aboutsummaryrefslogtreecommitdiff
path: root/secure/lib/libcrypto/man/man7/EVP_SIGNATURE-SLH-DSA.7
diff options
context:
space:
mode:
Diffstat (limited to 'secure/lib/libcrypto/man/man7/EVP_SIGNATURE-SLH-DSA.7')
-rw-r--r--secure/lib/libcrypto/man/man7/EVP_SIGNATURE-SLH-DSA.741
1 files changed, 22 insertions, 19 deletions
diff --git a/secure/lib/libcrypto/man/man7/EVP_SIGNATURE-SLH-DSA.7 b/secure/lib/libcrypto/man/man7/EVP_SIGNATURE-SLH-DSA.7
index 79d43741e1a2..caed88a4329e 100644
--- a/secure/lib/libcrypto/man/man7/EVP_SIGNATURE-SLH-DSA.7
+++ b/secure/lib/libcrypto/man/man7/EVP_SIGNATURE-SLH-DSA.7
@@ -1,5 +1,5 @@
.\" -*- mode: troff; coding: utf-8 -*-
-.\" Automatically generated by Pod::Man 5.0102 (Pod::Simple 3.45)
+.\" Automatically generated by Pod::Man v6.0.2 (Pod::Simple 3.45)
.\"
.\" Standard preamble:
.\" ========================================================================
@@ -52,10 +52,13 @@
. \}
.\}
.rr rF
+.\"
+.\" Required to disable full justification in groff 1.23.0.
+.if n .ds AD l
.\" ========================================================================
.\"
.IX Title "EVP_SIGNATURE-SLH-DSA 7ossl"
-.TH EVP_SIGNATURE-SLH-DSA 7ossl 2025-09-30 3.5.4 OpenSSL
+.TH EVP_SIGNATURE-SLH-DSA 7ossl 2026-04-07 3.5.6 OpenSSL
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
@@ -68,7 +71,7 @@ EVP_SIGNATURE\-SLH\-DSA\-SHA2\-256s, EVP_SIGNATURE\-SLH\-DSA\-SHA2\-256f,
EVP_SIGNATURE\-SLH\-DSA\-SHAKE\-128s, EVP_SIGNATURE\-SLH\-DSA\-SHAKE\-128f,
EVP_SIGNATURE\-SLH\-DSA\-SHAKE\-192s, EVP_SIGNATURE\-SLH\-DSA\-SHAKE\-192f,
EVP_SIGNATURE\-SLH\-DSA\-SHAKE\-256s, EVP_SIGNATURE\-SLH\-DSA\-SHAKE\-256f
-\&\- EVP_PKEY SLH\-DSA support
+\&\- The EVP_PKEY SLH\-DSA signature implementations
.SH DESCRIPTION
.IX Header "DESCRIPTION"
The \fBSLH\-DSA\-SHA2\-128s\fR, \fBEVP_PKEY\-SLH\-DSA\-SHA2\-128f\fR,
@@ -77,7 +80,7 @@ The \fBSLH\-DSA\-SHA2\-128s\fR, \fBEVP_PKEY\-SLH\-DSA\-SHA2\-128f\fR,
\&\fBSLH\-DSA\-SHAKE\-128s\fR, \fBEVP_PKEY\-SLH\-DSA\-SHAKE\-128f\fR,
\&\fBSLH\-DSA\-SHAKE\-192s\fR, \fBEVP_PKEY\-SLH\-DSA\-SHAKE\-192f\fR,
\&\fBSLH\-DSA\-SHAKE\-256s\fR and \fBEVP_PKEY\-SLH\-DSA\-SHAKE\-256f\fR EVP_PKEY implementations
-supports key generation, one-shot sign and verify using the SLH-DSA
+supports key generation, one\-shot sign and verify using the SLH\-DSA
signature schemes described in FIPS 205.
.PP
The different algorithms names correspond to the parameter sets defined in
@@ -86,45 +89,45 @@ FIPS 205 Section 11 Table 2.
(The signatures range from ~8K to ~50K depending on the type chosen). There are
3 different security categories also depending on the type.
.PP
-\&\fBEVP_SIGNATURE_fetch\fR\|(3) can be used to explicitely fetch one of the 12
+\&\fBEVP_SIGNATURE_fetch\fR\|(3) can be used to explicitly fetch one of the 12
algorithms which can then be used with \fBEVP_PKEY_sign_message_init\fR\|(3),
\&\fBEVP_PKEY_sign\fR\|(3), \fBEVP_PKEY_verify_message_init\fR\|(3), and
-\&\fBEVP_PKEY_verify\fR\|(3) to perform one-shot message signing or verification.
+\&\fBEVP_PKEY_verify\fR\|(3) to perform one\-shot message signing or verification.
.PP
-The normal signing process (called Pure SLH-DSA Signature Generation)
+The normal signing process (called Pure SLH\-DSA Signature Generation)
encodes the message internally as 0x00 || len(ctx) || ctx || message.
where \fBctx\fR is some optional value of size 0x00..0xFF.
OpenSSL also allows the message to not be encoded which is required for
-testing. OpenSSL does not support Pre Hash SLH-DSA Signature Generation, but this
-may be done by the user by doing Pre hash encoding externally and then chosing
+testing. OpenSSL does not support Pre Hash SLH\-DSA Signature Generation, but this
+may be done by the user by doing Pre hash encoding externally and then choosing
the option to not encode the message.
-.SS "SLH-DSA Signature Parameters"
+.SS "SLH\-DSA Signature Parameters"
.IX Subsection "SLH-DSA Signature Parameters"
The \f(CW\*(C`context\-string\*(C'\fR parameter, described below, can be used for both signing
and verification.
It may be set by passing an OSSL_PARAM array to \fBEVP_PKEY_sign_init_ex2\fR\|(3) or
\&\fBEVP_PKEY_verify_init_ex2\fR\|(3)
-.IP """context-string"" (\fBOSSL_SIGNATURE_PARAM_CONTEXT_STRING\fR) <octet string>" 4
+.IP """context\-string"" (\fBOSSL_SIGNATURE_PARAM_CONTEXT_STRING\fR) <octet string>" 4
.IX Item """context-string"" (OSSL_SIGNATURE_PARAM_CONTEXT_STRING) <octet string>"
A string of octets with length at most 255. By default it is the empty string.
.PP
The following parameters can be used when signing:
They can be set by passing an OSSL_PARAM array to \fBEVP_PKEY_sign_init_ex2\fR\|(3).
-.IP """message-encoding"" (\fBOSSL_SIGNATURE_PARAM_MESSAGE_ENCODING\fR) <integer>" 4
+.IP """message\-encoding"" (\fBOSSL_SIGNATURE_PARAM_MESSAGE_ENCODING\fR) <integer>" 4
.IX Item """message-encoding"" (OSSL_SIGNATURE_PARAM_MESSAGE_ENCODING) <integer>"
-The default value of 1 uses 'Pure SLH-DSA Signature Generation' as described
+The default value of 1 uses \*(AqPure SLH\-DSA Signature Generation\*(Aq as described
above. Setting it to 0 does not encode the message, which is used for testing,
-but can also be used for 'Pre Hash SLH-DSA Signature Generation'.
-.IP """test-entropy"" (\fBOSSL_SIGNATURE_PARAM_TEST_ENTROPY <octet string\fR" 4
+but can also be used for \*(AqPre Hash SLH\-DSA Signature Generation\*(Aq.
+.IP """test\-entropy"" (\fBOSSL_SIGNATURE_PARAM_TEST_ENTROPY <octet string\fR" 4
.IX Item """test-entropy"" (OSSL_SIGNATURE_PARAM_TEST_ENTROPY <octet string"
Used for testing to pass a optional random value.
.IP """deterministic"" (\fBOSSL_SIGNATURE_PARAM_DETERMINISTIC\fR) <integer>" 4
.IX Item """deterministic"" (OSSL_SIGNATURE_PARAM_DETERMINISTIC) <integer>"
The default value of 0 generates a random value (using a DRBG) this is used when
processing the message. Setting this to 1 causes the private key seed to be used
-instead. This value is ignored if "test-entropy" is set.
+instead. This value is ignored if "test\-entropy" is set.
.PP
-See \fBEVP_PKEY\-SLH\-DSA\fR\|(7) for information related to \fBSLH-DSA\fR keys.
+See \fBEVP_PKEY\-SLH\-DSA\fR\|(7) for information related to \fBSLH\-DSA\fR keys.
.SH NOTES
.IX Header "NOTES"
For backwards compatibility reasons \fBEVP_DigestSignInit_ex()\fR, \fBEVP_DigestSign()\fR,
@@ -132,7 +135,7 @@ For backwards compatibility reasons \fBEVP_DigestSignInit_ex()\fR, \fBEVP_Digest
passed in \fImdname\fR must be NULL.
.SH EXAMPLES
.IX Header "EXAMPLES"
-To sign a message using an SLH-DSA EVP_PKEY structure:
+To sign a message using an SLH\-DSA EVP_PKEY structure:
.PP
.Vb 10
\& void do_sign(EVP_PKEY *key, unsigned char *msg, size_t msg_len)
@@ -168,7 +171,7 @@ To sign a message using an SLH-DSA EVP_PKEY structure:
This functionality was added in OpenSSL 3.5.
.SH COPYRIGHT
.IX Header "COPYRIGHT"
-Copyright 2024\-2025 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2024\-2026 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
generated by cgit v1.2.3 (git 2.25.1) at 2026-04-25 16:40:36 +0000