aboutsummaryrefslogtreecommitdiff
path: root/secure/lib/libcrypto/man/man7/provider-kdf.7
diff options
context:
space:
mode:
Diffstat (limited to 'secure/lib/libcrypto/man/man7/provider-kdf.7')
-rw-r--r--secure/lib/libcrypto/man/man7/provider-kdf.729
1 files changed, 16 insertions, 13 deletions
diff --git a/secure/lib/libcrypto/man/man7/provider-kdf.7 b/secure/lib/libcrypto/man/man7/provider-kdf.7
index b541d2fd392b..bf1444f82358 100644
--- a/secure/lib/libcrypto/man/man7/provider-kdf.7
+++ b/secure/lib/libcrypto/man/man7/provider-kdf.7
@@ -1,5 +1,5 @@
.\" -*- mode: troff; coding: utf-8 -*-
-.\" Automatically generated by Pod::Man 5.0102 (Pod::Simple 3.45)
+.\" Automatically generated by Pod::Man v6.0.2 (Pod::Simple 3.45)
.\"
.\" Standard preamble:
.\" ========================================================================
@@ -52,10 +52,13 @@
. \}
.\}
.rr rF
+.\"
+.\" Required to disable full justification in groff 1.23.0.
+.if n .ds AD l
.\" ========================================================================
.\"
.IX Title "PROVIDER-KDF 7ossl"
-.TH PROVIDER-KDF 7ossl 2025-09-30 3.5.4 OpenSSL
+.TH PROVIDER-KDF 7ossl 2026-04-07 3.5.6 OpenSSL
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
@@ -105,7 +108,7 @@ and \fBEVP_KDF_derive\fR\|(3).
.PP
All "functions" mentioned here are passed as function pointers between
\&\fIlibcrypto\fR and the provider in \fBOSSL_DISPATCH\fR\|(3) arrays via
-\&\fBOSSL_ALGORITHM\fR\|(3) arrays that are returned by the provider's
+\&\fBOSSL_ALGORITHM\fR\|(3) arrays that are returned by the provider\*(Aqs
\&\fBprovider_query_operation()\fR function
(see "Provider Functions" in \fBprovider\-base\fR\|(7)).
.PP
@@ -201,7 +204,7 @@ with the provider side context \fIkctx\fR in its current state if it is
not NULL. Otherwise, they return the parameters associated with the
provider side algorithm \fIprovctx\fR.
.PP
-Parameters currently recognised by built-in KDFs are as follows. Not all
+Parameters currently recognised by built\-in KDFs are as follows. Not all
parameters are relevant to, or are understood by all KDFs:
.IP """size"" (\fBOSSL_KDF_PARAM_SIZE\fR) <unsigned integer>" 4
.IX Item """size"" (OSSL_KDF_PARAM_SIZE) <unsigned integer>"
@@ -228,7 +231,7 @@ Sets the password in the associated KDF ctx.
.IX Item """mac"" (OSSL_KDF_PARAM_MAC) <UTF8 string>"
.PD
Sets the name of the underlying cipher, digest or MAC to be used.
-It must name a suitable algorithm for the KDF that's being used.
+It must name a suitable algorithm for the KDF that\*(Aqs being used.
.IP """maclen"" (\fBOSSL_KDF_PARAM_MAC_SIZE\fR) <octet string>" 4
.IX Item """maclen"" (OSSL_KDF_PARAM_MAC_SIZE) <octet string>"
Sets the length of the MAC in the associated KDF ctx.
@@ -257,12 +260,12 @@ The checks performed are:
.IX Item "- the salt length is at least 128 bits."
.IP "\- the derived key length is at least 112 bits." 4
.IX Item "- the derived key length is at least 112 bits."
+.PD
.RE
.RS 4
.RE
.IP """ukm"" (\fBOSSL_KDF_PARAM_UKM\fR) <octet string>" 4
.IX Item """ukm"" (OSSL_KDF_PARAM_UKM) <octet string>"
-.PD
Sets an optional random string that is provided by the sender called
"partyAInfo". In CMS this is the user keying material.
.IP """cekalg"" (\fBOSSL_KDF_PARAM_CEK_ALG\fR) <UTF8 string>" 4
@@ -312,27 +315,27 @@ There are six supported types:
.IP EVP_KDF_SSHKDF_TYPE_INITIAL_IV_CLI_TO_SRV 4
.IX Item "EVP_KDF_SSHKDF_TYPE_INITIAL_IV_CLI_TO_SRV"
The Initial IV from client to server.
-A single char of value 65 (ASCII char 'A').
+A single char of value 65 (ASCII char \*(AqA\*(Aq).
.IP EVP_KDF_SSHKDF_TYPE_INITIAL_IV_SRV_TO_CLI 4
.IX Item "EVP_KDF_SSHKDF_TYPE_INITIAL_IV_SRV_TO_CLI"
The Initial IV from server to client
-A single char of value 66 (ASCII char 'B').
+A single char of value 66 (ASCII char \*(AqB\*(Aq).
.IP EVP_KDF_SSHKDF_TYPE_ENCRYPTION_KEY_CLI_TO_SRV 4
.IX Item "EVP_KDF_SSHKDF_TYPE_ENCRYPTION_KEY_CLI_TO_SRV"
The Encryption Key from client to server
-A single char of value 67 (ASCII char 'C').
+A single char of value 67 (ASCII char \*(AqC\*(Aq).
.IP EVP_KDF_SSHKDF_TYPE_ENCRYPTION_KEY_SRV_TO_CLI 4
.IX Item "EVP_KDF_SSHKDF_TYPE_ENCRYPTION_KEY_SRV_TO_CLI"
The Encryption Key from server to client
-A single char of value 68 (ASCII char 'D').
+A single char of value 68 (ASCII char \*(AqD\*(Aq).
.IP EVP_KDF_SSHKDF_TYPE_INTEGRITY_KEY_CLI_TO_SRV 4
.IX Item "EVP_KDF_SSHKDF_TYPE_INTEGRITY_KEY_CLI_TO_SRV"
The Integrity Key from client to server
-A single char of value 69 (ASCII char 'E').
+A single char of value 69 (ASCII char \*(AqE\*(Aq).
.IP EVP_KDF_SSHKDF_TYPE_INTEGRITY_KEY_SRV_TO_CLI 4
.IX Item "EVP_KDF_SSHKDF_TYPE_INTEGRITY_KEY_SRV_TO_CLI"
The Integrity Key from client to server
-A single char of value 70 (ASCII char 'F').
+A single char of value 70 (ASCII char \*(AqF\*(Aq).
.RE
.RS 4
.RE
@@ -357,7 +360,7 @@ success or 0 on error.
array, or NULL if none is offered.
.SH NOTES
.IX Header "NOTES"
-The KDF life-cycle is described in \fBlife_cycle\-kdf\fR\|(7). Providers should
+The KDF life\-cycle is described in \fBlife_cycle\-kdf\fR\|(7). Providers should
ensure that the various transitions listed there are supported. At some point
the EVP layer will begin enforcing the listed transitions.
.SH "SEE ALSO"
generated by cgit v1.2.3 (git 2.25.1) at 2026-05-01 06:59:40 +0000