diff options
Diffstat (limited to 'secure/lib/libcrypto/man/man7/provider-asym_cipher.7')
| -rw-r--r-- | secure/lib/libcrypto/man/man7/provider-asym_cipher.7 | 41 |
1 files changed, 22 insertions, 19 deletions
diff --git a/secure/lib/libcrypto/man/man7/provider-asym_cipher.7 b/secure/lib/libcrypto/man/man7/provider-asym_cipher.7 index ff64f79c714f..538f95564186 100644 --- a/secure/lib/libcrypto/man/man7/provider-asym_cipher.7 +++ b/secure/lib/libcrypto/man/man7/provider-asym_cipher.7 @@ -1,5 +1,5 @@ .\" -*- mode: troff; coding: utf-8 -*- -.\" Automatically generated by Pod::Man 5.0102 (Pod::Simple 3.45) +.\" Automatically generated by Pod::Man v6.0.2 (Pod::Simple 3.45) .\" .\" Standard preamble: .\" ======================================================================== @@ -52,10 +52,13 @@ . \} .\} .rr rF +.\" +.\" Required to disable full justification in groff 1.23.0. +.if n .ds AD l .\" ======================================================================== .\" .IX Title "PROVIDER-ASYM_CIPHER 7ossl" -.TH PROVIDER-ASYM_CIPHER 7ossl 2025-09-30 3.5.4 OpenSSL +.TH PROVIDER-ASYM_CIPHER 7ossl 2026-04-07 3.5.6 OpenSSL .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l @@ -112,7 +115,7 @@ other related functions). .PP All "functions" mentioned here are passed as function pointers between \&\fIlibcrypto\fR and the provider in \fBOSSL_DISPATCH\fR\|(3) arrays via -\&\fBOSSL_ALGORITHM\fR\|(3) arrays that are returned by the provider's +\&\fBOSSL_ALGORITHM\fR\|(3) arrays that are returned by the provider\*(Aqs \&\fBprovider_query_operation()\fR function (see "Provider Functions" in \fBprovider\-base\fR\|(7)). .PP @@ -236,11 +239,11 @@ with the given provider side asymmetric cipher context \fIctx\fR to \fIparams\fR Any parameter settings are additional to any that were previously set. Passing NULL for \fIparams\fR should return true. .PP -Parameters currently recognised by built-in asymmetric cipher algorithms are as +Parameters currently recognised by built\-in asymmetric cipher algorithms are as follows. Not all parameters are relevant to, or are understood by all asymmetric cipher algorithms: -.IP """pad-mode"" (\fBOSSL_ASYM_CIPHER_PARAM_PAD_MODE\fR) <UTF8 string> OR <integer>" 4 +.IP """pad\-mode"" (\fBOSSL_ASYM_CIPHER_PARAM_PAD_MODE\fR) <UTF8 string> OR <integer>" 4 .IX Item """pad-mode"" (OSSL_ASYM_CIPHER_PARAM_PAD_MODE) <UTF8 string> OR <integer>" The type of padding to be used. The interpretation of this value will depend on the algorithm in use. @@ -252,10 +255,10 @@ use. .IX Item """digest"" (OSSL_ASYM_CIPHER_PARAM_DIGEST) <UTF8 string>" Gets or sets the name of the digest algorithm used by the algorithm (where applicable). -.IP """digest-props"" (\fBOSSL_ASYM_CIPHER_PARAM_OAEP_DIGEST_PROPS\fR) <UTF8 string>" 4 +.IP """digest\-props"" (\fBOSSL_ASYM_CIPHER_PARAM_OAEP_DIGEST_PROPS\fR) <UTF8 string>" 4 .IX Item """digest-props"" (OSSL_ASYM_CIPHER_PARAM_OAEP_DIGEST_PROPS) <UTF8 string>" Gets or sets the properties to use when fetching the OAEP digest algorithm. -.IP """digest-props"" (\fBOSSL_ASYM_CIPHER_PARAM_DIGEST_PROPS\fR) <UTF8 string>" 4 +.IP """digest\-props"" (\fBOSSL_ASYM_CIPHER_PARAM_DIGEST_PROPS\fR) <UTF8 string>" 4 .IX Item """digest-props"" (OSSL_ASYM_CIPHER_PARAM_DIGEST_PROPS) <UTF8 string>" Gets or sets the properties to use when fetching the cipher digest algorithm. .IP """mgf1\-digest"" (\fBOSSL_ASYM_CIPHER_PARAM_MGF1_DIGEST\fR) <UTF8 string>" 4 @@ -265,41 +268,41 @@ is in use. .IP """mgf1\-digest\-props"" (\fBOSSL_ASYM_CIPHER_PARAM_MGF1_DIGEST_PROPS\fR) <UTF8 string>" 4 .IX Item """mgf1-digest-props"" (OSSL_ASYM_CIPHER_PARAM_MGF1_DIGEST_PROPS) <UTF8 string>" Gets or sets the properties to use when fetching the MGF1 digest algorithm. -.IP """oaep-label"" (\fBOSSL_ASYM_CIPHER_PARAM_OAEP_LABEL\fR) <octet string ptr>" 4 +.IP """oaep\-label"" (\fBOSSL_ASYM_CIPHER_PARAM_OAEP_LABEL\fR) <octet string ptr>" 4 .IX Item """oaep-label"" (OSSL_ASYM_CIPHER_PARAM_OAEP_LABEL) <octet string ptr>" Gets the OAEP label used when OAEP padding is in use. -.IP """oaep-label"" (\fBOSSL_ASYM_CIPHER_PARAM_OAEP_LABEL\fR) <octet string>" 4 +.IP """oaep\-label"" (\fBOSSL_ASYM_CIPHER_PARAM_OAEP_LABEL\fR) <octet string>" 4 .IX Item """oaep-label"" (OSSL_ASYM_CIPHER_PARAM_OAEP_LABEL) <octet string>" Sets the OAEP label used when OAEP padding is in use. -.IP """tls-client-version"" (\fBOSSL_ASYM_CIPHER_PARAM_TLS_CLIENT_VERSION\fR) <unsigned integer>" 4 +.IP """tls\-client\-version"" (\fBOSSL_ASYM_CIPHER_PARAM_TLS_CLIENT_VERSION\fR) <unsigned integer>" 4 .IX Item """tls-client-version"" (OSSL_ASYM_CIPHER_PARAM_TLS_CLIENT_VERSION) <unsigned integer>" The TLS protocol version first requested by the client. -.IP """tls-negotiated-version"" (\fBOSSL_ASYM_CIPHER_PARAM_TLS_CLIENT_VERSION\fR) <unsigned integer>" 4 +.IP """tls\-negotiated\-version"" (\fBOSSL_ASYM_CIPHER_PARAM_TLS_CLIENT_VERSION\fR) <unsigned integer>" 4 .IX Item """tls-negotiated-version"" (OSSL_ASYM_CIPHER_PARAM_TLS_CLIENT_VERSION) <unsigned integer>" The negotiated TLS protocol version. -.IP """implicit-rejection"" (\fBOSSL_ASYM_CIPHER_PARAM_IMPLICIT_REJECTION\fR) <unsigned integer>" 4 +.IP """implicit\-rejection"" (\fBOSSL_ASYM_CIPHER_PARAM_IMPLICIT_REJECTION\fR) <unsigned integer>" 4 .IX Item """implicit-rejection"" (OSSL_ASYM_CIPHER_PARAM_IMPLICIT_REJECTION) <unsigned integer>" Gets or sets the use of the implicit rejection mechanism for RSA PKCS#1 v1.5 decryption. When set (non zero value), the decryption API will return a deterministically random value if the PKCS#1 v1.5 padding check fails. This makes exploitation of the Bleichenbacher significantly harder, even -if the code using the RSA decryption API is not implemented in side-channel +if the code using the RSA decryption API is not implemented in side\-channel free manner. Set by default in OpenSSL providers. .PP The OpenSSL FIPS provider also supports the following parameters: -.IP """fips-indicator"" (\fBOSSL_ASYM_CIPHER_PARAM_FIPS_APPROVED_INDICATOR\fR) <integer>" 4 +.IP """fips\-indicator"" (\fBOSSL_ASYM_CIPHER_PARAM_FIPS_APPROVED_INDICATOR\fR) <integer>" 4 .IX Item """fips-indicator"" (OSSL_ASYM_CIPHER_PARAM_FIPS_APPROVED_INDICATOR) <integer>" A getter that returns 1 if the operation is FIPS approved, or 0 otherwise. This may be used after calling either \fBOSSL_FUNC_asym_cipher_encrypt()\fR or -\&\fBOSSL_FUNC_asym_cipher_decrypt()\fR. It may return 0 if "key-check" is set to 0. -.IP """key-check"" (\fBOSSL_ASYM_CIPHER_PARAM_FIPS_KEY_CHECK\fR) <integer>" 4 +\&\fBOSSL_FUNC_asym_cipher_decrypt()\fR. It may return 0 if "key\-check" is set to 0. +.IP """key\-check"" (\fBOSSL_ASYM_CIPHER_PARAM_FIPS_KEY_CHECK\fR) <integer>" 4 .IX Item """key-check"" (OSSL_ASYM_CIPHER_PARAM_FIPS_KEY_CHECK) <integer>" If required this parameter should be set using either \&\fBOSSL_FUNC_asym_cipher_encrypt_init()\fR or \fBOSSL_FUNC_asym_cipher_decrypt_init()\fR. The default value of 1 causes an error during the init if the key is not FIPS approved (e.g. The key has a security strength of less than 112 bits). Setting -this to 0 will ignore the error and set the approved "fips-indicator" to 0. -This option breaks FIPS compliance if it causes the approved "fips-indicator" +this to 0 will ignore the error and set the approved "fips\-indicator" to 0. +This option breaks FIPS compliance if it causes the approved "fips\-indicator" to return 0. .PP \&\fBOSSL_FUNC_asym_cipher_gettable_ctx_params()\fR and \fBOSSL_FUNC_asym_cipher_settable_ctx_params()\fR @@ -318,7 +321,7 @@ All other functions should return 1 for success or 0 on error. .SH HISTORY .IX Header "HISTORY" The provider ASYM_CIPHER interface was introduced in OpenSSL 3.0. -The Asymmetric Cipher Parameters "fips-indicator" and "key-check" +The Asymmetric Cipher Parameters "fips\-indicator" and "key\-check" were added in OpenSSL 3.4. .SH COPYRIGHT .IX Header "COPYRIGHT" |
