diff options
Diffstat (limited to 'secure/lib/libcrypto/man/man3/SSL_CTX_set_security_level.3')
-rw-r--r-- | secure/lib/libcrypto/man/man3/SSL_CTX_set_security_level.3 | 28 |
1 files changed, 16 insertions, 12 deletions
diff --git a/secure/lib/libcrypto/man/man3/SSL_CTX_set_security_level.3 b/secure/lib/libcrypto/man/man3/SSL_CTX_set_security_level.3 index 8737d45e13a6..b745d05c0250 100644 --- a/secure/lib/libcrypto/man/man3/SSL_CTX_set_security_level.3 +++ b/secure/lib/libcrypto/man/man3/SSL_CTX_set_security_level.3 @@ -1,4 +1,4 @@ -.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.43) +.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42) .\" .\" Standard preamble: .\" ======================================================================== @@ -68,8 +68,6 @@ . \} .\} .rr rF -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). .\" Fear. Run. Save yourself. No user-serviceable parts. . \" fudge factors for nroff and troff .if n \{\ @@ -132,8 +130,8 @@ .rm #[ #] #H #V #F C .\" ======================================================================== .\" -.IX Title "SSL_CTX_SET_SECURITY_LEVEL 3" -.TH SSL_CTX_SET_SECURITY_LEVEL 3 "2022-05-03" "1.1.1o" "OpenSSL" +.IX Title "SSL_CTX_SET_SECURITY_LEVEL 3ossl" +.TH SSL_CTX_SET_SECURITY_LEVEL 3ossl "2023-09-19" "3.0.11" "OpenSSL" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l @@ -209,7 +207,9 @@ parameters offering below 80 bits of security are excluded. As a result \s-1RSA, DSA\s0 and \s-1DH\s0 keys shorter than 1024 bits and \s-1ECC\s0 keys shorter than 160 bits are prohibited. All export cipher suites are prohibited since they all offer less than 80 bits of security. \s-1SSL\s0 version 2 is prohibited. Any cipher suite -using \s-1MD5\s0 for the \s-1MAC\s0 is also prohibited. +using \s-1MD5\s0 for the \s-1MAC\s0 is also prohibited. Note that signatures using \s-1SHA1\s0 +and \s-1MD5\s0 are also forbidden at this level as they have less than 80 security +bits. .IP "\fBLevel 2\fR" 4 .IX Item "Level 2" Security level set to 112 bits of security. As a result \s-1RSA, DSA\s0 and \s-1DH\s0 keys @@ -271,10 +271,11 @@ key size or the \s-1DH\s0 parameter size will abort the handshake with a fatal alert. .PP Attempts to set certificates or parameters with insufficient security are -also blocked. For example trying to set a certificate using a 512 bit \s-1RSA\s0 -key using \fBSSL_CTX_use_certificate()\fR at level 1. Applications which do not -check the return values for errors will misbehave: for example it might -appear that a certificate is not set at all because it had been rejected. +also blocked. For example trying to set a certificate using a 512 bit \s-1RSA\s0 key +or a certificate with a signature with \s-1SHA1\s0 digest at level 1 using +\&\fBSSL_CTX_use_certificate()\fR. Applications which do not check the return values +for errors will misbehave: for example it might appear that a certificate is +not set at all because it had been rejected. .SH "RETURN VALUES" .IX Header "RETURN VALUES" \&\fBSSL_CTX_set_security_level()\fR and \fBSSL_set_security_level()\fR do not return values. @@ -290,14 +291,17 @@ to the security callback or \s-1NULL\s0 if the callback is not set. .PP \&\fBSSL_CTX_get0_security_ex_data()\fR and \fBSSL_get0_security_ex_data()\fR return the extra data pointer or \s-1NULL\s0 if the ex data is not set. +.SH "SEE ALSO" +.IX Header "SEE ALSO" +\&\fBssl\fR\|(7) .SH "HISTORY" .IX Header "HISTORY" These functions were added in OpenSSL 1.1.0. .SH "COPYRIGHT" .IX Header "COPYRIGHT" -Copyright 2014\-2020 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2014\-2021 The OpenSSL Project Authors. All Rights Reserved. .PP -Licensed under the OpenSSL license (the \*(L"License\*(R"). You may not use +Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use this file except in compliance with the License. You can obtain a copy in the file \s-1LICENSE\s0 in the source distribution or at <https://www.openssl.org/source/license.html>. |