diff options
Diffstat (limited to 'crypto/openssl/doc/man1')
| -rw-r--r-- | crypto/openssl/doc/man1/openssl-enc.pod.in | 7 | ||||
| -rw-r--r-- | crypto/openssl/doc/man1/openssl-fipsinstall.pod.in | 10 |
2 files changed, 8 insertions, 9 deletions
diff --git a/crypto/openssl/doc/man1/openssl-enc.pod.in b/crypto/openssl/doc/man1/openssl-enc.pod.in index 4d7ff3dc77e7..fb4f72ed8a19 100644 --- a/crypto/openssl/doc/man1/openssl-enc.pod.in +++ b/crypto/openssl/doc/man1/openssl-enc.pod.in @@ -193,9 +193,12 @@ Print out the key and IV used. Print out the key and IV used then immediately exit: don't do any encryption or decryption. -=item B<-bufsize> I<number> +=item B<-bufsize> I<number>[B<k>] Set the buffer size for I/O. +The maximum size that can be specified is B<2^31-1> (2147483647) bytes. +The B<k> suffix can be specified to indicate that I<number> is provided +in kibibytes (multiples of 1024 bytes). =item B<-nopad> @@ -279,7 +282,7 @@ Some of the ciphers do not have large keys and others have security implications if not used correctly. A beginner is advised to just use a strong block cipher, such as AES, in CBC mode. -All the block ciphers normally use PKCS#5 padding, also known as standard +All the block ciphers normally use PKCS#7 padding, also known as standard block padding. This allows a rudimentary integrity or password check to be performed. However, since the chance of random data passing the test is better than 1 in 256 it isn't a very good test. diff --git a/crypto/openssl/doc/man1/openssl-fipsinstall.pod.in b/crypto/openssl/doc/man1/openssl-fipsinstall.pod.in index 9dd4f5a49ffe..d44b4a7dac85 100644 --- a/crypto/openssl/doc/man1/openssl-fipsinstall.pod.in +++ b/crypto/openssl/doc/man1/openssl-fipsinstall.pod.in @@ -237,9 +237,7 @@ explicitly permitted by the various standards. =item B<-hkdf_digest_check> -Configure the module to enable a run-time digest check when deriving a key by -HKDF. -See NIST SP 800-56Cr2 for details. +This option is deprecated. =item B<-tls13_kdf_digest_check> @@ -261,9 +259,7 @@ See NIST SP 800-135r1 for details. =item B<-sskdf_digest_check> -Configure the module to enable a run-time digest check when deriving a key by -SSKDF. -See NIST SP 800-56Cr2 for details. +This option is deprecated. =item B<-x963kdf_digest_check> @@ -493,7 +489,7 @@ B<-ecdh_cofactor_check> =head1 COPYRIGHT -Copyright 2019-2024 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2019-2025 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy |