BIO pair (see \fBBIO_s_bio\fR\|(3)) but has datagram semantics.
Broadly, this means that the length of the buffer passed to a write call will
match that retrieved by a read call. If the buffer passed to a read call is too
short, the datagram is truncated or the read fails, depending on how the BIO is
configured.
.PP
The BIO datagram pair attaches certain metadata to each write, such as source
and destination addresses. This information may be retrieved on read.
.PP
A typical application of a BIO datagram pair is to allow an application to keep
all datagram network I/O requested by libssl under application control.
.PP
The BIO datagram pair is designed to support multithreaded use where certain
restrictions are observed; see THREADING.
.PP
The BIO datagram pair allows each half of a pair to signal to the other half
whether they support certain capabilities; see CAPABILITY INDICATION.
.PP
\&\fBBIO_new_bio_dgram_pair()\fR combines the calls to \fBBIO_new\fR\|(3),
\&\fBBIO_make_bio_pair\fR\|(3) and \fBBIO_set_write_buf_size\fR\|(3) to create a connected
pair of BIOs \fBbio1\fR, \fBbio2\fR with write buffer sizes \fBwritebuf1\fR and
\&\fBwritebuf2\fR. If either size is zero then the default size is used.
.PP
\&\fBBIO_make_bio_pair\fR\|(3) may be used to join two datagram pair BIOs into a pair.
The two BIOs must both use the method returned by \fBBIO_s_dgram_pair()\fR and neither
of the BIOs may currently be associated in a pair.
.PP
\&\fBBIO_destroy_bio_pair\fR\|(3) destroys the association between two connected BIOs.
Freeing either half of the pair will automatically destroy the association.
.PP
\&\fBBIO_reset\fR\|(3) clears any data in the write buffer of the given BIO. This means
that the opposite BIO in the pair will no longer have any data waiting to be
read.
.PP
The BIO maintains a fixed size internal write buffer. When the buffer is full,
further writes will fail until the buffer is drained via calls to
\&\fBBIO_read\fR\|(3). The size of the buffer can be changed using
\&\fBBIO_set_write_buf_size\fR\|(3) and queried using \fBBIO_get_write_buf_size\fR\|(3).
.PP
Note that the write buffer is partially consumed by metadata stored internally
which is attached to each datagram, such as source and destination addresses.
The size of this overhead is undefined and may change between releases.
.PP
The standard \fBBIO_ctrl_pending\fR\|(3) call has modified behaviour and returns the
size of the next datagram waiting to be read in bytes. An application can use
this function to ensure it provides an adequate buffer to a subsequent read
call. If no datagram is waiting to be read, zero is returned.
.PP
This BIO does not support sending or receiving zero-length datagrams. Passing a
zero-length buffer to BIO_write is treated as a no-op.
.PP
\&\fBBIO_eof\fR\|(3) returns 1 only if the given BIO datagram pair BIO is not currently
connected to a peer BIO.
.PP
\&\fBBIO_get_write_guarantee\fR\|(3) and \fBBIO_ctrl_get_write_guarantee\fR\|(3) return how
large a datagram the next call to \fBBIO_write\fR\|(3) can accept. If there is not
enough space in the write buffer to accept another datagram equal in size to the
configured MTU, zero is returned (see below). This is intended to avoid a
situation where an application attempts to read a datagram from a network
intending to write it to a BIO datagram pair, but where the received datagram
ends up being too large to write to the BIO datagram pair.
.PP
\&\fBBIO_dgram_set_no_trunc()\fR and \fBBIO_ctrl_get_no_trunc()\fR set and retrieve the
truncation mode for the given half of a BIO datagram pair. When no-truncate mode
is enabled, \fBBIO_read()\fR will fail if the buffer provided is inadequate to hold
the next datagram to be read. If no-truncate mode is disabled (the default), the
datagram will be silently truncated. This default behaviour maintains
compatibility with the semantics of the Berkeley sockets API.
.PP
\&\fBBIO_dgram_set_mtu()\fR and \fBBIO_dgram_get_mtu()\fR may be used to set an informational
MTU value on the BIO datagram pair. If \fBBIO_dgram_set_mtu()\fR is used on a BIO
which is currently part of a BIO datagram pair, the MTU value is set on both
halves of the pair. The value does not affect the operation of the BIO datagram
pair (except for \fBBIO_get_write_guarantee()\fR; see above) but may be used by other
code to determine a requested MTU. When a BIO datagram pair BIO is created, the
MTU is set to an unspecified but valid value.
.PP
\&\fBBIO_dgram_set0_local_addr()\fR can be used to set the local BIO_ADDR to be used
when sending a datagram via a BIO datagram pair. This becomes the peer address
when receiving on the other half of the pair. If the BIO is used in a call to
\&\fBBIO_sendmmsg\fR\|(3) and a local address is explicitly specified, then the
explicitly specified local address takes precedence. The reference to the
BIO_ADDR is passed to the BIO by this call and will be freed automatically when
the BIO is freed.
.PP
\&\fBBIO_flush\fR\|(3) is a no-op.
.SH NOTES
.IX Header "NOTES"
The halves of a BIO datagram pair have independent lifetimes and must be
separately freed.
.SH THREADING
.IX Header "THREADING"
\&\fBBIO_recvmmsg\fR\|(3), \fBBIO_sendmmsg\fR\|(3), \fBBIO_read\fR\|(3), \fBBIO_write\fR\|(3),
\&\fBBIO_pending\fR\|(3), \fBBIO_get_write_guarantee\fR\|(3) and \fBBIO_flush\fR\|(3) may be used
by multiple threads simultaneously on the same BIO datagram pair. Specific
\&\fBBIO_ctrl\fR\|(3) operations (namely BIO_CTRL_PENDING, BIO_CTRL_FLUSH and
BIO_C_GET_WRITE_GUARANTEE) may also be used. Invoking any other BIO call, or any
other \fBBIO_ctrl\fR\|(3) operation, on either half of a BIO datagram pair while any
other BIO call is also in progress to either half of the same BIO datagram pair
results in undefined behaviour.
.SH "CAPABILITY INDICATION"
.IX Header "CAPABILITY INDICATION"
The BIO datagram pair can be used to enqueue datagrams which have source and
destination addresses attached. It is important that the component consuming one
side of a BIO datagram pair understand whether the other side of the pair will
honour any source and destination addresses it attaches to each datagram. For
example, if datagrams are queued with destination addresses set but simply read
by simple calls to \fBBIO_read\fR\|(3), the destination addresses will be discarded.
.PP
Each half of a BIO datagram pair can have capability flags set on it which
indicate whether source and destination addresses will be honoured by the reader
and whether they will be provided by the writer. These capability flags should
be set via a call to \fBBIO_dgram_set_caps()\fR, and these capabilities will be
reflected in the value returned by \fBBIO_dgram_get_effective_caps()\fR on the
opposite BIO. If necessary, the capability value previously set can be retrieved
using \fBBIO_dgram_get_caps()\fR. Note that \fBBIO_dgram_set_caps()\fR on a given BIO
controls the capabilities advertised to the peer, and
\&\fBBIO_dgram_get_effective_caps()\fR on a given BIO determines the capabilities
advertised by the peer of that BIO.
.PP
The following capabilities are available:
.IP \fBBIO_DGRAM_CAP_HANDLES_SRC_ADDR\fR 4
.IX Item "BIO_DGRAM_CAP_HANDLES_SRC_ADDR"
The user of the datagram pair BIO promises to honour source addresses provided
with datagrams written to the BIO pair.
.IP \fBBIO_DGRAM_CAP_HANDLES_DST_ADDR\fR 4
.IX Item "BIO_DGRAM_CAP_HANDLES_DST_ADDR"
The user of the datagram pair BIO promises to honour destination addresses provided
with datagrams written to the BIO pair.
.IP \fBBIO_DGRAM_CAP_PROVIDES_SRC_ADDR\fR 4
.IX Item "BIO_DGRAM_CAP_PROVIDES_SRC_ADDR"
The user of the datagram pair BIO advertises the fact that it will provide source
addressing information with future writes to the BIO pair, where available.
.IP \fBBIO_DGRAM_CAP_PROVIDES_DST_ADDR\fR 4
.IX Item "BIO_DGRAM_CAP_PROVIDES_DST_ADDR"
The user of the datagram pair BIO advertises the fact that it will provide
destination addressing information with future writes to the BIO pair, where
available.
.PP
If a caller attempts to specify a destination address (for example, using
\&\fBBIO_sendmmsg\fR\|(3)) and the peer has not advertised the
\&\fBBIO_DGRAM_CAP_HANDLES_DST_ADDR\fR capability, the operation fails. Thus,
capability negotiation is mandatory.
.PP
If a caller attempts to specify a source address when writing, or requests a
destination address when receiving, and local address support has not been
enabled, the operation fails; see \fBBIO_dgram_set_local_addr_enable\fR\|(3).
.PP
If a caller attempts to enable local address support using
\&\fBBIO_dgram_set_local_addr_enable\fR\|(3) and \fBBIO_dgram_get_local_addr_cap\fR\|(3)
does not return 1 (meaning that the peer has not advertised both the
\&\fBBIO_DGRAM_CAP_HANDLES_SRC_ADDR\fR and the \fBBIO_DGRAM_CAP_PROVIDES_DST_ADDR\fR
capability), the operation fails.
.PP
\&\fBBIO_DGRAM_CAP_PROVIDES_SRC_ADDR\fR and \fBBIO_DGRAM_CAP_PROVIDES_DST_ADDR\fR
indicate that the application using that half of a BIO datagram pair promises to
provide source and destination addresses respectively when writing datagrams to
that half of the BIO datagram pair. However, these capability flags do not
affect the behaviour of the BIO datagram pair.
.SH "RETURN VALUES"
.IX Header "RETURN VALUES"
\&\fBBIO_new_bio_dgram_pair()\fR returns 1 on success, with the new BIOs available in
\&\fBbio1\fR and \fBbio2\fR, or 0 on failure, with NULL pointers stored into the
locations for \fBbio1\fR and \fBbio2\fR. Check the error stack for more information.
.PP
\&\fBBIO_dgram_set_no_trunc()\fR, \fBBIO_dgram_set_caps()\fR and \fBBIO_dgram_set_mtu()\fR return 1
on success and 0 on failure.
.PP
\&\fBBIO_dgram_get_no_trunc()\fR returns 1 if no-truncate mode is enabled on a BIO, or 0
if no-truncate mode is not enabled or not supported on a given BIO.
.PP
\&\fBBIO_dgram_get_effective_caps()\fR and \fBBIO_dgram_get_caps()\fR return zero if no
capabilities are supported.
.PP
\&\fBBIO_dgram_get_mtu()\fR returns the MTU value configured on the BIO, or zero if the
operation is not supported.
.PP
\&\fBBIO_dgram_set0_local_addr()\fR returns 1 on success and <= 0 otherwise.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBBIO_s_bio\fR\|(3), \fBbio\fR\|(7)
.SH HISTORY
.IX Header "HISTORY"
\&\fBBIO_s_dgram_pair()\fR, \fBBIO_new_bio_dgram_pair()\fR were added in OpenSSL 3.2.
.SH COPYRIGHT
.IX Header "COPYRIGHT"
Copyright 2022\-2025 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file LICENSE in the source distribution or at
<https://www.openssl.org/source/license.html>.

120
secure/lib/libcrypto/man/man3/BIO_s_fd.3
View file

@ -1,4 +1,5 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\" -*- mode: troff; coding: utf-8 -*-
.\" Automatically generated by Pod::Man 5.0102 (Pod::Simple 3.45)
.\"
.\" Standard preamble:
.\" ========================================================================
@ -15,29 +16,12 @@
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.\" \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>.
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
@ -68,77 +52,17 @@
. \}
.\}
.rr rF
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "BIO_S_FD 3ossl"
.TH BIO_S_FD 3ossl "2023-09-19" "3.0.11" "OpenSSL"
.TH BIO_S_FD 3ossl 2025-07-01 3.5.1 OpenSSL
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
.SH NAME
BIO_s_fd, BIO_set_fd, BIO_get_fd, BIO_new_fd \- file descriptor BIO
.SH "SYNOPSIS"
.SH SYNOPSIS
.IX Header "SYNOPSIS"
.Vb 1
\& #include <openssl/bio.h>
@ -150,16 +74,16 @@ BIO_s_fd, BIO_set_fd, BIO_get_fd, BIO_new_fd \- file descriptor BIO
\&
\& BIO *BIO_new_fd(int fd, int close_flag);
.Ve
.SH "DESCRIPTION"
.SH DESCRIPTION
.IX Header "DESCRIPTION"
\&\fBBIO_s_fd()\fR returns the file descriptor \s-1BIO\s0 method. This is a wrapper
\&\fBBIO_s_fd()\fR returns the file descriptor BIO method. This is a wrapper
round the platforms file descriptor routines such as \fBread()\fR and \fBwrite()\fR.
.PP
\&\fBBIO_read_ex()\fR and \fBBIO_write_ex()\fR read or write the underlying descriptor.
\&\fBBIO_puts()\fR is supported but \fBBIO_gets()\fR is not.
.PP
If the close flag is set then \fBclose()\fR is called on the underlying
file descriptor when the \s-1BIO\s0 is freed.
file descriptor when the BIO is freed.
.PP
\&\fBBIO_reset()\fR attempts to change the file pointer to the start of file
such as by using \fBlseek(fd, 0, 0)\fR.
@ -170,18 +94,18 @@ such as by using \fBlseek(fd, ofs, 0)\fR.
\&\fBBIO_tell()\fR returns the current file position such as by calling
\&\fBlseek(fd, 0, 1)\fR.
.PP
\&\fBBIO_set_fd()\fR sets the file descriptor of \s-1BIO\s0 \fBb\fR to \fBfd\fR and the close
\&\fBBIO_set_fd()\fR sets the file descriptor of BIO \fBb\fR to \fBfd\fR and the close
flag to \fBc\fR.
.PP
\&\fBBIO_get_fd()\fR places the file descriptor of \s-1BIO\s0 \fBb\fR in \fBc\fR if it is not \s-1NULL.\s0
\&\fBBIO_get_fd()\fR places the file descriptor of BIO \fBb\fR in \fBc\fR if it is not NULL.
It also returns the file descriptor.
.PP
\&\fBBIO_new_fd()\fR returns a file descriptor \s-1BIO\s0 using \fBfd\fR and \fBclose_flag\fR.
.SH "NOTES"
\&\fBBIO_new_fd()\fR returns a file descriptor BIO using \fBfd\fR and \fBclose_flag\fR.
.SH NOTES
.IX Header "NOTES"
The behaviour of \fBBIO_read_ex()\fR and \fBBIO_write_ex()\fR depends on the behavior of the
platforms \fBread()\fR and \fBwrite()\fR calls on the descriptor. If the underlying
file descriptor is in a non blocking mode then the \s-1BIO\s0 will behave in the
file descriptor is in a non blocking mode then the BIO will behave in the
manner described in the \fBBIO_read_ex\fR\|(3) and \fBBIO_should_retry\fR\|(3)
manual pages.
.PP
@ -191,18 +115,18 @@ instead.
\&\fBBIO_set_fd()\fR and \fBBIO_get_fd()\fR are implemented as macros.
.SH "RETURN VALUES"
.IX Header "RETURN VALUES"
\&\fBBIO_s_fd()\fR returns the file descriptor \s-1BIO\s0 method.
\&\fBBIO_s_fd()\fR returns the file descriptor BIO method.
.PP
\&\fBBIO_set_fd()\fR returns 1 on success or <=0 for failure.
.PP
\&\fBBIO_get_fd()\fR returns the file descriptor or \-1 if the \s-1BIO\s0 has not
\&\fBBIO_get_fd()\fR returns the file descriptor or \-1 if the BIO has not
been initialized. It also returns zero and negative values if other error occurs.
.PP
\&\fBBIO_new_fd()\fR returns the newly allocated \s-1BIO\s0 or \s-1NULL\s0 is an error
\&\fBBIO_new_fd()\fR returns the newly allocated BIO or NULL is an error
occurred.
.SH "EXAMPLES"
.SH EXAMPLES
.IX Header "EXAMPLES"
This is a file descriptor \s-1BIO\s0 version of \*(L"Hello World\*(R":
This is a file descriptor BIO version of "Hello World":
.PP
.Vb 1
\& BIO *out;
@ -218,11 +142,11 @@ This is a file descriptor \s-1BIO\s0 version of \*(L"Hello World\*(R":
\&\fBBIO_write_ex\fR\|(3), \fBBIO_puts\fR\|(3),
\&\fBBIO_gets\fR\|(3), \fBBIO_printf\fR\|(3),
\&\fBBIO_set_close\fR\|(3), \fBBIO_get_close\fR\|(3)
.SH "COPYRIGHT"
.SH COPYRIGHT
.IX Header "COPYRIGHT"
Copyright 2000\-2021 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
in the file LICENSE in the source distribution or at
<https://www.openssl.org/source/license.html>.

151
secure/lib/libcrypto/man/man3/BIO_s_file.3
View file

@ -1,4 +1,5 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\" -*- mode: troff; coding: utf-8 -*-
.\" Automatically generated by Pod::Man 5.0102 (Pod::Simple 3.45)
.\"
.\" Standard preamble:
.\" ========================================================================
@ -15,29 +16,12 @@
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.\" \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>.
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
@ -68,79 +52,19 @@
. \}
.\}
.rr rF
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "BIO_S_FILE 3ossl"
.TH BIO_S_FILE 3ossl "2023-09-19" "3.0.11" "OpenSSL"
.TH BIO_S_FILE 3ossl 2025-07-01 3.5.1 OpenSSL
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
.SH NAME
BIO_s_file, BIO_new_file, BIO_new_fp, BIO_set_fp, BIO_get_fp,
BIO_read_filename, BIO_write_filename, BIO_append_filename,
BIO_rw_filename \- FILE bio
.SH "SYNOPSIS"
.SH SYNOPSIS
.IX Header "SYNOPSIS"
.Vb 1
\& #include <openssl/bio.h>
@ -157,16 +81,16 @@ BIO_rw_filename \- FILE bio
\& int BIO_append_filename(BIO *b, char *name);
\& int BIO_rw_filename(BIO *b, char *name);
.Ve
.SH "DESCRIPTION"
.SH DESCRIPTION
.IX Header "DESCRIPTION"
\&\fBBIO_s_file()\fR returns the \s-1BIO\s0 file method. As its name implies it
is a wrapper round the stdio \s-1FILE\s0 structure and it is a
source/sink \s-1BIO.\s0
\&\fBBIO_s_file()\fR returns the BIO file method. As its name implies it
is a wrapper round the stdio FILE structure and it is a
source/sink BIO.
.PP
Calls to \fBBIO_read_ex()\fR and \fBBIO_write_ex()\fR read and write data to the
underlying stream. \fBBIO_gets()\fR and \fBBIO_puts()\fR are supported on file BIOs.
.PP
\&\fBBIO_flush()\fR on a file \s-1BIO\s0 calls the \fBfflush()\fR function on the wrapped
\&\fBBIO_flush()\fR on a file BIO calls the \fBfflush()\fR function on the wrapped
stream.
.PP
\&\fBBIO_reset()\fR attempts to change the file pointer to the start of file
@ -177,22 +101,22 @@ using fseek(stream, ofs, 0).
.PP
\&\fBBIO_eof()\fR calls \fBfeof()\fR.
.PP
Setting the \s-1BIO_CLOSE\s0 flag calls \fBfclose()\fR on the stream when the \s-1BIO\s0
Setting the BIO_CLOSE flag calls \fBfclose()\fR on the stream when the BIO
is freed.
.PP
\&\fBBIO_new_file()\fR creates a new file \s-1BIO\s0 with mode \fBmode\fR the meaning
of \fBmode\fR is the same as the stdio function \fBfopen()\fR. The \s-1BIO_CLOSE\s0
flag is set on the returned \s-1BIO.\s0
\&\fBBIO_new_file()\fR creates a new file BIO with mode \fBmode\fR the meaning
of \fBmode\fR is the same as the stdio function \fBfopen()\fR. The BIO_CLOSE
flag is set on the returned BIO.
.PP
\&\fBBIO_new_fp()\fR creates a file \s-1BIO\s0 wrapping \fBstream\fR. Flags can be:
\&\s-1BIO_CLOSE, BIO_NOCLOSE\s0 (the close flag) \s-1BIO_FP_TEXT\s0 (sets the underlying
\&\fBBIO_new_fp()\fR creates a file BIO wrapping \fBstream\fR. Flags can be:
BIO_CLOSE, BIO_NOCLOSE (the close flag) BIO_FP_TEXT (sets the underlying
stream to text mode, default is binary: this only has any effect under
Win32).
.PP
\&\fBBIO_set_fp()\fR sets the fp of a file \s-1BIO\s0 to \fBfp\fR. \fBflags\fR has the same
\&\fBBIO_set_fp()\fR sets the fp of a file BIO to \fBfp\fR. \fBflags\fR has the same
meaning as in \fBBIO_new_fp()\fR, it is a macro.
.PP
\&\fBBIO_get_fp()\fR retrieves the fp of a file \s-1BIO,\s0 it is a macro.
\&\fBBIO_get_fp()\fR retrieves the fp of a file BIO, it is a macro.
.PP
\&\fBBIO_seek()\fR is a macro that sets the position pointer to \fBoffset\fR bytes
from the start of file.
@ -200,24 +124,24 @@ from the start of file.
\&\fBBIO_tell()\fR returns the value of the position pointer.
.PP
\&\fBBIO_read_filename()\fR, \fBBIO_write_filename()\fR, \fBBIO_append_filename()\fR and
\&\fBBIO_rw_filename()\fR set the file \s-1BIO\s0 \fBb\fR to use file \fBname\fR for
\&\fBBIO_rw_filename()\fR set the file BIO \fBb\fR to use file \fBname\fR for
reading, writing, append or read write respectively.
.SH "NOTES"
.SH NOTES
.IX Header "NOTES"
When wrapping stdout, stdin or stderr the underlying stream should not
normally be closed so the \s-1BIO_NOCLOSE\s0 flag should be set.
normally be closed so the BIO_NOCLOSE flag should be set.
.PP
Because the file \s-1BIO\s0 calls the underlying stdio functions any quirks
in stdio behaviour will be mirrored by the corresponding \s-1BIO.\s0
Because the file BIO calls the underlying stdio functions any quirks
in stdio behaviour will be mirrored by the corresponding BIO.
.PP
On Windows BIO_new_files reserves for the filename argument to be
\&\s-1UTF\-8\s0 encoded. In other words if you have to make it work in multi\-
lingual environment, encode filenames in \s-1UTF\-8.\s0
UTF\-8 encoded. In other words if you have to make it work in multi\-
lingual environment, encode filenames in UTF\-8.
.SH "RETURN VALUES"
.IX Header "RETURN VALUES"
\&\fBBIO_s_file()\fR returns the file \s-1BIO\s0 method.
\&\fBBIO_s_file()\fR returns the file BIO method.
.PP
\&\fBBIO_new_file()\fR and \fBBIO_new_fp()\fR return a file \s-1BIO\s0 or \s-1NULL\s0 if an error
\&\fBBIO_new_file()\fR and \fBBIO_new_fp()\fR return a file BIO or NULL if an error
occurred.
.PP
\&\fBBIO_set_fp()\fR and \fBBIO_get_fp()\fR return 1 for success or <=0 for failure
@ -228,10 +152,11 @@ occurred.
\&\fBBIO_tell()\fR returns the current file position or negative values for failure.
.PP
\&\fBBIO_read_filename()\fR, \fBBIO_write_filename()\fR, \fBBIO_append_filename()\fR and
\&\fBBIO_rw_filename()\fR return 1 for success or <=0 for failure.
.SH "EXAMPLES"
\&\fBBIO_rw_filename()\fR return 1 for success or <=0 for failure. An error is also
returned if the file does not exist.
.SH EXAMPLES
.IX Header "EXAMPLES"
File \s-1BIO\s0 \*(L"hello world\*(R":
File BIO "hello world":
.PP
.Vb 1
\& BIO *bio_out;
@ -278,11 +203,11 @@ Alternative technique:
\& BIO_printf(out, "Hello World\en");
\& BIO_free(out);
.Ve
.SH "BUGS"
.SH BUGS
.IX Header "BUGS"
\&\fBBIO_reset()\fR and \fBBIO_seek()\fR are implemented using \fBfseek()\fR on the underlying
stream. The return value for \fBfseek()\fR is 0 for success or \-1 if an error
occurred this differs from other types of \s-1BIO\s0 which will typically return
occurred this differs from other types of BIO which will typically return
1 for success and a non positive value if an error occurred.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
@ -292,11 +217,11 @@ occurred this differs from other types of \s-1BIO\s0 which will typically return
\&\fBBIO_write_ex\fR\|(3), \fBBIO_puts\fR\|(3),
\&\fBBIO_gets\fR\|(3), \fBBIO_printf\fR\|(3),
\&\fBBIO_set_close\fR\|(3), \fBBIO_get_close\fR\|(3)
.SH "COPYRIGHT"
.SH COPYRIGHT
.IX Header "COPYRIGHT"
Copyright 2000\-2021 The OpenSSL Project Authors. All Rights Reserved.
Copyright 2000\-2020 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
in the file LICENSE in the source distribution or at
<https://www.openssl.org/source/license.html>.

237
secure/lib/libcrypto/man/man3/BIO_s_mem.3
View file

@ -1,4 +1,5 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\" -*- mode: troff; coding: utf-8 -*-
.\" Automatically generated by Pod::Man 5.0102 (Pod::Simple 3.45)
.\"
.\" Standard preamble:
.\" ========================================================================
@ -15,29 +16,12 @@
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.\" \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>.
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
@ -68,84 +52,25 @@
. \}
.\}
.rr rF
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "BIO_S_MEM 3ossl"
.TH BIO_S_MEM 3ossl "2023-09-19" "3.0.11" "OpenSSL"
.TH BIO_S_MEM 3ossl 2025-07-01 3.5.1 OpenSSL
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
BIO_s_secmem,
.SH NAME
BIO_s_secmem, BIO_s_dgram_mem,
BIO_s_mem, BIO_set_mem_eof_return, BIO_get_mem_data, BIO_set_mem_buf,
BIO_get_mem_ptr, BIO_new_mem_buf \- memory BIO
.SH "SYNOPSIS"
.SH SYNOPSIS
.IX Header "SYNOPSIS"
.Vb 1
\& #include <openssl/bio.h>
\&
\& const BIO_METHOD *BIO_s_mem(void);
\& const BIO_METHOD *BIO_s_dgram_mem(void);
\& const BIO_METHOD *BIO_s_secmem(void);
\&
\& BIO_set_mem_eof_return(BIO *b, int v);
@ -155,121 +80,146 @@ BIO_get_mem_ptr, BIO_new_mem_buf \- memory BIO
\&
\& BIO *BIO_new_mem_buf(const void *buf, int len);
.Ve
.SH "DESCRIPTION"
.SH DESCRIPTION
.IX Header "DESCRIPTION"
\&\fBBIO_s_mem()\fR returns the memory \s-1BIO\s0 method function.
\&\fBBIO_s_mem()\fR returns the memory BIO method function.
.PP
A memory \s-1BIO\s0 is a source/sink \s-1BIO\s0 which uses memory for its I/O. Data
written to a memory \s-1BIO\s0 is stored in a \s-1BUF_MEM\s0 structure which is extended
A memory BIO is a source/sink BIO which uses memory for its I/O. Data
written to a memory BIO is stored in a BUF_MEM structure which is extended
as appropriate to accommodate the stored data.
.PP
\&\fBBIO_s_secmem()\fR is like \fBBIO_s_mem()\fR except that the secure heap is used
for buffer storage.
.PP
Any data written to a memory \s-1BIO\s0 can be recalled by reading from it.
Unless the memory \s-1BIO\s0 is read only any data read from it is deleted from
the \s-1BIO.\s0
\&\fBBIO_s_dgram_mem()\fR is a memory BIO that respects datagram semantics. A single
call to \fBBIO_write\fR\|(3) will write a single datagram to the memory BIO. A
subsequent call to \fBBIO_read\fR\|(3) will read the data in that datagram. The
\&\fBBIO_read\fR\|(3) call will never return more data than was written in the original
\&\fBBIO_write\fR\|(3) call even if there were subsequent \fBBIO_write\fR\|(3) calls that
wrote more datagrams. Each successive call to \fBBIO_read\fR\|(3) will read the next
datagram. If a \fBBIO_read\fR\|(3) call supplies a read buffer that is smaller than
the size of the datagram, then the read buffer will be completely filled and the
remaining data from the datagram will be discarded.
.PP
Memory BIOs support \fBBIO_gets()\fR and \fBBIO_puts()\fR.
It is not possible to write a zero length datagram. Calling \fBBIO_write\fR\|(3) in
this case will return 0 and no datagrams will be written. Calling \fBBIO_read\fR\|(3)
when there are no datagrams in the BIO to read will return a negative result and
the "retry" flags will be set (i.e. calling \fBBIO_should_retry\fR\|(3) will return
true). A datagram mem BIO will never return true from \fBBIO_eof\fR\|(3).
.PP
If the \s-1BIO_CLOSE\s0 flag is set when a memory \s-1BIO\s0 is freed then the underlying
\&\s-1BUF_MEM\s0 structure is also freed.
Any data written to a memory BIO can be recalled by reading from it.
Unless the memory BIO is read only any data read from it is deleted from
the BIO.
.PP
Calling \fBBIO_reset()\fR on a read write memory \s-1BIO\s0 clears any data in it if the
flag \s-1BIO_FLAGS_NONCLEAR_RST\s0 is not set, otherwise it just restores the read
Memory BIOs except \fBBIO_s_dgram_mem()\fR support \fBBIO_gets()\fR and \fBBIO_puts()\fR.
.PP
\&\fBBIO_s_dgram_mem()\fR supports \fBBIO_sendmmsg\fR\|(3) and \fBBIO_recvmmsg\fR\|(3) calls
and calls related to \fBBIO_ADDR\fR and MTU handling similarly to the
\&\fBBIO_s_dgram_pair\fR\|(3).
.PP
If the BIO_CLOSE flag is set when a memory BIO is freed then the underlying
BUF_MEM structure is also freed.
.PP
Calling \fBBIO_reset()\fR on a read write memory BIO clears any data in it if the
flag BIO_FLAGS_NONCLEAR_RST is not set, otherwise it just restores the read
pointer to the state it was just after the last write was performed and the
data can be read again. On a read only \s-1BIO\s0 it similarly restores the \s-1BIO\s0 to
data can be read again. On a read only BIO it similarly restores the BIO to
its original state and the read only data can be read again.
.PP
\&\fBBIO_eof()\fR is true if no data is in the \s-1BIO.\s0
\&\fBBIO_eof()\fR is true if no data is in the BIO.
.PP
\&\fBBIO_ctrl_pending()\fR returns the number of bytes currently stored.
.PP
\&\fBBIO_set_mem_eof_return()\fR sets the behaviour of memory \s-1BIO\s0 \fBb\fR when it is
empty. If the \fBv\fR is zero then an empty memory \s-1BIO\s0 will return \s-1EOF\s0 (that is
\&\fBBIO_set_mem_eof_return()\fR sets the behaviour of memory BIO \fBb\fR when it is
empty. If the \fBv\fR is zero then an empty memory BIO will return EOF (that is
it will return zero and BIO_should_retry(b) will be false. If \fBv\fR is non
zero then it will return \fBv\fR when it is empty and it will set the read retry
flag (that is BIO_read_retry(b) is true). To avoid ambiguity with a normal
positive return value \fBv\fR should be set to a negative value, typically \-1.
Calling this macro will fail for datagram mem BIOs.
.PP
\&\fBBIO_get_mem_data()\fR sets *\fBpp\fR to a pointer to the start of the memory BIOs data
and returns the total amount of data available. It is implemented as a macro.
Note the pointer returned by this call is informative, no transfer of ownership
of this memory is implied. See notes on \fBBIO_set_close()\fR.
.PP
\&\fBBIO_set_mem_buf()\fR sets the internal \s-1BUF_MEM\s0 structure to \fBbm\fR and sets the
close flag to \fBc\fR, that is \fBc\fR should be either \s-1BIO_CLOSE\s0 or \s-1BIO_NOCLOSE.\s0
\&\fBBIO_set_mem_buf()\fR sets the internal BUF_MEM structure to \fBbm\fR and sets the
close flag to \fBc\fR, that is \fBc\fR should be either BIO_CLOSE or BIO_NOCLOSE.
It is a macro.
.PP
\&\fBBIO_get_mem_ptr()\fR places the underlying \s-1BUF_MEM\s0 structure in *\fBpp\fR. It is
\&\fBBIO_get_mem_ptr()\fR places the underlying BUF_MEM structure in *\fBpp\fR. It is
a macro.
.PP
\&\fBBIO_new_mem_buf()\fR creates a memory \s-1BIO\s0 using \fBlen\fR bytes of data at \fBbuf\fR,
\&\fBBIO_new_mem_buf()\fR creates a memory BIO using \fBlen\fR bytes of data at \fBbuf\fR,
if \fBlen\fR is \-1 then the \fBbuf\fR is assumed to be nul terminated and its
length is determined by \fBstrlen\fR. The \s-1BIO\s0 is set to a read only state and
length is determined by \fBstrlen\fR. The BIO is set to a read only state and
as a result cannot be written to. This is useful when some data needs to be
made available from a static area of memory in the form of a \s-1BIO.\s0 The
made available from a static area of memory in the form of a BIO. The
supplied data is read directly from the supplied buffer: it is \fBnot\fR copied
first, so the supplied area of memory must be unchanged until the \s-1BIO\s0 is freed.
.SH "NOTES"
first, so the supplied area of memory must be unchanged until the BIO is freed.
.PP
All of the five functions described above return an error with
\&\fBBIO_s_dgram_mem()\fR.
.SH NOTES
.IX Header "NOTES"
Writes to memory BIOs will always succeed if memory is available: that is
their size can grow indefinitely.
their size can grow indefinitely. An exception is \fBBIO_s_dgram_mem()\fR when
\&\fBBIO_set_write_buf_size\fR\|(3) is called on it. In such case the write buffer
size will be fixed and any writes that would overflow the buffer will return
an error.
.PP
Every write after partial read (not all data in the memory buffer was read)
to a read write memory \s-1BIO\s0 will have to move the unread data with an internal
copy operation, if a \s-1BIO\s0 contains a lot of data and it is read in small
to a read write memory BIO will have to move the unread data with an internal
copy operation, if a BIO contains a lot of data and it is read in small
chunks intertwined with writes the operation can be very slow. Adding
a buffering \s-1BIO\s0 to the chain can speed up the process.
a buffering BIO to the chain can speed up the process.
.PP
Calling \fBBIO_set_mem_buf()\fR on a \s-1BIO\s0 created with \fBBIO_new_secmem()\fR will
give undefined results, including perhaps a program crash.
Calling \fBBIO_set_mem_buf()\fR on a secmem or dgram BIO will give undefined results,
including perhaps a program crash.
.PP
Switching the memory \s-1BIO\s0 from read write to read only is not supported and
Switching a memory BIO from read write to read only is not supported and
can give undefined results including a program crash. There are two notable
exceptions to the rule. The first one is to assign a static memory buffer
immediately after \s-1BIO\s0 creation and set the \s-1BIO\s0 as read only.
immediately after BIO creation and set the BIO as read only.
.PP
The other supported sequence is to start with read write \s-1BIO\s0 then temporarily
switch it to read only and call \fBBIO_reset()\fR on the read only \s-1BIO\s0 immediately
before switching it back to read write. Before the \s-1BIO\s0 is freed it must be
The other supported sequence is to start with a read write BIO then temporarily
switch it to read only and call \fBBIO_reset()\fR on the read only BIO immediately
before switching it back to read write. Before the BIO is freed it must be
switched back to the read write mode.
.PP
Calling \fBBIO_get_mem_ptr()\fR on read only \s-1BIO\s0 will return a \s-1BUF_MEM\s0 that
Calling \fBBIO_get_mem_ptr()\fR on read only BIO will return a BUF_MEM that
contains only the remaining data to be read. If the close status of the
\&\s-1BIO\s0 is set to \s-1BIO_NOCLOSE,\s0 before freeing the \s-1BUF_MEM\s0 the data pointer
in it must be set to \s-1NULL\s0 as the data pointer does not point to an
BIO is set to BIO_NOCLOSE, before freeing the BUF_MEM the data pointer
in it must be set to NULL as the data pointer does not point to an
allocated memory.
.PP
Calling \fBBIO_reset()\fR on a read write memory \s-1BIO\s0 with \s-1BIO_FLAGS_NONCLEAR_RST\s0
Calling \fBBIO_reset()\fR on a read write memory BIO with BIO_FLAGS_NONCLEAR_RST
flag set can have unexpected outcome when the reads and writes to the
\&\s-1BIO\s0 are intertwined. As documented above the \s-1BIO\s0 will be reset to the
BIO are intertwined. As documented above the BIO will be reset to the
state after the last completed write operation. The effects of reads
preceding that write operation cannot be undone.
.PP
Calling \fBBIO_get_mem_ptr()\fR prior to a \fBBIO_reset()\fR call with
\&\s-1BIO_FLAGS_NONCLEAR_RST\s0 set has the same effect as a write operation.
BIO_FLAGS_NONCLEAR_RST set has the same effect as a write operation.
.PP
Calling \fBBIO_set_close()\fR with \s-1BIO_NOCLOSE\s0 orphans the \s-1BUF_MEM\s0 internal to the
\&\s-1BIO,\s0 _not_ its actual data buffer. See the examples section for the proper
Calling \fBBIO_set_close()\fR with BIO_NOCLOSE orphans the BUF_MEM internal to the
BIO, _not_ its actual data buffer. See the examples section for the proper
method for claiming ownership of the data pointer for a deferred free operation.
.SH "BUGS"
.IX Header "BUGS"
There should be an option to set the maximum size of a memory \s-1BIO.\s0
.SH "RETURN VALUES"
.IX Header "RETURN VALUES"
\&\fBBIO_s_mem()\fR and \fBBIO_s_secmem()\fR return a valid memory \fB\s-1BIO_METHOD\s0\fR structure.
\&\fBBIO_s_mem()\fR, \fBBIO_s_dgram_mem()\fR and \fBBIO_s_secmem()\fR return a valid memory
\&\fBBIO_METHOD\fR structure.
.PP
\&\fBBIO_set_mem_eof_return()\fR, \fBBIO_set_mem_buf()\fR and \fBBIO_get_mem_ptr()\fR
return 1 on success or a value which is less than or equal to 0 if an error occurred.
.PP
\&\fBBIO_get_mem_data()\fR returns the total number of bytes available on success,
0 if b is \s-1NULL,\s0 or a negative value in case of other errors.
0 if b is NULL, or a negative value in case of other errors.
.PP
\&\fBBIO_new_mem_buf()\fR returns a valid \fB\s-1BIO\s0\fR structure on success or \s-1NULL\s0 on error.
.SH "EXAMPLES"
\&\fBBIO_new_mem_buf()\fR returns a valid \fBBIO\fR structure on success or NULL on error.
.SH EXAMPLES
.IX Header "EXAMPLES"
Create a memory \s-1BIO\s0 and write some data to it:
Create a memory BIO and write some data to it:
.PP
.Vb 1
\& BIO *mem = BIO_new(BIO_s_mem());
@ -277,14 +227,14 @@ Create a memory \s-1BIO\s0 and write some data to it:
\& BIO_puts(mem, "Hello World\en");
.Ve
.PP
Create a read only memory \s-1BIO:\s0
Create a read only memory BIO:
.PP
.Vb 2
\& char data[] = "Hello World";
\& BIO *mem = BIO_new_mem_buf(data, \-1);
.Ve
.PP
Extract the \s-1BUF_MEM\s0 structure from a memory \s-1BIO\s0 and then free up the \s-1BIO:\s0
Extract the BUF_MEM structure from a memory BIO and then free up the BIO:
.PP
.Vb 1
\& BUF_MEM *bptr;
@ -294,8 +244,8 @@ Extract the \s-1BUF_MEM\s0 structure from a memory \s-1BIO\s0 and then free up t
\& BIO_free(mem);
.Ve
.PP
Extract the \s-1BUF_MEM\s0 ptr, claim ownership of the internal data and free the \s-1BIO\s0
and \s-1BUF_MEM\s0 structure:
Extract the BUF_MEM ptr, claim ownership of the internal data and free the BIO
and BUF_MEM structure:
.PP
.Vb 2
\& BUF_MEM *bptr;
@ -310,11 +260,14 @@ and \s-1BUF_MEM\s0 structure:
\& ...
\& free(data);
.Ve
.SH "COPYRIGHT"
.SH HISTORY
.IX Header "HISTORY"
\&\fBBIO_s_dgram_mem()\fR was added in OpenSSL 3.2.
.SH COPYRIGHT
.IX Header "COPYRIGHT"
Copyright 2000\-2023 The OpenSSL Project Authors. All Rights Reserved.
Copyright 2000\-2024 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
in the file LICENSE in the source distribution or at
<https://www.openssl.org/source/license.html>.

110
secure/lib/libcrypto/man/man3/BIO_s_null.3
View file

@ -1,4 +1,5 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\" -*- mode: troff; coding: utf-8 -*-
.\" Automatically generated by Pod::Man 5.0102 (Pod::Simple 3.45)
.\"
.\" Standard preamble:
.\" ========================================================================
@ -15,29 +16,12 @@
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.\" \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>.
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
@ -68,90 +52,30 @@
. \}
.\}
.rr rF
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "BIO_S_NULL 3ossl"
.TH BIO_S_NULL 3ossl "2023-09-19" "3.0.11" "OpenSSL"
.TH BIO_S_NULL 3ossl 2025-07-01 3.5.1 OpenSSL
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
.SH NAME
BIO_s_null \- null data sink
.SH "SYNOPSIS"
.SH SYNOPSIS
.IX Header "SYNOPSIS"
.Vb 1
\& #include <openssl/bio.h>
\&
\& const BIO_METHOD *BIO_s_null(void);
.Ve
.SH "DESCRIPTION"
.SH DESCRIPTION
.IX Header "DESCRIPTION"
\&\fBBIO_s_null()\fR returns the null sink \s-1BIO\s0 method. Data written to
the null sink is discarded, reads return \s-1EOF.\s0
.SH "NOTES"
\&\fBBIO_s_null()\fR returns the null sink BIO method. Data written to
the null sink is discarded, reads return EOF.
.SH NOTES
.IX Header "NOTES"
A null sink \s-1BIO\s0 behaves in a similar manner to the Unix /dev/null
A null sink BIO behaves in a similar manner to the Unix /dev/null
device.
.PP
A null bio can be placed on the end of a chain to discard any data
@ -159,16 +83,16 @@ passed through it.
.PP
A null sink is useful if, for example, an application wishes to digest some
data by writing through a digest bio but not send the digested data anywhere.
Since a \s-1BIO\s0 chain must normally include a source/sink \s-1BIO\s0 this can be achieved
by adding a null sink \s-1BIO\s0 to the end of the chain
Since a BIO chain must normally include a source/sink BIO this can be achieved
by adding a null sink BIO to the end of the chain
.SH "RETURN VALUES"
.IX Header "RETURN VALUES"
\&\fBBIO_s_null()\fR returns the null sink \s-1BIO\s0 method.
.SH "COPYRIGHT"
\&\fBBIO_s_null()\fR returns the null sink BIO method.
.SH COPYRIGHT
.IX Header "COPYRIGHT"
Copyright 2000\-2016 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
in the file LICENSE in the source distribution or at
<https://www.openssl.org/source/license.html>.

108
secure/lib/libcrypto/man/man3/BIO_s_socket.3
View file

@ -1,4 +1,5 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\" -*- mode: troff; coding: utf-8 -*-
.\" Automatically generated by Pod::Man 5.0102 (Pod::Simple 3.45)
.\"
.\" Standard preamble:
.\" ========================================================================
@ -15,29 +16,12 @@
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.\" \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>.
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
@ -68,77 +52,17 @@
. \}
.\}
.rr rF
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "BIO_S_SOCKET 3ossl"
.TH BIO_S_SOCKET 3ossl "2023-09-19" "3.0.11" "OpenSSL"
.TH BIO_S_SOCKET 3ossl 2025-07-01 3.5.1 OpenSSL
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
.SH NAME
BIO_s_socket, BIO_new_socket \- socket BIO
.SH "SYNOPSIS"
.SH SYNOPSIS
.IX Header "SYNOPSIS"
.Vb 1
\& #include <openssl/bio.h>
@ -147,19 +71,19 @@ BIO_s_socket, BIO_new_socket \- socket BIO
\&
\& BIO *BIO_new_socket(int sock, int close_flag);
.Ve
.SH "DESCRIPTION"
.SH DESCRIPTION
.IX Header "DESCRIPTION"
\&\fBBIO_s_socket()\fR returns the socket \s-1BIO\s0 method. This is a wrapper
\&\fBBIO_s_socket()\fR returns the socket BIO method. This is a wrapper
round the platform's socket routines.
.PP
\&\fBBIO_read_ex()\fR and \fBBIO_write_ex()\fR read or write the underlying socket.
\&\fBBIO_puts()\fR is supported but \fBBIO_gets()\fR is not.
.PP
If the close flag is set then the socket is shut down and closed
when the \s-1BIO\s0 is freed.
when the BIO is freed.
.PP
\&\fBBIO_new_socket()\fR returns a socket \s-1BIO\s0 using \fBsock\fR and \fBclose_flag\fR.
.SH "NOTES"
\&\fBBIO_new_socket()\fR returns a socket BIO using \fBsock\fR and \fBclose_flag\fR.
.SH NOTES
.IX Header "NOTES"
Socket BIOs also support any relevant functionality of file descriptor
BIOs.
@ -170,15 +94,15 @@ Windows is one such platform. Any code mixing the two will not work on
all platforms.
.SH "RETURN VALUES"
.IX Header "RETURN VALUES"
\&\fBBIO_s_socket()\fR returns the socket \s-1BIO\s0 method.
\&\fBBIO_s_socket()\fR returns the socket BIO method.
.PP
\&\fBBIO_new_socket()\fR returns the newly allocated \s-1BIO\s0 or \s-1NULL\s0 is an error
\&\fBBIO_new_socket()\fR returns the newly allocated BIO or NULL is an error
occurred.
.SH "COPYRIGHT"
.SH COPYRIGHT
.IX Header "COPYRIGHT"
Copyright 2000\-2016 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
in the file LICENSE in the source distribution or at
<https://www.openssl.org/source/license.html>.

272
secure/lib/libcrypto/man/man3/BIO_sendmmsg.3 Normal file
View file

@ -0,0 +1,272 @@
.\" -*- mode: troff; coding: utf-8 -*-
.\" Automatically generated by Pod::Man 5.0102 (Pod::Simple 3.45)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>.
.ie n \{\
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\" ========================================================================
.\"
.IX Title "BIO_SENDMMSG 3ossl"
.TH BIO_SENDMMSG 3ossl 2025-07-01 3.5.1 OpenSSL
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH NAME
BIO_sendmmsg, BIO_recvmmsg, BIO_dgram_set_local_addr_enable,
BIO_dgram_get_local_addr_enable, BIO_dgram_get_local_addr_cap,
BIO_err_is_non_fatal \- send and receive multiple datagrams in a single call
.SH SYNOPSIS
.IX Header "SYNOPSIS"
.Vb 1
\& #include <openssl/bio.h>
\&
\& typedef struct bio_msg_st {
\& void *data;
\& size_t data_len;
\& BIO_ADDR *peer, *local;
\& uint64_t flags;
\& } BIO_MSG;
\&
\& int BIO_sendmmsg(BIO *b, BIO_MSG *msg,
\& size_t stride, size_t num_msg, uint64_t flags,
\& size_t *msgs_processed);
\& int BIO_recvmmsg(BIO *b, BIO_MSG *msg,
\& size_t stride, size_t num_msg, uint64_t flags,
\& size_t *msgs_processed);
\&
\& int BIO_dgram_set_local_addr_enable(BIO *b, int enable);
\& int BIO_dgram_get_local_addr_enable(BIO *b, int *enable);
\& int BIO_dgram_get_local_addr_cap(BIO *b);
\& int BIO_err_is_non_fatal(unsigned int errcode);
.Ve
.SH DESCRIPTION
.IX Header "DESCRIPTION"
\&\fBBIO_sendmmsg()\fR and \fBBIO_recvmmsg()\fR functions can be used to send and receive
multiple messages in a single call to a BIO. They are analogous to \fBsendmmsg\fR\|(2)
and \fBrecvmmsg\fR\|(2) on operating systems which provide those functions.
.PP
The \fBBIO_MSG\fR structure provides a subset of the functionality of the \fBstruct
msghdr\fR structure defined by POSIX. These functions accept an array of
\&\fBBIO_MSG\fR structures. On any particular invocation, these functions may process
all of the passed structures, some of them, or none of them. This is indicated
by the value stored in \fI*msgs_processed\fR, which expresses the number of
messages processed.
.PP
The caller should set the \fIdata\fR member of a \fBBIO_MSG\fR to a buffer containing
the data to send, or to be filled with a received message. \fIdata_len\fR should be
set to the size of the buffer in bytes. If the given \fBBIO_MSG\fR is processed (in
other words, if the integer returned by the function is greater than or equal to
that \fBBIO_MSG\fR's array index), \fIdata_len\fR will be modified to specify the
actual amount of data sent or received.
.PP
The \fIflags\fR field of a \fBBIO_MSG\fR provides input per-message flags to the
invocation. If the invocation processes that \fBBIO_MSG\fR, the \fIflags\fR field is
written with output per-message flags, or zero if no such flags are applicable.
.PP
Currently, no input or output per-message flags are defined and this field
should be set to zero before calling \fBBIO_sendmmsg()\fR or \fBBIO_recvmmsg()\fR.
.PP
The \fIflags\fR argument to \fBBIO_sendmmsg()\fR and \fBBIO_recvmmsg()\fR provides global
flags which affect the entire invocation. No global flags are currently
defined and this argument should be set to zero.
.PP
When these functions are used to send and receive datagrams, the \fIpeer\fR field
of a \fBBIO_MSG\fR allows the destination address of sent datagrams to be specified
on a per-datagram basis, and the source address of received datagrams to be
determined. The \fIpeer\fR field should be set to point to a \fBBIO_ADDR\fR, which
will be read by \fBBIO_sendmmsg()\fR and used as the destination address for sent
datagrams, and written by \fBBIO_recvmmsg()\fR with the source address of received
datagrams.
.PP
Similarly, the \fIlocal\fR field of a \fBBIO_MSG\fR allows the source address of sent
datagrams to be specified on a per-datagram basis, and the destination address
of received datagrams to be determined. Unlike \fIpeer\fR, support for \fIlocal\fR
must be explicitly enabled on a \fBBIO\fR before it can be used; see
\&\fBBIO_dgram_set_local_addr_enable()\fR. If \fIlocal\fR is non-NULL in a \fBBIO_MSG\fR and
support for \fIlocal\fR has not been enabled, processing of that \fBBIO_MSG\fR fails.
.PP
\&\fIpeer\fR and \fIlocal\fR should be set to NULL if they are not required. Support for
\&\fIlocal\fR may not be available on all platforms; on these platforms, these
functions always fail if \fIlocal\fR is non-NULL.
.PP
If \fIlocal\fR is specified and local address support is enabled, but the operating
system does not report a local address for a specific received message, the
\&\fBBIO_ADDR\fR it points to will be cleared (address family set to \f(CW\*(C`AF_UNSPEC\*(C'\fR).
This is known to happen on Windows when a packet is received which was sent by
the local system, regardless of whether the packet's destination address was the
loopback address or the IP address of a local non-loopback interface. This is
also known to happen on macOS in some circumstances, such as for packets sent
before local address support was enabled for a receiving socket. These are
OS-specific limitations. As such, users of this API using local address support
should expect to sometimes receive a cleared local \fBBIO_ADDR\fR instead of the
correct value.
.PP
The \fIstride\fR argument must be set to \f(CWsizeof(BIO_MSG)\fR. This argument
facilitates backwards compatibility if fields are added to \fBBIO_MSG\fR. Callers
must zero-initialize \fBBIO_MSG\fR.
.PP
\&\fInum_msg\fR should be sent to the maximum number of messages to send or receive,
which is also the length of the array pointed to by \fImsg\fR.
.PP
\&\fImsgs_processed\fR must be non-NULL and points to an integer written with the
number of messages successfully processed; see the RETURN VALUES section for
further discussion.
.PP
Unlike most BIO functions, these functions explicitly support multi-threaded
use. Multiple concurrent writers and multiple concurrent readers of the same BIO
are permitted in any combination. As such, these functions do not clear, set, or
otherwise modify BIO retry flags. The return value must be used to determine
whether an operation should be retried; see below.
.PP
The support for concurrent use extends to \fBBIO_sendmmsg()\fR and \fBBIO_recvmmsg()\fR
only, and no other function may be called on a given BIO while any call to
\&\fBBIO_sendmmsg()\fR or \fBBIO_recvmmsg()\fR is in progress, or vice versa.
.PP
\&\fBBIO_dgram_set_local_addr_enable()\fR and \fBBIO_dgram_get_local_addr_enable()\fR control
whether local address support is enabled. To enable local address support, call
\&\fBBIO_dgram_set_local_addr_enable()\fR with an argument of 1. The call will fail if
local address support is not available for the platform.
\&\fBBIO_dgram_get_local_addr_enable()\fR retrieves the value set by
\&\fBBIO_dgram_set_local_addr_enable()\fR.
.PP
\&\fBBIO_dgram_get_local_addr_cap()\fR determines if the \fBBIO\fR is capable of supporting
local addresses.
.PP
\&\fBBIO_err_is_non_fatal()\fR determines if a packed error code represents an error
which is transient in nature.
.SH NOTES
.IX Header "NOTES"
Some implementations of the \fBBIO_sendmmsg()\fR and \fBBIO_recvmmsg()\fR BIO methods might
always process at most one message at a time, for example when OS-level
functionality to transmit or receive multiple messages at a time is not
available.
.SH "RETURN VALUES"
.IX Header "RETURN VALUES"
On success, the functions \fBBIO_sendmmsg()\fR and \fBBIO_recvmmsg()\fR return 1 and write
the number of messages successfully processed (which need not be nonzero) to
\&\fImsgs_processed\fR. Where a positive value n is written to \fImsgs_processed\fR, all
entries in the \fBBIO_MSG\fR array from 0 through n\-1 inclusive have their
\&\fIdata_len\fR and \fIflags\fR fields updated with the results of the operation on
that message. If the call was to \fBBIO_recvmmsg()\fR and the \fIpeer\fR or \fIlocal\fR
fields of that message are non-NULL, the \fBBIO_ADDR\fR structures they point to
are written with the relevant address.
.PP
On failure, the functions \fBBIO_sendmmsg()\fR and \fBBIO_recvmmsg()\fR return 0 and write
zero to \fImsgs_processed\fR. Thus \fImsgs_processed\fR is always written regardless
of the outcome of the function call.
.PP
If \fBBIO_sendmmsg()\fR and \fBBIO_recvmmsg()\fR fail, they always raise an \fBERR_LIB_BIO\fR
error using \fBERR_raise\fR\|(3). Any error may be raised, but the following in
particular may be noted:
.IP \fBBIO_R_LOCAL_ADDR_NOT_AVAILABLE\fR 2
.IX Item "BIO_R_LOCAL_ADDR_NOT_AVAILABLE"
The \fIlocal\fR field was set to a non-NULL value, but local address support is not
available or not enabled on the BIO.
.IP \fBBIO_R_PEER_ADDR_NOT_AVAILABLE\fR 2
.IX Item "BIO_R_PEER_ADDR_NOT_AVAILABLE"
The \fIpeer\fR field was set to a non-NULL value, but peer address support is not
available on the BIO.
.IP \fBBIO_R_UNSUPPORTED_METHOD\fR 2
.IX Item "BIO_R_UNSUPPORTED_METHOD"
The \fBBIO_sendmmsg()\fR or \fBBIO_recvmmsg()\fR method is not supported on the BIO.
.IP \fBBIO_R_NON_FATAL\fR 2
.IX Item "BIO_R_NON_FATAL"
The call failed due to a transient, non-fatal error (for example, because the
BIO is in nonblocking mode and the call would otherwise have blocked).
.Sp
Implementations of this interface which do not make system calls and thereby
pass through system error codes using \fBERR_LIB_SYS\fR (for example, memory-based
implementations) should issue this reason code to indicate a transient failure.
However, users of this interface should not test for this reason code directly,
as there are multiple possible packed error codes representing a transient
failure; use \fBBIO_err_is_non_fatal()\fR instead (discussed below).
.IP "Socket errors" 2
.IX Item "Socket errors"
OS-level socket errors are reported using an error with library code
\&\fBERR_LIB_SYS\fR; for a packed error code \fBerrcode\fR where
\&\f(CW\*(C`ERR_SYSTEM_ERROR(errcode) == 1\*(C'\fR, the OS-level socket error code can be
retrieved using \f(CWERR_GET_REASON(errcode)\fR. The packed error code can be
retrieved by calling \fBERR_peek_last_error\fR\|(3) after the call to \fBBIO_sendmmsg()\fR
or \fBBIO_recvmmsg()\fR returns 0.
.IP "Non-fatal errors" 2
.IX Item "Non-fatal errors"
Whether an error is transient can be determined by passing the packed error code
to \fBBIO_err_is_non_fatal()\fR. Callers should do this instead of testing the reason
code directly, as there are many possible error codes which can indicate a
transient error, many of which are system specific.
.PP
Third parties implementing custom BIOs supporting the \fBBIO_sendmmsg()\fR or
\&\fBBIO_recvmmsg()\fR methods should note that it is a required part of the API
contract that an error is always raised when either of these functions return 0.
.PP
\&\fBBIO_dgram_set_local_addr_enable()\fR returns 1 if local address support was
successfully enabled or disabled and 0 otherwise.
.PP
\&\fBBIO_dgram_get_local_addr_enable()\fR returns 1 if the local address support enable
flag was successfully retrieved.
.PP
\&\fBBIO_dgram_get_local_addr_cap()\fR returns 1 if the \fBBIO\fR can support local
addresses.
.PP
\&\fBBIO_err_is_non_fatal()\fR returns 1 if the passed packed error code represents an
error which is transient in nature.
.SH HISTORY
.IX Header "HISTORY"
These functions were added in OpenSSL 3.2.
.SH COPYRIGHT
.IX Header "COPYRIGHT"
Copyright 2000\-2023 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file LICENSE in the source distribution or at
<https://www.openssl.org/source/license.html>.

187
secure/lib/libcrypto/man/man3/BIO_set_callback.3
View file

@ -1,4 +1,5 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\" -*- mode: troff; coding: utf-8 -*-
.\" Automatically generated by Pod::Man 5.0102 (Pod::Simple 3.45)
.\"
.\" Standard preamble:
.\" ========================================================================
@ -15,29 +16,12 @@
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.\" \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>.
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
@ -68,80 +52,20 @@
. \}
.\}
.rr rF
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "BIO_SET_CALLBACK 3ossl"
.TH BIO_SET_CALLBACK 3ossl "2023-09-19" "3.0.11" "OpenSSL"
.TH BIO_SET_CALLBACK 3ossl 2025-07-01 3.5.1 OpenSSL
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
.SH NAME
BIO_set_callback_ex, BIO_get_callback_ex, BIO_set_callback, BIO_get_callback,
BIO_set_callback_arg, BIO_get_callback_arg, BIO_debug_callback,
BIO_debug_callback_ex, BIO_callback_fn_ex, BIO_callback_fn
\&\- BIO callback functions
.SH "SYNOPSIS"
.SH SYNOPSIS
.IX Header "SYNOPSIS"
.Vb 1
\& #include <openssl/bio.h>
@ -161,7 +85,7 @@ BIO_debug_callback_ex, BIO_callback_fn_ex, BIO_callback_fn
.Ve
.PP
The following functions have been deprecated since OpenSSL 3.0, and can be
hidden entirely by defining \fB\s-1OPENSSL_API_COMPAT\s0\fR with a suitable version value,
hidden entirely by defining \fBOPENSSL_API_COMPAT\fR with a suitable version value,
see \fBopenssl_user_macros\fR\|(7):
.PP
.Vb 6
@ -171,15 +95,22 @@ see \fBopenssl_user_macros\fR\|(7):
\& BIO_callback_fn BIO_get_callback(const BIO *b);
\& long BIO_debug_callback(BIO *bio, int cmd, const char *argp, int argi,
\& long argl, long ret);
\&
\& typedef struct bio_mmsg_cb_args_st {
\& BIO_MSG *msg;
\& size_t stride, num_msg;
\& uint64_t flags;
\& size_t *msgs_processed;
\& } BIO_MMSG_CB_ARGS;
.Ve
.SH "DESCRIPTION"
.SH DESCRIPTION
.IX Header "DESCRIPTION"
\&\fBBIO_set_callback_ex()\fR and \fBBIO_get_callback_ex()\fR set and retrieve the \s-1BIO\s0
callback. The callback is called during most high-level \s-1BIO\s0 operations. It can
be used for debugging purposes to trace operations on a \s-1BIO\s0 or to modify its
\&\fBBIO_set_callback_ex()\fR and \fBBIO_get_callback_ex()\fR set and retrieve the BIO
callback. The callback is called during most high-level BIO operations. It can
be used for debugging purposes to trace operations on a BIO or to modify its
operation.
.PP
\&\fBBIO_set_callback()\fR and \fBBIO_get_callback()\fR set and retrieve the old format \s-1BIO\s0
\&\fBBIO_set_callback()\fR and \fBBIO_get_callback()\fR set and retrieve the old format BIO
callback. New code should not use these functions, but they are retained for
backwards compatibility. Any callback set via \fBBIO_set_callback_ex()\fR will get
called in preference to any set by \fBBIO_set_callback()\fR.
@ -188,8 +119,8 @@ called in preference to any set by \fBBIO_set_callback()\fR.
used to set and retrieve an argument for use in the callback.
.PP
\&\fBBIO_debug_callback_ex()\fR is a standard debugging callback which prints
out information relating to each \s-1BIO\s0 operation. If the callback
argument is set it is interpreted as a \s-1BIO\s0 to send the information
out information relating to each BIO operation. If the callback
argument is set it is interpreted as a BIO to send the information
to, otherwise stderr is used. The \fBBIO_debug_callback()\fR function is the
deprecated version of the same callback for use with the old callback
format \fBBIO_set_callback()\fR function.
@ -197,35 +128,35 @@ format \fBBIO_set_callback()\fR function.
BIO_callback_fn_ex is the type of the callback function and BIO_callback_fn
is the type of the old format callback function. The meaning of each argument
is described below:
.IP "\fBb\fR" 4
.IP \fBb\fR 4
.IX Item "b"
The \s-1BIO\s0 the callback is attached to is passed in \fBb\fR.
.IP "\fBoper\fR" 4
The BIO the callback is attached to is passed in \fBb\fR.
.IP \fBoper\fR 4
.IX Item "oper"
\&\fBoper\fR is set to the operation being performed. For some operations
the callback is called twice, once before and once after the actual
operation, the latter case has \fBoper\fR or'ed with \s-1BIO_CB_RETURN.\s0
.IP "\fBlen\fR" 4
operation, the latter case has \fBoper\fR or'ed with BIO_CB_RETURN.
.IP \fBlen\fR 4
.IX Item "len"
The length of the data requested to be read or written. This is only useful if
\&\fBoper\fR is \s-1BIO_CB_READ, BIO_CB_WRITE\s0 or \s-1BIO_CB_GETS.\s0
\&\fBoper\fR is BIO_CB_READ, BIO_CB_WRITE or BIO_CB_GETS.
.IP "\fBargp\fR \fBargi\fR \fBargl\fR" 4
.IX Item "argp argi argl"
The meaning of the arguments \fBargp\fR, \fBargi\fR and \fBargl\fR depends on
the value of \fBoper\fR, that is the operation being performed.
.IP "\fBprocessed\fR" 4
.IP \fBprocessed\fR 4
.IX Item "processed"
\&\fBprocessed\fR is a pointer to a location which will be updated with the amount of
data that was actually read or written. Only used for \s-1BIO_CB_READ, BIO_CB_WRITE,
BIO_CB_GETS\s0 and \s-1BIO_CB_PUTS.\s0
.IP "\fBret\fR" 4
data that was actually read or written. Only used for BIO_CB_READ, BIO_CB_WRITE,
BIO_CB_GETS and BIO_CB_PUTS.
.IP \fBret\fR 4
.IX Item "ret"
\&\fBret\fR is the return value that would be returned to the
application if no callback were present. The actual value returned
is the return value of the callback itself. In the case of callbacks
called before the actual \s-1BIO\s0 operation 1 is placed in \fBret\fR, if
called before the actual BIO operation 1 is placed in \fBret\fR, if
the return value is not positive it will be immediately returned to
the application and the \s-1BIO\s0 operation will not be performed.
the application and the BIO operation will not be performed.
.PP
The callback should normally simply return \fBret\fR when it has
finished processing, unless it specifically wishes to modify the
@ -234,7 +165,7 @@ value returned to the application.
.IX Header "CALLBACK OPERATIONS"
In the notes below, \fBcallback\fR defers to the actual callback
function that is called.
.IP "\fBBIO_free(b)\fR" 4
.IP \fBBIO_free(b)\fR 4
.IX Item "BIO_free(b)"
.Vb 1
\& callback_ex(b, BIO_CB_FREE, NULL, 0, 0, 0L, 1L, NULL)
@ -350,7 +281,7 @@ or
.Ve
.Sp
after.
.IP "\fBBIO_ctrl(\s-1BIO\s0 *b, int cmd, long larg, void *parg)\fR" 4
.IP "\fBBIO_ctrl(BIO *b, int cmd, long larg, void *parg)\fR" 4
.IX Item "BIO_ctrl(BIO *b, int cmd, long larg, void *parg)"
.Vb 1
\& callback_ex(b, BIO_CB_CTRL, parg, 0, cmd, larg, 1L, NULL)
@ -376,9 +307,43 @@ or
.Sp
after.
.Sp
Note: \fBcmd\fR == \fB\s-1BIO_CTRL_SET_CALLBACK\s0\fR is special, because \fBparg\fR is not the
Note: \fBcmd\fR == \fBBIO_CTRL_SET_CALLBACK\fR is special, because \fBparg\fR is not the
argument of type \fBBIO_info_cb\fR itself. In this case \fBparg\fR is a pointer to
the actual call parameter, see \fBBIO_callback_ctrl\fR.
.IP "\fBBIO_sendmmsg(BIO *b, BIO_MSG *msg, size_t stride, size_t num_msg, uint64_t flags, size_t *msgs_processed)\fR" 4
.IX Item "BIO_sendmmsg(BIO *b, BIO_MSG *msg, size_t stride, size_t num_msg, uint64_t flags, size_t *msgs_processed)"
.Vb 1
\& callback_ex(b, BIO_CB_SENDMMSG, args, 0, 0, 0, 1, NULL)
.Ve
.Sp
or
.Sp
.Vb 1
\& callback(b, BIO_CB_SENDMMSG, args, 0, 0, 1)
.Ve
.Sp
is called before the call and
.Sp
.Vb 1
\& callback_ex(b, BIO_CB_SENDMMSG | BIO_CB_RETURN, args, ret, 0, 0, ret, NULL)
.Ve
.Sp
or
.Sp
.Vb 1
\& callback(b, BIO_CB_SENDMMSG | BIO_CB_RETURN, args, ret, 0, 0, ret)
.Ve
.Sp
after.
.Sp
\&\fBargs\fR is a pointer to a \fBBIO_MMSG_CB_ARGS\fR structure containing the arguments
passed to \fBBIO_sendmmsg()\fR. \fBret\fR is the return value of the \fBBIO_sendmmsg()\fR call.
The return value of \fBBIO_sendmmsg()\fR is altered to the value returned by the
\&\fBBIO_CB_SENDMMSG | BIO_CB_RETURN\fR call.
.IP "\fBBIO_recvmmsg(BIO *b, BIO_MSG *msg, size_t stride, size_t num_msg, uint64_t flags, size_t *msgs_processed)\fR" 4
.IX Item "BIO_recvmmsg(BIO *b, BIO_MSG *msg, size_t stride, size_t num_msg, uint64_t flags, size_t *msgs_processed)"
See the documentation for \fBBIO_sendmmsg()\fR. \fBBIO_recvmmsg()\fR works identically
except that \fBBIO_CB_RECVMMSG\fR is used instead of \fBBIO_CB_SENDMMSG\fR.
.SH "RETURN VALUES"
.IX Header "RETURN VALUES"
\&\fBBIO_get_callback_ex()\fR and \fBBIO_get_callback()\fR return the callback function
@ -388,23 +353,23 @@ respectively.
\&\fBBIO_get_callback_arg()\fR returns a \fBchar\fR pointer to the value previously set
via a call to \fBBIO_set_callback_arg()\fR.
.PP
\&\fBBIO_debug_callback()\fR returns 1 or \fBret\fR if it's called after specific \s-1BIO\s0
\&\fBBIO_debug_callback()\fR returns 1 or \fBret\fR if it's called after specific BIO
operations.
.SH "EXAMPLES"
.SH EXAMPLES
.IX Header "EXAMPLES"
The \fBBIO_debug_callback_ex()\fR function is an example, its source is
in crypto/bio/bio_cb.c
.SH "HISTORY"
.SH HISTORY
.IX Header "HISTORY"
The \fBBIO_debug_callback_ex()\fR function was added in OpenSSL 3.0.
.PP
\&\fBBIO_set_callback()\fR, \fBBIO_get_callback()\fR, and \fBBIO_debug_callback()\fR were
deprecated in OpenSSL 3.0. Use the non-deprecated _ex functions instead.
.SH "COPYRIGHT"
.SH COPYRIGHT
.IX Header "COPYRIGHT"
Copyright 2000\-2021 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
in the file LICENSE in the source distribution or at
<https://www.openssl.org/source/license.html>.

162
secure/lib/libcrypto/man/man3/BIO_should_retry.3
View file

@ -1,4 +1,5 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\" -*- mode: troff; coding: utf-8 -*-
.\" Automatically generated by Pod::Man 5.0102 (Pod::Simple 3.45)
.\"
.\" Standard preamble:
.\" ========================================================================
@ -15,29 +16,12 @@
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.\" \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>.
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
@ -68,80 +52,20 @@
. \}
.\}
.rr rF
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "BIO_SHOULD_RETRY 3ossl"
.TH BIO_SHOULD_RETRY 3ossl "2023-09-19" "3.0.11" "OpenSSL"
.TH BIO_SHOULD_RETRY 3ossl 2025-07-01 3.5.1 OpenSSL
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
.SH NAME
BIO_should_read, BIO_should_write,
BIO_should_io_special, BIO_retry_type, BIO_should_retry,
BIO_get_retry_BIO, BIO_get_retry_reason, BIO_set_retry_reason \- BIO retry
functions
.SH "SYNOPSIS"
.SH SYNOPSIS
.IX Header "SYNOPSIS"
.Vb 1
\& #include <openssl/bio.h>
@ -156,9 +80,9 @@ functions
\& int BIO_get_retry_reason(BIO *bio);
\& void BIO_set_retry_reason(BIO *bio, int reason);
.Ve
.SH "DESCRIPTION"
.SH DESCRIPTION
.IX Header "DESCRIPTION"
These functions determine why a \s-1BIO\s0 is not able to read or write data.
These functions determine why a BIO is not able to read or write data.
They will typically be called after a failed \fBBIO_read_ex()\fR or \fBBIO_write_ex()\fR
call.
.PP
@ -167,58 +91,58 @@ should then be retried at a later time.
.PP
If \fBBIO_should_retry()\fR is false then the cause is an error condition.
.PP
\&\fBBIO_should_read()\fR is true if the cause of the condition is that the \s-1BIO\s0
\&\fBBIO_should_read()\fR is true if the cause of the condition is that the BIO
has insufficient data to return. Check for readability and/or retry the
last operation.
.PP
\&\fBBIO_should_write()\fR is true if the cause of the condition is that the \s-1BIO\s0
\&\fBBIO_should_write()\fR is true if the cause of the condition is that the BIO
has pending data to write. Check for writability and/or retry the
last operation.
.PP
\&\fBBIO_should_io_special()\fR is true if some \*(L"special\*(R" condition, that is a
\&\fBBIO_should_io_special()\fR is true if some "special" condition, that is a
reason other than reading or writing is the cause of the condition.
.PP
\&\fBBIO_retry_type()\fR returns a mask of the cause of a retry condition
consisting of the values \fB\s-1BIO_FLAGS_READ\s0\fR, \fB\s-1BIO_FLAGS_WRITE\s0\fR,
\&\fB\s-1BIO_FLAGS_IO_SPECIAL\s0\fR though current \s-1BIO\s0 types will only set one of
consisting of the values \fBBIO_FLAGS_READ\fR, \fBBIO_FLAGS_WRITE\fR,
\&\fBBIO_FLAGS_IO_SPECIAL\fR though current BIO types will only set one of
these.
.PP
\&\fBBIO_get_retry_BIO()\fR determines the precise reason for the special
condition, it returns the \s-1BIO\s0 that caused this condition and if
\&\fBreason\fR is not \s-1NULL\s0 it contains the reason code. The meaning of
condition, it returns the BIO that caused this condition and if
\&\fBreason\fR is not NULL it contains the reason code. The meaning of
the reason code and the action that should be taken depends on
the type of \s-1BIO\s0 that resulted in this condition.
the type of BIO that resulted in this condition.
.PP
\&\fBBIO_get_retry_reason()\fR returns the reason for a special condition if
passed the relevant \s-1BIO,\s0 for example as returned by \fBBIO_get_retry_BIO()\fR.
passed the relevant BIO, for example as returned by \fBBIO_get_retry_BIO()\fR.
.PP
\&\fBBIO_set_retry_reason()\fR sets the retry reason for a special condition for a given
\&\s-1BIO.\s0 This would usually only be called by \s-1BIO\s0 implementations.
.SH "NOTES"
BIO. This would usually only be called by BIO implementations.
.SH NOTES
.IX Header "NOTES"
\&\fBBIO_should_read()\fR, \fBBIO_should_write()\fR, \fBBIO_should_io_special()\fR,
\&\fBBIO_retry_type()\fR, and \fBBIO_should_retry()\fR, are implemented as macros.
.PP
If \fBBIO_should_retry()\fR returns false then the precise \*(L"error condition\*(R"
depends on the \s-1BIO\s0 type that caused it and the return code of the \s-1BIO\s0
operation. For example if a call to \fBBIO_read_ex()\fR on a socket \s-1BIO\s0 returns
If \fBBIO_should_retry()\fR returns false then the precise "error condition"
depends on the BIO type that caused it and the return code of the BIO
operation. For example if a call to \fBBIO_read_ex()\fR on a socket BIO returns
0 and \fBBIO_should_retry()\fR is false then the cause will be that the
connection closed. A similar condition on a file \s-1BIO\s0 will mean that it
has reached \s-1EOF.\s0 Some \s-1BIO\s0 types may place additional information on
the error queue. For more details see the individual \s-1BIO\s0 type manual
connection closed. A similar condition on a file BIO will mean that it
has reached EOF. Some BIO types may place additional information on
the error queue. For more details see the individual BIO type manual
pages.
.PP
If the underlying I/O structure is in a blocking mode almost all current
\&\s-1BIO\s0 types will not request a retry, because the underlying I/O
calls will not. If the application knows that the \s-1BIO\s0 type will never
BIO types will not request a retry, because the underlying I/O
calls will not. If the application knows that the BIO type will never
signal a retry then it need not call \fBBIO_should_retry()\fR after a failed
\&\s-1BIO I/O\s0 call. This is typically done with file BIOs.
BIO I/O call. This is typically done with file BIOs.
.PP
\&\s-1SSL\s0 BIOs are the only current exception to this rule: they can request a
SSL BIOs are the only current exception to this rule: they can request a
retry even if the underlying I/O structure is blocking, if a handshake
occurs during a call to \fBBIO_read()\fR. An application can retry the failed
call immediately or avoid this situation by setting \s-1SSL_MODE_AUTO_RETRY\s0
on the underlying \s-1SSL\s0 structure.
call immediately or avoid this situation by setting SSL_MODE_AUTO_RETRY
on the underlying SSL structure.
.PP
While an application may retry a failed non blocking call immediately
this is likely to be very inefficient because the call will fail
@ -228,47 +152,47 @@ this is done depends on the underlying I/O structure.
.PP
For example if the cause is ultimately a socket and \fBBIO_should_read()\fR
is true then a call to \fBselect()\fR may be made to wait until data is
available and then retry the \s-1BIO\s0 operation. By combining the retry
available and then retry the BIO operation. By combining the retry
conditions of several non blocking BIOs in a single \fBselect()\fR call
it is possible to service several BIOs in a single thread, though
the performance may be poor if \s-1SSL\s0 BIOs are present because long delays
the performance may be poor if SSL BIOs are present because long delays
can occur during the initial handshake process.
.PP
It is possible for a \s-1BIO\s0 to block indefinitely if the underlying I/O
It is possible for a BIO to block indefinitely if the underlying I/O
structure cannot process or return any data. This depends on the behaviour of
the platforms I/O functions. This is often not desirable: one solution
is to use non blocking I/O and use a timeout on the \fBselect()\fR (or
equivalent) call.
.SH "BUGS"
.SH BUGS
.IX Header "BUGS"
The OpenSSL \s-1ASN1\s0 functions cannot gracefully deal with non blocking I/O:
The OpenSSL ASN1 functions cannot gracefully deal with non blocking I/O:
that is they cannot retry after a partial read or write. This is usually
worked around by only passing the relevant data to \s-1ASN1\s0 functions when
worked around by only passing the relevant data to ASN1 functions when
the entire structure can be read or written.
.SH "RETURN VALUES"
.IX Header "RETURN VALUES"
\&\fBBIO_should_read()\fR, \fBBIO_should_write()\fR, \fBBIO_should_io_special()\fR, and
\&\fBBIO_should_retry()\fR return either 1 or 0 based on the actual conditions
of the \fB\s-1BIO\s0\fR.
of the \fBBIO\fR.
.PP
\&\fBBIO_retry_type()\fR returns a flag combination presenting the cause of a retry
condition or false if there is no retry condition.
.PP
\&\fBBIO_get_retry_BIO()\fR returns a valid \fB\s-1BIO\s0\fR structure.
\&\fBBIO_get_retry_BIO()\fR returns a valid \fBBIO\fR structure.
.PP
\&\fBBIO_get_retry_reason()\fR returns the reason for a special condition.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBbio\fR\|(7)
.SH "HISTORY"
.SH HISTORY
.IX Header "HISTORY"
The \fBBIO_get_retry_reason()\fR and \fBBIO_set_retry_reason()\fR functions were added in
OpenSSL 1.1.0.
.SH "COPYRIGHT"
.SH COPYRIGHT
.IX Header "COPYRIGHT"
Copyright 2000\-2018 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
in the file LICENSE in the source distribution or at
<https://www.openssl.org/source/license.html>.

98
secure/lib/libcrypto/man/man3/BIO_socket_wait.3
View file

@ -1,4 +1,5 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\" -*- mode: troff; coding: utf-8 -*-
.\" Automatically generated by Pod::Man 5.0102 (Pod::Simple 3.45)
.\"
.\" Standard preamble:
.\" ========================================================================
@ -15,29 +16,12 @@
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.\" \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>.
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
@ -68,80 +52,20 @@
. \}
.\}
.rr rF
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "BIO_SOCKET_WAIT 3ossl"
.TH BIO_SOCKET_WAIT 3ossl "2023-09-19" "3.0.11" "OpenSSL"
.TH BIO_SOCKET_WAIT 3ossl 2025-07-01 3.5.1 OpenSSL
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
.SH NAME
BIO_socket_wait,
BIO_wait,
BIO_do_connect_retry
\&\- BIO connection utility functions
.SH "SYNOPSIS"
.SH SYNOPSIS
.IX Header "SYNOPSIS"
.Vb 1
\& #include <openssl/bio.h>
@ -152,7 +76,7 @@ BIO_do_connect_retry
\& int BIO_wait(BIO *bio, time_t max_time, unsigned int nap_milliseconds);
\& int BIO_do_connect_retry(BIO *bio, int timeout, int nap_milliseconds);
.Ve
.SH "DESCRIPTION"
.SH DESCRIPTION
.IX Header "DESCRIPTION"
\&\fBBIO_socket_wait()\fR waits on the socket \fBfd\fR for reading if \fBfor_read\fR is not 0,
else for writing, at most until \fBmax_time\fR.
@ -184,15 +108,15 @@ return \-1 on error, 0 on timeout, and 1 on success.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBBIO_do_connect\fR\|(3), \fBBIO_read\fR\|(3)
.SH "HISTORY"
.SH HISTORY
.IX Header "HISTORY"
\&\fBBIO_socket_wait()\fR, \fBBIO_wait()\fR, and \fBBIO_do_connect_retry()\fR
were added in OpenSSL 3.0.
.SH "COPYRIGHT"
.SH COPYRIGHT
.IX Header "COPYRIGHT"
Copyright 2019\-2020 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
in the file LICENSE in the source distribution or at
<https://www.openssl.org/source/license.html>.

158
secure/lib/libcrypto/man/man3/BN_BLINDING_new.3
View file

@ -1,4 +1,5 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\" -*- mode: troff; coding: utf-8 -*-
.\" Automatically generated by Pod::Man 5.0102 (Pod::Simple 3.45)
.\"
.\" Standard preamble:
.\" ========================================================================
@ -15,29 +16,12 @@
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.\" \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>.
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
@ -68,81 +52,21 @@
. \}
.\}
.rr rF
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "BN_BLINDING_NEW 3ossl"
.TH BN_BLINDING_NEW 3ossl "2023-09-19" "3.0.11" "OpenSSL"
.TH BN_BLINDING_NEW 3ossl 2025-07-01 3.5.1 OpenSSL
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
.SH NAME
BN_BLINDING_new, BN_BLINDING_free, BN_BLINDING_update, BN_BLINDING_convert,
BN_BLINDING_invert, BN_BLINDING_convert_ex, BN_BLINDING_invert_ex,
BN_BLINDING_is_current_thread, BN_BLINDING_set_current_thread,
BN_BLINDING_lock, BN_BLINDING_unlock, BN_BLINDING_get_flags,
BN_BLINDING_set_flags, BN_BLINDING_create_param \- blinding related BIGNUM functions
.SH "SYNOPSIS"
.SH SYNOPSIS
.IX Header "SYNOPSIS"
.Vb 1
\& #include <openssl/bn.h>
@ -173,84 +97,84 @@ BN_BLINDING_set_flags, BN_BLINDING_create_param \- blinding related BIGNUM funct
\& BN_MONT_CTX *m_ctx),
\& BN_MONT_CTX *m_ctx);
.Ve
.SH "DESCRIPTION"
.SH DESCRIPTION
.IX Header "DESCRIPTION"
\&\fBBN_BLINDING_new()\fR allocates a new \fB\s-1BN_BLINDING\s0\fR structure and copies
the \fBA\fR and \fBAi\fR values into the newly created \fB\s-1BN_BLINDING\s0\fR object.
\&\fBBN_BLINDING_new()\fR allocates a new \fBBN_BLINDING\fR structure and copies
the \fBA\fR and \fBAi\fR values into the newly created \fBBN_BLINDING\fR object.
.PP
\&\fBBN_BLINDING_free()\fR frees the \fB\s-1BN_BLINDING\s0\fR structure.
If \fBb\fR is \s-1NULL,\s0 nothing is done.
\&\fBBN_BLINDING_free()\fR frees the \fBBN_BLINDING\fR structure.
If \fBb\fR is NULL, nothing is done.
.PP
\&\fBBN_BLINDING_update()\fR updates the \fB\s-1BN_BLINDING\s0\fR parameters by squaring
\&\fBBN_BLINDING_update()\fR updates the \fBBN_BLINDING\fR parameters by squaring
the \fBA\fR and \fBAi\fR or, after specific number of uses and if the
necessary parameters are set, by re-creating the blinding parameters.
.PP
\&\fBBN_BLINDING_convert_ex()\fR multiplies \fBn\fR with the blinding factor \fBA\fR.
If \fBr\fR is not \s-1NULL\s0 a copy the inverse blinding factor \fBAi\fR will be
returned in \fBr\fR (this is useful if a \fB\s-1RSA\s0\fR object is shared among
If \fBr\fR is not NULL a copy the inverse blinding factor \fBAi\fR will be
returned in \fBr\fR (this is useful if a \fBRSA\fR object is shared among
several threads). \fBBN_BLINDING_invert_ex()\fR multiplies \fBn\fR with the
inverse blinding factor \fBAi\fR. If \fBr\fR is not \s-1NULL\s0 it will be used as
inverse blinding factor \fBAi\fR. If \fBr\fR is not NULL it will be used as
the inverse blinding.
.PP
\&\fBBN_BLINDING_convert()\fR and \fBBN_BLINDING_invert()\fR are wrapper
functions for \fBBN_BLINDING_convert_ex()\fR and \fBBN_BLINDING_invert_ex()\fR
with \fBr\fR set to \s-1NULL.\s0
with \fBr\fR set to NULL.
.PP
\&\fBBN_BLINDING_is_current_thread()\fR returns whether the \fB\s-1BN_BLINDING\s0\fR
\&\fBBN_BLINDING_is_current_thread()\fR returns whether the \fBBN_BLINDING\fR
structure is owned by the current thread. This is to help users
provide proper locking if needed for multi-threaded use.
.PP
\&\fBBN_BLINDING_set_current_thread()\fR sets the current thread as the
owner of the \fB\s-1BN_BLINDING\s0\fR structure.
owner of the \fBBN_BLINDING\fR structure.
.PP
\&\fBBN_BLINDING_lock()\fR locks the \fB\s-1BN_BLINDING\s0\fR structure.
\&\fBBN_BLINDING_lock()\fR locks the \fBBN_BLINDING\fR structure.
.PP
\&\fBBN_BLINDING_unlock()\fR unlocks the \fB\s-1BN_BLINDING\s0\fR structure.
\&\fBBN_BLINDING_unlock()\fR unlocks the \fBBN_BLINDING\fR structure.
.PP
\&\fBBN_BLINDING_get_flags()\fR returns the \s-1BN_BLINDING\s0 flags. Currently
there are two supported flags: \fB\s-1BN_BLINDING_NO_UPDATE\s0\fR and
\&\fB\s-1BN_BLINDING_NO_RECREATE\s0\fR. \fB\s-1BN_BLINDING_NO_UPDATE\s0\fR inhibits the
automatic update of the \fB\s-1BN_BLINDING\s0\fR parameters after each use
and \fB\s-1BN_BLINDING_NO_RECREATE\s0\fR inhibits the automatic re-creation
of the \fB\s-1BN_BLINDING\s0\fR parameters after a fixed number of uses (currently
32). In newly allocated \fB\s-1BN_BLINDING\s0\fR objects no flags are set.
\&\fBBN_BLINDING_set_flags()\fR sets the \fB\s-1BN_BLINDING\s0\fR parameters flags.
\&\fBBN_BLINDING_get_flags()\fR returns the BN_BLINDING flags. Currently
there are two supported flags: \fBBN_BLINDING_NO_UPDATE\fR and
\&\fBBN_BLINDING_NO_RECREATE\fR. \fBBN_BLINDING_NO_UPDATE\fR inhibits the
automatic update of the \fBBN_BLINDING\fR parameters after each use
and \fBBN_BLINDING_NO_RECREATE\fR inhibits the automatic re-creation
of the \fBBN_BLINDING\fR parameters after a fixed number of uses (currently
32). In newly allocated \fBBN_BLINDING\fR objects no flags are set.
\&\fBBN_BLINDING_set_flags()\fR sets the \fBBN_BLINDING\fR parameters flags.
.PP
\&\fBBN_BLINDING_create_param()\fR creates new \fB\s-1BN_BLINDING\s0\fR parameters
\&\fBBN_BLINDING_create_param()\fR creates new \fBBN_BLINDING\fR parameters
using the exponent \fBe\fR and the modulus \fBm\fR. \fBbn_mod_exp\fR and
\&\fBm_ctx\fR can be used to pass special functions for exponentiation
(normally \fBBN_mod_exp_mont()\fR and \fB\s-1BN_MONT_CTX\s0\fR).
(normally \fBBN_mod_exp_mont()\fR and \fBBN_MONT_CTX\fR).
.SH "RETURN VALUES"
.IX Header "RETURN VALUES"
\&\fBBN_BLINDING_new()\fR returns the newly allocated \fB\s-1BN_BLINDING\s0\fR structure
or \s-1NULL\s0 in case of an error.
\&\fBBN_BLINDING_new()\fR returns the newly allocated \fBBN_BLINDING\fR structure
or NULL in case of an error.
.PP
\&\fBBN_BLINDING_update()\fR, \fBBN_BLINDING_convert()\fR, \fBBN_BLINDING_invert()\fR,
\&\fBBN_BLINDING_convert_ex()\fR and \fBBN_BLINDING_invert_ex()\fR return 1 on
success and 0 if an error occurred.
.PP
\&\fBBN_BLINDING_is_current_thread()\fR returns 1 if the current thread owns
the \fB\s-1BN_BLINDING\s0\fR object, 0 otherwise.
the \fBBN_BLINDING\fR object, 0 otherwise.
.PP
\&\fBBN_BLINDING_set_current_thread()\fR doesn't return anything.
.PP
\&\fBBN_BLINDING_lock()\fR, \fBBN_BLINDING_unlock()\fR return 1 if the operation
succeeded or 0 on error.
.PP
\&\fBBN_BLINDING_get_flags()\fR returns the currently set \fB\s-1BN_BLINDING\s0\fR flags
\&\fBBN_BLINDING_get_flags()\fR returns the currently set \fBBN_BLINDING\fR flags
(a \fBunsigned long\fR value).
.PP
\&\fBBN_BLINDING_create_param()\fR returns the newly created \fB\s-1BN_BLINDING\s0\fR
parameters or \s-1NULL\s0 on error.
.SH "HISTORY"
\&\fBBN_BLINDING_create_param()\fR returns the newly created \fBBN_BLINDING\fR
parameters or NULL on error.
.SH HISTORY
.IX Header "HISTORY"
\&\fBBN_BLINDING_thread_id()\fR was first introduced in OpenSSL 1.0.0, and it
deprecates \fBBN_BLINDING_set_thread_id()\fR and \fBBN_BLINDING_get_thread_id()\fR.
.SH "COPYRIGHT"
.SH COPYRIGHT
.IX Header "COPYRIGHT"
Copyright 2005\-2021 The OpenSSL Project Authors. All Rights Reserved.
Copyright 2005\-2017 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
in the file LICENSE in the source distribution or at
<https://www.openssl.org/source/license.html>.

Some files were not shown because too many files have changed in this diff Show more