aboutsummaryrefslogtreecommitdiff
path: root/secure/lib/libcrypto/man/man7/provider-asym_cipher.7
diff options
context:
space:
mode:
Diffstat (limited to 'secure/lib/libcrypto/man/man7/provider-asym_cipher.7')
-rw-r--r--secure/lib/libcrypto/man/man7/provider-asym_cipher.741
1 files changed, 22 insertions, 19 deletions
diff --git a/secure/lib/libcrypto/man/man7/provider-asym_cipher.7 b/secure/lib/libcrypto/man/man7/provider-asym_cipher.7
index ff64f79c714f..538f95564186 100644
--- a/secure/lib/libcrypto/man/man7/provider-asym_cipher.7
+++ b/secure/lib/libcrypto/man/man7/provider-asym_cipher.7
@@ -1,5 +1,5 @@
.\" -*- mode: troff; coding: utf-8 -*-
-.\" Automatically generated by Pod::Man 5.0102 (Pod::Simple 3.45)
+.\" Automatically generated by Pod::Man v6.0.2 (Pod::Simple 3.45)
.\"
.\" Standard preamble:
.\" ========================================================================
@@ -52,10 +52,13 @@
. \}
.\}
.rr rF
+.\"
+.\" Required to disable full justification in groff 1.23.0.
+.if n .ds AD l
.\" ========================================================================
.\"
.IX Title "PROVIDER-ASYM_CIPHER 7ossl"
-.TH PROVIDER-ASYM_CIPHER 7ossl 2025-09-30 3.5.4 OpenSSL
+.TH PROVIDER-ASYM_CIPHER 7ossl 2026-04-07 3.5.6 OpenSSL
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
@@ -112,7 +115,7 @@ other related functions).
.PP
All "functions" mentioned here are passed as function pointers between
\&\fIlibcrypto\fR and the provider in \fBOSSL_DISPATCH\fR\|(3) arrays via
-\&\fBOSSL_ALGORITHM\fR\|(3) arrays that are returned by the provider's
+\&\fBOSSL_ALGORITHM\fR\|(3) arrays that are returned by the provider\*(Aqs
\&\fBprovider_query_operation()\fR function
(see "Provider Functions" in \fBprovider\-base\fR\|(7)).
.PP
@@ -236,11 +239,11 @@ with the given provider side asymmetric cipher context \fIctx\fR to \fIparams\fR
Any parameter settings are additional to any that were previously set.
Passing NULL for \fIparams\fR should return true.
.PP
-Parameters currently recognised by built-in asymmetric cipher algorithms are as
+Parameters currently recognised by built\-in asymmetric cipher algorithms are as
follows.
Not all parameters are relevant to, or are understood by all asymmetric cipher
algorithms:
-.IP """pad-mode"" (\fBOSSL_ASYM_CIPHER_PARAM_PAD_MODE\fR) <UTF8 string> OR <integer>" 4
+.IP """pad\-mode"" (\fBOSSL_ASYM_CIPHER_PARAM_PAD_MODE\fR) <UTF8 string> OR <integer>" 4
.IX Item """pad-mode"" (OSSL_ASYM_CIPHER_PARAM_PAD_MODE) <UTF8 string> OR <integer>"
The type of padding to be used. The interpretation of this value will depend
on the algorithm in use.
@@ -252,10 +255,10 @@ use.
.IX Item """digest"" (OSSL_ASYM_CIPHER_PARAM_DIGEST) <UTF8 string>"
Gets or sets the name of the digest algorithm used by the algorithm (where
applicable).
-.IP """digest-props"" (\fBOSSL_ASYM_CIPHER_PARAM_OAEP_DIGEST_PROPS\fR) <UTF8 string>" 4
+.IP """digest\-props"" (\fBOSSL_ASYM_CIPHER_PARAM_OAEP_DIGEST_PROPS\fR) <UTF8 string>" 4
.IX Item """digest-props"" (OSSL_ASYM_CIPHER_PARAM_OAEP_DIGEST_PROPS) <UTF8 string>"
Gets or sets the properties to use when fetching the OAEP digest algorithm.
-.IP """digest-props"" (\fBOSSL_ASYM_CIPHER_PARAM_DIGEST_PROPS\fR) <UTF8 string>" 4
+.IP """digest\-props"" (\fBOSSL_ASYM_CIPHER_PARAM_DIGEST_PROPS\fR) <UTF8 string>" 4
.IX Item """digest-props"" (OSSL_ASYM_CIPHER_PARAM_DIGEST_PROPS) <UTF8 string>"
Gets or sets the properties to use when fetching the cipher digest algorithm.
.IP """mgf1\-digest"" (\fBOSSL_ASYM_CIPHER_PARAM_MGF1_DIGEST\fR) <UTF8 string>" 4
@@ -265,41 +268,41 @@ is in use.
.IP """mgf1\-digest\-props"" (\fBOSSL_ASYM_CIPHER_PARAM_MGF1_DIGEST_PROPS\fR) <UTF8 string>" 4
.IX Item """mgf1-digest-props"" (OSSL_ASYM_CIPHER_PARAM_MGF1_DIGEST_PROPS) <UTF8 string>"
Gets or sets the properties to use when fetching the MGF1 digest algorithm.
-.IP """oaep-label"" (\fBOSSL_ASYM_CIPHER_PARAM_OAEP_LABEL\fR) <octet string ptr>" 4
+.IP """oaep\-label"" (\fBOSSL_ASYM_CIPHER_PARAM_OAEP_LABEL\fR) <octet string ptr>" 4
.IX Item """oaep-label"" (OSSL_ASYM_CIPHER_PARAM_OAEP_LABEL) <octet string ptr>"
Gets the OAEP label used when OAEP padding is in use.
-.IP """oaep-label"" (\fBOSSL_ASYM_CIPHER_PARAM_OAEP_LABEL\fR) <octet string>" 4
+.IP """oaep\-label"" (\fBOSSL_ASYM_CIPHER_PARAM_OAEP_LABEL\fR) <octet string>" 4
.IX Item """oaep-label"" (OSSL_ASYM_CIPHER_PARAM_OAEP_LABEL) <octet string>"
Sets the OAEP label used when OAEP padding is in use.
-.IP """tls-client-version"" (\fBOSSL_ASYM_CIPHER_PARAM_TLS_CLIENT_VERSION\fR) <unsigned integer>" 4
+.IP """tls\-client\-version"" (\fBOSSL_ASYM_CIPHER_PARAM_TLS_CLIENT_VERSION\fR) <unsigned integer>" 4
.IX Item """tls-client-version"" (OSSL_ASYM_CIPHER_PARAM_TLS_CLIENT_VERSION) <unsigned integer>"
The TLS protocol version first requested by the client.
-.IP """tls-negotiated-version"" (\fBOSSL_ASYM_CIPHER_PARAM_TLS_CLIENT_VERSION\fR) <unsigned integer>" 4
+.IP """tls\-negotiated\-version"" (\fBOSSL_ASYM_CIPHER_PARAM_TLS_CLIENT_VERSION\fR) <unsigned integer>" 4
.IX Item """tls-negotiated-version"" (OSSL_ASYM_CIPHER_PARAM_TLS_CLIENT_VERSION) <unsigned integer>"
The negotiated TLS protocol version.
-.IP """implicit-rejection"" (\fBOSSL_ASYM_CIPHER_PARAM_IMPLICIT_REJECTION\fR) <unsigned integer>" 4
+.IP """implicit\-rejection"" (\fBOSSL_ASYM_CIPHER_PARAM_IMPLICIT_REJECTION\fR) <unsigned integer>" 4
.IX Item """implicit-rejection"" (OSSL_ASYM_CIPHER_PARAM_IMPLICIT_REJECTION) <unsigned integer>"
Gets or sets the use of the implicit rejection mechanism for RSA PKCS#1 v1.5
decryption. When set (non zero value), the decryption API will return
a deterministically random value if the PKCS#1 v1.5 padding check fails.
This makes exploitation of the Bleichenbacher significantly harder, even
-if the code using the RSA decryption API is not implemented in side-channel
+if the code using the RSA decryption API is not implemented in side\-channel
free manner. Set by default in OpenSSL providers.
.PP
The OpenSSL FIPS provider also supports the following parameters:
-.IP """fips-indicator"" (\fBOSSL_ASYM_CIPHER_PARAM_FIPS_APPROVED_INDICATOR\fR) <integer>" 4
+.IP """fips\-indicator"" (\fBOSSL_ASYM_CIPHER_PARAM_FIPS_APPROVED_INDICATOR\fR) <integer>" 4
.IX Item """fips-indicator"" (OSSL_ASYM_CIPHER_PARAM_FIPS_APPROVED_INDICATOR) <integer>"
A getter that returns 1 if the operation is FIPS approved, or 0 otherwise.
This may be used after calling either \fBOSSL_FUNC_asym_cipher_encrypt()\fR or
-\&\fBOSSL_FUNC_asym_cipher_decrypt()\fR. It may return 0 if "key-check" is set to 0.
-.IP """key-check"" (\fBOSSL_ASYM_CIPHER_PARAM_FIPS_KEY_CHECK\fR) <integer>" 4
+\&\fBOSSL_FUNC_asym_cipher_decrypt()\fR. It may return 0 if "key\-check" is set to 0.
+.IP """key\-check"" (\fBOSSL_ASYM_CIPHER_PARAM_FIPS_KEY_CHECK\fR) <integer>" 4
.IX Item """key-check"" (OSSL_ASYM_CIPHER_PARAM_FIPS_KEY_CHECK) <integer>"
If required this parameter should be set using either
\&\fBOSSL_FUNC_asym_cipher_encrypt_init()\fR or \fBOSSL_FUNC_asym_cipher_decrypt_init()\fR.
The default value of 1 causes an error during the init if the key is not FIPS
approved (e.g. The key has a security strength of less than 112 bits). Setting
-this to 0 will ignore the error and set the approved "fips-indicator" to 0.
-This option breaks FIPS compliance if it causes the approved "fips-indicator"
+this to 0 will ignore the error and set the approved "fips\-indicator" to 0.
+This option breaks FIPS compliance if it causes the approved "fips\-indicator"
to return 0.
.PP
\&\fBOSSL_FUNC_asym_cipher_gettable_ctx_params()\fR and \fBOSSL_FUNC_asym_cipher_settable_ctx_params()\fR
@@ -318,7 +321,7 @@ All other functions should return 1 for success or 0 on error.
.SH HISTORY
.IX Header "HISTORY"
The provider ASYM_CIPHER interface was introduced in OpenSSL 3.0.
-The Asymmetric Cipher Parameters "fips-indicator" and "key-check"
+The Asymmetric Cipher Parameters "fips\-indicator" and "key\-check"
were added in OpenSSL 3.4.
.SH COPYRIGHT
.IX Header "COPYRIGHT"
generated by cgit v1.2.3 (git 2.25.1) at 2026-04-24 13:21:17 +0000