diff --git a/deps/openssl/.gitignore b/deps/openssl/.gitignore index ef7d3ad4caba66..9d65e27ce5b799 100644 --- a/deps/openssl/.gitignore +++ b/deps/openssl/.gitignore @@ -1,6 +1,3 @@ -openssl/demos -openssl/doc openssl/fuzz/corpora openssl/makefile.in openssl/Makefile.in -openssl/test diff --git a/deps/openssl/config/Makefile b/deps/openssl/config/Makefile index 48d2af80019150..8fbc201ec44001 100644 --- a/deps/openssl/config/Makefile +++ b/deps/openssl/config/Makefile @@ -37,9 +37,11 @@ OPSSL_SRC = ../openssl # Header files generated with Configure #INT_CFGS = bn_conf.h dso_conf.h INT_CFG_DIR = $(OPSSL_SRC)/include/crypto -GEN_HEADERS = asn1 asn1t bio cmp cms configuration conf crmf crypto ct err \ - ess fipskey lhash ocsp opensslv pkcs12 pkcs7 safestack srp ssl \ - ui x509 x509v3 x509_vfy conf +GEN_HEADERS = asn1 asn1t bio comp cmp cms conf configuration core_names crmf \ + crypto ct err ess fipskey lhash ocsp opensslv pkcs12 pkcs7 \ + safestack srp ssl ui x509_acert x509 x509v3 x509_vfy + +INTERNAL_GEN_HEADERS = param_names CRYPTO_GEN_HEADERS = bn_conf dso_conf @@ -52,24 +54,24 @@ all: $(ASM_ARCHS) $(NO_ASM_ARCHS) generate_headers # Configure and generate openssl asm files for each archs $(ASM_ARCHS): cd $(OPSSL_SRC); $(NO_WARN_ENV) CC=$(CC) $(PERL) $(CONFIGURE) $(COPTS) $@; - $(PERL) -w -I$(OPSSL_SRC) $(GENERATE) asm $@ "${GEN_HEADERS}" "${CRYPTO_GEN_HEADERS}" + $(PERL) -w -I$(OPSSL_SRC) $(GENERATE) asm $@ "${GEN_HEADERS}" "${CRYPTO_GEN_HEADERS}" "${INTERNAL_GEN_HEADERS}" # Confgure asm_avx2 and generate upto avx2 support cd $(OPSSL_SRC); $(NO_WARN_ENV) CC=$(FAKE_GCC) $(PERL) $(CONFIGURE) \ $(COPTS) $@; - $(PERL) -w -I$(OPSSL_SRC) $(GENERATE) asm_avx2 $@ "${GEN_HEADERS}" "${CRYTO_GEN_HEADERS}" + $(PERL) -w -I$(OPSSL_SRC) $(GENERATE) asm_avx2 $@ "${GEN_HEADERS}" "${CRYTO_GEN_HEADERS}" "${INTERNAL_GEN_HEADERS}" # Configure no-asm and generate no-asm sources cd $(OPSSL_SRC); $(NO_WARN_ENV) $(PERL) $(CONFIGURE) $(COPTS) \ no-asm $@; - $(PERL) -w -I$(OPSSL_SRC) $(GENERATE) no-asm $@ "${GEN_HEADERS}" "${CRYPTO_GEN_HEADERS}" + $(PERL) -w -I$(OPSSL_SRC) $(GENERATE) no-asm $@ "${GEN_HEADERS}" "${CRYPTO_GEN_HEADERS}" "${INTERNAL_GEN_HEADERS}" $(NO_ASM_ARCHS): # Configure no-asm and generate no-asm sources cd $(OPSSL_SRC); $(NO_WARN_ENV) $(PERL) $(CONFIGURE) $(COPTS) \ no-asm $@; - $(PERL) -w -I$(OPSSL_SRC) $(GENERATE) no-asm $@ "${GEN_HEADERS}" "${CRYPTO_GEN_HEADERS}" + $(PERL) -w -I$(OPSSL_SRC) $(GENERATE) no-asm $@ "${GEN_HEADERS}" "${CRYPTO_GEN_HEADERS}" "${INTERNAL_GEN_HEADERS}" generate_headers: - @$(PERL) -w -I$(OPSSL_SRC) ./generate_headers.pl "${GEN_HEADERS}" "${CRYPTO_GEN_HEADERS}" + @$(PERL) -w -I$(OPSSL_SRC) ./generate_headers.pl "${GEN_HEADERS}" "${CRYPTO_GEN_HEADERS}" "${INTERNAL_GEN_HEADERS}" clean: find archs \( -name \*.S -o -name \*.s -o -name \*.asm -o \ diff --git a/deps/openssl/config/Makefile_VC-WIN32 b/deps/openssl/config/Makefile_VC-WIN32 index fdbef72361b663..42a16cf0e440d1 100644 --- a/deps/openssl/config/Makefile_VC-WIN32 +++ b/deps/openssl/config/Makefile_VC-WIN32 @@ -1,8 +1,8 @@ BLDDIR=. PERL=perl RM= rm -f -GENERATED_MANDATORY=include/crypto/bn_conf.h include/crypto/dso_conf.h include/openssl/asn1.h include/openssl/asn1t.h include/openssl/bio.h include/openssl/cmp.h include/openssl/cms.h include/openssl/conf.h include/openssl/configuration.h include/openssl/crmf.h include/openssl/crypto.h include/openssl/ct.h include/openssl/err.h include/openssl/ess.h include/openssl/fipskey.h include/openssl/lhash.h include/openssl/ocsp.h include/openssl/opensslv.h include/openssl/pkcs12.h include/openssl/pkcs7.h include/openssl/safestack.h include/openssl/srp.h include/openssl/ssl.h include/openssl/ui.h include/openssl/x509.h include/openssl/x509_vfy.h include/openssl/x509v3.h providers/common/include/prov/der_digests.h providers/common/include/prov/der_dsa.h providers/common/include/prov/der_ec.h providers/common/include/prov/der_ecx.h providers/common/include/prov/der_rsa.h providers/common/include/prov/der_rsa.h providers/common/include/prov/der_sm2.h providers/common/include/prov/der_wrap.h -GENERATED=apps/CA.pl apps/openssl.rc apps/progs.h apps/tsget.pl crypto/aes/aes-586.asm crypto/aes/aesni-x86.asm crypto/aes/vpaes-x86.asm crypto/bf/bf-586.asm crypto/bn/bn-586.asm crypto/bn/co-586.asm crypto/bn/x86-gf2m.asm crypto/bn/x86-mont.asm crypto/buildinf.h crypto/camellia/cmll-x86.asm crypto/chacha/chacha-x86.asm crypto/des/crypt586.asm crypto/des/des-586.asm crypto/ec/ecp_nistz256-x86.asm crypto/md5/md5-586.asm crypto/modes/ghash-x86.asm crypto/poly1305/poly1305-x86.asm crypto/rc4/rc4-586.asm crypto/ripemd/rmd-586.asm crypto/sha/sha1-586.asm crypto/sha/sha256-586.asm crypto/sha/sha512-586.asm crypto/whrlpool/wp-mmx.asm crypto/x86cpuid.asm engines/capi.def engines/dasync.def engines/e_padlock-x86.asm engines/ossltest.def engines/padlock.def libcrypto.def libcrypto.rc libssl.def libssl.rc test/buildtest_aes.c test/buildtest_asn1.c test/buildtest_asn1t.c test/buildtest_async.c test/buildtest_bio.c test/buildtest_blowfish.c test/buildtest_bn.c test/buildtest_buffer.c test/buildtest_camellia.c test/buildtest_cast.c test/buildtest_cmac.c test/buildtest_cms.c test/buildtest_comp.c test/buildtest_conf.c test/buildtest_conf_api.c test/buildtest_crypto.c test/buildtest_ct.c test/buildtest_des.c test/buildtest_dh.c test/buildtest_dsa.c test/buildtest_dtls1.c test/buildtest_e_os2.c test/buildtest_ebcdic.c test/buildtest_ec.c test/buildtest_ecdh.c test/buildtest_ecdsa.c test/buildtest_engine.c test/buildtest_evp.c test/buildtest_hmac.c test/buildtest_idea.c test/buildtest_kdf.c test/buildtest_lhash.c test/buildtest_md4.c test/buildtest_md5.c test/buildtest_mdc2.c test/buildtest_modes.c test/buildtest_obj_mac.c test/buildtest_objects.c test/buildtest_ocsp.c test/buildtest_opensslv.c test/buildtest_ossl_typ.c test/buildtest_pem.c test/buildtest_pem2.c test/buildtest_pkcs12.c test/buildtest_pkcs7.c test/buildtest_rand.c test/buildtest_rand_drbg.c test/buildtest_rc2.c test/buildtest_rc4.c test/buildtest_ripemd.c test/buildtest_rsa.c test/buildtest_safestack.c test/buildtest_seed.c test/buildtest_sha.c test/buildtest_srp.c test/buildtest_srtp.c test/buildtest_ssl.c test/buildtest_ssl2.c test/buildtest_stack.c test/buildtest_store.c test/buildtest_symhacks.c test/buildtest_tls1.c test/buildtest_ts.c test/buildtest_txt_db.c test/buildtest_ui.c test/buildtest_whrlpool.c test/buildtest_x509.c test/buildtest_x509_vfy.c test/buildtest_x509v3.c tools/c_rehash.pl providers/common/der/der_digests_gen.c providers/common/der/der_dsa_gen.c providers/common/der/der_ec_gen.c providers/common/der/der_ecx_gen.c providers/common/der/der_rsa_gen.c providers/common/der/der_sm2_gen.c providers/common/der/der_wrap_gen.c +GENERATED_MANDATORY=include/crypto/bn_conf.h include/crypto/dso_conf.h include/internal/param_names.h include/openssl/asn1.h include/openssl/asn1t.h include/openssl/bio.h include/openssl/cmp.h include/openssl/comp.h include/openssl/cms.h include/openssl/conf.h include/openssl/configuration.h include/openssl/core_names.h include/openssl/crmf.h include/openssl/crypto.h include/openssl/ct.h include/openssl/err.h include/openssl/ess.h include/openssl/fipskey.h include/openssl/lhash.h include/openssl/ocsp.h include/openssl/opensslv.h include/openssl/pkcs12.h include/openssl/pkcs7.h include/openssl/safestack.h include/openssl/srp.h include/openssl/ssl.h include/openssl/ui.h include/openssl/x509.h include/openssl/x509_acert.h include/openssl/x509_vfy.h include/openssl/x509v3.h providers/common/include/prov/der_digests.h providers/common/include/prov/der_dsa.h providers/common/include/prov/der_ec.h providers/common/include/prov/der_ecx.h providers/common/include/prov/der_ml_dsa.h providers/common/include/prov/der_rsa.h providers/common/include/prov/der_slh_dsa.h providers/common/include/prov/der_rsa.h providers/common/include/prov/der_sm2.h providers/common/include/prov/der_wrap.h +GENERATED=apps/CA.pl apps/openssl.rc apps/progs.h apps/tsget.pl crypto/aes/aes-586.asm crypto/aes/aesni-x86.asm crypto/aes/vpaes-x86.asm crypto/bf/bf-586.asm crypto/bn/bn-586.asm crypto/bn/co-586.asm crypto/bn/x86-gf2m.asm crypto/bn/x86-mont.asm crypto/buildinf.h crypto/camellia/cmll-x86.asm crypto/chacha/chacha-x86.asm crypto/des/crypt586.asm crypto/des/des-586.asm crypto/ec/ecp_nistz256-x86.asm crypto/md5/md5-586.asm crypto/modes/ghash-x86.asm crypto/poly1305/poly1305-x86.asm crypto/rc4/rc4-586.asm crypto/ripemd/rmd-586.asm crypto/sha/sha1-586.asm crypto/sha/sha256-586.asm crypto/sha/sha512-586.asm crypto/whrlpool/wp-mmx.asm crypto/x86cpuid.asm engines/capi.def engines/dasync.def engines/e_padlock-x86.asm engines/ossltest.def engines/padlock.def libcrypto.def libcrypto.rc libssl.def libssl.rc test/buildtest_aes.c test/buildtest_asn1.c test/buildtest_asn1t.c test/buildtest_async.c test/buildtest_bio.c test/buildtest_blowfish.c test/buildtest_bn.c test/buildtest_buffer.c test/buildtest_camellia.c test/buildtest_cast.c test/buildtest_cmac.c test/buildtest_cms.c test/buildtest_comp.c test/buildtest_conf.c test/buildtest_conf_api.c test/buildtest_crypto.c test/buildtest_ct.c test/buildtest_des.c test/buildtest_dh.c test/buildtest_dsa.c test/buildtest_dtls1.c test/buildtest_e_os2.c test/buildtest_ebcdic.c test/buildtest_ec.c test/buildtest_ecdh.c test/buildtest_ecdsa.c test/buildtest_engine.c test/buildtest_evp.c test/buildtest_hmac.c test/buildtest_idea.c test/buildtest_kdf.c test/buildtest_lhash.c test/buildtest_md4.c test/buildtest_md5.c test/buildtest_mdc2.c test/buildtest_modes.c test/buildtest_obj_mac.c test/buildtest_objects.c test/buildtest_ocsp.c test/buildtest_opensslv.c test/buildtest_ossl_typ.c test/buildtest_pem.c test/buildtest_pem2.c test/buildtest_pkcs12.c test/buildtest_pkcs7.c test/buildtest_rand.c test/buildtest_rand_drbg.c test/buildtest_rc2.c test/buildtest_rc4.c test/buildtest_ripemd.c test/buildtest_rsa.c test/buildtest_safestack.c test/buildtest_seed.c test/buildtest_sha.c test/buildtest_srp.c test/buildtest_srtp.c test/buildtest_ssl.c test/buildtest_ssl2.c test/buildtest_stack.c test/buildtest_store.c test/buildtest_symhacks.c test/buildtest_tls1.c test/buildtest_ts.c test/buildtest_txt_db.c test/buildtest_ui.c test/buildtest_whrlpool.c test/buildtest_x509.c test/buildtest_x509_vfy.c test/buildtest_x509v3.c tools/c_rehash.pl providers/common/der/der_digests_gen.c providers/common/der/der_dsa_gen.c providers/common/der/der_ec_gen.c providers/common/der/der_ecx_gen.c providers/common/der/der_ml_dsa_gen.c providers/common/der/der_rsa_gen.c providers/common/der/der_slh_dsa_gen.c providers/common/der/der_sm2_gen.c providers/common/der/der_wrap_gen.c # Variables starting with LIB_ are used to build library object files # and shared libraries. @@ -42,6 +42,10 @@ include/crypto/dso_conf.h: include/crypto/dso_conf.h.in configdata.pm $(PERL) -I$(BLDDIR) -Mconfigdata util/dofile.pl \ -omakefile include/crypto/dso_conf.h.in > $@ +include/internal/param_names.h: include/internal/param_names.h.in configdata.pm + $(PERL) -I$(BLDDIR) -Mconfigdata util/dofile.pl \ + -omakefile include/internal/param_names.h.in > $@ + include/openssl/asn1.h: include/openssl/asn1.h.in configdata.pm "$(PERL)" "-I$(BLDDIR)" -Mconfigdata "util/dofile.pl" \ "-omakefile" "include/openssl/asn1.h.in" > $@ @@ -54,9 +58,15 @@ include/openssl/bio.h: include/openssl/bio.h.in configdata.pm include/openssl/cmp.h: include/openssl/cmp.h.in configdata.pm "$(PERL)" "-I$(BLDDIR)" -Mconfigdata "util/dofile.pl" \ "-omakefile" "include/openssl/cmp.h.in" > $@ +include/openssl/comp.h: include/openssl/comp.h.in configdata.pm + "$(PERL)" "-I$(BLDDIR)" -Mconfigdata "util/dofile.pl" \ + "-omakefile" "include/openssl/comp.h.in" > $@ include/openssl/cms.h: include/openssl/cms.h.in configdata.pm "$(PERL)" "-I$(BLDDIR)" -Mconfigdata "util/dofile.pl" \ "-omakefile" "include/openssl/cms.h.in" > $@ +include/openssl/comp.h: include/openssl/comp.h.in configdata.pm + "$(PERL)" "-I$(BLDDIR)" -Mconfigdata "util/dofile.pl" \ + "-omakefile" "include/openssl/comp.h.in" > $@ include/openssl/conf.h: include/openssl/conf.h.in configdata.pm "$(PERL)" "-I$(BLDDIR)" -Mconfigdata "util/dofile.pl" \ "-omakefile" "include/openssl/conf.h.in" > $@ @@ -66,6 +76,9 @@ include/openssl/conf.h: include/openssl/conf.h.in configdata.pm include/openssl/configuration.h: include/openssl/configuration.h.in configdata.pm "$(PERL)" "-I$(BLDDIR)" -Mconfigdata "util/dofile.pl" \ "-omakefile" "include/openssl/configuration.h.in" > $@ +include/openssl/core_names.h: include/openssl/core_names.h.in configdata.pm + "$(PERL)" "-I$(BLDDIR)" -Mconfigdata "util/dofile.pl" \ + "-omakefile" "include/openssl/core_names.h.in" > $@ include/openssl/crmf.h: include/openssl/crmf.h.in configdata.pm "$(PERL)" "-I$(BLDDIR)" -Mconfigdata "util/dofile.pl" \ "-omakefile" "include/openssl/crmf.h.in" > $@ @@ -117,6 +130,9 @@ include/openssl/ui.h: include/openssl/ui.h.in configdata.pm include/openssl/x509.h: include/openssl/x509.h.in configdata.pm $(PERL) -I$(BLDDIR) -Mconfigdata util/dofile.pl \ "-omakefile" "include/openssl/x509.h.in" > $@ +include/openssl/x509_acert.h: include/openssl/x509_acert.h.in configdata.pm + $(PERL) -I$(BLDDIR) -Mconfigdata util/dofile.pl \ + "-omakefile" "include/openssl/x509_acert.h.in" > $@ include/openssl/x509_vfy.h: include/openssl/x509_vfy.h.in configdata.pm $(PERL) -I$(BLDDIR) -Mconfigdata util/dofile.pl \ "-omakefile" "include/openssl/x509_vfy.h.in" > $@ @@ -134,18 +150,24 @@ providers/common/include/prov/der_wrap.h: providers/common/include/prov/der_wrap providers/common/include/prov/der_rsa.h: providers/common/include/prov/der_wrap.h.in providers/common/der/oids_to_c.pm configdata.pm providers/common/der/oids_to_c.pm $(PERL) "-I." "-Iproviders/common/der" -Mconfigdata -Moids_to_c "util/dofile.pl" "-oMakefile" providers/common/include/prov/der_rsa.h.in > $@ -providers/common/include/prov/der_ecx.h: providers/common/include/prov/der_wrap.h.in providers/common/der/oids_to_c.pm configdata.pm providers/common/der/oids_to_c.pm +providers/common/include/prov/der_ecx.h: providers/common/include/prov/der_ecx.h.in providers/common/der/oids_to_c.pm configdata.pm providers/common/der/oids_to_c.pm $(PERL) "-I." "-Iproviders/common/der" -Mconfigdata -Moids_to_c "util/dofile.pl" "-oMakefile" providers/common/include/prov/der_ecx.h.in > $@ -providers/common/include/prov/der_sm2.h: providers/common/include/prov/der_wrap.h.in providers/common/der/oids_to_c.pm configdata.pm providers/common/der/oids_to_c.pm +providers/common/include/prov/der_sm2.h: providers/common/include/prov/der_sm2.h.in providers/common/der/oids_to_c.pm configdata.pm providers/common/der/oids_to_c.pm $(PERL) "-I." "-Iproviders/common/der" -Mconfigdata -Moids_to_c "util/dofile.pl" "-oMakefile" providers/common/include/prov/der_sm2.h.in > $@ -providers/common/include/prov/der_ec.h: providers/common/include/prov/der_wrap.h.in providers/common/der/oids_to_c.pm configdata.pm providers/common/der/oids_to_c.pm +providers/common/include/prov/der_ec.h: providers/common/include/prov/der_ec.h.in providers/common/der/oids_to_c.pm configdata.pm providers/common/der/oids_to_c.pm $(PERL) "-I." "-Iproviders/common/der" -Mconfigdata -Moids_to_c "util/dofile.pl" "-oMakefile" providers/common/include/prov/der_ec.h.in > $@ -providers/common/include/prov/der_digests.h: providers/common/include/prov/der_wrap.h.in providers/common/der/oids_to_c.pm configdata.pm providers/common/der/oids_to_c.pm +providers/common/include/prov/der_digests.h: providers/common/include/prov/der_digests.h.in providers/common/der/oids_to_c.pm configdata.pm providers/common/der/oids_to_c.pm $(PERL) "-I." "-Iproviders/common/der" -Mconfigdata -Moids_to_c "util/dofile.pl" "-oMakefile" providers/common/include/prov/der_digests.h.in > $@ +providers/common/include/prov/der_ml_dsa.h: providers/common/include/prov/der_ml_dsa.h.in providers/common/der/oids_to_c.pm configdata.pm providers/common/der/oids_to_c.pm + $(PERL) "-I." "-Iproviders/common/der" -Mconfigdata -Moids_to_c "util/dofile.pl" "-oMakefile" providers/common/include/prov/der_ml_dsa.h.in > $@ + +providers/common/include/prov/der_slh_dsa.h: providers/common/include/prov/der_slh_dsa.h.in providers/common/der/oids_to_c.pm configdata.pm providers/common/der/oids_to_c.pm + $(PERL) "-I." "-Iproviders/common/der" -Mconfigdata -Moids_to_c "util/dofile.pl" "-oMakefile" providers/common/include/prov/der_slh_dsa.h.in > $@ + apps/progs.h: apps/progs.pl configdata.pm "$(PERL)" "apps/progs.pl" "$(APPS_OPENSSL)" > $@ @@ -5797,9 +5819,15 @@ providers/common/der/der_ec_gen.c: providers/common/der/der_ec_gen.c.in provider providers/common/der/der_ecx_gen.c: providers/common/der/der_ecx_gen.c.in providers/common/der/oids_to_c.pm configdata.pm providers/common/der/oids_to_c.pm $(PERL) "-I." "-Iproviders/common/der" -Mconfigdata -Moids_to_c "util/dofile.pl" "-oMakefile" providers/common/der/der_ecx_gen.c.in > $@ +providers/common/der/der_ml_dsa_gen.c: providers/common/der/der_ml_dsa_gen.c.in providers/common/der/oids_to_c.pm configdata.pm providers/common/der/oids_to_c.pm + $(PERL) "-I." "-Iproviders/common/der" -Mconfigdata -Moids_to_c "util/dofile.pl" "-oMakefile" providers/common/der/der_ml_dsa_gen.c.in > $@ + providers/common/der/der_rsa_gen.c: providers/common/der/der_rsa_gen.c.in providers/common/der/oids_to_c.pm configdata.pm providers/common/der/oids_to_c.pm $(PERL) "-I." "-Iproviders/common/der" -Mconfigdata -Moids_to_c "util/dofile.pl" "-oMakefile" providers/common/der/der_rsa_gen.c.in > $@ +providers/common/der/der_slh_dsa_gen.c: providers/common/der/der_slh_dsa_gen.c.in providers/common/der/oids_to_c.pm configdata.pm providers/common/der/oids_to_c.pm + $(PERL) "-I." "-Iproviders/common/der" -Mconfigdata -Moids_to_c "util/dofile.pl" "-oMakefile" providers/common/der/der_slh_dsa_gen.c.in > $@ + providers/common/der/der_sm2_gen.c: providers/common/der/der_sm2_gen.c.in providers/common/der/oids_to_c.pm configdata.pm providers/common/der/oids_to_c.pm $(PERL) "-I." "-Iproviders/common/der" -Mconfigdata -Moids_to_c "util/dofile.pl" "-oMakefile" providers/common/der/der_sm2_gen.c.in > $@ diff --git a/deps/openssl/config/Makefile_VC-WIN64-ARM b/deps/openssl/config/Makefile_VC-WIN64-ARM index 52fc9cd9cf4fe8..7eecd3316df13b 100644 --- a/deps/openssl/config/Makefile_VC-WIN64-ARM +++ b/deps/openssl/config/Makefile_VC-WIN64-ARM @@ -16,8 +16,8 @@ MINOR=1.1 SHLIB_VERSION_NUMBER=1.1 -GENERATED_MANDATORY=include/crypto/bn_conf.h include/crypto/dso_conf.h include/openssl/asn1.h include/openssl/asn1t.h include/openssl/bio.h include/openssl/cmp.h include/openssl/cms.h include/openssl/conf.h include/openssl/configuration.h include/openssl/crmf.h include/openssl/crypto.h include/openssl/ct.h include/openssl/err.h include/openssl/ess.h include/openssl/fipskey.h include/openssl/lhash.h include/openssl/ocsp.h include/openssl/opensslv.h include/openssl/pkcs12.h include/openssl/pkcs7.h include/openssl/safestack.h include/openssl/srp.h include/openssl/ssl.h include/openssl/ui.h include/openssl/x509.h include/openssl/x509_vfy.h include/openssl/x509v3.h providers/common/include/prov/der_digests.h providers/common/include/prov/der_dsa.h providers/common/include/prov/der_ec.h providers/common/include/prov/der_ecx.h providers/common/include/prov/der_rsa.h providers/common/include/prov/der_rsa.h providers/common/include/prov/der_sm2.h providers/common/include/prov/der_wrap.h -GENERATED=crypto/buildinf.h apps/progs.h providers/common/der/der_digests_gen.c providers/common/der/der_dsa_gen.c providers/common/der/der_ec_gen.c providers/common/der/der_ecx_gen.c providers/common/der/der_rsa_gen.c providers/common/der/der_sm2_gen.c providers/common/der/der_wrap_gen.c apps/progs.c providers/common/der/der_digests_gen.c providers/common/der/der_dsa_gen.c providers/common/der/der_ec_gen.c providers/common/der/der_ecx_gen.c providers/common/der/der_rsa_gen.c providers/common/der/der_sm2_gen.c providers/common/der/der_wrap_gen.c +GENERATED_MANDATORY=include/crypto/bn_conf.h include/crypto/dso_conf.h include/internal/param_names.h include/openssl/asn1.h include/openssl/asn1t.h include/openssl/bio.h include/openssl/cmp.h include/openssl/comp.h include/openssl/cms.h include/openssl/conf.h include/openssl/configuration.h include/openssl/core_names.h include/openssl/crmf.h include/openssl/crypto.h include/openssl/ct.h include/openssl/err.h include/openssl/ess.h include/openssl/fipskey.h include/openssl/lhash.h include/openssl/ocsp.h include/openssl/opensslv.h include/openssl/pkcs12.h include/openssl/pkcs7.h include/openssl/safestack.h include/openssl/srp.h include/openssl/ssl.h include/openssl/ui.h include/openssl/x509.h include/openssl/x509_acert.h include/openssl/x509_vfy.h include/openssl/x509v3.h providers/common/include/prov/der_digests.h providers/common/include/prov/der_dsa.h providers/common/include/prov/der_ec.h providers/common/include/prov/der_ecx.h providers/common/include/prov/der_ml_dsa.h providers/common/include/prov/der_rsa.h providers/common/include/prov/der_slh_dsa.h providers/common/include/prov/der_sm2.h providers/common/include/prov/der_wrap.h +GENERATED=crypto/buildinf.h apps/progs.h providers/common/der/der_digests_gen.c providers/common/der/der_dsa_gen.c providers/common/der/der_ec_gen.c providers/common/der/der_ecx_gen.c providers/common/der/der_rsa_gen.c providers/common/der/der_sm2_gen.c providers/common/der/der_wrap_gen.c apps/progs.c providers/common/der/der_digests_gen.c providers/common/der/der_dsa_gen.c providers/common/der/der_ec_gen.c providers/common/der/der_ecx_gen.c providers/common/der/der_ml_dsa_gen.c providers/common/der/der_rsa_gen.c providers/common/der/der_slh_dsa_gen.c providers/common/der/der_sm2_gen.c providers/common/der/der_wrap_gen.c INSTALL_LIBS="libcrypto.lib" "libssl.lib" INSTALL_SHLIBS="libcrypto-1_1-arm64.dll" "libssl-1_1-arm64.dll" @@ -145,6 +145,10 @@ include/crypto/dso_conf.h: "$(PERL)" "-I$(BLDDIR)" -Mconfigdata "util/dofile.pl" \ "-omakefile" "include/crypto/dso_conf.h.in" > $@ +include/internal/param_names.h: include/internal/param_names.h.in configdata.pm + "$(PERL)" "-I$(BLDDIR)" -Mconfigdata "util/dofile.pl" \ + "-omakefile" "include/internal/param_names.h.in" > $@ + include/openssl/asn1.h: include/openssl/asn1.h.in configdata.pm "$(PERL)" "-I$(BLDDIR)" -Mconfigdata "util/dofile.pl" \ "-omakefile" "include/openssl/asn1.h.in" > $@ @@ -157,9 +161,15 @@ include/openssl/bio.h: include/openssl/bio.h.in configdata.pm include/openssl/cmp.h: include/openssl/cmp.h.in configdata.pm "$(PERL)" "-I$(BLDDIR)" -Mconfigdata "util/dofile.pl" \ "-omakefile" "include/openssl/cmp.h.in" > $@ +include/openssl/comp.h: include/openssl/comp.h.in configdata.pm + "$(PERL)" "-I$(BLDDIR)" -Mconfigdata "util/dofile.pl" \ + "-omakefile" "include/openssl/comp.h.in" > $@ include/openssl/cms.h: include/openssl/cms.h.in configdata.pm "$(PERL)" "-I$(BLDDIR)" -Mconfigdata "util/dofile.pl" \ "-omakefile" "include/openssl/cms.h.in" > $@ +include/openssl/comp.h: include/openssl/comp.h.in configdata.pm + "$(PERL)" "-I$(BLDDIR)" -Mconfigdata "util/dofile.pl" \ + "-omakefile" "include/openssl/comp.h.in" > $@ include/openssl/conf.h: include/openssl/conf.h.in configdata.pm "$(PERL)" "-I$(BLDDIR)" -Mconfigdata "util/dofile.pl" \ "-omakefile" "include/openssl/conf.h.in" > $@ @@ -169,6 +179,9 @@ include/openssl/conf.h: include/openssl/conf.h.in configdata.pm include/openssl/configuration.h: include/openssl/configuration.h.in configdata.pm "$(PERL)" "-I$(BLDDIR)" -Mconfigdata "util/dofile.pl" \ "-omakefile" "include/openssl/configuration.h.in" > $@ +include/openssl/core_names.h: include/openssl/core_names.h.in configdata.pm + "$(PERL)" "-I$(BLDDIR)" -Mconfigdata "util/dofile.pl" \ + "-omakefile" "include/openssl/core_names.h.in" > $@ include/openssl/crmf.h: include/openssl/crmf.h.in configdata.pm "$(PERL)" "-I$(BLDDIR)" -Mconfigdata "util/dofile.pl" \ "-omakefile" "include/openssl/crmf.h.in" > $@ @@ -220,6 +233,9 @@ include/openssl/ui.h: include/openssl/ui.h.in configdata.pm include/openssl/x509.h: include/openssl/x509.h.in configdata.pm $(PERL) -I$(BLDDIR) -Mconfigdata util/dofile.pl \ "-omakefile" "include/openssl/x509.h.in" > $@ +include/openssl/x509_acert.h: include/openssl/x509_acert.h.in configdata.pm + $(PERL) -I$(BLDDIR) -Mconfigdata util/dofile.pl \ + "-omakefile" "include/openssl/x509_acert.h.in" > $@ include/openssl/x509_vfy.h: include/openssl/x509_vfy.h.in configdata.pm $(PERL) -I$(BLDDIR) -Mconfigdata util/dofile.pl \ "-omakefile" "include/openssl/x509_vfy.h.in" > $@ @@ -234,21 +250,27 @@ providers/common/include/prov/der_dsa.h: providers/common/include/prov/der_dsa.h providers/common/include/prov/der_wrap.h: providers/common/include/prov/der_wrap.h.in providers/common/der/oids_to_c.pm configdata.pm providers/common/der/oids_to_c.pm $(PERL) "-I." "-Iproviders/common/der" -Mconfigdata -Moids_to_c "util/dofile.pl" "-oMakefile" providers/common/include/prov/der_wrap.h.in > $@ -providers/common/include/prov/der_rsa.h: providers/common/include/prov/der_wrap.h.in providers/common/der/oids_to_c.pm configdata.pm providers/common/der/oids_to_c.pm +providers/common/include/prov/der_rsa.h: providers/common/include/prov/der_rsa.h.in providers/common/der/oids_to_c.pm configdata.pm providers/common/der/oids_to_c.pm $(PERL) "-I." "-Iproviders/common/der" -Mconfigdata -Moids_to_c "util/dofile.pl" "-oMakefile" providers/common/include/prov/der_rsa.h.in > $@ -providers/common/include/prov/der_ecx.h: providers/common/include/prov/der_wrap.h.in providers/common/der/oids_to_c.pm configdata.pm providers/common/der/oids_to_c.pm +providers/common/include/prov/der_ecx.h: providers/common/include/prov/der_ecx.h.in providers/common/der/oids_to_c.pm configdata.pm providers/common/der/oids_to_c.pm $(PERL) "-I." "-Iproviders/common/der" -Mconfigdata -Moids_to_c "util/dofile.pl" "-oMakefile" providers/common/include/prov/der_ecx.h.in > $@ -providers/common/include/prov/der_sm2.h: providers/common/include/prov/der_wrap.h.in providers/common/der/oids_to_c.pm configdata.pm providers/common/der/oids_to_c.pm +providers/common/include/prov/der_sm2.h: providers/common/include/prov/der_sm2.h.in providers/common/der/oids_to_c.pm configdata.pm providers/common/der/oids_to_c.pm $(PERL) "-I." "-Iproviders/common/der" -Mconfigdata -Moids_to_c "util/dofile.pl" "-oMakefile" providers/common/include/prov/der_sm2.h.in > $@ -providers/common/include/prov/der_ec.h: providers/common/include/prov/der_wrap.h.in providers/common/der/oids_to_c.pm configdata.pm providers/common/der/oids_to_c.pm +providers/common/include/prov/der_ec.h: providers/common/include/prov/der_ec.h.in providers/common/der/oids_to_c.pm configdata.pm providers/common/der/oids_to_c.pm $(PERL) "-I." "-Iproviders/common/der" -Mconfigdata -Moids_to_c "util/dofile.pl" "-oMakefile" providers/common/include/prov/der_ec.h.in > $@ -providers/common/include/prov/der_digests.h: providers/common/include/prov/der_wrap.h.in providers/common/der/oids_to_c.pm configdata.pm providers/common/der/oids_to_c.pm +providers/common/include/prov/der_digests.h: providers/common/include/prov/der_digests.h.in providers/common/der/oids_to_c.pm configdata.pm providers/common/der/oids_to_c.pm $(PERL) "-I." "-Iproviders/common/der" -Mconfigdata -Moids_to_c "util/dofile.pl" "-oMakefile" providers/common/include/prov/der_digests.h.in > $@ +providers/common/include/prov/der_ml_dsa.h: providers/common/include/prov/der_ml_dsa.h.in providers/common/der/oids_to_c.pm configdata.pm providers/common/der/oids_to_c.pm + $(PERL) "-I." "-Iproviders/common/der" -Mconfigdata -Moids_to_c "util/dofile.pl" "-oMakefile" providers/common/include/prov/der_ml_dsa.h.in > $@ + +providers/common/include/prov/der_slh_dsa.h: providers/common/include/prov/der_slh_dsa.h.in providers/common/der/oids_to_c.pm configdata.pm providers/common/der/oids_to_c.pm + $(PERL) "-I." "-Iproviders/common/der" -Mconfigdata -Moids_to_c "util/dofile.pl" "-oMakefile" providers/common/include/prov/der_slh_dsa.h.in > $@ + providers/common/der/der_digests_gen.c: providers/common/der/der_digests_gen.c.in providers/common/der/oids_to_c.pm configdata.pm providers/common/der/oids_to_c.pm $(PERL) "-I." "-Iproviders/common/der" -Mconfigdata -Moids_to_c "util/dofile.pl" "-oMakefile" providers/common/der/der_digests_gen.c.in > $@ @@ -262,9 +284,15 @@ providers/common/der/der_ec_gen.c: providers/common/der/der_ec_gen.c.in provider providers/common/der/der_ecx_gen.c: providers/common/der/der_ecx_gen.c.in providers/common/der/oids_to_c.pm configdata.pm providers/common/der/oids_to_c.pm $(PERL) "-I." "-Iproviders/common/der" -Mconfigdata -Moids_to_c "util/dofile.pl" "-oMakefile" providers/common/der/der_ecx_gen.c.in > $@ +providers/common/der/der_ml_dsa_gen.c: providers/common/der/der_ml_dsa_gen.c.in providers/common/der/oids_to_c.pm configdata.pm providers/common/der/oids_to_c.pm + $(PERL) "-I." "-Iproviders/common/der" -Mconfigdata -Moids_to_c "util/dofile.pl" "-oMakefile" providers/common/der/der_ml_dsa_gen.c.in > $@ + providers/common/der/der_rsa_gen.c: providers/common/der/der_rsa_gen.c.in providers/common/der/oids_to_c.pm configdata.pm providers/common/der/oids_to_c.pm $(PERL) "-I." "-Iproviders/common/der" -Mconfigdata -Moids_to_c "util/dofile.pl" "-oMakefile" providers/common/der/der_rsa_gen.c.in > $@ +providers/common/der/der_slh_dsa_gen.c: providers/common/der/der_slh_dsa_gen.c.in providers/common/der/oids_to_c.pm configdata.pm providers/common/der/oids_to_c.pm + $(PERL) "-I." "-Iproviders/common/der" -Mconfigdata -Moids_to_c "util/dofile.pl" "-oMakefile" providers/common/der/der_slh_dsa_gen.c.in > $@ + providers/common/der/der_sm2_gen.c: providers/common/der/der_sm2_gen.c.in providers/common/der/oids_to_c.pm configdata.pm providers/common/der/oids_to_c.pm $(PERL) "-I." "-Iproviders/common/der" -Mconfigdata -Moids_to_c "util/dofile.pl" "-oMakefile" providers/common/der/der_sm2_gen.c.in > $@ diff --git a/deps/openssl/config/Makefile_VC-WIN64A b/deps/openssl/config/Makefile_VC-WIN64A index d8fde1e0f39652..4b5f0a67b5d4a9 100644 --- a/deps/openssl/config/Makefile_VC-WIN64A +++ b/deps/openssl/config/Makefile_VC-WIN64A @@ -5,8 +5,8 @@ RM= rm -f AS=nasm ASFLAGS=-g -GENERATED_MANDATORY=include/crypto/bn_conf.h include/crypto/dso_conf.h include/openssl/asn1.h include/openssl/asn1t.h include/openssl/bio.h include/openssl/cmp.h include/openssl/cms.h include/openssl/conf.h include/openssl/configuration.h include/openssl/crmf.h include/openssl/crypto.h include/openssl/ct.h include/openssl/err.h include/openssl/ess.h include/openssl/fipskey.h include/openssl/lhash.h include/openssl/ocsp.h include/openssl/opensslv.h include/openssl/pkcs12.h include/openssl/pkcs7.h include/openssl/safestack.h include/openssl/srp.h include/openssl/ssl.h include/openssl/ui.h include/openssl/x509.h include/openssl/x509_vfy.h include/openssl/x509v3.h providers/common/include/prov/der_digests.h providers/common/include/prov/der_dsa.h providers/common/include/prov/der_ec.h providers/common/include/prov/der_ecx.h providers/common/include/prov/der_rsa.h providers/common/include/prov/der_rsa.h providers/common/include/prov/der_sm2.h providers/common/include/prov/der_wrap.h -GENERATED=apps/CA.pl apps/openssl.rc apps/progs.h apps/tsget.pl crypto/aes/aes-x86_64.asm crypto/aes/aesni-mb-x86_64.asm crypto/aes/aesni-sha1-x86_64.asm crypto/aes/aesni-sha256-x86_64.asm crypto/aes/aesni-x86_64.asm crypto/aes/bsaes-x86_64.asm crypto/aes/vpaes-x86_64.asm crypto/bn/rsaz-avx2.asm crypto/bn/rsaz-x86_64.asm crypto/bn/x86_64-gf2m.asm crypto/bn/x86_64-mont.asm crypto/bn/x86_64-mont5.asm crypto/buildinf.h crypto/camellia/cmll-x86_64.asm crypto/chacha/chacha-x86_64.asm crypto/ec/ecp_nistz256-x86_64.asm crypto/ec/x25519-x86_64.asm crypto/md5/md5-x86_64.asm crypto/modes/aesni-gcm-x86_64.asm crypto/modes/ghash-x86_64.asm crypto/poly1305/poly1305-x86_64.asm crypto/rc4/rc4-md5-x86_64.asm crypto/rc4/rc4-x86_64.asm crypto/sha/keccak1600-x86_64.asm crypto/sha/sha1-mb-x86_64.asm crypto/sha/sha1-x86_64.asm crypto/sha/sha256-mb-x86_64.asm crypto/sha/sha256-x86_64.asm crypto/sha/sha512-x86_64.asm crypto/uplink-x86_64.asm crypto/whrlpool/wp-x86_64.asm crypto/x86_64cpuid.asm engines/e_padlock-x86_64.asm libcrypto.def libcrypto.rc libssl.def libssl.rc test/buildtest_aes.c test/buildtest_asn1.c test/buildtest_asn1t.c test/buildtest_async.c test/buildtest_bio.c test/buildtest_blowfish.c test/buildtest_bn.c test/buildtest_buffer.c test/buildtest_camellia.c test/buildtest_cast.c test/buildtest_cmac.c test/buildtest_cms.c test/buildtest_comp.c test/buildtest_conf.c test/buildtest_conf_api.c test/buildtest_crypto.c test/buildtest_ct.c test/buildtest_des.c test/buildtest_dh.c test/buildtest_dsa.c test/buildtest_dtls1.c test/buildtest_e_os2.c test/buildtest_ebcdic.c test/buildtest_ec.c test/buildtest_ecdh.c test/buildtest_ecdsa.c test/buildtest_engine.c test/buildtest_evp.c test/buildtest_hmac.c test/buildtest_idea.c test/buildtest_kdf.c test/buildtest_lhash.c test/buildtest_md4.c test/buildtest_md5.c test/buildtest_mdc2.c test/buildtest_modes.c test/buildtest_obj_mac.c test/buildtest_objects.c test/buildtest_ocsp.c test/buildtest_opensslv.c test/buildtest_ossl_typ.c test/buildtest_pem.c test/buildtest_pem2.c test/buildtest_pkcs12.c test/buildtest_pkcs7.c test/buildtest_rand.c test/buildtest_rand_drbg.c test/buildtest_rc2.c test/buildtest_rc4.c test/buildtest_ripemd.c test/buildtest_rsa.c test/buildtest_safestack.c test/buildtest_seed.c test/buildtest_sha.c test/buildtest_srp.c test/buildtest_srtp.c test/buildtest_ssl.c test/buildtest_ssl2.c test/buildtest_stack.c test/buildtest_store.c test/buildtest_symhacks.c test/buildtest_tls1.c test/buildtest_ts.c test/buildtest_txt_db.c test/buildtest_ui.c test/buildtest_whrlpool.c test/buildtest_x509.c test/buildtest_x509_vfy.c test/buildtest_x509v3.c tools/c_rehash.pl providers/common/der/der_digests_gen.c providers/common/der/der_dsa_gen.c providers/common/der/der_ec_gen.c providers/common/der/der_ecx_gen.c providers/common/der/der_rsa_gen.c providers/common/der/der_sm2_gen.c providers/common/der/der_wrap_gen.c +GENERATED_MANDATORY=include/crypto/bn_conf.h include/crypto/dso_conf.h include/internal/param_names.h include/openssl/asn1.h include/openssl/asn1t.h include/openssl/bio.h include/openssl/cmp.h include/openssl/comp.h include/openssl/cms.h include/openssl/conf.h include/openssl/configuration.h include/openssl/core_names.h include/openssl/crmf.h include/openssl/crypto.h include/openssl/ct.h include/openssl/err.h include/openssl/ess.h include/openssl/fipskey.h include/openssl/lhash.h include/openssl/ocsp.h include/openssl/opensslv.h include/openssl/pkcs12.h include/openssl/pkcs7.h include/openssl/safestack.h include/openssl/srp.h include/openssl/ssl.h include/openssl/ui.h include/openssl/x509.h include/openssl/x509_acert.h include/openssl/x509_vfy.h include/openssl/x509v3.h providers/common/include/prov/der_digests.h providers/common/include/prov/der_dsa.h providers/common/include/prov/der_ec.h providers/common/include/prov/der_ecx.h providers/common/include/prov/der_ml_dsa.h providers/common/include/prov/der_rsa.h providers/common/include/prov/der_slh_dsa.h providers/common/include/prov/der_sm2.h providers/common/include/prov/der_wrap.h +GENERATED=apps/CA.pl apps/openssl.rc apps/progs.h apps/tsget.pl crypto/aes/aes-x86_64.asm crypto/aes/aesni-mb-x86_64.asm crypto/aes/aesni-sha1-x86_64.asm crypto/aes/aesni-sha256-x86_64.asm crypto/aes/aesni-x86_64.asm crypto/aes/bsaes-x86_64.asm crypto/aes/vpaes-x86_64.asm crypto/bn/rsaz-avx2.asm crypto/bn/rsaz-x86_64.asm crypto/bn/x86_64-gf2m.asm crypto/bn/x86_64-mont.asm crypto/bn/x86_64-mont5.asm crypto/buildinf.h crypto/camellia/cmll-x86_64.asm crypto/chacha/chacha-x86_64.asm crypto/ec/ecp_nistz256-x86_64.asm crypto/ec/x25519-x86_64.asm crypto/md5/md5-x86_64.asm crypto/modes/aesni-gcm-x86_64.asm crypto/modes/ghash-x86_64.asm crypto/poly1305/poly1305-x86_64.asm crypto/rc4/rc4-md5-x86_64.asm crypto/rc4/rc4-x86_64.asm crypto/sha/keccak1600-x86_64.asm crypto/sha/sha1-mb-x86_64.asm crypto/sha/sha1-x86_64.asm crypto/sha/sha256-mb-x86_64.asm crypto/sha/sha256-x86_64.asm crypto/sha/sha512-x86_64.asm crypto/uplink-x86_64.asm crypto/whrlpool/wp-x86_64.asm crypto/x86_64cpuid.asm engines/e_padlock-x86_64.asm libcrypto.def libcrypto.rc libssl.def libssl.rc test/buildtest_aes.c test/buildtest_asn1.c test/buildtest_asn1t.c test/buildtest_async.c test/buildtest_bio.c test/buildtest_blowfish.c test/buildtest_bn.c test/buildtest_buffer.c test/buildtest_camellia.c test/buildtest_cast.c test/buildtest_cmac.c test/buildtest_cms.c test/buildtest_comp.c test/buildtest_conf.c test/buildtest_conf_api.c test/buildtest_crypto.c test/buildtest_ct.c test/buildtest_des.c test/buildtest_dh.c test/buildtest_dsa.c test/buildtest_dtls1.c test/buildtest_e_os2.c test/buildtest_ebcdic.c test/buildtest_ec.c test/buildtest_ecdh.c test/buildtest_ecdsa.c test/buildtest_engine.c test/buildtest_evp.c test/buildtest_hmac.c test/buildtest_idea.c test/buildtest_kdf.c test/buildtest_lhash.c test/buildtest_md4.c test/buildtest_md5.c test/buildtest_mdc2.c test/buildtest_modes.c test/buildtest_obj_mac.c test/buildtest_objects.c test/buildtest_ocsp.c test/buildtest_opensslv.c test/buildtest_ossl_typ.c test/buildtest_pem.c test/buildtest_pem2.c test/buildtest_pkcs12.c test/buildtest_pkcs7.c test/buildtest_rand.c test/buildtest_rand_drbg.c test/buildtest_rc2.c test/buildtest_rc4.c test/buildtest_ripemd.c test/buildtest_rsa.c test/buildtest_safestack.c test/buildtest_seed.c test/buildtest_sha.c test/buildtest_srp.c test/buildtest_srtp.c test/buildtest_ssl.c test/buildtest_ssl2.c test/buildtest_stack.c test/buildtest_store.c test/buildtest_symhacks.c test/buildtest_tls1.c test/buildtest_ts.c test/buildtest_txt_db.c test/buildtest_ui.c test/buildtest_whrlpool.c test/buildtest_x509.c test/buildtest_x509_vfy.c test/buildtest_x509v3.c tools/c_rehash.pl providers/common/der/der_digests_gen.c providers/common/der/der_dsa_gen.c providers/common/der/der_ec_gen.c providers/common/der/der_ecx_gen.c providers/common/der/der_ml_dsa.c providers/common/der/der_rsa_gen.c providers/common/der/der_slh_dsa.c providers/common/der/der_sm2_gen.c providers/common/der/der_wrap_gen.c PERLASM_SCHEME= auto APPS_OPENSSL=apps/openssl @@ -18,6 +18,10 @@ include/crypto/dso_conf.h: include/crypto/dso_conf.h.in configdata.pm "$(PERL)" "-I$(BLDDIR)" -Mconfigdata "util/dofile.pl" \ "-omakefile" "include/crypto/dso_conf.h.in" > $@ +include/internal/param_names.h: include/internal/param_names.h.in configdata.pm + "$(PERL)" "-I$(BLDDIR)" -Mconfigdata "util/dofile.pl" \ + "-omakefile" "include/internal/param_names.h.in" > $@ + include/openssl/asn1.h: include/openssl/asn1.h.in configdata.pm "$(PERL)" "-I$(BLDDIR)" -Mconfigdata "util/dofile.pl" \ "-omakefile" "include/openssl/asn1.h.in" > $@ @@ -30,9 +34,15 @@ include/openssl/bio.h: include/openssl/bio.h.in configdata.pm include/openssl/cmp.h: include/openssl/cmp.h.in configdata.pm "$(PERL)" "-I$(BLDDIR)" -Mconfigdata "util/dofile.pl" \ "-omakefile" "include/openssl/cmp.h.in" > $@ +include/openssl/comp.h: include/openssl/comp.h.in configdata.pm + "$(PERL)" "-I$(BLDDIR)" -Mconfigdata "util/dofile.pl" \ + "-omakefile" "include/openssl/comp.h.in" > $@ include/openssl/cms.h: include/openssl/cms.h.in configdata.pm "$(PERL)" "-I$(BLDDIR)" -Mconfigdata "util/dofile.pl" \ "-omakefile" "include/openssl/cms.h.in" > $@ +include/openssl/comp.h: include/openssl/comp.h.in configdata.pm + "$(PERL)" "-I$(BLDDIR)" -Mconfigdata "util/dofile.pl" \ + "-omakefile" "include/openssl/comp.h.in" > $@ include/openssl/conf.h: include/openssl/conf.h.in configdata.pm "$(PERL)" "-I$(BLDDIR)" -Mconfigdata "util/dofile.pl" \ "-omakefile" "include/openssl/conf.h.in" > $@ @@ -42,6 +52,9 @@ include/openssl/conf.h: include/openssl/conf.h.in configdata.pm include/openssl/configuration.h: include/openssl/configuration.h.in configdata.pm "$(PERL)" "-I$(BLDDIR)" -Mconfigdata "util/dofile.pl" \ "-omakefile" "include/openssl/configuration.h.in" > $@ +include/openssl/core_names.h: include/openssl/core_names.h.in configdata.pm + "$(PERL)" "-I$(BLDDIR)" -Mconfigdata "util/dofile.pl" \ + "-omakefile" "include/openssl/core_names.h.in" > $@ include/openssl/crmf.h: include/openssl/crmf.h.in configdata.pm "$(PERL)" "-I$(BLDDIR)" -Mconfigdata "util/dofile.pl" \ "-omakefile" "include/openssl/crmf.h.in" > $@ @@ -93,6 +106,9 @@ include/openssl/ui.h: include/openssl/ui.h.in configdata.pm include/openssl/x509.h: include/openssl/x509.h.in configdata.pm $(PERL) -I$(BLDDIR) -Mconfigdata util/dofile.pl \ "-omakefile" "include/openssl/x509.h.in" > $@ +include/openssl/x509_acert.h: include/openssl/x509_acert.h.in configdata.pm + $(PERL) -I$(BLDDIR) -Mconfigdata util/dofile.pl \ + "-omakefile" "include/openssl/x509_acert.h.in" > $@ include/openssl/x509_vfy.h: include/openssl/x509_vfy.h.in configdata.pm $(PERL) -I$(BLDDIR) -Mconfigdata util/dofile.pl \ "-omakefile" "include/openssl/x509_vfy.h.in" > $@ @@ -106,21 +122,26 @@ providers/common/include/prov/der_dsa.h: providers/common/include/prov/der_dsa.h providers/common/include/prov/der_wrap.h: providers/common/include/prov/der_wrap.h.in providers/common/der/oids_to_c.pm configdata.pm providers/common/der/oids_to_c.pm $(PERL) "-I." "-Iproviders/common/der" -Mconfigdata -Moids_to_c "util/dofile.pl" "-oMakefile" providers/common/include/prov/der_wrap.h.in > $@ -providers/common/include/prov/der_rsa.h: providers/common/include/prov/der_wrap.h.in providers/common/der/oids_to_c.pm configdata.pm providers/common/der/oids_to_c.pm +providers/common/include/prov/der_rsa.h: providers/common/include/prov/der_rsa.h.in providers/common/der/oids_to_c.pm configdata.pm providers/common/der/oids_to_c.pm $(PERL) "-I." "-Iproviders/common/der" -Mconfigdata -Moids_to_c "util/dofile.pl" "-oMakefile" providers/common/include/prov/der_rsa.h.in > $@ -providers/common/include/prov/der_ecx.h: providers/common/include/prov/der_wrap.h.in providers/common/der/oids_to_c.pm configdata.pm providers/common/der/oids_to_c.pm +providers/common/include/prov/der_ecx.h: providers/common/include/prov/der_ecx.h.in providers/common/der/oids_to_c.pm configdata.pm providers/common/der/oids_to_c.pm $(PERL) "-I." "-Iproviders/common/der" -Mconfigdata -Moids_to_c "util/dofile.pl" "-oMakefile" providers/common/include/prov/der_ecx.h.in > $@ -providers/common/include/prov/der_sm2.h: providers/common/include/prov/der_wrap.h.in providers/common/der/oids_to_c.pm configdata.pm providers/common/der/oids_to_c.pm +providers/common/include/prov/der_sm2.h: providers/common/include/prov/der_sm2.h.in providers/common/der/oids_to_c.pm configdata.pm providers/common/der/oids_to_c.pm $(PERL) "-I." "-Iproviders/common/der" -Mconfigdata -Moids_to_c "util/dofile.pl" "-oMakefile" providers/common/include/prov/der_sm2.h.in > $@ -providers/common/include/prov/der_ec.h: providers/common/include/prov/der_wrap.h.in providers/common/der/oids_to_c.pm configdata.pm providers/common/der/oids_to_c.pm +providers/common/include/prov/der_ec.h: providers/common/include/prov/der_ec.h.in providers/common/der/oids_to_c.pm configdata.pm providers/common/der/oids_to_c.pm $(PERL) "-I." "-Iproviders/common/der" -Mconfigdata -Moids_to_c "util/dofile.pl" "-oMakefile" providers/common/include/prov/der_ec.h.in > $@ -providers/common/include/prov/der_digests.h: providers/common/include/prov/der_wrap.h.in providers/common/der/oids_to_c.pm configdata.pm providers/common/der/oids_to_c.pm +providers/common/include/prov/der_digests.h: providers/common/include/prov/der_digests.h.in providers/common/der/oids_to_c.pm configdata.pm providers/common/der/oids_to_c.pm $(PERL) "-I." "-Iproviders/common/der" -Mconfigdata -Moids_to_c "util/dofile.pl" "-oMakefile" providers/common/include/prov/der_digests.h.in > $@ +providers/common/include/prov/der_ml_dsa.h: providers/common/include/prov/der_ml_dsa.h.in providers/common/der/oids_to_c.pm configdata.pm providers/common/der/oids_to_c.pm + $(PERL) "-I." "-Iproviders/common/der" -Mconfigdata -Moids_to_c "util/dofile.pl" "-oMakefile" providers/common/include/prov/der_ml_dsa.h.in > $@ + +providers/common/include/prov/der_slh_dsa.h: providers/common/include/prov/der_slh_dsa.h.in providers/common/der/oids_to_c.pm configdata.pm providers/common/der/oids_to_c.pm + $(PERL) "-I." "-Iproviders/common/der" -Mconfigdata -Moids_to_c "util/dofile.pl" "-oMakefile" providers/common/include/prov/der_slh_dsa.h.in > $@ apps/progs.h: apps/progs.c @@ -3070,9 +3091,15 @@ providers/common/der/der_ec_gen.c: providers/common/der/der_ec_gen.c.in provider providers/common/der/der_ecx_gen.c: providers/common/der/der_ecx_gen.c.in providers/common/der/oids_to_c.pm configdata.pm providers/common/der/oids_to_c.pm $(PERL) "-I." "-Iproviders/common/der" -Mconfigdata -Moids_to_c "util/dofile.pl" "-oMakefile" providers/common/der/der_ecx_gen.c.in > $@ +providers/common/der/der_ml_dsa_gen.c: providers/common/der/der_ml_dsa_gen.c.in providers/common/der/oids_to_c.pm configdata.pm providers/common/der/oids_to_c.pm + $(PERL) "-I." "-Iproviders/common/der" -Mconfigdata -Moids_to_c "util/dofile.pl" "-oMakefile" providers/common/der/der_ml_dsa_gen.c.in > $@ + providers/common/der/der_rsa_gen.c: providers/common/der/der_rsa_gen.c.in providers/common/der/oids_to_c.pm configdata.pm providers/common/der/oids_to_c.pm $(PERL) "-I." "-Iproviders/common/der" -Mconfigdata -Moids_to_c "util/dofile.pl" "-oMakefile" providers/common/der/der_rsa_gen.c.in > $@ +providers/common/der/der_slh_dsa_gen.c: providers/common/der/der_slh_dsa_gen.c.in providers/common/der/oids_to_c.pm configdata.pm providers/common/der/oids_to_c.pm + $(PERL) "-I." "-Iproviders/common/der" -Mconfigdata -Moids_to_c "util/dofile.pl" "-oMakefile" providers/common/der/der_slh_dsa_gen.c.in > $@ + providers/common/der/der_sm2_gen.c: providers/common/der/der_sm2_gen.c.in providers/common/der/oids_to_c.pm configdata.pm providers/common/der/oids_to_c.pm $(PERL) "-I." "-Iproviders/common/der" -Mconfigdata -Moids_to_c "util/dofile.pl" "-oMakefile" providers/common/der/der_sm2_gen.c.in > $@ diff --git a/deps/openssl/config/generate_gypi.pl b/deps/openssl/config/generate_gypi.pl index be7d357f68cc62..95373e5bc5626d 100755 --- a/deps/openssl/config/generate_gypi.pl +++ b/deps/openssl/config/generate_gypi.pl @@ -48,15 +48,15 @@ # Generate arch dependent header files with Makefile my $buildinf = "crypto/buildinf.h"; my $progs = "apps/progs.h"; -my $prov_headers = "providers/common/include/prov/der_dsa.h providers/common/include/prov/der_wrap.h providers/common/include/prov/der_rsa.h providers/common/include/prov/der_ecx.h providers/common/include/prov/der_sm2.h providers/common/include/prov/der_ec.h providers/common/include/prov/der_digests.h"; +my $prov_headers = "providers/common/include/prov/der_dsa.h providers/common/include/prov/der_ml_dsa.h providers/common/include/prov/der_slh_dsa.h providers/common/include/prov/der_wrap.h providers/common/include/prov/der_rsa.h providers/common/include/prov/der_ecx.h providers/common/include/prov/der_sm2.h providers/common/include/prov/der_ec.h providers/common/include/prov/der_digests.h"; my $fips_ld = ($arch =~ m/linux/ ? "providers/fips.ld" : ""); my $cmd1 = "cd ../openssl; make -f $makefile clean build_generated $buildinf $progs $prov_headers $fips_ld;"; system($cmd1) == 0 or die "Error in system($cmd1)"; # Copy and move all arch dependent header files into config/archs make_path("$base_dir/crypto/include/internal", "$base_dir/include/openssl", - "$base_dir/include/crypto", "$base_dir/providers/common/include/prov", - "$base_dir/apps", + "$base_dir/include/crypto", "$base_dir/include/internal", + "$base_dir/providers/common/include/prov", "$base_dir/apps", { error => \my $make_path_err}); if (@$make_path_err) { @@ -73,6 +73,9 @@ my @crypto_dir_headers = shift @ARGV; copy_headers(@crypto_dir_headers, 'crypto'); +my @internal_dir_headers = shift @ARGV; +copy_headers(@internal_dir_headers, 'internal'); + move("$src_dir/include/crypto/bn_conf.h", "$base_dir/include/crypto/bn_conf.h") or die "Move failed: $!"; move("$src_dir/include/crypto/dso_conf.h", @@ -85,8 +88,15 @@ copy("$src_dir/apps/progs.c", "$base_dir/apps") or die "Copy failed: $!"; +move("$src_dir/include/internal/param_names.h", + "$base_dir/include/internal/param_names.h") or die "Move failed: $!"; + copy("$src_dir/providers/common/include/prov/der_dsa.h", "$base_dir/providers/common/include/prov/") or die "Copy failed: $!"; +copy("$src_dir/providers/common/include/prov/der_ml_dsa.h", + "$base_dir/providers/common/include/prov/") or die "Copy failed: $!"; +copy("$src_dir/providers/common/include/prov/der_slh_dsa.h", + "$base_dir/providers/common/include/prov/") or die "Copy failed: $!"; copy("$src_dir/providers/common/include/prov/der_wrap.h", "$base_dir/providers/common/include/prov/") or die "Copy failed: $!"; copy("$src_dir/providers/common/include/prov/der_rsa.h", @@ -363,7 +373,7 @@ # Clean Up my $cmd2 ="cd $src_dir; make -f $makefile clean; make -f $makefile distclean;" . - "git clean -f $src_dir/crypto"; + "git clean -f $src_dir"; system($cmd2) == 0 or die "Error in system($cmd2)"; diff --git a/deps/openssl/config/generate_headers.pl b/deps/openssl/config/generate_headers.pl index 9390ef668d6e01..55d63fb28e696e 100755 --- a/deps/openssl/config/generate_headers.pl +++ b/deps/openssl/config/generate_headers.pl @@ -9,6 +9,7 @@ my @openssl_headers = shift @ARGV; my @crypto_headers = shift @ARGV; +my @internal_headers = shift @ARGV; my $include_tmpl = Text::Template->new(TYPE => 'FILE', SOURCE => 'include.h.tmpl', @@ -25,6 +26,7 @@ gen_headers(@openssl_headers, 'openssl'); gen_headers(@crypto_headers, 'crypto'); +gen_headers(@internal_headers, 'internal'); sub gen_headers { my @headers = split / /, $_[0]; diff --git a/deps/openssl/openssl/demos/README.txt b/deps/openssl/openssl/demos/README.txt new file mode 100644 index 00000000000000..e10239173faa5b --- /dev/null +++ b/deps/openssl/openssl/demos/README.txt @@ -0,0 +1,50 @@ +OpenSSL Demonstration Applications + +This folder contains source code that demonstrates the proper use of the OpenSSL +library API. + +bio: Demonstration of a simple TLS client and server + +certs: Demonstration of creating certs, using OCSP + +cipher: +aesgcm.c Demonstration of symmetric cipher GCM mode encrypt/decrypt +aesccm.c Demonstration of symmetric cipher CCM mode encrypt/decrypt +ariacbc.c Demonstration of symmetric cipher CBC mode encrypt/decrypt + +cms: + +digest: +EVP_MD_demo.c Compute a digest from multiple buffers +EVP_MD_stdin.c Compute a digest with data read from stdin +EVP_MD_xof.c Compute a digest using the SHAKE256 XOF +EVP_f_md.c Compute a digest using BIO and EVP_f_md + +kdf: +hkdf.c Demonstration of HMAC based key derivation +pbkdf2.c Demonstration of PBKDF2 password based key derivation +scrypt.c Demonstration of SCRYPT password based key derivation + +mac: +gmac.c Demonstration of GMAC message authentication +poly1305.c Demonstration of Poly1305-AES message authentication +siphash.c Demonstration of SIPHASH message authentication + +pkey: +EVP_PKEY_EC_keygen.c Generate an EC key. +EVP_PKEY_RSA_keygen.c Generate an RSA key. +EVP_PKEY_DSA_keygen.c Generate a DSA key. +EVP_PKEY_DSA_paramgen.c Generate a DSA param key. +EVP_PKEY_DSA_paramvalidate.c Validate a DSA param key. +EVP_PKEY_DSA_paramfromdata.c Load a DSA param key using raw data. + +smime: + +pkcs12: +pkread.c Print out a description of a PKCS12 file. +pkwrite.c Add a password to an existing PKCS12 file. + +signature: +EVP_Signature_demo.c Compute and verify a signature from multiple buffers +rsa_pss_direct.c Compute and verify an RSA-PSS signature from a hash +rsa_pss_hash.c Compute and verify an RSA-PSS signature over a buffer diff --git a/deps/openssl/openssl/demos/bio/Makefile b/deps/openssl/openssl/demos/bio/Makefile new file mode 100644 index 00000000000000..86f19d4df3af7c --- /dev/null +++ b/deps/openssl/openssl/demos/bio/Makefile @@ -0,0 +1,33 @@ +# Quick instruction: +# To build against an OpenSSL built in the source tree, do this: +# +# make OPENSSL_INCS_LOCATION=-I../../include OPENSSL_LIBS_LOCATION=-L../.. +# +# To run the demos when linked with a shared library (default): +# +# LD_LIBRARY_PATH=../.. ./server-arg +# LD_LIBRARY_PATH=../.. ./server-cmod +# LD_LIBRARY_PATH=../.. ./server-conf +# LD_LIBRARY_PATH=../.. ./client-arg +# LD_LIBRARY_PATH=../.. ./client-conf +# LD_LIBRARY_PATH=../.. ./saccept +# LD_LIBRARY_PATH=../.. ./sconnect + +CFLAGS = $(OPENSSL_INCS_LOCATION) +LDFLAGS = $(OPENSSL_LIBS_LOCATION) -lssl -lcrypto $(EX_LIBS) + +all: client-arg client-conf saccept sconnect server-arg server-cmod server-conf + +client-arg: client-arg.o +client-conf: client-conf.o +saccept: saccept.o +sconnect: sconnect.o +server-arg: server-arg.o +server-cmod: server-cmod.o +server-conf: server-conf.o + +client-arg client-conf saccept sconnect server-arg server-cmod server-conf: + $(CC) $(CFLAGS) -o $@ $< $(LDFLAGS) + +clean: + $(RM) *.o client-arg client-conf saccept sconnect server-arg server-cmod server-conf diff --git a/deps/openssl/openssl/demos/bio/README.txt b/deps/openssl/openssl/demos/bio/README.txt new file mode 100644 index 00000000000000..a8467cda6429cd --- /dev/null +++ b/deps/openssl/openssl/demos/bio/README.txt @@ -0,0 +1,6 @@ +This directory contains some simple examples of the use of BIO's +to simplify socket programming. + +The client-conf, server-conf, client-arg and client-conf include examples +of how to use the SSL_CONF API for configuration file or command line +processing. diff --git a/deps/openssl/openssl/demos/bio/accept.cnf b/deps/openssl/openssl/demos/bio/accept.cnf new file mode 100644 index 00000000000000..ce36678ee9cada --- /dev/null +++ b/deps/openssl/openssl/demos/bio/accept.cnf @@ -0,0 +1,23 @@ +# Example configuration file + +# Comment out the next line to ignore configuration errors +config_diagnostics = 1 + +# Port to listen on +Port = 4433 + +# Disable TLS v1.2 for test. +# Protocol = ALL, -TLSv1.2 +# Only support 3 curves +Curves = P-521:P-384:P-256 + +# Restricted signature algorithms +SignatureAlgorithms = RSA+SHA512:ECDSA+SHA512 +Certificate=server.pem +PrivateKey=server.pem +ChainCAFile=root.pem +VerifyCAFile=root.pem + +# Request certificate +VerifyMode=Request +ClientCAFile=root.pem diff --git a/deps/openssl/openssl/demos/bio/client-arg.c b/deps/openssl/openssl/demos/bio/client-arg.c new file mode 100644 index 00000000000000..202afa1ee8ecba --- /dev/null +++ b/deps/openssl/openssl/demos/bio/client-arg.c @@ -0,0 +1,108 @@ +/* + * Copyright 2013-2021 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include +#include +#include + +int main(int argc, char **argv) +{ + BIO *sbio = NULL, *out = NULL; + int len; + char tmpbuf[1024]; + SSL_CTX *ctx; + SSL_CONF_CTX *cctx; + SSL *ssl; + char **args = argv + 1; + const char *connect_str = "localhost:4433"; + int nargs = argc - 1; + + ctx = SSL_CTX_new(TLS_client_method()); + cctx = SSL_CONF_CTX_new(); + SSL_CONF_CTX_set_flags(cctx, SSL_CONF_FLAG_CLIENT); + SSL_CONF_CTX_set_ssl_ctx(cctx, ctx); + while (*args && **args == '-') { + int rv; + /* Parse standard arguments */ + rv = SSL_CONF_cmd_argv(cctx, &nargs, &args); + if (rv == -3) { + fprintf(stderr, "Missing argument for %s\n", *args); + goto end; + } + if (rv < 0) { + fprintf(stderr, "Error in command %s\n", *args); + ERR_print_errors_fp(stderr); + goto end; + } + /* If rv > 0 we processed something so proceed to next arg */ + if (rv > 0) + continue; + /* Otherwise application specific argument processing */ + if (strcmp(*args, "-connect") == 0) { + connect_str = args[1]; + if (connect_str == NULL) { + fprintf(stderr, "Missing -connect argument\n"); + goto end; + } + args += 2; + nargs -= 2; + continue; + } else { + fprintf(stderr, "Unknown argument %s\n", *args); + goto end; + } + } + + if (!SSL_CONF_CTX_finish(cctx)) { + fprintf(stderr, "Finish error\n"); + ERR_print_errors_fp(stderr); + goto end; + } + + /* + * We'd normally set some stuff like the verify paths and * mode here + * because as things stand this will connect to * any server whose + * certificate is signed by any CA. + */ + + sbio = BIO_new_ssl_connect(ctx); + + BIO_get_ssl(sbio, &ssl); + + if (!ssl) { + fprintf(stderr, "Can't locate SSL pointer\n"); + goto end; + } + + /* We might want to do other things with ssl here */ + + BIO_set_conn_hostname(sbio, connect_str); + + out = BIO_new_fp(stdout, BIO_NOCLOSE); + if (BIO_do_connect(sbio) <= 0) { + fprintf(stderr, "Error connecting to server\n"); + ERR_print_errors_fp(stderr); + goto end; + } + + /* Could examine ssl here to get connection info */ + + BIO_puts(sbio, "GET / HTTP/1.0\n\n"); + for (;;) { + len = BIO_read(sbio, tmpbuf, 1024); + if (len <= 0) + break; + BIO_write(out, tmpbuf, len); + } + end: + SSL_CONF_CTX_free(cctx); + BIO_free_all(sbio); + BIO_free(out); + return 0; +} diff --git a/deps/openssl/openssl/demos/bio/client-conf.c b/deps/openssl/openssl/demos/bio/client-conf.c new file mode 100644 index 00000000000000..916876bfab94a5 --- /dev/null +++ b/deps/openssl/openssl/demos/bio/client-conf.c @@ -0,0 +1,117 @@ +/* + * Copyright 2013-2021 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include +#include +#include +#include + +int main(int argc, char **argv) +{ + BIO *sbio = NULL, *out = NULL; + int i, len, rv; + char tmpbuf[1024]; + SSL_CTX *ctx = NULL; + SSL_CONF_CTX *cctx = NULL; + SSL *ssl = NULL; + CONF *conf = NULL; + STACK_OF(CONF_VALUE) *sect = NULL; + CONF_VALUE *cnf; + const char *connect_str = "localhost:4433"; + long errline = -1; + + conf = NCONF_new(NULL); + + if (NCONF_load(conf, "connect.cnf", &errline) <= 0) { + if (errline <= 0) + fprintf(stderr, "Error processing config file\n"); + else + fprintf(stderr, "Error on line %ld\n", errline); + goto end; + } + + sect = NCONF_get_section(conf, "default"); + + if (sect == NULL) { + fprintf(stderr, "Error retrieving default section\n"); + goto end; + } + + ctx = SSL_CTX_new(TLS_client_method()); + cctx = SSL_CONF_CTX_new(); + SSL_CONF_CTX_set_flags(cctx, SSL_CONF_FLAG_CLIENT); + SSL_CONF_CTX_set_flags(cctx, SSL_CONF_FLAG_FILE); + SSL_CONF_CTX_set_ssl_ctx(cctx, ctx); + for (i = 0; i < sk_CONF_VALUE_num(sect); i++) { + cnf = sk_CONF_VALUE_value(sect, i); + rv = SSL_CONF_cmd(cctx, cnf->name, cnf->value); + if (rv > 0) + continue; + if (rv != -2) { + fprintf(stderr, "Error processing %s = %s\n", + cnf->name, cnf->value); + ERR_print_errors_fp(stderr); + goto end; + } + if (strcmp(cnf->name, "Connect") == 0) { + connect_str = cnf->value; + } else { + fprintf(stderr, "Unknown configuration option %s\n", cnf->name); + goto end; + } + } + + if (!SSL_CONF_CTX_finish(cctx)) { + fprintf(stderr, "Finish error\n"); + ERR_print_errors_fp(stderr); + goto end; + } + + /* + * We'd normally set some stuff like the verify paths and * mode here + * because as things stand this will connect to * any server whose + * certificate is signed by any CA. + */ + + sbio = BIO_new_ssl_connect(ctx); + + BIO_get_ssl(sbio, &ssl); + + if (!ssl) { + fprintf(stderr, "Can't locate SSL pointer\n"); + goto end; + } + + /* We might want to do other things with ssl here */ + + BIO_set_conn_hostname(sbio, connect_str); + + out = BIO_new_fp(stdout, BIO_NOCLOSE); + if (BIO_do_connect(sbio) <= 0) { + fprintf(stderr, "Error connecting to server\n"); + ERR_print_errors_fp(stderr); + goto end; + } + + /* Could examine ssl here to get connection info */ + + BIO_puts(sbio, "GET / HTTP/1.0\n\n"); + for (;;) { + len = BIO_read(sbio, tmpbuf, 1024); + if (len <= 0) + break; + BIO_write(out, tmpbuf, len); + } + end: + SSL_CONF_CTX_free(cctx); + BIO_free_all(sbio); + BIO_free(out); + NCONF_free(conf); + return 0; +} diff --git a/deps/openssl/openssl/demos/bio/cmod.cnf b/deps/openssl/openssl/demos/bio/cmod.cnf new file mode 100644 index 00000000000000..df514dba790914 --- /dev/null +++ b/deps/openssl/openssl/demos/bio/cmod.cnf @@ -0,0 +1,27 @@ +# Example config module configuration + +# Name supplied by application to CONF_modules_load_file +# and section containing configuration +testapp = test_sect + +# Comment out the next line to ignore configuration errors +config_diagnostics = 1 + +[test_sect] +# list of configuration modules + +# SSL configuration module +ssl_conf = ssl_sect + +[ssl_sect] +# list of SSL configurations +server = server_sect + +[server_sect] +# Only support 3 curves +Curves = P-521:P-384:P-256 +# Restricted signature algorithms +SignatureAlgorithms = RSA+SHA512:ECDSA+SHA512 +# Certificates and keys +RSA.Certificate=server.pem +ECDSA.Certificate=server-ec.pem diff --git a/deps/openssl/openssl/demos/bio/connect.cnf b/deps/openssl/openssl/demos/bio/connect.cnf new file mode 100644 index 00000000000000..0049a77b2d62d2 --- /dev/null +++ b/deps/openssl/openssl/demos/bio/connect.cnf @@ -0,0 +1,15 @@ +# Example configuration file + +# Comment out the next line to ignore configuration errors +config_diagnostics = 1 + +# Connects to the default port of s_server +Connect = localhost:4433 + +# Disable TLS v1.2 for test. +# Protocol = ALL, -TLSv1.2 +# Only support 3 curves +Curves = P-521:P-384:P-256 + +# Restricted signature algorithms +SignatureAlgorithms = RSA+SHA512:ECDSA+SHA512 diff --git a/deps/openssl/openssl/demos/bio/descrip.mms b/deps/openssl/openssl/demos/bio/descrip.mms new file mode 100644 index 00000000000000..44ca2febc65746 --- /dev/null +++ b/deps/openssl/openssl/demos/bio/descrip.mms @@ -0,0 +1,47 @@ +# This build description trusts that the following logical names are defined: +# +# For compilation: OPENSSL +# For linking with shared libraries: OSSL$LIBCRYPTO_SHR and OSSL$LIBSSL_SHR +# For linking with static libraries: OSSL$LIBCRYPTO and OSSL$LIBSSL +# +# These are normally defined with the OpenSSL startup procedure + +# By default, we link with the shared libraries +SHARED = TRUE + +# Alternative, for linking with static libraries +#SHARED = FALSE + +.FIRST : + IF "$(SHARED)" .EQS. "TRUE" THEN DEFINE OPT []shared.opt + IF "$(SHARED)" .NES. "TRUE" THEN DEFINE OPT []static.opt + +.LAST : + DEASSIGN OPT + +.DEFAULT : + @ ! + +# Because we use an option file, we need to redefine this +.obj.exe : + $(LINK) $(LINKFLAGS) $<,OPT:/OPT + +all : client-arg.exe client-conf.exe saccept.exe sconnect.exe - + server-arg.exe server-cmod.exe server-conf.exe + +client-arg.exe : client-arg.obj +client-conf.exe : client-conf.obj +saccept.exe : saccept.obj +sconnect.exe : sconnect.obj +server-arg.exe : server-arg.obj +server-cmod.exe : server-cmod.obj +server-conf.exe : server-conf.obj + +# MMS doesn't infer this automatically... +client-arg.obj : client-arg.c +client-conf.obj : client-conf.c +saccept.obj : saccept.c +sconnect.obj : sconnect.c +server-arg.obj : server-arg.c +server-cmod.obj : server-cmod.c +server-conf.obj : server-conf.c diff --git a/deps/openssl/openssl/demos/bio/intca.pem b/deps/openssl/openssl/demos/bio/intca.pem new file mode 100644 index 00000000000000..9f1cc025c85c5b --- /dev/null +++ b/deps/openssl/openssl/demos/bio/intca.pem @@ -0,0 +1,25 @@ +-----BEGIN CERTIFICATE----- +MIIEPzCCAqegAwIBAgIILsaQqJAjK4IwDQYJKoZIhvcNAQELBQAwaDELMAkGA1UE +BhMCVUsxFjAUBgNVBAoMDU9wZW5TU0wgR3JvdXAxIjAgBgNVBAsMGUZPUiBURVNU +SU5HIFBVUlBPU0VTIE9OTFkxHTAbBgNVBAMMFE9wZW5TU0wgVGVzdCBSb290IENB +MCAXDTE4MDYxNDEyNDYyOFoYDzIxMTgwNjE0MTI0NjI4WjBwMQswCQYDVQQGEwJV +SzEWMBQGA1UECgwNT3BlblNTTCBHcm91cDEiMCAGA1UECwwZRk9SIFRFU1RJTkcg +UFVSUE9TRVMgT05MWTElMCMGA1UEAwwcT3BlblNTTCBUZXN0IEludGVybWVkaWF0 +ZSBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANIpVng2wNFJp2kF +oJ6Yji25wy1YufnS8NxA82fk5OHdhGWj1CWqnQNotEqEQzcOUszQYrNxd8tEvoWk +Ik4JMBVoEcgBGedchftptTNulFWodWpi1yFaqA/Nz2BsVgcCJW4C+UWDT7VeHtGU +7tYKKr35lxp6io/a4jUDQXvO2nJA9YlrxOktunMqtoZSYqUz35ZXsdkn58o8Fbqm +dEpw6AqAr9aBgY5DSaGxbaX2lwNt9NvB+f9ucOqEnPP8AfTlPYc/ENwJ6u/H8RGw +d1im71mu2lHjcws3aHkbluH860U3vlKWx6Ff1qdQcH98e2HwElqxCK00xya8leu4 +u64nljkCAwEAAaNjMGEwHQYDVR0OBBYEFAoDRKVoOufDXW5Ui7L4ONxANVsFMB8G +A1UdIwQYMBaAFDZjTeLsQUG6KL9xuLhzXVdB4pkKMA8GA1UdEwEB/wQFMAMBAf8w +DgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4IBgQDZQJLA90ewVaS3E3du +gSjPkQ1xsHm8H1am+7zr5oZ81J+R8XYIZgMR+9ShVo38OradiYNqDLso+4iuVdxh +hzoSoQELoDXCficzWKnlAtWvwDDoczyK+/p94g3VKx14n2+GvQzoZ4kwQQgaFH1w +YI6w0oH9zwoklCxvihj8D069QrYyuTT8JGZ2m0FHqVJg6teuQKFahSgwYR2CUoIb +6PrpSUQeCVCH8TPkzlRT6UgtM3ERt7+TlQ+zZ80dSf4YTAsDv9Z/CJXiF/5wZr6/ +lWuFjWmX2HkpEW6Wiv5KF8QP6Ft7Z+RYua7RMtELCYvqYbWDBs7fXWGBkZ5xhB09 +jCxz+F7zOeRbyzacfFq9DhxCWCRbIrdgGGE/Of2ujJtmK/2p4M6E5IsKNAI2SJBW +iJXvIgQgR22ehPqy6er2Gog5LkWUwqB0kHZJJpbp1IW01IGTpD6YAJyVCEAlyMbo +Kto9+wQFLT3Auv/W5h6OwxkNdfAyZBYy0ZSFk4EE8OdWWY4= +-----END CERTIFICATE----- diff --git a/deps/openssl/openssl/demos/bio/root.pem b/deps/openssl/openssl/demos/bio/root.pem new file mode 100644 index 00000000000000..b1a1c211797735 --- /dev/null +++ b/deps/openssl/openssl/demos/bio/root.pem @@ -0,0 +1,28 @@ +-----BEGIN CERTIFICATE----- +MIIEwzCCAyugAwIBAgIUHKKc7fxVgQjWQ7IF6l7m/fHQHH8wDQYJKoZIhvcNAQEL +BQAwaDELMAkGA1UEBhMCVUsxFjAUBgNVBAoMDU9wZW5TU0wgR3JvdXAxIjAgBgNV +BAsMGUZPUiBURVNUSU5HIFBVUlBPU0VTIE9OTFkxHTAbBgNVBAMMFE9wZW5TU0wg +VGVzdCBSb290IENBMCAXDTE4MDYxNDEyNDYyOFoYDzIxMTgwNjE0MTI0NjI4WjBo +MQswCQYDVQQGEwJVSzEWMBQGA1UECgwNT3BlblNTTCBHcm91cDEiMCAGA1UECwwZ +Rk9SIFRFU1RJTkcgUFVSUE9TRVMgT05MWTEdMBsGA1UEAwwUT3BlblNTTCBUZXN0 +IFJvb3QgQ0EwggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQDaTVriXS5C +6C17OxGwWR4xxdLveLLkAb0+nSiYpzfCcEGX3qiBxHDA+Nj1kkihIJNkXmrKxa3w +1XIVoSUaVULuVxe3vqla+DScGC9MLVsfIwWe8UdGsKst4VvvtNvQUZ5CvLF4jv0V +nabvQhcjY5X7A/t8cZcjOHcaZ9fkThhG/7tJKwp4dLgPcXIimQ0UtP5gRBxnpEYd +l21mPjafqPt02lfOWTgnT5PeVoBDmN7QcrTlI7RzaeDglwFm10rNuYsRxrVsEfiG +Ejup/1eM/69zkV4Lb2RFbIpZ+oKqQ5AEemh6/IP9VwX08DOX3T1EqwthyB+yOZgp +BQ/MZ2M21E03sxlgPGKkRVTU520az84Tyft7T7sJ6BeGSMrdEZVUSJxsS/iFFwL2 +ubmhG6tq0ALIyoS+rUeHUeH2pVnEEcHIXAsLbCXfmsRpWU1fOHcpkTSzbMPhqMa3 +K8aKNHni0UtoD+ddOw0Zrx4uf3zlbPCzy2eQ2d8qb/TSynGxWmN8an8CAwEAAaNj +MGEwHQYDVR0OBBYEFDZjTeLsQUG6KL9xuLhzXVdB4pkKMB8GA1UdIwQYMBaAFDZj +TeLsQUG6KL9xuLhzXVdB4pkKMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQD +AgEGMA0GCSqGSIb3DQEBCwUAA4IBgQCFbQA4yoXhxVQm+tEMpfKf2VEzQVNw0Tzd +Vy+zbscQ04RM4Hx4YbICdX+J7M2fYByU+KawllZJI++mfS9sbnuPIouD5NJLX5EH +//5rySOqA0OkN/Y8f41xp/YF5j96NUCjg3RoerefRSHZfNWJE1faQEHuhwDZK6OQ +GNgt246FZ7ittfe537MHUWY7CjKt6kILN03rVKSgRwwOw5Tv+VyUVyUtRppWl57L +Z+41g0gZ/r7h6ACd+n35nuzgbmqUF2VNYQLo7RzaxPvtkzJ4t96r+5NAr1cx8thr +3rnJWSgpm1ZKdtHMj1jCLxarn8gNz2gB35Tn2NdzHQI0/aEEcfLWpU9mrmhUW+yy +WEN2R8BqGsC++HhlUKKJZgR48SHF5MOBl4KyZPylBuPYcJFQdnEbioBLPlvt5bbt ++o/w3sCR3ZVHMB0n9OcQwd6tdN7aDiept6lJPlOp4dfFjkku8J5nM0oY/Xsg194A +rRK0SBUCVN/2NSHFl9LKEqQiQIUjOQM= +-----END CERTIFICATE----- diff --git a/deps/openssl/openssl/demos/bio/saccept.c b/deps/openssl/openssl/demos/bio/saccept.c new file mode 100644 index 00000000000000..6da22ea4409108 --- /dev/null +++ b/deps/openssl/openssl/demos/bio/saccept.c @@ -0,0 +1,121 @@ +/* + * Copyright 1998-2017 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +/*- + * A minimal program to serve an SSL connection. + * It uses blocking. + * saccept host:port + * host is the interface IP to use. If any interface, use *:port + * The default it *:4433 + * + * cc -I../../include saccept.c -L../.. -lssl -lcrypto -ldl + */ + +#include +#include +#include +#include +#include + +#define CERT_FILE "server.pem" + +static volatile int done = 0; + +void interrupt(int sig) +{ + done = 1; +} + +void sigsetup(void) +{ + struct sigaction sa; + + /* + * Catch at most once, and don't restart the accept system call. + */ + sa.sa_flags = SA_RESETHAND; + sa.sa_handler = interrupt; + sigemptyset(&sa.sa_mask); + sigaction(SIGINT, &sa, NULL); +} + +int main(int argc, char *argv[]) +{ + char *port = NULL; + BIO *in = NULL; + BIO *ssl_bio, *tmp; + SSL_CTX *ctx; + char buf[512]; + int ret = EXIT_FAILURE, i; + + if (argc <= 1) + port = "*:4433"; + else + port = argv[1]; + + ctx = SSL_CTX_new(TLS_server_method()); + if (!SSL_CTX_use_certificate_chain_file(ctx, CERT_FILE)) + goto err; + if (!SSL_CTX_use_PrivateKey_file(ctx, CERT_FILE, SSL_FILETYPE_PEM)) + goto err; + if (!SSL_CTX_check_private_key(ctx)) + goto err; + + /* Setup server side SSL bio */ + ssl_bio = BIO_new_ssl(ctx, 0); + + if ((in = BIO_new_accept(port)) == NULL) + goto err; + + /* + * This means that when a new connection is accepted on 'in', The ssl_bio + * will be 'duplicated' and have the new socket BIO push into it. + * Basically it means the SSL BIO will be automatically setup + */ + BIO_set_accept_bios(in, ssl_bio); + + /* Arrange to leave server loop on interrupt */ + sigsetup(); + + again: + /* + * The first call will setup the accept socket, and the second will get a + * socket. In this loop, the first actual accept will occur in the + * BIO_read() function. + */ + + if (BIO_do_accept(in) <= 0) + goto err; + + while (!done) { + i = BIO_read(in, buf, 512); + if (i == 0) { + /* + * If we have finished, remove the underlying BIO stack so the + * next time we call any function for this BIO, it will attempt + * to do an accept + */ + printf("Done\n"); + tmp = BIO_pop(in); + BIO_free_all(tmp); + goto again; + } + if (i < 0) + goto err; + fwrite(buf, 1, i, stdout); + fflush(stdout); + } + + ret = EXIT_SUCCESS; + err: + if (ret != EXIT_SUCCESS) + ERR_print_errors_fp(stderr); + BIO_free(in); + return ret; +} diff --git a/deps/openssl/openssl/demos/bio/sconnect.c b/deps/openssl/openssl/demos/bio/sconnect.c new file mode 100644 index 00000000000000..18f7007ce70872 --- /dev/null +++ b/deps/openssl/openssl/demos/bio/sconnect.c @@ -0,0 +1,128 @@ +/* + * Copyright 1998-2020 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +/*- + * A minimal program to do SSL to a passed host and port. + * It is actually using non-blocking IO but in a very simple manner + * sconnect host:port - it does a 'GET / HTTP/1.0' + * + * cc -I../../include sconnect.c -L../.. -lssl -lcrypto + */ +#include +#include +#include +#include +#include +#include +#include + +#define HOSTPORT "localhost:4433" +#define CAFILE "root.pem" + +int main(int argc, char *argv[]) +{ + const char *hostport = HOSTPORT; + const char *CAfile = CAFILE; + const char *hostname; + char *cp; + BIO *out = NULL; + char buf[1024 * 10], *p; + SSL_CTX *ssl_ctx = NULL; + SSL *ssl; + BIO *ssl_bio; + int i, len, off, ret = EXIT_FAILURE; + + if (argc > 1) + hostport = argv[1]; + if (argc > 2) + CAfile = argv[2]; + +#ifdef WATT32 + dbug_init(); + sock_init(); +#endif + + ssl_ctx = SSL_CTX_new(TLS_client_method()); + + /* Enable trust chain verification */ + SSL_CTX_set_verify(ssl_ctx, SSL_VERIFY_PEER, NULL); + SSL_CTX_load_verify_locations(ssl_ctx, CAfile, NULL); + + /* Lets make a SSL structure */ + ssl = SSL_new(ssl_ctx); + SSL_set_connect_state(ssl); + + + /* Use it inside an SSL BIO */ + ssl_bio = BIO_new(BIO_f_ssl()); + BIO_set_ssl(ssl_bio, ssl, BIO_CLOSE); + + /* Lets use a connect BIO under the SSL BIO */ + out = BIO_new(BIO_s_connect()); + BIO_set_conn_hostname(out, hostport); + + /* The BIO has parsed the host:port and even IPv6 literals in [] */ + hostname = BIO_get_conn_hostname(out); + if (!hostname || SSL_set1_host(ssl, hostname) <= 0) + goto err; + + BIO_set_nbio(out, 1); + out = BIO_push(ssl_bio, out); + + p = "GET / HTTP/1.0\r\n\r\n"; + len = strlen(p); + + off = 0; + for (;;) { + i = BIO_write(out, &(p[off]), len); + if (i <= 0) { + if (BIO_should_retry(out)) { + fprintf(stderr, "write DELAY\n"); + sleep(1); + continue; + } else { + goto err; + } + } + off += i; + len -= i; + if (len <= 0) + break; + } + + for (;;) { + i = BIO_read(out, buf, sizeof(buf)); + if (i == 0) + break; + if (i < 0) { + if (BIO_should_retry(out)) { + fprintf(stderr, "read DELAY\n"); + sleep(1); + continue; + } + goto err; + } + fwrite(buf, 1, i, stdout); + } + + ret = EXIT_SUCCESS; + goto done; + + err: + if (ERR_peek_error() == 0) { /* system call error */ + fprintf(stderr, "errno=%d ", errno); + perror("error"); + } else { + ERR_print_errors_fp(stderr); + } + done: + BIO_free_all(out); + SSL_CTX_free(ssl_ctx); + return ret; +} diff --git a/deps/openssl/openssl/demos/bio/server-arg.c b/deps/openssl/openssl/demos/bio/server-arg.c new file mode 100644 index 00000000000000..60a87725a9deeb --- /dev/null +++ b/deps/openssl/openssl/demos/bio/server-arg.c @@ -0,0 +1,144 @@ +/* + * Copyright 2013-2017 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +/* + * A minimal program to serve an SSL connection. It uses blocking. It use the + * SSL_CONF API with the command line. cc -I../../include server-arg.c + * -L../.. -lssl -lcrypto -ldl + */ + +#include +#include +#include +#include +#include +#include + +int main(int argc, char *argv[]) +{ + char *port = "*:4433"; + BIO *ssl_bio, *tmp; + SSL_CTX *ctx; + SSL_CONF_CTX *cctx; + char buf[512]; + BIO *in = NULL; + int ret = EXIT_FAILURE, i; + char **args = argv + 1; + int nargs = argc - 1; + + ctx = SSL_CTX_new(TLS_server_method()); + + cctx = SSL_CONF_CTX_new(); + SSL_CONF_CTX_set_flags(cctx, SSL_CONF_FLAG_SERVER); + SSL_CONF_CTX_set_flags(cctx, SSL_CONF_FLAG_CERTIFICATE); + SSL_CONF_CTX_set_ssl_ctx(cctx, ctx); + while (*args && **args == '-') { + int rv; + /* Parse standard arguments */ + rv = SSL_CONF_cmd_argv(cctx, &nargs, &args); + if (rv == -3) { + fprintf(stderr, "Missing argument for %s\n", *args); + goto err; + } + if (rv < 0) { + fprintf(stderr, "Error in command %s\n", *args); + ERR_print_errors_fp(stderr); + goto err; + } + /* If rv > 0 we processed something so proceed to next arg */ + if (rv > 0) + continue; + /* Otherwise application specific argument processing */ + if (strcmp(*args, "-port") == 0) { + port = args[1]; + if (port == NULL) { + fprintf(stderr, "Missing -port argument\n"); + goto err; + } + args += 2; + nargs -= 2; + continue; + } else { + fprintf(stderr, "Unknown argument %s\n", *args); + goto err; + } + } + + if (!SSL_CONF_CTX_finish(cctx)) { + fprintf(stderr, "Finish error\n"); + ERR_print_errors_fp(stderr); + goto err; + } +#ifdef ITERATE_CERTS + /* + * Demo of how to iterate over all certificates in an SSL_CTX structure. + */ + { + X509 *x; + int rv; + rv = SSL_CTX_set_current_cert(ctx, SSL_CERT_SET_FIRST); + while (rv) { + X509 *x = SSL_CTX_get0_certificate(ctx); + X509_NAME_print_ex_fp(stdout, X509_get_subject_name(x), 0, + XN_FLAG_ONELINE); + printf("\n"); + rv = SSL_CTX_set_current_cert(ctx, SSL_CERT_SET_NEXT); + } + fflush(stdout); + } +#endif + /* Setup server side SSL bio */ + ssl_bio = BIO_new_ssl(ctx, 0); + + if ((in = BIO_new_accept(port)) == NULL) + goto err; + + /* + * This means that when a new connection is accepted on 'in', The ssl_bio + * will be 'duplicated' and have the new socket BIO push into it. + * Basically it means the SSL BIO will be automatically setup + */ + BIO_set_accept_bios(in, ssl_bio); + + again: + /* + * The first call will setup the accept socket, and the second will get a + * socket. In this loop, the first actual accept will occur in the + * BIO_read() function. + */ + + if (BIO_do_accept(in) <= 0) + goto err; + + for (;;) { + i = BIO_read(in, buf, 512); + if (i == 0) { + /* + * If we have finished, remove the underlying BIO stack so the + * next time we call any function for this BIO, it will attempt + * to do an accept + */ + printf("Done\n"); + tmp = BIO_pop(in); + BIO_free_all(tmp); + goto again; + } + if (i < 0) + goto err; + fwrite(buf, 1, i, stdout); + fflush(stdout); + } + + ret = EXIT_SUCCESS; + err: + if (ret != EXIT_SUCCESS) + ERR_print_errors_fp(stderr); + BIO_free(in); + return ret; +} diff --git a/deps/openssl/openssl/demos/bio/server-cmod.c b/deps/openssl/openssl/demos/bio/server-cmod.c new file mode 100644 index 00000000000000..3642fbacf6cefe --- /dev/null +++ b/deps/openssl/openssl/demos/bio/server-cmod.c @@ -0,0 +1,94 @@ +/* + * Copyright 2015-2017 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +/* + * A minimal TLS server it ses SSL_CTX_config and a configuration file to + * set most server parameters. + */ + +#include +#include +#include +#include +#include +#include + +int main(int argc, char *argv[]) +{ + unsigned char buf[512]; + char *port = "*:4433"; + BIO *in = NULL; + BIO *ssl_bio, *tmp; + SSL_CTX *ctx; + int ret = EXIT_FAILURE, i; + + ctx = SSL_CTX_new(TLS_server_method()); + + if (CONF_modules_load_file("cmod.cnf", "testapp", 0) <= 0) { + fprintf(stderr, "Error processing config file\n"); + goto err; + } + + if (SSL_CTX_config(ctx, "server") == 0) { + fprintf(stderr, "Error configuring server.\n"); + goto err; + } + + /* Setup server side SSL bio */ + ssl_bio = BIO_new_ssl(ctx, 0); + + if ((in = BIO_new_accept(port)) == NULL) + goto err; + + /* + * This means that when a new connection is accepted on 'in', The ssl_bio + * will be 'duplicated' and have the new socket BIO push into it. + * Basically it means the SSL BIO will be automatically setup + */ + BIO_set_accept_bios(in, ssl_bio); + + again: + /* + * The first call will setup the accept socket, and the second will get a + * socket. In this loop, the first actual accept will occur in the + * BIO_read() function. + */ + + if (BIO_do_accept(in) <= 0) + goto err; + + for (;;) { + i = BIO_read(in, buf, sizeof(buf)); + if (i == 0) { + /* + * If we have finished, remove the underlying BIO stack so the + * next time we call any function for this BIO, it will attempt + * to do an accept + */ + printf("Done\n"); + tmp = BIO_pop(in); + BIO_free_all(tmp); + goto again; + } + if (i < 0) { + if (BIO_should_retry(in)) + continue; + goto err; + } + fwrite(buf, 1, i, stdout); + fflush(stdout); + } + + ret = EXIT_SUCCESS; + err: + if (ret != EXIT_SUCCESS) + ERR_print_errors_fp(stderr); + BIO_free(in); + return ret; +} diff --git a/deps/openssl/openssl/demos/bio/server-conf.c b/deps/openssl/openssl/demos/bio/server-conf.c new file mode 100644 index 00000000000000..5e07a15e7bc70b --- /dev/null +++ b/deps/openssl/openssl/demos/bio/server-conf.c @@ -0,0 +1,139 @@ +/* + * Copyright 2013-2017 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +/* + * A minimal program to serve an SSL connection. It uses blocking. It uses + * the SSL_CONF API with a configuration file. cc -I../../include saccept.c + * -L../.. -lssl -lcrypto -ldl + */ + +#include +#include +#include +#include +#include +#include +#include + +int main(int argc, char *argv[]) +{ + char *port = "*:4433"; + BIO *in = NULL; + BIO *ssl_bio, *tmp; + SSL_CTX *ctx; + SSL_CONF_CTX *cctx = NULL; + CONF *conf = NULL; + STACK_OF(CONF_VALUE) *sect = NULL; + CONF_VALUE *cnf; + long errline = -1; + char buf[512]; + int ret = EXIT_FAILURE, i; + + ctx = SSL_CTX_new(TLS_server_method()); + + conf = NCONF_new(NULL); + + if (NCONF_load(conf, "accept.cnf", &errline) <= 0) { + if (errline <= 0) + fprintf(stderr, "Error processing config file\n"); + else + fprintf(stderr, "Error on line %ld\n", errline); + goto err; + } + + sect = NCONF_get_section(conf, "default"); + + if (sect == NULL) { + fprintf(stderr, "Error retrieving default section\n"); + goto err; + } + + cctx = SSL_CONF_CTX_new(); + SSL_CONF_CTX_set_flags(cctx, SSL_CONF_FLAG_SERVER); + SSL_CONF_CTX_set_flags(cctx, SSL_CONF_FLAG_CERTIFICATE); + SSL_CONF_CTX_set_flags(cctx, SSL_CONF_FLAG_FILE); + SSL_CONF_CTX_set_ssl_ctx(cctx, ctx); + for (i = 0; i < sk_CONF_VALUE_num(sect); i++) { + int rv; + cnf = sk_CONF_VALUE_value(sect, i); + rv = SSL_CONF_cmd(cctx, cnf->name, cnf->value); + if (rv > 0) + continue; + if (rv != -2) { + fprintf(stderr, "Error processing %s = %s\n", + cnf->name, cnf->value); + ERR_print_errors_fp(stderr); + goto err; + } + if (strcmp(cnf->name, "Port") == 0) { + port = cnf->value; + } else { + fprintf(stderr, "Unknown configuration option %s\n", cnf->name); + goto err; + } + } + + if (!SSL_CONF_CTX_finish(cctx)) { + fprintf(stderr, "Finish error\n"); + ERR_print_errors_fp(stderr); + goto err; + } + + /* Setup server side SSL bio */ + ssl_bio = BIO_new_ssl(ctx, 0); + + if ((in = BIO_new_accept(port)) == NULL) + goto err; + + /* + * This means that when a new connection is accepted on 'in', The ssl_bio + * will be 'duplicated' and have the new socket BIO push into it. + * Basically it means the SSL BIO will be automatically setup + */ + BIO_set_accept_bios(in, ssl_bio); + + again: + /* + * The first call will setup the accept socket, and the second will get a + * socket. In this loop, the first actual accept will occur in the + * BIO_read() function. + */ + + if (BIO_do_accept(in) <= 0) + goto err; + + for (;;) { + i = BIO_read(in, buf, 512); + if (i == 0) { + /* + * If we have finished, remove the underlying BIO stack so the + * next time we call any function for this BIO, it will attempt + * to do an accept + */ + printf("Done\n"); + tmp = BIO_pop(in); + BIO_free_all(tmp); + goto again; + } + if (i < 0) { + if (BIO_should_retry(in)) + continue; + goto err; + } + fwrite(buf, 1, i, stdout); + fflush(stdout); + } + + ret = EXIT_SUCCESS; + err: + if (ret != EXIT_SUCCESS) + ERR_print_errors_fp(stderr); + BIO_free(in); + return ret; +} diff --git a/deps/openssl/openssl/demos/bio/server-ec.pem b/deps/openssl/openssl/demos/bio/server-ec.pem new file mode 100644 index 00000000000000..ce8dccc9c2f843 --- /dev/null +++ b/deps/openssl/openssl/demos/bio/server-ec.pem @@ -0,0 +1,17 @@ +-----BEGIN PRIVATE KEY----- +MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgsoKOpzTm/+VR5xOk +kgwtljzMFYtX4NGdqCkxjitXvLmhRANCAASsxTC21z8mDYAX/RgLK5XGJNmPlHcY +VMql6fSeS+9fTZnn1Ma12932/UBfFTITOuHviJYkQ5KxVSitmgMwnF3V +-----END PRIVATE KEY----- +-----BEGIN CERTIFICATE----- +MIIBvjCCAWSgAwIBAgIURVOfyUojPPQMfDEVhKY4DIdeLY0wCgYIKoZIzj0EAwIw +NTEfMB0GA1UECwwWVGVzdCBFQ0RTQSBDZXJ0aWZpY2F0ZTESMBAGA1UEAwwJbG9j +YWxob3N0MCAXDTE4MDYxNDEyNDYyOFoYDzIxMTgwNjE0MTI0NjI4WjA1MR8wHQYD +VQQLDBZUZXN0IEVDRFNBIENlcnRpZmljYXRlMRIwEAYDVQQDDAlsb2NhbGhvc3Qw +WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASsxTC21z8mDYAX/RgLK5XGJNmPlHcY +VMql6fSeS+9fTZnn1Ma12932/UBfFTITOuHviJYkQ5KxVSitmgMwnF3Vo1AwTjAd +BgNVHQ4EFgQUA0dWehTLHzBYhzfXiTIVUOXDusMwHwYDVR0jBBgwFoAUA0dWehTL +HzBYhzfXiTIVUOXDusMwDAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNIADBFAiEA +8/l8RyihzqlEnLjcyIEaXTZm4HyNgZRQKhNACCW3jd4CIEbMJAf/D0eY38EeP2xY +/BDy/BYXYmyDQeqiE+RDjG5X +-----END CERTIFICATE----- diff --git a/deps/openssl/openssl/demos/bio/server.pem b/deps/openssl/openssl/demos/bio/server.pem new file mode 100644 index 00000000000000..d4bc3937d01885 --- /dev/null +++ b/deps/openssl/openssl/demos/bio/server.pem @@ -0,0 +1,79 @@ +subject= C = UK, O = OpenSSL Group, OU = FOR TESTING PURPOSES ONLY, CN = Test Server Cert +issuer= C = UK, O = OpenSSL Group, OU = FOR TESTING PURPOSES ONLY, CN = OpenSSL Test Intermediate CA +-----BEGIN CERTIFICATE----- +MIID0DCCArigAwIBAgIIcsOElVeHzfYwDQYJKoZIhvcNAQELBQAwcDELMAkGA1UE +BhMCVUsxFjAUBgNVBAoMDU9wZW5TU0wgR3JvdXAxIjAgBgNVBAsMGUZPUiBURVNU +SU5HIFBVUlBPU0VTIE9OTFkxJTAjBgNVBAMMHE9wZW5TU0wgVGVzdCBJbnRlcm1l +ZGlhdGUgQ0EwIBcNMTgwNjE0MTI0NjI4WhgPMjExODA2MTQxMjQ2MjhaMGQxCzAJ +BgNVBAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMSIwIAYDVQQLDBlGT1Ig +VEVTVElORyBQVVJQT1NFUyBPTkxZMRkwFwYDVQQDDBBUZXN0IFNlcnZlciBDZXJ0 +MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0jIZ8IZ4dIzBc+ZfdmG5 +n8G3JzRX99QvIqv52s4hFVfdzoa+AciKJpo9zkegWPmfsAVNa4uVceg/ZQt6qJsu +G/pxbQSZVnyjDQGtt7rgaDEbyUP0XJCnzyRdWSUjFS8yNZn4NkmZU01GlHtXdzWy +dEa5PaiTIwW0HI+bjjOEhwJ1hFuFqzlKHVKHA6DBzNcl6ly0E/q2kyslbR+0hq7p +NMqKvvuAxqgc//W8KvLDlKAt9D3t5zgh2+BrMPemrzjEaM97yHTogJo7+SKVDdUw +YQ7Br3xfyki9u2bUYib1BMSvLezxNP0qf/iU91z4xyLmMvOXE6W0D1WHwya1CfE7 +vwIDAQABo3gwdjAdBgNVHQ4EFgQU3ulCbvgfxej6rHnddMpBidwnLIIwHwYDVR0j +BBgwFoAUCgNEpWg658NdblSLsvg43EA1WwUwCQYDVR0TBAIwADATBgNVHSUEDDAK +BggrBgEFBQcDATAUBgNVHREEDTALgglsb2NhbGhvc3QwDQYJKoZIhvcNAQELBQAD +ggEBAENMzaqJtmWED++W4KXFVwNBkQ87errBXe4jVeYKpjNb0JGMm60MS5ty54fb +r27SsR2EEk3EK2rcd85RR7TEKZCn9SvPykVtVf0tru7nOptQJgSbRvxIzyyq1UcE +K+BXDgN/I0f1X6qbk4Stb6uJF7yyAUabacjwKqgVifOOeKF9WJhVA8qJKoVq7HLN +k+uvm0geO1I4LKeULXVnQy8kwB6twcxN8iPyO45ZxbYIVeEKaYtbj/XPoq6KsLIb +5fj+mK1r/LkWk352ksNhf73r3alF8TBcSLqnbMoy1/ZvzlI4ksp9IGWtIU+CzP/f +VUjh00NOwDLd5jJbPoWW0oNp9m4= +-----END CERTIFICATE----- +subject= C = UK, O = OpenSSL Group, OU = FOR TESTING PURPOSES ONLY, CN = OpenSSL Test Intermediate CA +issuer= C = UK, O = OpenSSL Group, OU = FOR TESTING PURPOSES ONLY, CN = OpenSSL Test Root CA +-----BEGIN CERTIFICATE----- +MIIEPzCCAqegAwIBAgIILsaQqJAjK4IwDQYJKoZIhvcNAQELBQAwaDELMAkGA1UE +BhMCVUsxFjAUBgNVBAoMDU9wZW5TU0wgR3JvdXAxIjAgBgNVBAsMGUZPUiBURVNU +SU5HIFBVUlBPU0VTIE9OTFkxHTAbBgNVBAMMFE9wZW5TU0wgVGVzdCBSb290IENB +MCAXDTE4MDYxNDEyNDYyOFoYDzIxMTgwNjE0MTI0NjI4WjBwMQswCQYDVQQGEwJV +SzEWMBQGA1UECgwNT3BlblNTTCBHcm91cDEiMCAGA1UECwwZRk9SIFRFU1RJTkcg +UFVSUE9TRVMgT05MWTElMCMGA1UEAwwcT3BlblNTTCBUZXN0IEludGVybWVkaWF0 +ZSBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANIpVng2wNFJp2kF +oJ6Yji25wy1YufnS8NxA82fk5OHdhGWj1CWqnQNotEqEQzcOUszQYrNxd8tEvoWk +Ik4JMBVoEcgBGedchftptTNulFWodWpi1yFaqA/Nz2BsVgcCJW4C+UWDT7VeHtGU +7tYKKr35lxp6io/a4jUDQXvO2nJA9YlrxOktunMqtoZSYqUz35ZXsdkn58o8Fbqm +dEpw6AqAr9aBgY5DSaGxbaX2lwNt9NvB+f9ucOqEnPP8AfTlPYc/ENwJ6u/H8RGw +d1im71mu2lHjcws3aHkbluH860U3vlKWx6Ff1qdQcH98e2HwElqxCK00xya8leu4 +u64nljkCAwEAAaNjMGEwHQYDVR0OBBYEFAoDRKVoOufDXW5Ui7L4ONxANVsFMB8G +A1UdIwQYMBaAFDZjTeLsQUG6KL9xuLhzXVdB4pkKMA8GA1UdEwEB/wQFMAMBAf8w +DgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4IBgQDZQJLA90ewVaS3E3du +gSjPkQ1xsHm8H1am+7zr5oZ81J+R8XYIZgMR+9ShVo38OradiYNqDLso+4iuVdxh +hzoSoQELoDXCficzWKnlAtWvwDDoczyK+/p94g3VKx14n2+GvQzoZ4kwQQgaFH1w +YI6w0oH9zwoklCxvihj8D069QrYyuTT8JGZ2m0FHqVJg6teuQKFahSgwYR2CUoIb +6PrpSUQeCVCH8TPkzlRT6UgtM3ERt7+TlQ+zZ80dSf4YTAsDv9Z/CJXiF/5wZr6/ +lWuFjWmX2HkpEW6Wiv5KF8QP6Ft7Z+RYua7RMtELCYvqYbWDBs7fXWGBkZ5xhB09 +jCxz+F7zOeRbyzacfFq9DhxCWCRbIrdgGGE/Of2ujJtmK/2p4M6E5IsKNAI2SJBW +iJXvIgQgR22ehPqy6er2Gog5LkWUwqB0kHZJJpbp1IW01IGTpD6YAJyVCEAlyMbo +Kto9+wQFLT3Auv/W5h6OwxkNdfAyZBYy0ZSFk4EE8OdWWY4= +-----END CERTIFICATE----- +-----BEGIN RSA PRIVATE KEY----- +MIIEpQIBAAKCAQEA0jIZ8IZ4dIzBc+ZfdmG5n8G3JzRX99QvIqv52s4hFVfdzoa+ +AciKJpo9zkegWPmfsAVNa4uVceg/ZQt6qJsuG/pxbQSZVnyjDQGtt7rgaDEbyUP0 +XJCnzyRdWSUjFS8yNZn4NkmZU01GlHtXdzWydEa5PaiTIwW0HI+bjjOEhwJ1hFuF +qzlKHVKHA6DBzNcl6ly0E/q2kyslbR+0hq7pNMqKvvuAxqgc//W8KvLDlKAt9D3t +5zgh2+BrMPemrzjEaM97yHTogJo7+SKVDdUwYQ7Br3xfyki9u2bUYib1BMSvLezx +NP0qf/iU91z4xyLmMvOXE6W0D1WHwya1CfE7vwIDAQABAoIBAQC2HAo1RYvfDoQc +sh9LJWf5bZANO2Brqz4bP/x9AdHP+AyH/l1oliJ7R2785TmbXMppam6lGo4j3h/u +n39pzOip/NWAqldfgySRBD9Jy3LZUpLMUT/JYtrAsLTfozk+BWHu5rMR9boNXgok +Yqho8/DkpNGhBghUc4CUricLkL7laD3ziAHpx8yALL3tnLGOpgT9hNrA8Dm3yfUS +JEfiG12ILXvq1IP+vUNuaLpTLJZuqUmLpK8v+CBYgKxfd+TDnEjul4PqhhIIFK3A +xEZYQR2D/AXUwng9hP9uCbVm5lOY6vRbi9Fpbt+KRv+m25s1AnuhJFBOsL30h/Tb +iCKWm/nhAoGBAO0bFqMvZHjaT2KiwOwG/Ze9NsjynFPVltiuCqNj8HE5wM6imC5J +SdB+jMkgN6ERXALWrtr8Uf2pqzfeMsi6pekOOVTWLe/8c4bAZRxaCZn/BlZRysZI +vB9Gb7m7Oymw5iDSqrYywgOiUu+oIiCrmPOealhmn7zmHzHaETvdL9zDAoGBAOLy +DVT1csoexnuHVIWqnp7FK7lv6eOGZSdXpfJ3XYjmKJLK2hpVZe+J/mFOL1wsKSt4 +0k/V0dnkHR7V4Pa4ECiCthkWMWrBVIHe7+ZnZ0ocKQSC+EEecavOiZ57S/qnUlT6 +NtQP4cSy4DHzzFZdTZnn+2oymapPZpb2mvSN/GVVAoGADrIlHwwq8Aqn7Pclefuc +8DC8GoxfABs29EslQadKGdp4htYxFH1aY9/UHgsvJ36J82sW/1+wPUas5BOTljlr +WxyUlRuJUVyWVH3MRouWGMNjwynipZOQhWe6OQrPye+688Ha7twKhmsjNNN4+glo +u4DQGpaRxAWHXXGkq88zzj0CgYEAsICEceD7R8srnwMfb13FQ8IhQXWSuAvcO/7k +53CCZGhsgc4WVoi4YNY360G9f7gwxMiQ+NpY/Vd2dnbtIbUBjCAss9IY2OhHa0IR +3mXpZTAFjqa1oR+mVHKrgYBvFSBw3fpEDiXT9wEPcIomD709D0fmty9nZ5edOCfP +WAfdlokCgYEAqXuMuAg3NMMgEv+eBfsf43v3hRwBqPYanE26wcO3GoT/S8BpB6wy +vBoPZOlO5ZfsD2jaTec60GLay+MofxC7qNXIjzHOw50ry4bqHqqoQbn2cONE1k+0 +ov7H2keTcG9FEGgL7dRUq3pRUo/W12WmRuDN17IEgkzAeisJnoiPtaQ= +-----END RSA PRIVATE KEY----- diff --git a/deps/openssl/openssl/demos/bio/shared.opt b/deps/openssl/openssl/demos/bio/shared.opt new file mode 100644 index 00000000000000..4141b93a539858 --- /dev/null +++ b/deps/openssl/openssl/demos/bio/shared.opt @@ -0,0 +1,2 @@ +OSSL$LIBSSL_SHR/SHARE +OSSL$LIBCRYPTO_SHR/SHARE diff --git a/deps/openssl/openssl/demos/bio/static.opt b/deps/openssl/openssl/demos/bio/static.opt new file mode 100644 index 00000000000000..9ca1588f77e165 --- /dev/null +++ b/deps/openssl/openssl/demos/bio/static.opt @@ -0,0 +1,2 @@ +OSSL$LIBSSL/LIB +OSSL$LIBCRYPTO/LIB diff --git a/deps/openssl/openssl/demos/certs/README.txt b/deps/openssl/openssl/demos/certs/README.txt new file mode 100644 index 00000000000000..88cf56b1f8d067 --- /dev/null +++ b/deps/openssl/openssl/demos/certs/README.txt @@ -0,0 +1,18 @@ +There is often a need to generate test certificates automatically using +a script. This is often a cause for confusion which can result in incorrect +CA certificates, obsolete V1 certificates or duplicate serial numbers. +The range of command line options can be daunting for a beginner. + +The mkcerts.sh script is an example of how to generate certificates +automatically using scripts. Example creates a root CA, an intermediate CA +signed by the root and several certificates signed by the intermediate CA. + +The script then creates an empty index.txt file and adds entries for the +certificates and generates a CRL. Then one certificate is revoked and a +second CRL generated. + +The script ocsprun.sh runs the test responder on port 8888 covering the +client certificates. + +The script ocspquery.sh queries the status of the certificates using the +test responder. diff --git a/deps/openssl/openssl/demos/certs/apps/apps.cnf b/deps/openssl/openssl/demos/certs/apps/apps.cnf new file mode 100644 index 00000000000000..72ed70de7582dd --- /dev/null +++ b/deps/openssl/openssl/demos/certs/apps/apps.cnf @@ -0,0 +1,66 @@ +# +# OpenSSL configuration file to create apps directory certificates +# + +# This definition stops the following lines choking if HOME or CN +# is undefined. +HOME = . +CN = "Not Defined" + +# Comment out the next line to ignore configuration errors +config_diagnostics = 1 + + +#################################################################### +[ req ] +default_bits = 2048 +default_keyfile = privkey.pem +# Don't prompt for fields: use those in section directly +prompt = no +distinguished_name = req_distinguished_name +x509_extensions = v3_ca # The extensions to add to the self signed cert +string_mask = utf8only + +# req_extensions = v3_req # The extensions to add to a certificate request + +[ req_distinguished_name ] +countryName = UK + +organizationName = OpenSSL Group +organizationalUnitName = FOR TESTING PURPOSES ONLY +# Take CN from environment so it can come from a script. +commonName = $ENV::CN + +[ usr_cert ] + +# These extensions are added when 'ca' signs a request for an end entity +# certificate + +basicConstraints=critical, CA:FALSE +keyUsage=critical, nonRepudiation, digitalSignature, keyEncipherment + +[ ec_cert ] + +# These extensions are added when 'ca' signs a request for an end entity +# certificate + +basicConstraints=critical, CA:FALSE +keyUsage=critical, nonRepudiation, digitalSignature, keyAgreement + +# PKIX recommendations harmless if included in all certificates. +subjectKeyIdentifier=hash +authorityKeyIdentifier=keyid + +[ v3_ca ] + + +# Extensions for a typical CA + +# PKIX recommendation. + +subjectKeyIdentifier=hash +authorityKeyIdentifier=keyid:always +basicConstraints = critical,CA:true +keyUsage = critical, cRLSign, keyCertSign + + diff --git a/deps/openssl/openssl/demos/certs/apps/ckey.pem b/deps/openssl/openssl/demos/certs/apps/ckey.pem new file mode 100644 index 00000000000000..8e9054d2980dfa --- /dev/null +++ b/deps/openssl/openssl/demos/certs/apps/ckey.pem @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpQIBAAKCAQEAtK2p2x0S3C1ajftAc3GaWPsji6scw1k9Sw/XltbLQuDc11/f +wwrUiFcje2CB3Ri6yD6+uCA3V12jEc4GdqzirJZhwgIhaTv42vfYBgiUcR9McEGr +agFC3yVR3lIbOzhBjmXNp1on46irxnzU4pT+w58IuvYqUBavaEtfRZocFR5NsIOy +mRhyNag8htOFK3wmTEYrb0vflFYT6SD47ogYtsd/xWSKS+YFyb7xSusR2Ot6Ktmr +MswQE57QYJz+KiRVlnL0cduMBdT52Wm8blaC9mz50PyrzjQ68NyHapCoWDU7pe4x +HLtzpXGSDMPuw4miiSwMym/2wReYJv6cFugLPQIDAQABAoIBAAZOyc9MhIwLSU4L +p4RgQvM4UVVe8/Id+3XTZ8NsXExJbWxXfIhiqGjaIfL8u4vsgRjcl+v1s/jo2/iT +KMab4o4D8gXD7UavQVDjtjb/ta79WL3SjRl2Uc9YjjMkyq6WmDNQeo2NKDdafCTB +1uzSJtLNipB8Z53ELPuHJhxX9QMHrMnuha49riQgXZ7buP9iQrHJFhImBjSzbxJx +L+TI6rkyLSf9Wi0Pd3L27Ob3QWNfNRYNSeTE+08eSRChkur5W0RuXAcuAICdQlCl +LBvWO/LmmvbzCqiDcgy/TliSb6CGGwgiNG7LJZmlkYNj8laGwalNlYZs3UrVv6NO +Br2loAECgYEA2kvCvPGj0Dg/6g7WhXDvAkEbcaL1tSeCxBbNH+6HS2UWMWvyTtCn +/bbD519QIdkvayy1QjEf32GV/UjUVmlULMLBcDy0DGjtL3+XpIhLKWDNxN1v1/ai +1oz23ZJCOgnk6K4qtFtlRS1XtynjA+rBetvYvLP9SKeFrnpzCgaA2r0CgYEA0+KX +1ACXDTNH5ySX3kMjSS9xdINf+OOw4CvPHFwbtc9aqk2HePlEsBTz5I/W3rKwXva3 +NqZ/bRqVVeZB/hHKFywgdUQk2Uc5z/S7Lw70/w1HubNTXGU06Ngb6zOFAo/o/TwZ +zTP1BMIKSOB6PAZPS3l+aLO4FRIRotfFhgRHOoECgYEAmiZbqt8cJaJDB/5YYDzC +mp3tSk6gIb936Q6M5VqkMYp9pIKsxhk0N8aDCnTU+kIK6SzWBpr3/d9Ecmqmfyq7 +5SvWO3KyVf0WWK9KH0abhOm2BKm2HBQvI0DB5u8sUx2/hsvOnjPYDISbZ11t0MtK +u35Zy89yMYcSsIYJjG/ROCUCgYEAgI2P9G5PNxEP5OtMwOsW84Y3Xat/hPAQFlI+ +HES+AzbFGWJkeT8zL2nm95tVkFP1sggZ7Kxjz3w7cpx7GX0NkbWSE9O+T51pNASV +tN1sQ3p5M+/a+cnlqgfEGJVvc7iAcXQPa3LEi5h2yPR49QYXAgG6cifn3dDSpmwn +SUI7PQECgYEApGCIIpSRPLAEHTGmP87RBL1smurhwmy2s/pghkvUkWehtxg0sGHh +kuaqDWcskogv+QC0sVdytiLSz8G0DwcEcsHK1Fkyb8A+ayiw6jWJDo2m9+IF4Fww +1Te6jFPYDESnbhq7+TLGgHGhtwcu5cnb4vSuYXGXKupZGzoLOBbv1Zw= +-----END RSA PRIVATE KEY----- diff --git a/deps/openssl/openssl/demos/certs/apps/intkey.pem b/deps/openssl/openssl/demos/certs/apps/intkey.pem new file mode 100644 index 00000000000000..d586cb7c6083bb --- /dev/null +++ b/deps/openssl/openssl/demos/certs/apps/intkey.pem @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEowIBAAKCAQEAsErw75CmLYD6pkrGW/YhAl/K8L5wJYxDjqu2FghxjD8K308W +3EHq4uBxEwR1OHXaM1+6ZZw7/r2I37VLIdurBEAIEUdbzx0so74FPawgz5EW2CTq +oJnK8F71/vo5Kj1VPwW46CxwxUR3cfvJGNXND2ip0TcyTSPLROXOyQakcVfIGJmd +Sa1wHKi+c2gMA4emADudZUOYLrg80gr2ldePm07ynbVsKKzCcStw8MdmoW9Qt3fL +nPJn2TFUUBNWj+4kvL+88edWCVQXKNdsysD/CDrH4W/hjyPDStVsM6XpiNU0+L2Z +Y6fcj3OP8d0goOx45xotMn9m8hNkCGsrVXx9IwIDAQABAoIBACg3wIV2o2KIJSZg +sqXyHY+0GNEZMO5v9E2NAMo//N941lshaN6wrww5FbK39qH9yNylfxmFLe6sgJhA +fLZprbcXgH+onto+Fpv4UqvCI+4WdHa03U3sJ+70SvxzSy1Gtrbc8FUPJl7qgrFf +Nn5S8CgOwYb4J6KPguTh5G3Z9RPiCKObwOwEM34hrZUlgPS88wmzu9H6L2GM8A1v +YBtEr0msBnlJBJOgStyUEfHW2KspNQ+VllQ6c0cedgFXUpl9EoKTLxP+WXwFI1sx +jFCFzSrMqPcPz1PxU6bXoZE0WH6r+3c8WAW4xR/HVu04BrBDu0CGwn6zAXDy6wCU +pWogDlkCgYEA4o+nIu2CTzqUlgc22pj+hjenfS5lnCtJfAdrXOJHmnuL+J9h8Nzz +9kkL+/Y0Xg9bOM6xXPm+81UNpDvOLbUahSSQsfB+LNVEkthJIL4XIk083LsHjFaJ +9SiCFRbf2OgWrEhe/c1drySwz9u/0f4Q7B6VGqxMnTDjzS5JacZ1pE8CgYEAxzMn +/n/Dpdn+c4rf14BRNKCv1qBXngPNylKJCmiRpKRJAn+B+Msdwtggk/1Ihju21wSo +IGy0Gw7WQd1Iq7V85cB2G5PAFY6ybpSV6G3QrzmzuvjHmKvXgUAuuaN+7Pp1YkMY +rLVjUOcdP5JbXG6XnaCkHYJR8uapPwWPkDt+oO0CgYBI4yZGGlr92j7LNW70TJw1 +2dnMcAzIfTSa7lgf/bxDetPBHKWJs8vYxA9S9BZM3Gvgjr6IxuAjsI0+9O6TzdvG +UckrNc+h5Mq241ZDbmRK6MZXzOPUxlKDyJBw8Hb7dU82BeJpjJRDMG6hsHS5vh77 +l6sodZ4ARCZFcEq1+N8ICQKBgDeBHJLAXO6YmFrvhkGQ4o+senJuSRuhabUHXGIH +ExXyJNnKV5fQWOGSwTkbKRsmBmNRS9uFDoY/kxnVI8ucjUmjYAV9HNek5DkFs+OI +vc4lYNwnN85li23bSWm2kcZMX2ra0URGYn8HdtHg4Q4XTq3ANhp21oi9FsmVrhP9 +T+JdAoGBAK2ebwZ7CXFavDFo4mzLKkGitBjrSi/udFhZECXZWEbNzWlVc3Y3q0cU +drDqUtbVm+/Xb5CMU044Gqq6SKdObAb3JElKmFylFL9fp2rfL/foUr2sdb87Vqdp +2j5jZyvt1DKnNaJ7JaFbUdRxlvHQRiqKlZpafN/SMQ0jCs1bSgCg +-----END RSA PRIVATE KEY----- diff --git a/deps/openssl/openssl/demos/certs/apps/mkacerts.sh b/deps/openssl/openssl/demos/certs/apps/mkacerts.sh new file mode 100644 index 00000000000000..70984969f44b46 --- /dev/null +++ b/deps/openssl/openssl/demos/certs/apps/mkacerts.sh @@ -0,0 +1,45 @@ +#!/bin/sh + +# Recreate the demo certificates in the apps directory. + +OPENSSL=openssl + +# Root CA: create certificate directly +CN="OpenSSL Test Root CA" $OPENSSL req -config apps.cnf -x509 -nodes \ + -keyout root.pem -out root.pem -key rootkey.pem -new -days 3650 +# Intermediate CA: request first +CN="OpenSSL Test Intermediate CA" $OPENSSL req -config apps.cnf -nodes \ + -key intkey.pem -out intreq.pem -new +# Sign request: CA extensions +$OPENSSL x509 -req -in intreq.pem -CA root.pem -CAkey rootkey.pem -days 3630 \ + -extfile apps.cnf -extensions v3_ca -CAcreateserial -out intca.pem +# Client certificate: request first +CN="Test Client Cert" $OPENSSL req -config apps.cnf -nodes \ + -key ckey.pem -out creq.pem -new +# Sign using intermediate CA +$OPENSSL x509 -req -in creq.pem -CA intca.pem -CAkey intkey.pem -days 3600 \ + -extfile apps.cnf -extensions usr_cert -CAcreateserial | \ + $OPENSSL x509 -nameopt oneline -subject -issuer >client.pem +# Server certificate: request first +CN="Test Server Cert" $OPENSSL req -config apps.cnf -nodes \ + -key skey.pem -out sreq.pem -new +# Sign using intermediate CA +$OPENSSL x509 -req -in sreq.pem -CA intca.pem -CAkey intkey.pem -days 3600 \ + -extfile apps.cnf -extensions usr_cert -CAcreateserial | \ + $OPENSSL x509 -nameopt oneline -subject -issuer >server.pem +# Server certificate #2: request first +CN="Test Server Cert #2" $OPENSSL req -config apps.cnf -nodes \ + -key skey2.pem -out sreq2.pem -new +# Sign using intermediate CA +$OPENSSL x509 -req -in sreq2.pem -CA intca.pem -CAkey intkey.pem -days 3600 \ + -extfile apps.cnf -extensions usr_cert -CAcreateserial | \ + $OPENSSL x509 -nameopt oneline -subject -issuer >server2.pem + +# Append keys to file. + +cat skey.pem >>server.pem +cat skey2.pem >>server2.pem +cat ckey.pem >>client.pem + +$OPENSSL verify -CAfile root.pem -untrusted intca.pem \ + server2.pem server.pem client.pem diff --git a/deps/openssl/openssl/demos/certs/apps/mkxcerts.sh b/deps/openssl/openssl/demos/certs/apps/mkxcerts.sh new file mode 100644 index 00000000000000..ebe1920432be2a --- /dev/null +++ b/deps/openssl/openssl/demos/certs/apps/mkxcerts.sh @@ -0,0 +1,29 @@ + +# Create certificates using various algorithms to test multi-certificate +# functionality. + +OPENSSL=../../../apps/openssl +CN="OpenSSL Test RSA SHA-1 cert" $OPENSSL req \ + -config apps.cnf -extensions usr_cert -x509 -nodes \ + -keyout tsha1.pem -out tsha1.pem -new -days 3650 -sha1 +CN="OpenSSL Test RSA SHA-256 cert" $OPENSSL req \ + -config apps.cnf -extensions usr_cert -x509 -nodes \ + -keyout tsha256.pem -out tsha256.pem -new -days 3650 -sha256 +CN="OpenSSL Test RSA SHA-512 cert" $OPENSSL req \ + -config apps.cnf -extensions usr_cert -x509 -nodes \ + -keyout tsha512.pem -out tsha512.pem -new -days 3650 -sha512 + +# Create EC parameters + +$OPENSSL ecparam -name P-256 -out ecp256.pem +$OPENSSL ecparam -name P-384 -out ecp384.pem + +CN="OpenSSL Test P-256 SHA-256 cert" $OPENSSL req \ + -config apps.cnf -extensions ec_cert -x509 -nodes \ + -nodes -keyout tecp256.pem -out tecp256.pem -newkey ec:ecp256.pem \ + -days 3650 -sha256 + +CN="OpenSSL Test P-384 SHA-384 cert" $OPENSSL req \ + -config apps.cnf -extensions ec_cert -x509 -nodes \ + -nodes -keyout tecp384.pem -out tecp384.pem -newkey ec:ecp384.pem \ + -days 3650 -sha384 diff --git a/deps/openssl/openssl/demos/certs/apps/rootkey.pem b/deps/openssl/openssl/demos/certs/apps/rootkey.pem new file mode 100644 index 00000000000000..2600aab8e1b2d4 --- /dev/null +++ b/deps/openssl/openssl/demos/certs/apps/rootkey.pem @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpgIBAAKCAQEA0xpquKAoY6trkxz8uuE6RyYfMOy+Rgvt19pqG3x8sEpFNjDN +IG873HniShNaOrseRtrGRgCDcecNOQ0LLOQYo10zz0er8+0YgUWVx5Ag5q3cqN3T +kjDc+0sRZMONPoUwD0ySOT9dumbJypEjA0q2AgKgWwaO4ilzg/fWTEruLeuL4meX +K9WZFmMnGuF4kHSocZeKWs5UM86WIOf/+NdtzLNd6a5HwqAB5Azggiz2Ngck6Aet +Mi0inBr3A1MSn0oIaQ7rGvbQ2QrIOnpdHJ36GadQHuvvtZOm28o8UVONMMWoS1yJ +/1TaRWQJ+faZJE7yegJtUf75+5HwsxaUP32C3wIDAQABAoIBAQCEybEnwVamm0Vn +nGw9AT+vUYN9Ou3VEdviUzk7YOrt2Un/9GKTbGSzItf80H+JQfqhhywBDIGiPDxN +Dq9g5Xm6CP51/BdlsFYhuqukhDyt3d9XOXHEG4hlaarfP0KxeQXqGbhA2mMSxWVZ +TkI/59blHNHRcCagjIJlGJhsFRYNO1/ApfA5zN7fWCFvH1XWZhuvsPDgUXKm4BS0 +p3ol67MVJHRfYcLb/txBO5rBhSXinK0jEBiljRcE0rWzRycSedmDgG3SNV17wvA0 +UWgMNpPcJ1b7Satr0nM7A8+siV8FRcfvPqCuGPKCYTrNn71hGJEhKXKwlURj9+95 +O5yzRxjBAoGBAPtTRYN40/piRB0XLpi+zNh+4Ba4TGfXSymbaozgC/pI5wfgGXrz +IpT9ujjV42r8TABHvXa6uiGm0cbxcUgq2n6Y8rf6iHxmn23ezCEBUs7rd6jtt11b +m58T8o0XWyOgAovaH0UgzMtrlsZYR2fli5254oRkTWwaUTuO38z6CVddAoGBANcH +nvdu3RniIYStsr5/deu7l81ZQ9rSiR1m3H6Wy8ryMIfkYfa0WqXhwNHrLrhvhLIQ +7mGnJ+jAkJyVQULE6UdbmVW8tC58Dfrgz/1s7RMeUYPnOmRpx79c/LqZ2IunfFWx +IvBvFu7vidEHA+1tU2N+oXNsU+B9XpfsJ+/d2QtrAoGBAJTuP58tFtClMp/agO5b +AqC4bqqIBB704cGCK53XlsF2OhHcprzJH5ES2iub8+wOHit8V7Xn6SzP4jf2E58k +Zd3nXM3RVNgDKC6/fE+CrUOZHYupcqOMCag29eDOGl/+DgQ5+ZXJXhKdaveWkJns +2NNat/SkS4zn+4NDozOgZ7CxAoGBAIuXjfJRTUXNUDci0APtGO9U1AJiLbOzs4Gb +0g539IqmWS0O7S3L/YDsolFkXOsssjcq2KYabsUhpX+RQVGIJWzGoS9QlqQKssSo +Bz4c5Xbg2shHZtfi9+JaClNVJofazdOPcAAoDfpFFPHWnQ0YSOcxQLx+maEFok/7 +5h1IputLAoGBAKGBWDPwskgRRfCAIFpCJLOu/9D30M/akMtO0kJYQpBjOaKuigUy +ic7pthFVse/pMUljXHAd1hs2CTjMW1ukEusU3x1Ei6wvnHHqn0Hs+6D5NQFQkcMn +7rejJ+bpJPRAn40AAV5hGBYI12XycB8ZgyPC4hTUK6unGVK06DC4qvdv +-----END RSA PRIVATE KEY----- diff --git a/deps/openssl/openssl/demos/certs/apps/skey.pem b/deps/openssl/openssl/demos/certs/apps/skey.pem new file mode 100644 index 00000000000000..dbd403d1943c2f --- /dev/null +++ b/deps/openssl/openssl/demos/certs/apps/skey.pem @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpAIBAAKCAQEA84TzkjbcskbKZnrlKcXzSSgi07n+4N7kOM7uIhzpkTuU0HIv +h4VZS2axxfV6hV3CD9MuKVg2zEhroqK1Js5n4ke230nSP/qiELfCl0R+hzRtbfKL +tFUr1iHeU0uQ6v3q+Tg1K/Tmmg72uxKrhyHDL7z0BriPjhAHJ5XlQsvR1RCMkqzu +D9wjSInJxpMMIgLndOclAKv4D1wQtYU7ZpTw+01XBlUhIiXb86qpYL9NqnnRq5JI +uhmOEuxo2ca63+xaHNhD/udSyc8C0Md/yX6wlONTRFgLLv0pdLUGm1xEjfsydaQ6 +qGd7hzIKUI3hohNKJa/mHLElv7SZolPTogK/EQIDAQABAoIBAADq9FwNtuE5IRQn +zGtO4q7Y5uCzZ8GDNYr9RKp+P2cbuWDbvVAecYq2NV9QoIiWJOAYZKklOvekIju3 +r0UZLA0PRiIrTg6NrESx3JrjWDK8QNlUO7CPTZ39/K+FrmMkV9lem9yxjJjyC34D +AQB+YRTx+l14HppjdxNwHjAVQpIx/uO2F5xAMuk32+3K+pq9CZUtrofe1q4Agj9R +5s8mSy9pbRo9kW9wl5xdEotz1LivFOEiqPUJTUq5J5PeMKao3vdK726XI4Z455Nm +W2/MA0YV0ug2FYinHcZdvKM6dimH8GLfa3X8xKRfzjGjTiMSwsdjgMa4awY3tEHH +674jhAECgYEA/zqMrc0zsbNk83sjgaYIug5kzEpN4ic020rSZsmQxSCerJTgNhmg +utKSCt0Re09Jt3LqG48msahX8ycqDsHNvlEGPQSbMu9IYeO3Wr3fAm75GEtFWePY +BhM73I7gkRt4s8bUiUepMG/wY45c5tRF23xi8foReHFFe9MDzh8fJFECgYEA9EFX +4qAik1pOJGNei9BMwmx0I0gfVEIgu0tzeVqT45vcxbxr7RkTEaDoAG6PlbWP6D9a +WQNLp4gsgRM90ZXOJ4up5DsAWDluvaF4/omabMA+MJJ5kGZ0gCj5rbZbKqUws7x8 +bp+6iBfUPJUbcqNqFmi/08Yt7vrDnMnyMw2A/sECgYEAiiuRMxnuzVm34hQcsbhH +6ymVqf7j0PW2qK0F4H1ocT9qhzWFd+RB3kHWrCjnqODQoI6GbGr/4JepHUpre1ex +4UEN5oSS3G0ru0rC3U4C59dZ5KwDHFm7ffZ1pr52ljfQDUsrjjIMRtuiwNK2OoRa +WSsqiaL+SDzSB+nBmpnAizECgYBdt/y6rerWUx4MhDwwtTnel7JwHyo2MDFS6/5g +n8qC2Lj6/fMDRE22w+CA2esp7EJNQJGv+b27iFpbJEDh+/Lf5YzIT4MwVskQ5bYB +JFcmRxUVmf4e09D7o705U/DjCgMH09iCsbLmqQ38ONIRSHZaJtMDtNTHD1yi+jF+ +OT43gQKBgQC/2OHZoko6iRlNOAQ/tMVFNq7fL81GivoQ9F1U0Qr+DH3ZfaH8eIkX +xT0ToMPJUzWAn8pZv0snA0um6SIgvkCuxO84OkANCVbttzXImIsL7pFzfcwV/ERK +UM6j0ZuSMFOCr/lGPAoOQU0fskidGEHi1/kW+suSr28TqsyYZpwBDQ== +-----END RSA PRIVATE KEY----- diff --git a/deps/openssl/openssl/demos/certs/apps/skey2.pem b/deps/openssl/openssl/demos/certs/apps/skey2.pem new file mode 100644 index 00000000000000..78538228520d17 --- /dev/null +++ b/deps/openssl/openssl/demos/certs/apps/skey2.pem @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEowIBAAKCAQEA63Yu4/cnLRvi+BIwcoIz5hKmcziREG2tujKEBs4JVO3uV3+f +UW/4YFULigKImXu/0fKyuMyeFu4l3V8NC6gachvAeWhiniN9sPgPU3AQKaF1y9gq +2EBEI2cFCKS5WASItjZCY951ZKuXYJdYDgC4kPlvI4N5M4ORHPa4pqfa/dzfMLEi +92sLGn7q5mArzn+5Xh2jD9Vif8w0RlDRxv1rQ413PGVBtfuhF1PSXNhbPtjpn+33 +DdJdNACv8D4PDmjUtKyshqvSXSE/RURldW13v68efBWhOQiLXcAkmISbxfzveS1k +KMSV8nuWwhS5rw0xMlavRTEgqbX7Jm14xGRrFwIDAQABAoIBAHLsTPihIfLnYIE5 +x4GsQQ5zXeBw5ITDM37ktwHnQDC+rIzyUl1aLD1AZRBoKinXd4lOTqLZ4/NHKx4A +DYr58mZtWyUmqLOMmQVuHXTZBlp7XtYuXMMNovQwjQlp9LicBeoBU6gQ5PVMtubD +F4xGF89Sn0cTHW3iMkqTtQ5KcR1j57OcJO0FEb1vPvk2MXI5ZyAatUYE7YacbEzd +rg02uIwx3FqNSkuSI79uz4hMdV5TPtuhxx9nTwj9aLUhXFeZ0mn2PVgVzEnnMoJb ++znlsZDgzDlJqdaD744YGWh8Z3OEssB35KfzFcdOeO6yH8lmv2Zfznk7pNPT7LTb +Lae9VgkCgYEA92p1qnAB3NtJtNcaW53i0S5WJgS1hxWKvUDx3lTB9s8X9fHpqL1a +E94fDfWzp/hax6FefUKIvBOukPLQ6bYjTMiFoOHzVirghAIuIUoMI5VtLhwD1hKs +Lr7l/dptMgKb1nZHyXoKHRBthsy3K4+udsPi8TzMvYElgEqyQIe/Rk0CgYEA86GL +8HC6zLszzKERDPBxrboRmoFvVUCTQDhsfj1M8aR3nQ8V5LkdIJc7Wqm/Ggfk9QRf +rJ8M2WUMlU5CNnCn/KCrKzCNZIReze3fV+HnKdbcXGLvgbHPrhnz8yYehUFG+RGq +bVyDWRU94T38izy2s5qMYrMJWZEYyXncSPbfcPMCgYAtaXfxcZ+V5xYPQFARMtiX +5nZfggvDoJuXgx0h3tK/N2HBfcaSdzbaYLG4gTmZggc/jwnl2dl5E++9oSPhUdIG +3ONSFUbxsOsGr9PBvnKd8WZZyUCXAVRjPBzAzF+whzQNWCZy/5htnz9LN7YDI9s0 +5113Q96cheDZPFydZY0hHQKBgQDVbEhNukM5xCiNcu+f2SaMnLp9EjQ4h5g3IvaP +5B16daw/Dw8LzcohWboqIxeAsze0GD/D1ZUJAEd0qBjC3g+a9BjefervCjKOzXng +38mEUm+6EwVjJSQcjSmycEs+Sr/kwr/8i5WYvU32+jk4tFgMoC+o6tQe/Uesf68k +z/dPVwKBgGbF7Vv1/3SmhlOy+zYyvJ0CrWtKxH9QP6tLIEgEpd8x7YTSuCH94yok +kToMXYA3sWNPt22GbRDZ+rcp4c7HkDx6I6vpdP9aQEwJTp0EPy0sgWr2XwYmreIQ +NFmkk8Itn9EY2R9VBaP7GLv5kvwxDdLAnmwGmzVtbmaVdxCaBwUk +-----END RSA PRIVATE KEY----- diff --git a/deps/openssl/openssl/demos/certs/ca.cnf b/deps/openssl/openssl/demos/certs/ca.cnf new file mode 100644 index 00000000000000..e0c73c4eefee5b --- /dev/null +++ b/deps/openssl/openssl/demos/certs/ca.cnf @@ -0,0 +1,82 @@ +# +# OpenSSL example configuration file for automated certificate creation. +# + +# This definition stops the following lines choking if HOME or CN +# is undefined. +HOME = . +CN = "Not Defined" +default_ca = ca + +# Comment out the next line to ignore configuration errors +config_diagnostics = 1 + +#################################################################### +[ req ] +default_bits = 1024 +default_keyfile = privkey.pem +# Don't prompt for fields: use those in section directly +prompt = no +distinguished_name = req_distinguished_name +x509_extensions = v3_ca # The extensions to add to the self signed cert +string_mask = utf8only + +# req_extensions = v3_req # The extensions to add to a certificate request + +[ req_distinguished_name ] +countryName = UK + +organizationName = OpenSSL Group +# Take CN from environment so it can come from a script. +commonName = $ENV::CN + +[ usr_cert ] + +# These extensions are added when 'ca' signs a request for an end entity +# certificate + +basicConstraints=critical, CA:FALSE +keyUsage=critical, nonRepudiation, digitalSignature, keyEncipherment + +# PKIX recommendations harmless if included in all certificates. +subjectKeyIdentifier=hash +authorityKeyIdentifier=keyid +# OCSP responder certificate +[ ocsp_cert ] + +basicConstraints=critical, CA:FALSE +keyUsage=critical, nonRepudiation, digitalSignature, keyEncipherment + +# PKIX recommendations harmless if included in all certificates. +subjectKeyIdentifier=hash +authorityKeyIdentifier=keyid +extendedKeyUsage=OCSPSigning + +[ dh_cert ] + +# These extensions are added when 'ca' signs a request for an end entity +# DH certificate + +basicConstraints=critical, CA:FALSE +keyUsage=critical, keyAgreement + +# PKIX recommendations harmless if included in all certificates. +subjectKeyIdentifier=hash +authorityKeyIdentifier=keyid + +[ v3_ca ] + + +# Extensions for a typical CA + +# PKIX recommendation. + +subjectKeyIdentifier=hash +authorityKeyIdentifier=keyid:always +basicConstraints = critical,CA:true +keyUsage = critical, cRLSign, keyCertSign + +# Minimal CA entry to allow generation of CRLs. +[ca] +database=index.txt +crlnumber=crlnum.txt diff --git a/deps/openssl/openssl/demos/certs/mkcerts.sh b/deps/openssl/openssl/demos/certs/mkcerts.sh new file mode 100644 index 00000000000000..2d14a95989e811 --- /dev/null +++ b/deps/openssl/openssl/demos/certs/mkcerts.sh @@ -0,0 +1,96 @@ +#!/bin/sh + +OPENSSL=../../apps/openssl +OPENSSL_CONF=../../apps/openssl.cnf +export OPENSSL_CONF + +# Root CA: create certificate directly +CN="Test Root CA" $OPENSSL req -config ca.cnf -x509 -nodes \ + -keyout root.pem -out root.pem -newkey rsa:2048 -days 3650 +# Intermediate CA: request first +CN="Test Intermediate CA" $OPENSSL req -config ca.cnf -nodes \ + -keyout intkey.pem -out intreq.pem -newkey rsa:2048 +# Sign request: CA extensions +$OPENSSL x509 -req -in intreq.pem -CA root.pem -days 3600 \ + -extfile ca.cnf -extensions v3_ca -CAcreateserial -out intca.pem + +# Server certificate: create request first +CN="Test Server Cert" $OPENSSL req -config ca.cnf -nodes \ + -keyout skey.pem -out req.pem -newkey rsa:1024 +# Sign request: end entity extensions +$OPENSSL x509 -req -in req.pem -CA intca.pem -CAkey intkey.pem -days 3600 \ + -extfile ca.cnf -extensions usr_cert -CAcreateserial -out server.pem + +# Client certificate: request first +CN="Test Client Cert" $OPENSSL req -config ca.cnf -nodes \ + -keyout ckey.pem -out creq.pem -newkey rsa:1024 +# Sign using intermediate CA +$OPENSSL x509 -req -in creq.pem -CA intca.pem -CAkey intkey.pem -days 3600 \ + -extfile ca.cnf -extensions usr_cert -CAcreateserial -out client.pem + +# Revoked certificate: request first +CN="Test Revoked Cert" $OPENSSL req -config ca.cnf -nodes \ + -keyout revkey.pem -out rreq.pem -newkey rsa:1024 +# Sign using intermediate CA +$OPENSSL x509 -req -in rreq.pem -CA intca.pem -CAkey intkey.pem -days 3600 \ + -extfile ca.cnf -extensions usr_cert -CAcreateserial -out rev.pem + +# OCSP responder certificate: request first +CN="Test OCSP Responder Cert" $OPENSSL req -config ca.cnf -nodes \ + -keyout respkey.pem -out respreq.pem -newkey rsa:1024 +# Sign using intermediate CA and responder extensions +$OPENSSL x509 -req -in respreq.pem -CA intca.pem -CAkey intkey.pem -days 3600 \ + -extfile ca.cnf -extensions ocsp_cert -CAcreateserial -out resp.pem + +# Example creating a PKCS#3 DH certificate. + +# First DH parameters + +[ -f dhp.pem ] || $OPENSSL genpkey -genparam -algorithm DH -pkeyopt dh_paramgen_prime_len:1024 -out dhp.pem + +# Now a DH private key +$OPENSSL genpkey -paramfile dhp.pem -out dhskey.pem +# Create DH public key file +$OPENSSL pkey -in dhskey.pem -pubout -out dhspub.pem +# Certificate request, key just reuses old one as it is ignored when the +# request is signed. +CN="Test Server DH Cert" $OPENSSL req -config ca.cnf -new \ + -key skey.pem -out dhsreq.pem +# Sign request: end entity DH extensions +$OPENSSL x509 -req -in dhsreq.pem -CA root.pem -days 3600 \ + -force_pubkey dhspub.pem \ + -extfile ca.cnf -extensions dh_cert -CAcreateserial -out dhserver.pem + +# DH client certificate + +$OPENSSL genpkey -paramfile dhp.pem -out dhckey.pem +$OPENSSL pkey -in dhckey.pem -pubout -out dhcpub.pem +CN="Test Client DH Cert" $OPENSSL req -config ca.cnf -new \ + -key skey.pem -out dhcreq.pem +$OPENSSL x509 -req -in dhcreq.pem -CA root.pem -days 3600 \ + -force_pubkey dhcpub.pem \ + -extfile ca.cnf -extensions dh_cert -CAcreateserial -out dhclient.pem + +# Examples of CRL generation without the need to use 'ca' to issue +# certificates. +# Create zero length index file +>index.txt +# Create initial crl number file +echo 01 >crlnum.txt +# Add entries for server and client certs +$OPENSSL ca -valid server.pem -keyfile root.pem -cert root.pem \ + -config ca.cnf -md sha1 +$OPENSSL ca -valid client.pem -keyfile root.pem -cert root.pem \ + -config ca.cnf -md sha1 +$OPENSSL ca -valid rev.pem -keyfile root.pem -cert root.pem \ + -config ca.cnf -md sha1 +# Generate a CRL. +$OPENSSL ca -gencrl -keyfile root.pem -cert root.pem -config ca.cnf \ + -md sha1 -crldays 1 -out crl1.pem +# Revoke a certificate +openssl ca -revoke rev.pem -crl_reason superseded \ + -keyfile root.pem -cert root.pem -config ca.cnf -md sha1 +# Generate another CRL +$OPENSSL ca -gencrl -keyfile root.pem -cert root.pem -config ca.cnf \ + -md sha1 -crldays 1 -out crl2.pem + diff --git a/deps/openssl/openssl/demos/certs/ocspquery.sh b/deps/openssl/openssl/demos/certs/ocspquery.sh new file mode 100644 index 00000000000000..f6641133056986 --- /dev/null +++ b/deps/openssl/openssl/demos/certs/ocspquery.sh @@ -0,0 +1,21 @@ +# Example querying OpenSSL test responder. Assumes ocsprun.sh has been +# called. + +OPENSSL=../../apps/openssl +OPENSSL_CONF=../../apps/openssl.cnf +export OPENSSL_CONF + +# Send responder queries for each certificate. + +echo "Requesting OCSP status for each certificate" +$OPENSSL ocsp -issuer intca.pem -cert client.pem -CAfile root.pem \ + -url http://127.0.0.1:8888/ +$OPENSSL ocsp -issuer intca.pem -cert server.pem -CAfile root.pem \ + -url http://127.0.0.1:8888/ +$OPENSSL ocsp -issuer intca.pem -cert rev.pem -CAfile root.pem \ + -url http://127.0.0.1:8888/ +# One query for all three certificates. +echo "Requesting OCSP status for three certificates in one request" +$OPENSSL ocsp -issuer intca.pem \ + -cert client.pem -cert server.pem -cert rev.pem \ + -CAfile root.pem -url http://127.0.0.1:8888/ diff --git a/deps/openssl/openssl/demos/certs/ocsprun.sh b/deps/openssl/openssl/demos/certs/ocsprun.sh new file mode 100644 index 00000000000000..a65e5f2fd17192 --- /dev/null +++ b/deps/openssl/openssl/demos/certs/ocsprun.sh @@ -0,0 +1,14 @@ +# Example of running an querying OpenSSL test OCSP responder. +# This assumes "mkcerts.sh" or similar has been run to set up the +# necessary file structure. + +OPENSSL=../../apps/openssl +OPENSSL_CONF=../../apps/openssl.cnf +export OPENSSL_CONF + +# Run OCSP responder. + +PORT=8888 + +$OPENSSL ocsp -port $PORT -index index.txt -CA intca.pem \ + -rsigner resp.pem -rkey respkey.pem -rother intca.pem $* diff --git a/deps/openssl/openssl/demos/cipher/Makefile b/deps/openssl/openssl/demos/cipher/Makefile new file mode 100644 index 00000000000000..81f526535e20f6 --- /dev/null +++ b/deps/openssl/openssl/demos/cipher/Makefile @@ -0,0 +1,27 @@ +# Quick instruction: +# To build against an OpenSSL built in the source tree, do this: +# +# make OPENSSL_INCS_LOCATION=-I../../include OPENSSL_LIBS_LOCATION=-L../.. +# +# To run the demos when linked with a shared library (default): +# +# LD_LIBRARY_PATH=../.. ./aesccm +# LD_LIBRARY_PATH=../.. ./aesgcm +# LD_LIBRARY_PATH=../.. ./aeskeywrap +# LD_LIBRARY_PATH=../.. ./ariacbc + +CFLAGS = $(OPENSSL_INCS_LOCATION) +LDFLAGS = $(OPENSSL_LIBS_LOCATION) -lssl -lcrypto + +all: aesccm aesgcm aeskeywrap ariacbc + +aesccm: aesccm.o +aesgcm: aesgcm.o +aeskeywrap: aeskeywrap.o +ariacbc: ariacbc.o + +aesccm aesgcm aeskeywrap ariacbc: + $(CC) $(CFLAGS) -o $@ $< $(LDFLAGS) + +clean: + $(RM) aesccm aesgcm aeskeywrap ariacbc *.o diff --git a/deps/openssl/openssl/demos/cipher/aesccm.c b/deps/openssl/openssl/demos/cipher/aesccm.c new file mode 100644 index 00000000000000..f4430e727b2f51 --- /dev/null +++ b/deps/openssl/openssl/demos/cipher/aesccm.c @@ -0,0 +1,238 @@ +/* + * Copyright 2013-2021 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +/* + * Simple AES CCM authenticated encryption with additional data (AEAD) + * demonstration program. + */ + +#include +#include +#include +#include +#include + +/* AES-CCM test data obtained from NIST public test vectors */ + +/* AES key */ +static const unsigned char ccm_key[] = { + 0xce, 0xb0, 0x09, 0xae, 0xa4, 0x45, 0x44, 0x51, 0xfe, 0xad, 0xf0, 0xe6, + 0xb3, 0x6f, 0x45, 0x55, 0x5d, 0xd0, 0x47, 0x23, 0xba, 0xa4, 0x48, 0xe8 +}; + +/* Unique nonce to be used for this message */ +static const unsigned char ccm_nonce[] = { + 0x76, 0x40, 0x43, 0xc4, 0x94, 0x60, 0xb7 +}; + +/* + * Example of Additional Authenticated Data (AAD), i.e. unencrypted data + * which can be authenticated using the generated Tag value. + */ +static const unsigned char ccm_adata[] = { + 0x6e, 0x80, 0xdd, 0x7f, 0x1b, 0xad, 0xf3, 0xa1, 0xc9, 0xab, 0x25, 0xc7, + 0x5f, 0x10, 0xbd, 0xe7, 0x8c, 0x23, 0xfa, 0x0e, 0xb8, 0xf9, 0xaa, 0xa5, + 0x3a, 0xde, 0xfb, 0xf4, 0xcb, 0xf7, 0x8f, 0xe4 +}; + +/* Example plaintext to encrypt */ +static const unsigned char ccm_pt[] = { + 0xc8, 0xd2, 0x75, 0xf9, 0x19, 0xe1, 0x7d, 0x7f, 0xe6, 0x9c, 0x2a, 0x1f, + 0x58, 0x93, 0x9d, 0xfe, 0x4d, 0x40, 0x37, 0x91, 0xb5, 0xdf, 0x13, 0x10 +}; + +/* Expected ciphertext value */ +static const unsigned char ccm_ct[] = { + 0x8a, 0x0f, 0x3d, 0x82, 0x29, 0xe4, 0x8e, 0x74, 0x87, 0xfd, 0x95, 0xa2, + 0x8a, 0xd3, 0x92, 0xc8, 0x0b, 0x36, 0x81, 0xd4, 0xfb, 0xc7, 0xbb, 0xfd +}; + +/* Expected AEAD Tag value */ +static const unsigned char ccm_tag[] = { + 0x2d, 0xd6, 0xef, 0x1c, 0x45, 0xd4, 0xcc, 0xb7, 0x23, 0xdc, 0x07, 0x44, + 0x14, 0xdb, 0x50, 0x6d +}; + +/* + * A library context and property query can be used to select & filter + * algorithm implementations. If they are NULL then the default library + * context and properties are used. + */ +OSSL_LIB_CTX *libctx = NULL; +const char *propq = NULL; + + +int aes_ccm_encrypt(void) +{ + int ret = 0; + EVP_CIPHER_CTX *ctx; + EVP_CIPHER *cipher = NULL; + int outlen, tmplen; + size_t ccm_nonce_len = sizeof(ccm_nonce); + size_t ccm_tag_len = sizeof(ccm_tag); + unsigned char outbuf[1024]; + unsigned char outtag[16]; + OSSL_PARAM params[3] = { + OSSL_PARAM_END, OSSL_PARAM_END, OSSL_PARAM_END + }; + + printf("AES CCM Encrypt:\n"); + printf("Plaintext:\n"); + BIO_dump_fp(stdout, ccm_pt, sizeof(ccm_pt)); + + /* Create a context for the encrypt operation */ + if ((ctx = EVP_CIPHER_CTX_new()) == NULL) + goto err; + + /* Fetch the cipher implementation */ + if ((cipher = EVP_CIPHER_fetch(libctx, "AES-192-CCM", propq)) == NULL) + goto err; + + /* Default nonce length for AES-CCM is 7 bytes (56 bits). */ + params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_AEAD_IVLEN, + &ccm_nonce_len); + /* Set tag length */ + params[1] = OSSL_PARAM_construct_octet_string(OSSL_CIPHER_PARAM_AEAD_TAG, + NULL, ccm_tag_len); + + /* + * Initialise encrypt operation with the cipher & mode, + * nonce length and tag length parameters. + */ + if (!EVP_EncryptInit_ex2(ctx, cipher, NULL, NULL, params)) + goto err; + + /* Initialise key and nonce */ + if (!EVP_EncryptInit_ex(ctx, NULL, NULL, ccm_key, ccm_nonce)) + goto err; + + /* Set plaintext length: only needed if AAD is used */ + if (!EVP_EncryptUpdate(ctx, NULL, &outlen, NULL, sizeof(ccm_pt))) + goto err; + + /* Zero or one call to specify any AAD */ + if (!EVP_EncryptUpdate(ctx, NULL, &outlen, ccm_adata, sizeof(ccm_adata))) + goto err; + + /* Encrypt plaintext: can only be called once */ + if (!EVP_EncryptUpdate(ctx, outbuf, &outlen, ccm_pt, sizeof(ccm_pt))) + goto err; + + /* Output encrypted block */ + printf("Ciphertext:\n"); + BIO_dump_fp(stdout, outbuf, outlen); + + /* Finalise: note get no output for CCM */ + if (!EVP_EncryptFinal_ex(ctx, NULL, &tmplen)) + goto err; + + /* Get tag */ + params[0] = OSSL_PARAM_construct_octet_string(OSSL_CIPHER_PARAM_AEAD_TAG, + outtag, ccm_tag_len); + params[1] = OSSL_PARAM_construct_end(); + + if (!EVP_CIPHER_CTX_get_params(ctx, params)) + goto err; + + /* Output tag */ + printf("Tag:\n"); + BIO_dump_fp(stdout, outtag, ccm_tag_len); + + ret = 1; +err: + if (!ret) + ERR_print_errors_fp(stderr); + + EVP_CIPHER_free(cipher); + EVP_CIPHER_CTX_free(ctx); + + return ret; +} + +int aes_ccm_decrypt(void) +{ + int ret = 0; + EVP_CIPHER_CTX *ctx; + EVP_CIPHER *cipher = NULL; + int outlen, rv; + unsigned char outbuf[1024]; + size_t ccm_nonce_len = sizeof(ccm_nonce); + OSSL_PARAM params[3] = { + OSSL_PARAM_END, OSSL_PARAM_END, OSSL_PARAM_END + }; + + printf("AES CCM Decrypt:\n"); + printf("Ciphertext:\n"); + BIO_dump_fp(stdout, ccm_ct, sizeof(ccm_ct)); + + if ((ctx = EVP_CIPHER_CTX_new()) == NULL) + goto err; + + /* Fetch the cipher implementation */ + if ((cipher = EVP_CIPHER_fetch(libctx, "AES-192-CCM", propq)) == NULL) + goto err; + + /* Set nonce length if default 96 bits is not appropriate */ + params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_AEAD_IVLEN, + &ccm_nonce_len); + /* Set tag length */ + params[1] = OSSL_PARAM_construct_octet_string(OSSL_CIPHER_PARAM_AEAD_TAG, + (unsigned char *)ccm_tag, + sizeof(ccm_tag)); + /* + * Initialise decrypt operation with the cipher & mode, + * nonce length and expected tag parameters. + */ + if (!EVP_DecryptInit_ex2(ctx, cipher, NULL, NULL, params)) + goto err; + + /* Specify key and IV */ + if (!EVP_DecryptInit_ex(ctx, NULL, NULL, ccm_key, ccm_nonce)) + goto err; + + /* Set ciphertext length: only needed if we have AAD */ + if (!EVP_DecryptUpdate(ctx, NULL, &outlen, NULL, sizeof(ccm_ct))) + goto err; + + /* Zero or one call to specify any AAD */ + if (!EVP_DecryptUpdate(ctx, NULL, &outlen, ccm_adata, sizeof(ccm_adata))) + goto err; + + /* Decrypt plaintext, verify tag: can only be called once */ + rv = EVP_DecryptUpdate(ctx, outbuf, &outlen, ccm_ct, sizeof(ccm_ct)); + + /* Output decrypted block: if tag verify failed we get nothing */ + if (rv > 0) { + printf("Tag verify successful!\nPlaintext:\n"); + BIO_dump_fp(stdout, outbuf, outlen); + } else { + printf("Tag verify failed!\nPlaintext not available\n"); + goto err; + } + ret = 1; +err: + if (!ret) + ERR_print_errors_fp(stderr); + + EVP_CIPHER_free(cipher); + EVP_CIPHER_CTX_free(ctx); + + return ret; +} + +int main(int argc, char **argv) +{ + if (!aes_ccm_encrypt()) + return 1; + + if (!aes_ccm_decrypt()) + return 1; + + return 0; +} diff --git a/deps/openssl/openssl/demos/cipher/aesgcm.c b/deps/openssl/openssl/demos/cipher/aesgcm.c new file mode 100644 index 00000000000000..aaf4000d574fd4 --- /dev/null +++ b/deps/openssl/openssl/demos/cipher/aesgcm.c @@ -0,0 +1,228 @@ +/* + * Copyright 2012-2021 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +/* + * Simple AES GCM authenticated encryption with additional data (AEAD) + * demonstration program. + */ + +#include +#include +#include +#include +#include + +/* AES-GCM test data obtained from NIST public test vectors */ + +/* AES key */ +static const unsigned char gcm_key[] = { + 0xee, 0xbc, 0x1f, 0x57, 0x48, 0x7f, 0x51, 0x92, 0x1c, 0x04, 0x65, 0x66, + 0x5f, 0x8a, 0xe6, 0xd1, 0x65, 0x8b, 0xb2, 0x6d, 0xe6, 0xf8, 0xa0, 0x69, + 0xa3, 0x52, 0x02, 0x93, 0xa5, 0x72, 0x07, 0x8f +}; + +/* Unique initialisation vector */ +static const unsigned char gcm_iv[] = { + 0x99, 0xaa, 0x3e, 0x68, 0xed, 0x81, 0x73, 0xa0, 0xee, 0xd0, 0x66, 0x84 +}; + +/* Example plaintext to encrypt */ +static const unsigned char gcm_pt[] = { + 0xf5, 0x6e, 0x87, 0x05, 0x5b, 0xc3, 0x2d, 0x0e, 0xeb, 0x31, 0xb2, 0xea, + 0xcc, 0x2b, 0xf2, 0xa5 +}; + +/* + * Example of Additional Authenticated Data (AAD), i.e. unencrypted data + * which can be authenticated using the generated Tag value. + */ +static const unsigned char gcm_aad[] = { + 0x4d, 0x23, 0xc3, 0xce, 0xc3, 0x34, 0xb4, 0x9b, 0xdb, 0x37, 0x0c, 0x43, + 0x7f, 0xec, 0x78, 0xde +}; + +/* Expected ciphertext value */ +static const unsigned char gcm_ct[] = { + 0xf7, 0x26, 0x44, 0x13, 0xa8, 0x4c, 0x0e, 0x7c, 0xd5, 0x36, 0x86, 0x7e, + 0xb9, 0xf2, 0x17, 0x36 +}; + +/* Expected AEAD Tag value */ +static const unsigned char gcm_tag[] = { + 0x67, 0xba, 0x05, 0x10, 0x26, 0x2a, 0xe4, 0x87, 0xd7, 0x37, 0xee, 0x62, + 0x98, 0xf7, 0x7e, 0x0c +}; + +/* + * A library context and property query can be used to select & filter + * algorithm implementations. If they are NULL then the default library + * context and properties are used. + */ +OSSL_LIB_CTX *libctx = NULL; +const char *propq = NULL; + +int aes_gcm_encrypt(void) +{ + int ret = 0; + EVP_CIPHER_CTX *ctx; + EVP_CIPHER *cipher = NULL; + int outlen, tmplen; + size_t gcm_ivlen = sizeof(gcm_iv); + unsigned char outbuf[1024]; + unsigned char outtag[16]; + OSSL_PARAM params[2] = { + OSSL_PARAM_END, OSSL_PARAM_END + }; + + printf("AES GCM Encrypt:\n"); + printf("Plaintext:\n"); + BIO_dump_fp(stdout, gcm_pt, sizeof(gcm_pt)); + + /* Create a context for the encrypt operation */ + if ((ctx = EVP_CIPHER_CTX_new()) == NULL) + goto err; + + /* Fetch the cipher implementation */ + if ((cipher = EVP_CIPHER_fetch(libctx, "AES-256-GCM", propq)) == NULL) + goto err; + + /* Set IV length if default 96 bits is not appropriate */ + params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_AEAD_IVLEN, + &gcm_ivlen); + + /* + * Initialise an encrypt operation with the cipher/mode, key, IV and + * IV length parameter. + * For demonstration purposes the IV is being set here. In a compliant + * application the IV would be generated internally so the iv passed in + * would be NULL. + */ + if (!EVP_EncryptInit_ex2(ctx, cipher, gcm_key, gcm_iv, params)) + goto err; + + /* Zero or more calls to specify any AAD */ + if (!EVP_EncryptUpdate(ctx, NULL, &outlen, gcm_aad, sizeof(gcm_aad))) + goto err; + + /* Encrypt plaintext */ + if (!EVP_EncryptUpdate(ctx, outbuf, &outlen, gcm_pt, sizeof(gcm_pt))) + goto err; + + /* Output encrypted block */ + printf("Ciphertext:\n"); + BIO_dump_fp(stdout, outbuf, outlen); + + /* Finalise: note get no output for GCM */ + if (!EVP_EncryptFinal_ex(ctx, outbuf, &tmplen)) + goto err; + + /* Get tag */ + params[0] = OSSL_PARAM_construct_octet_string(OSSL_CIPHER_PARAM_AEAD_TAG, + outtag, 16); + + if (!EVP_CIPHER_CTX_get_params(ctx, params)) + goto err; + + /* Output tag */ + printf("Tag:\n"); + BIO_dump_fp(stdout, outtag, 16); + + ret = 1; +err: + if (!ret) + ERR_print_errors_fp(stderr); + + EVP_CIPHER_free(cipher); + EVP_CIPHER_CTX_free(ctx); + + return ret; +} + +int aes_gcm_decrypt(void) +{ + int ret = 0; + EVP_CIPHER_CTX *ctx; + EVP_CIPHER *cipher = NULL; + int outlen, rv; + size_t gcm_ivlen = sizeof(gcm_iv); + unsigned char outbuf[1024]; + OSSL_PARAM params[2] = { + OSSL_PARAM_END, OSSL_PARAM_END + }; + + printf("AES GCM Decrypt:\n"); + printf("Ciphertext:\n"); + BIO_dump_fp(stdout, gcm_ct, sizeof(gcm_ct)); + + if ((ctx = EVP_CIPHER_CTX_new()) == NULL) + goto err; + + /* Fetch the cipher implementation */ + if ((cipher = EVP_CIPHER_fetch(libctx, "AES-256-GCM", propq)) == NULL) + goto err; + + /* Set IV length if default 96 bits is not appropriate */ + params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_AEAD_IVLEN, + &gcm_ivlen); + + /* + * Initialise an encrypt operation with the cipher/mode, key, IV and + * IV length parameter. + */ + if (!EVP_DecryptInit_ex2(ctx, cipher, gcm_key, gcm_iv, params)) + goto err; + + /* Zero or more calls to specify any AAD */ + if (!EVP_DecryptUpdate(ctx, NULL, &outlen, gcm_aad, sizeof(gcm_aad))) + goto err; + + /* Decrypt plaintext */ + if (!EVP_DecryptUpdate(ctx, outbuf, &outlen, gcm_ct, sizeof(gcm_ct))) + goto err; + + /* Output decrypted block */ + printf("Plaintext:\n"); + BIO_dump_fp(stdout, outbuf, outlen); + + /* Set expected tag value. */ + params[0] = OSSL_PARAM_construct_octet_string(OSSL_CIPHER_PARAM_AEAD_TAG, + (void*)gcm_tag, sizeof(gcm_tag)); + + if (!EVP_CIPHER_CTX_set_params(ctx, params)) + goto err; + + /* Finalise: note get no output for GCM */ + rv = EVP_DecryptFinal_ex(ctx, outbuf, &outlen); + /* + * Print out return value. If this is not successful authentication + * failed and plaintext is not trustworthy. + */ + printf("Tag Verify %s\n", rv > 0 ? "Successful!" : "Failed!"); + + ret = 1; +err: + if (!ret) + ERR_print_errors_fp(stderr); + + EVP_CIPHER_free(cipher); + EVP_CIPHER_CTX_free(ctx); + + return ret; +} + +int main(int argc, char **argv) +{ + if (!aes_gcm_encrypt()) + return 1; + + if (!aes_gcm_decrypt()) + return 1; + + return 0; +} diff --git a/deps/openssl/openssl/demos/cipher/aeskeywrap.c b/deps/openssl/openssl/demos/cipher/aeskeywrap.c new file mode 100644 index 00000000000000..f987772e4ffea5 --- /dev/null +++ b/deps/openssl/openssl/demos/cipher/aeskeywrap.c @@ -0,0 +1,181 @@ +/* + * Copyright 2022 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +/* + * Simple aes wrap encryption demonstration program. + */ + +#include +#include +#include +#include +#include +#include + +/* aes key */ +static const unsigned char wrap_key[] = { + 0xee, 0xbc, 0x1f, 0x57, 0x48, 0x7f, 0x51, 0x92, 0x1c, 0x04, 0x65, 0x66, + 0x5f, 0x8a, 0xe6, 0xd1, 0x65, 0x8b, 0xb2, 0x6d, 0xe6, 0xf8, 0xa0, 0x69, + 0xa3, 0x52, 0x02, 0x93, 0xa5, 0x72, 0x07, 0x8f +}; + +/* Unique initialisation vector */ +static const unsigned char wrap_iv[] = { + 0x99, 0xaa, 0x3e, 0x68, 0xed, 0x81, 0x73, 0xa0, 0xee, 0xd0, 0x66, 0x84, + 0x99, 0xaa, 0x3e, 0x68, +}; + +/* Example plaintext to encrypt */ +static const unsigned char wrap_pt[] = { + 0xad, 0x4f, 0xc9, 0xfc, 0x77, 0x69, 0xc9, 0xea, 0xfc, 0xdf, 0x00, 0xac, + 0x34, 0xec, 0x40, 0xbc, 0x28, 0x3f, 0xa4, 0x5e, 0xd8, 0x99, 0xe4, 0x5d, + 0x5e, 0x7a, 0xc4, 0xe6, 0xca, 0x7b, 0xa5, 0xb7, +}; + +/* Expected ciphertext value */ +static const unsigned char wrap_ct[] = { + 0x97, 0x99, 0x55, 0xca, 0xf6, 0x3e, 0x95, 0x54, 0x39, 0xd6, 0xaf, 0x63, 0xff, 0x2c, 0xe3, 0x96, + 0xf7, 0x0d, 0x2c, 0x9c, 0xc7, 0x43, 0xc0, 0xb6, 0x31, 0x43, 0xb9, 0x20, 0xac, 0x6b, 0xd3, 0x67, + 0xad, 0x01, 0xaf, 0xa7, 0x32, 0x74, 0x26, 0x92, +}; + +/* + * A library context and property query can be used to select & filter + * algorithm implementations. If they are NULL then the default library + * context and properties are used. + */ +OSSL_LIB_CTX *libctx = NULL; +const char *propq = NULL; + +int aes_wrap_encrypt(void) +{ + int ret = 0; + EVP_CIPHER_CTX *ctx; + EVP_CIPHER *cipher = NULL; + int outlen, tmplen; + unsigned char outbuf[1024]; + + printf("aes wrap Encrypt:\n"); + printf("Plaintext:\n"); + BIO_dump_fp(stdout, wrap_pt, sizeof(wrap_pt)); + + /* Create a context for the encrypt operation */ + if ((ctx = EVP_CIPHER_CTX_new()) == NULL) + goto err; + + EVP_CIPHER_CTX_set_flags(ctx, EVP_CIPHER_CTX_FLAG_WRAP_ALLOW); + + /* Fetch the cipher implementation */ + if ((cipher = EVP_CIPHER_fetch(libctx, "AES-256-WRAP", propq)) == NULL) + goto err; + + /* + * Initialise an encrypt operation with the cipher/mode, key and IV. + * We are not setting any custom params so let params be just NULL. + */ + if (!EVP_EncryptInit_ex2(ctx, cipher, wrap_key, wrap_iv, /* params */ NULL)) + goto err; + + /* Encrypt plaintext */ + if (!EVP_EncryptUpdate(ctx, outbuf, &outlen, wrap_pt, sizeof(wrap_pt))) + goto err; + + /* Finalise: there can be some additional output from padding */ + if (!EVP_EncryptFinal_ex(ctx, outbuf + outlen, &tmplen)) + goto err; + outlen += tmplen; + + /* Output encrypted block */ + printf("Ciphertext (outlen:%d):\n", outlen); + BIO_dump_fp(stdout, outbuf, outlen); + + if (sizeof(wrap_ct) == outlen && !CRYPTO_memcmp(outbuf, wrap_ct, outlen)) + printf("Final ciphertext matches expected ciphertext\n"); + else + printf("Final ciphertext differs from expected ciphertext\n"); + + ret = 1; +err: + if (!ret) + ERR_print_errors_fp(stderr); + + EVP_CIPHER_free(cipher); + EVP_CIPHER_CTX_free(ctx); + + return ret; +} + +int aes_wrap_decrypt(void) +{ + int ret = 0; + EVP_CIPHER_CTX *ctx; + EVP_CIPHER *cipher = NULL; + int outlen, tmplen; + unsigned char outbuf[1024]; + + printf("aes wrap Decrypt:\n"); + printf("Ciphertext:\n"); + BIO_dump_fp(stdout, wrap_ct, sizeof(wrap_ct)); + + if ((ctx = EVP_CIPHER_CTX_new()) == NULL) + goto err; + + EVP_CIPHER_CTX_set_flags(ctx, EVP_CIPHER_CTX_FLAG_WRAP_ALLOW); + + /* Fetch the cipher implementation */ + if ((cipher = EVP_CIPHER_fetch(libctx, "aes-256-wrap", propq)) == NULL) + goto err; + + /* + * Initialise an encrypt operation with the cipher/mode, key and IV. + * We are not setting any custom params so let params be just NULL. + */ + if (!EVP_DecryptInit_ex2(ctx, cipher, wrap_key, wrap_iv, /* params */ NULL)) + goto err; + + /* Decrypt plaintext */ + if (!EVP_DecryptUpdate(ctx, outbuf, &outlen, wrap_ct, sizeof(wrap_ct))) + goto err; + + /* Finalise: there can be some additional output from padding */ + if (!EVP_DecryptFinal_ex(ctx, outbuf + outlen, &tmplen)) + goto err; + outlen += tmplen; + + /* Output decrypted block */ + printf("Plaintext (outlen:%d):\n", outlen); + BIO_dump_fp(stdout, outbuf, outlen); + + if (sizeof(wrap_pt) == outlen && !CRYPTO_memcmp(outbuf, wrap_pt, outlen)) + printf("Final plaintext matches original plaintext\n"); + else + printf("Final plaintext differs from original plaintext\n"); + + ret = 1; +err: + if (!ret) + ERR_print_errors_fp(stderr); + + EVP_CIPHER_free(cipher); + EVP_CIPHER_CTX_free(ctx); + + return ret; +} + +int main(int argc, char **argv) +{ + if (!aes_wrap_encrypt()) + return 1; + + if (!aes_wrap_decrypt()) + return 1; + + return 0; +} + diff --git a/deps/openssl/openssl/demos/cipher/ariacbc.c b/deps/openssl/openssl/demos/cipher/ariacbc.c new file mode 100644 index 00000000000000..8999fe6e701d24 --- /dev/null +++ b/deps/openssl/openssl/demos/cipher/ariacbc.c @@ -0,0 +1,178 @@ +/* + * Copyright 2012-2022 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +/* + * Simple ARIA CBC encryption demonstration program. + */ + +#include +#include +#include +#include +#include +#include + +/* ARIA key */ +static const unsigned char cbc_key[] = { + 0xee, 0xbc, 0x1f, 0x57, 0x48, 0x7f, 0x51, 0x92, 0x1c, 0x04, 0x65, 0x66, + 0x5f, 0x8a, 0xe6, 0xd1, 0x65, 0x8b, 0xb2, 0x6d, 0xe6, 0xf8, 0xa0, 0x69, + 0xa3, 0x52, 0x02, 0x93, 0xa5, 0x72, 0x07, 0x8f +}; + +/* Unique initialisation vector */ +static const unsigned char cbc_iv[] = { + 0x99, 0xaa, 0x3e, 0x68, 0xed, 0x81, 0x73, 0xa0, 0xee, 0xd0, 0x66, 0x84, + 0x99, 0xaa, 0x3e, 0x68, +}; + +/* Example plaintext to encrypt */ +static const unsigned char cbc_pt[] = { + 0xf5, 0x6e, 0x87, 0x05, 0x5b, 0xc3, 0x2d, 0x0e, 0xeb, 0x31, 0xb2, 0xea, + 0xcc, 0x2b, 0xf2, 0xa5 +}; + +/* Expected ciphertext value */ +static const unsigned char cbc_ct[] = { + 0x9a, 0x44, 0xe6, 0x85, 0x94, 0x26, 0xff, 0x30, 0x03, 0xd3, 0x7e, 0xc6, + 0xb5, 0x4a, 0x09, 0x66, 0x39, 0x28, 0xf3, 0x67, 0x14, 0xbc, 0xe8, 0xe2, + 0xcf, 0x31, 0xb8, 0x60, 0x42, 0x72, 0x6d, 0xc8 +}; + +/* + * A library context and property query can be used to select & filter + * algorithm implementations. If they are NULL then the default library + * context and properties are used. + */ +OSSL_LIB_CTX *libctx = NULL; +const char *propq = NULL; + +int aria_cbc_encrypt(void) +{ + int ret = 0; + EVP_CIPHER_CTX *ctx; + EVP_CIPHER *cipher = NULL; + int outlen, tmplen; + size_t cbc_ivlen = sizeof(cbc_iv); + unsigned char outbuf[1024]; + unsigned char outtag[16]; + + printf("ARIA CBC Encrypt:\n"); + printf("Plaintext:\n"); + BIO_dump_fp(stdout, cbc_pt, sizeof(cbc_pt)); + + /* Create a context for the encrypt operation */ + if ((ctx = EVP_CIPHER_CTX_new()) == NULL) + goto err; + + /* Fetch the cipher implementation */ + if ((cipher = EVP_CIPHER_fetch(libctx, "ARIA-256-CBC", propq)) == NULL) + goto err; + + /* + * Initialise an encrypt operation with the cipher/mode, key and IV. + * We are not setting any custom params so let params be just NULL. + */ + if (!EVP_EncryptInit_ex2(ctx, cipher, cbc_key, cbc_iv, /* params */ NULL)) + goto err; + + /* Encrypt plaintext */ + if (!EVP_EncryptUpdate(ctx, outbuf, &outlen, cbc_pt, sizeof(cbc_pt))) + goto err; + + /* Finalise: there can be some additional output from padding */ + if (!EVP_EncryptFinal_ex(ctx, outbuf + outlen, &tmplen)) + goto err; + outlen += tmplen; + + /* Output encrypted block */ + printf("Ciphertext (outlen:%d):\n", outlen); + BIO_dump_fp(stdout, outbuf, outlen); + + if (sizeof(cbc_ct) == outlen && !CRYPTO_memcmp(outbuf, cbc_ct, outlen)) + printf("Final ciphertext matches expected ciphertext\n"); + else + printf("Final ciphertext differs from expected ciphertext\n"); + + ret = 1; +err: + if (!ret) + ERR_print_errors_fp(stderr); + + EVP_CIPHER_free(cipher); + EVP_CIPHER_CTX_free(ctx); + + return ret; +} + +int aria_cbc_decrypt(void) +{ + int ret = 0; + EVP_CIPHER_CTX *ctx; + EVP_CIPHER *cipher = NULL; + int outlen, tmplen, rv; + size_t cbc_ivlen = sizeof(cbc_iv); + unsigned char outbuf[1024]; + + printf("ARIA CBC Decrypt:\n"); + printf("Ciphertext:\n"); + BIO_dump_fp(stdout, cbc_ct, sizeof(cbc_ct)); + + if ((ctx = EVP_CIPHER_CTX_new()) == NULL) + goto err; + + /* Fetch the cipher implementation */ + if ((cipher = EVP_CIPHER_fetch(libctx, "ARIA-256-CBC", propq)) == NULL) + goto err; + + /* + * Initialise an encrypt operation with the cipher/mode, key and IV. + * We are not setting any custom params so let params be just NULL. + */ + if (!EVP_DecryptInit_ex2(ctx, cipher, cbc_key, cbc_iv, /* params */ NULL)) + goto err; + + /* Decrypt plaintext */ + if (!EVP_DecryptUpdate(ctx, outbuf, &outlen, cbc_ct, sizeof(cbc_ct))) + goto err; + + /* Finalise: there can be some additional output from padding */ + if (!EVP_DecryptFinal_ex(ctx, outbuf + outlen, &tmplen)) + goto err; + outlen += tmplen; + + /* Output decrypted block */ + printf("Plaintext (outlen:%d):\n", outlen); + BIO_dump_fp(stdout, outbuf, outlen); + + if (sizeof(cbc_pt) == outlen && !CRYPTO_memcmp(outbuf, cbc_pt, outlen)) + printf("Final plaintext matches original plaintext\n"); + else + printf("Final plaintext differs from original plaintext\n"); + + ret = 1; +err: + if (!ret) + ERR_print_errors_fp(stderr); + + EVP_CIPHER_free(cipher); + EVP_CIPHER_CTX_free(ctx); + + return ret; +} + +int main(int argc, char **argv) +{ + if (!aria_cbc_encrypt()) + return 1; + + if (!aria_cbc_decrypt()) + return 1; + + return 0; +} diff --git a/deps/openssl/openssl/demos/cms/cacert.pem b/deps/openssl/openssl/demos/cms/cacert.pem new file mode 100644 index 00000000000000..1949fc33aed4f2 --- /dev/null +++ b/deps/openssl/openssl/demos/cms/cacert.pem @@ -0,0 +1,29 @@ +-----BEGIN CERTIFICATE----- +MIIFBjCCA26gAwIBAgIUM/WihZJZUTZvqoyNaUlp59DOaWYwDQYJKoZIhvcNAQEL +BQAwVzELMAkGA1UEBhMCVUsxEjAQBgNVBAcMCVRlc3QgQ2l0eTEWMBQGA1UECgwN +T3BlblNTTCBHcm91cDEcMBoGA1UEAwwTVGVzdCBTL01JTUUgUm9vdCBDQTAgFw0x +ODA2MTQxMjQ2MjhaGA8yMTE4MDYxNDEyNDYyOFowVzELMAkGA1UEBhMCVUsxEjAQ +BgNVBAcMCVRlc3QgQ2l0eTEWMBQGA1UECgwNT3BlblNTTCBHcm91cDEcMBoGA1UE +AwwTVGVzdCBTL01JTUUgUm9vdCBDQTCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCC +AYoCggGBAMzxOVHZFVxN9XQIVW3y1bK5ir3jKpKkU6zKrw8MdRvm233eqWSOYJvs +3rgdT59iv+CaPcBT5offbP0eH43H96CubJji/vQLMUzc/cLrJuCbLHREbSCsFNpf +lYw5mkT98dCFV66HuN6Nwqi5kW8TxGSXkD4OZqklbbicrXoXh5qhREID5hgbrijy +BiIHyp6bDq5zUCcmHP/Gdw2aTMEQZNsdw4MavtB65vI7dYxo2zEzdmJ3NnjlG7qZ +6Od6V4IW8yRAK9GLj0TUCZl28pq6rNio+F5Lst3clX9PDxh7LphNrXXYiHjXp2Kn +LZbOnz1SJSmCeisy/EFN6fRtwdwqcM1AcKNBU+UqFq0Mv0sgNdRwghYWGQht0mT9 ++Pg5HxTzDlOOmBT1kAduxJNLiRQlgysPDN94Os0EpzJyA87Z6yJRGvYGZ5mrdfx2 +8p6bHptf46h1WzCX4wDy2J86y+odgWMnSkmF9h8ySj66rgmLrz40n+mDm8bhUblK +AV8IqN8WmQIDAQABo4HHMIHEMB0GA1UdDgQWBBSkmMaBYQPTEGcqe1maU2IDOMLQ +ezCBlAYDVR0jBIGMMIGJgBSkmMaBYQPTEGcqe1maU2IDOMLQe6FbpFkwVzELMAkG +A1UEBhMCVUsxEjAQBgNVBAcMCVRlc3QgQ2l0eTEWMBQGA1UECgwNT3BlblNTTCBH +cm91cDEcMBoGA1UEAwwTVGVzdCBTL01JTUUgUm9vdCBDQYIUM/WihZJZUTZvqoyN +aUlp59DOaWYwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAYEAqP1CQRGM +roHvk6dhI4ElNae5seRdSQNTtwAhlP1RoSoFz8xybMgDksKE07t77gDsKvU2SuXV +fdICqVpjpN9cRYKM6VmiREdU6OGsPQ74u4sOg4cT/tuou0RsD/uQaznb5NOvo2T0 +8rmX0Ai3+lbEuMBCaGNU0KYJifYy4QrSqEapq4W3NbqH85msOiKHEDh1vz9IWz6z +WKjdv9lst56XuLTZrJ/O0T0qD6aMXyqK6ZART/FELjDXc+9Ey4TH+msOEKq0uQWt +y7Grfmz52dTnAjBw+6/ggE9sA8Wo6DhwbEUaOA9BB5YP+XWsIkUUbiVHU7D8TyiE +KHt2DkaWvjl1/RdtzQUO/vGI4yuFTZfLf23KcwgtHJI3JxLNAMLM3I2jmoWhKm/d +GkVYsGH1GWonv0UTv/TKlOXaTYWK9fQVoYkFc+FrwUd2lev5FizJNigL9qatGyRZ +giJmWWlf0bMMIxwWZzQswxLyKdkNlvkKf9T6BjEmGLeOHZCn0x2sOyUi +-----END CERTIFICATE----- diff --git a/deps/openssl/openssl/demos/cms/cakey.pem b/deps/openssl/openssl/demos/cms/cakey.pem new file mode 100644 index 00000000000000..486c975b722d17 --- /dev/null +++ b/deps/openssl/openssl/demos/cms/cakey.pem @@ -0,0 +1,39 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIG5QIBAAKCAYEAzPE5UdkVXE31dAhVbfLVsrmKveMqkqRTrMqvDwx1G+bbfd6p +ZI5gm+zeuB1Pn2K/4Jo9wFPmh99s/R4fjcf3oK5smOL+9AsxTNz9wusm4JssdERt +IKwU2l+VjDmaRP3x0IVXroe43o3CqLmRbxPEZJeQPg5mqSVtuJyteheHmqFEQgPm +GBuuKPIGIgfKnpsOrnNQJyYc/8Z3DZpMwRBk2x3Dgxq+0Hrm8jt1jGjbMTN2Ync2 +eOUbupno53pXghbzJEAr0YuPRNQJmXbymrqs2Kj4Xkuy3dyVf08PGHsumE2tddiI +eNenYqctls6fPVIlKYJ6KzL8QU3p9G3B3CpwzUBwo0FT5SoWrQy/SyA11HCCFhYZ +CG3SZP34+DkfFPMOU46YFPWQB27Ek0uJFCWDKw8M33g6zQSnMnIDztnrIlEa9gZn +mat1/Hbynpsem1/jqHVbMJfjAPLYnzrL6h2BYydKSYX2HzJKPrquCYuvPjSf6YOb +xuFRuUoBXwio3xaZAgMBAAECggGBAJrqILzozke2ujpablEtBTITJHgC9lRgmMt9 +bjR+4ysTJ4kOvZbANPDIbVZY+a3uVEIv9UujYBgG4Hi4w3tF074G+xnaRIQuzbZf +OgaUABA527GLY74VtbGYHRAhHqbWGmrX0H6iIzE/kQw/MVr4YzTyiFsQQbPMEhNB +g7RNgvh0vIb2MYC5s71JrS8eGqAnb0KY8daV7ce9upJyt2Acx1AGQJqipegrbtVd +8q4PONkJIIyvtmJONNaprq8DAJDaTNdcZu7f7mymF5UFpp4Lh6raAvOZAZjgkPYW +PsX2uMAsYchXTmSDGOHNafqeyTS0UEaw6FRhpxzMoSxRXX4/RhjeShadYwHxbh7s +UwFU7S9EWlj8CjgGs00KFM1eMV0sEYsL8sRf7ZiWM5XJsmXKbRZjA5V+7OoSGElB +zJcERK6NFCISijApZlVveEVZS0qESivKd9bspOzbMdoJyjBW1LZdMH85YIwM8Dox +VqGR0QD3UP8RpZBRwTiFenqOpwARnQKBwQD1NBGcTxLLUUluEBG/TD9KM5sCnkm8 +cn5RomwTeBrUr9SXOJuUPa8RNLrAeosuWCrx9JkF25IBExQbbs1NRHuziOIOyI0+ +hvqP85zJln7kUDtiDMFfUdS8Q6PF3b3wJl6cbipowWwsahvUSkx3W8UWrzZHsvrO +LBtvEZdwetNWN50FK040uM6y/x71xfvUhlKBsuZBgDFU9aXJZAGpkCklZnByURN6 +LZudDQETdYo7/X8qqPlcHwHStGj9YXg/e38CgcEA1fdVA6s+KlRUGRTUDaUFPDji +MciTcvA3teXJWNAsFWd71oLT5eQNI50afF242ikTT6JuXFH0mMYKoVe/LFo7m2mf +uLcW4yM/FiKTkhnBQGm7KNqyvXB0T0DWTDSeS7hTzD6KjuJPf7JVH5I4In8jSKJd +3mzTA9keIosnxjX7EOsZNQd0+MKaJYHnvJsxYaoT9FXoONuyzQu96TQ8Q+fkVHXh +I/ENAw0qfoJ5mw5dQnU2UtjP6cSNVQ9Rsr48GNnnAoHBAJcI65AMZNc3yrMw0r2y +iYl7IBAMz/5zx7shANE9OcmoRJqhE7PMCvneMOo+kVyKkmlW8KrbBKQEzG3ZYjwl +4sxDlHrmrZnGKrBgrkK9oIuhn/JVSQcdsJwGTeqjG0vBVqWkdhrwiWESOvIYkeEz +dcLzScwAQtyb7ooLm+x8u5Bv0RhOBG4VJ7y5yKg6u1O9KTUarRnLjJd4eBYEs8Fu +Oun+n2TK6+RmE2Q5jmAeFne9PYdZbb+Ame7fkYwBbcAsoQKBwQC1KHQSZyp7LGsH +0Vq5Mr77/i2FeQ1eg4SnvaZ8S8UHWla/iIVgX3XAcYO7SJ76F00CX8SQ5dLyhrr5 +YBG8u6k8LHHPMzVtmqoPU7cePDAjGWIddQ1g15WihILsgqCD+8z3YPxvfa1RsOvh +jyt4Ca0WEmLnr7v5xhp9pNRIPewUpvjwrR+cfyeEGjjat4tX5Wh/tzym51y7vvVM +Pa3I0M3BtQyqIa2ip8MS2eWcIs1TN2qHOorOolwHaLEDZY38fIECgcAKns98A2G3 +tLvZaDZlVsJWZsdSDUrFCKvx9QbTZHbyOL5JU/8TgLBgfOgV2yxLXn9Pq+0Quvb2 +EjaFuA3GKOFi50WtfwR6Yo1DaFcx5n0bDShnaHOF+dUi0BVQd2V1DsqAwF5/Eh3A +lX+XuWeSam4/91WhmNMCZpfYv0GErs4ZBHHsl54jmvrrjbhg/efUvpWKi/9vlKm+ ++ITH+nG1xCnyEEVZ+vm9Qq57lCLBZGyGT4PetllpsRrGcdO4/gfK8lY= +-----END RSA PRIVATE KEY----- diff --git a/deps/openssl/openssl/demos/cms/cms_comp.c b/deps/openssl/openssl/demos/cms/cms_comp.c new file mode 100644 index 00000000000000..ee1b5a38ceefd5 --- /dev/null +++ b/deps/openssl/openssl/demos/cms/cms_comp.c @@ -0,0 +1,64 @@ +/* + * Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +/* Simple S/MIME compress example */ +#include +#include +#include + +int main(int argc, char **argv) +{ + BIO *in = NULL, *out = NULL; + CMS_ContentInfo *cms = NULL; + int ret = 1; + + /* + * On OpenSSL 1.0.0+ only: + * for streaming set CMS_STREAM + */ + int flags = CMS_STREAM; + + OpenSSL_add_all_algorithms(); + ERR_load_crypto_strings(); + + /* Open content being compressed */ + + in = BIO_new_file("comp.txt", "r"); + + if (!in) + goto err; + + /* compress content */ + cms = CMS_compress(in, NID_zlib_compression, flags); + + if (!cms) + goto err; + + out = BIO_new_file("smcomp.txt", "w"); + if (!out) + goto err; + + /* Write out S/MIME message */ + if (!SMIME_write_CMS(out, cms, in, flags)) + goto err; + + ret = 0; + + err: + + if (ret) { + fprintf(stderr, "Error Compressing Data\n"); + ERR_print_errors_fp(stderr); + } + + CMS_ContentInfo_free(cms); + BIO_free(in); + BIO_free(out); + return ret; +} diff --git a/deps/openssl/openssl/demos/cms/cms_ddec.c b/deps/openssl/openssl/demos/cms/cms_ddec.c new file mode 100644 index 00000000000000..cb6c2694c69790 --- /dev/null +++ b/deps/openssl/openssl/demos/cms/cms_ddec.c @@ -0,0 +1,88 @@ +/* + * Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +/* + * S/MIME detached data decrypt example: rarely done but should the need + * arise this is an example.... + */ +#include +#include +#include + +int main(int argc, char **argv) +{ + BIO *in = NULL, *out = NULL, *tbio = NULL, *dcont = NULL; + X509 *rcert = NULL; + EVP_PKEY *rkey = NULL; + CMS_ContentInfo *cms = NULL; + int ret = 1; + + OpenSSL_add_all_algorithms(); + ERR_load_crypto_strings(); + + /* Read in recipient certificate and private key */ + tbio = BIO_new_file("signer.pem", "r"); + + if (!tbio) + goto err; + + rcert = PEM_read_bio_X509(tbio, NULL, 0, NULL); + + BIO_reset(tbio); + + rkey = PEM_read_bio_PrivateKey(tbio, NULL, 0, NULL); + + if (!rcert || !rkey) + goto err; + + /* Open PEM file containing enveloped data */ + + in = BIO_new_file("smencr.pem", "r"); + + if (!in) + goto err; + + /* Parse PEM content */ + cms = PEM_read_bio_CMS(in, NULL, 0, NULL); + + if (!cms) + goto err; + + /* Open file containing detached content */ + dcont = BIO_new_file("smencr.out", "rb"); + + if (!in) + goto err; + + out = BIO_new_file("encrout.txt", "w"); + if (!out) + goto err; + + /* Decrypt S/MIME message */ + if (!CMS_decrypt(cms, rkey, rcert, dcont, out, 0)) + goto err; + + ret = 0; + + err: + + if (ret) { + fprintf(stderr, "Error Decrypting Data\n"); + ERR_print_errors_fp(stderr); + } + + CMS_ContentInfo_free(cms); + X509_free(rcert); + EVP_PKEY_free(rkey); + BIO_free(in); + BIO_free(out); + BIO_free(tbio); + BIO_free(dcont); + return ret; +} diff --git a/deps/openssl/openssl/demos/cms/cms_dec.c b/deps/openssl/openssl/demos/cms/cms_dec.c new file mode 100644 index 00000000000000..f33ef1eb78f56e --- /dev/null +++ b/deps/openssl/openssl/demos/cms/cms_dec.c @@ -0,0 +1,78 @@ +/* + * Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +/* Simple S/MIME decryption example */ +#include +#include +#include + +int main(int argc, char **argv) +{ + BIO *in = NULL, *out = NULL, *tbio = NULL; + X509 *rcert = NULL; + EVP_PKEY *rkey = NULL; + CMS_ContentInfo *cms = NULL; + int ret = 1; + + OpenSSL_add_all_algorithms(); + ERR_load_crypto_strings(); + + /* Read in recipient certificate and private key */ + tbio = BIO_new_file("signer.pem", "r"); + + if (!tbio) + goto err; + + rcert = PEM_read_bio_X509(tbio, NULL, 0, NULL); + + BIO_reset(tbio); + + rkey = PEM_read_bio_PrivateKey(tbio, NULL, 0, NULL); + + if (!rcert || !rkey) + goto err; + + /* Open S/MIME message to decrypt */ + + in = BIO_new_file("smencr.txt", "r"); + + if (!in) + goto err; + + /* Parse message */ + cms = SMIME_read_CMS(in, NULL); + + if (!cms) + goto err; + + out = BIO_new_file("decout.txt", "w"); + if (!out) + goto err; + + /* Decrypt S/MIME message */ + if (!CMS_decrypt(cms, rkey, rcert, NULL, out, 0)) + goto err; + + ret = 0; + + err: + + if (ret) { + fprintf(stderr, "Error Decrypting Data\n"); + ERR_print_errors_fp(stderr); + } + + CMS_ContentInfo_free(cms); + X509_free(rcert); + EVP_PKEY_free(rkey); + BIO_free(in); + BIO_free(out); + BIO_free(tbio); + return ret; +} diff --git a/deps/openssl/openssl/demos/cms/cms_denc.c b/deps/openssl/openssl/demos/cms/cms_denc.c new file mode 100644 index 00000000000000..60b0aa192bc008 --- /dev/null +++ b/deps/openssl/openssl/demos/cms/cms_denc.c @@ -0,0 +1,97 @@ +/* + * Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +/* + * S/MIME detached data encrypt example: rarely done but should the need + * arise this is an example.... + */ +#include +#include +#include + +int main(int argc, char **argv) +{ + BIO *in = NULL, *out = NULL, *tbio = NULL, *dout = NULL; + X509 *rcert = NULL; + STACK_OF(X509) *recips = NULL; + CMS_ContentInfo *cms = NULL; + int ret = 1; + + int flags = CMS_STREAM | CMS_DETACHED; + + OpenSSL_add_all_algorithms(); + ERR_load_crypto_strings(); + + /* Read in recipient certificate */ + tbio = BIO_new_file("signer.pem", "r"); + + if (!tbio) + goto err; + + rcert = PEM_read_bio_X509(tbio, NULL, 0, NULL); + + if (!rcert) + goto err; + + /* Create recipient STACK and add recipient cert to it */ + recips = sk_X509_new_null(); + + if (!recips || !sk_X509_push(recips, rcert)) + goto err; + + /* + * sk_X509_pop_free will free up recipient STACK and its contents so set + * rcert to NULL so it isn't freed up twice. + */ + rcert = NULL; + + /* Open content being encrypted */ + + in = BIO_new_file("encr.txt", "r"); + + dout = BIO_new_file("smencr.out", "wb"); + + if (!in) + goto err; + + /* encrypt content */ + cms = CMS_encrypt(recips, in, EVP_des_ede3_cbc(), flags); + + if (!cms) + goto err; + + out = BIO_new_file("smencr.pem", "w"); + if (!out) + goto err; + + if (!CMS_final(cms, in, dout, flags)) + goto err; + + /* Write out CMS structure without content */ + if (!PEM_write_bio_CMS(out, cms)) + goto err; + + ret = 0; + + err: + + if (ret) { + fprintf(stderr, "Error Encrypting Data\n"); + ERR_print_errors_fp(stderr); + } + + CMS_ContentInfo_free(cms); + X509_free(rcert); + sk_X509_pop_free(recips, X509_free); + BIO_free(in); + BIO_free(out); + BIO_free(dout); + BIO_free(tbio); + return ret; +} diff --git a/deps/openssl/openssl/demos/cms/cms_enc.c b/deps/openssl/openssl/demos/cms/cms_enc.c new file mode 100644 index 00000000000000..9ef7a395583dc8 --- /dev/null +++ b/deps/openssl/openssl/demos/cms/cms_enc.c @@ -0,0 +1,92 @@ +/* + * Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +/* Simple S/MIME encrypt example */ +#include +#include +#include + +int main(int argc, char **argv) +{ + BIO *in = NULL, *out = NULL, *tbio = NULL; + X509 *rcert = NULL; + STACK_OF(X509) *recips = NULL; + CMS_ContentInfo *cms = NULL; + int ret = 1; + + /* + * On OpenSSL 1.0.0 and later only: + * for streaming set CMS_STREAM + */ + int flags = CMS_STREAM; + + OpenSSL_add_all_algorithms(); + ERR_load_crypto_strings(); + + /* Read in recipient certificate */ + tbio = BIO_new_file("signer.pem", "r"); + + if (!tbio) + goto err; + + rcert = PEM_read_bio_X509(tbio, NULL, 0, NULL); + + if (!rcert) + goto err; + + /* Create recipient STACK and add recipient cert to it */ + recips = sk_X509_new_null(); + + if (!recips || !sk_X509_push(recips, rcert)) + goto err; + + /* + * sk_X509_pop_free will free up recipient STACK and its contents so set + * rcert to NULL so it isn't freed up twice. + */ + rcert = NULL; + + /* Open content being encrypted */ + + in = BIO_new_file("encr.txt", "r"); + + if (!in) + goto err; + + /* encrypt content */ + cms = CMS_encrypt(recips, in, EVP_des_ede3_cbc(), flags); + + if (!cms) + goto err; + + out = BIO_new_file("smencr.txt", "w"); + if (!out) + goto err; + + /* Write out S/MIME message */ + if (!SMIME_write_CMS(out, cms, in, flags)) + goto err; + + ret = 0; + + err: + + if (ret) { + fprintf(stderr, "Error Encrypting Data\n"); + ERR_print_errors_fp(stderr); + } + + CMS_ContentInfo_free(cms); + X509_free(rcert); + sk_X509_pop_free(recips, X509_free); + BIO_free(in); + BIO_free(out); + BIO_free(tbio); + return ret; +} diff --git a/deps/openssl/openssl/demos/cms/cms_sign.c b/deps/openssl/openssl/demos/cms/cms_sign.c new file mode 100644 index 00000000000000..a52f5cec0fa5e7 --- /dev/null +++ b/deps/openssl/openssl/demos/cms/cms_sign.c @@ -0,0 +1,88 @@ +/* + * Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +/* Simple S/MIME signing example */ +#include +#include +#include + +int main(int argc, char **argv) +{ + BIO *in = NULL, *out = NULL, *tbio = NULL; + X509 *scert = NULL; + EVP_PKEY *skey = NULL; + CMS_ContentInfo *cms = NULL; + int ret = 1; + + /* + * For simple S/MIME signing use CMS_DETACHED. On OpenSSL 1.0.0 only: for + * streaming detached set CMS_DETACHED|CMS_STREAM for streaming + * non-detached set CMS_STREAM + */ + int flags = CMS_DETACHED | CMS_STREAM; + + OpenSSL_add_all_algorithms(); + ERR_load_crypto_strings(); + + /* Read in signer certificate and private key */ + tbio = BIO_new_file("signer.pem", "r"); + + if (!tbio) + goto err; + + scert = PEM_read_bio_X509(tbio, NULL, 0, NULL); + + BIO_reset(tbio); + + skey = PEM_read_bio_PrivateKey(tbio, NULL, 0, NULL); + + if (!scert || !skey) + goto err; + + /* Open content being signed */ + + in = BIO_new_file("sign.txt", "r"); + + if (!in) + goto err; + + /* Sign content */ + cms = CMS_sign(scert, skey, NULL, in, flags); + + if (!cms) + goto err; + + out = BIO_new_file("smout.txt", "w"); + if (!out) + goto err; + + if (!(flags & CMS_STREAM)) + BIO_reset(in); + + /* Write out S/MIME message */ + if (!SMIME_write_CMS(out, cms, in, flags)) + goto err; + + ret = 0; + + err: + + if (ret) { + fprintf(stderr, "Error Signing Data\n"); + ERR_print_errors_fp(stderr); + } + + CMS_ContentInfo_free(cms); + X509_free(scert); + EVP_PKEY_free(skey); + BIO_free(in); + BIO_free(out); + BIO_free(tbio); + return ret; +} diff --git a/deps/openssl/openssl/demos/cms/cms_sign2.c b/deps/openssl/openssl/demos/cms/cms_sign2.c new file mode 100644 index 00000000000000..beda9779a3fba7 --- /dev/null +++ b/deps/openssl/openssl/demos/cms/cms_sign2.c @@ -0,0 +1,98 @@ +/* + * Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +/* S/MIME signing example: 2 signers */ +#include +#include +#include + +int main(int argc, char **argv) +{ + BIO *in = NULL, *out = NULL, *tbio = NULL; + X509 *scert = NULL, *scert2 = NULL; + EVP_PKEY *skey = NULL, *skey2 = NULL; + CMS_ContentInfo *cms = NULL; + int ret = 1; + + OpenSSL_add_all_algorithms(); + ERR_load_crypto_strings(); + + tbio = BIO_new_file("signer.pem", "r"); + + if (!tbio) + goto err; + + scert = PEM_read_bio_X509(tbio, NULL, 0, NULL); + + BIO_reset(tbio); + + skey = PEM_read_bio_PrivateKey(tbio, NULL, 0, NULL); + + BIO_free(tbio); + + tbio = BIO_new_file("signer2.pem", "r"); + + if (!tbio) + goto err; + + scert2 = PEM_read_bio_X509(tbio, NULL, 0, NULL); + + BIO_reset(tbio); + + skey2 = PEM_read_bio_PrivateKey(tbio, NULL, 0, NULL); + + if (!scert2 || !skey2) + goto err; + + in = BIO_new_file("sign.txt", "r"); + + if (!in) + goto err; + + cms = CMS_sign(NULL, NULL, NULL, in, CMS_STREAM | CMS_PARTIAL); + + if (!cms) + goto err; + + /* Add each signer in turn */ + + if (!CMS_add1_signer(cms, scert, skey, NULL, 0)) + goto err; + + if (!CMS_add1_signer(cms, scert2, skey2, NULL, 0)) + goto err; + + out = BIO_new_file("smout.txt", "w"); + if (!out) + goto err; + + /* NB: content included and finalized by SMIME_write_CMS */ + + if (!SMIME_write_CMS(out, cms, in, CMS_STREAM)) + goto err; + + ret = 0; + + err: + + if (ret) { + fprintf(stderr, "Error Signing Data\n"); + ERR_print_errors_fp(stderr); + } + + CMS_ContentInfo_free(cms); + X509_free(scert); + EVP_PKEY_free(skey); + X509_free(scert2); + EVP_PKEY_free(skey2); + BIO_free(in); + BIO_free(out); + BIO_free(tbio); + return ret; +} diff --git a/deps/openssl/openssl/demos/cms/cms_uncomp.c b/deps/openssl/openssl/demos/cms/cms_uncomp.c new file mode 100644 index 00000000000000..35e68ebcc603af --- /dev/null +++ b/deps/openssl/openssl/demos/cms/cms_uncomp.c @@ -0,0 +1,58 @@ +/* + * Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +/* Simple S/MIME uncompression example */ +#include +#include +#include + +int main(int argc, char **argv) +{ + BIO *in = NULL, *out = NULL; + CMS_ContentInfo *cms = NULL; + int ret = 1; + + OpenSSL_add_all_algorithms(); + ERR_load_crypto_strings(); + + /* Open compressed content */ + + in = BIO_new_file("smcomp.txt", "r"); + + if (!in) + goto err; + + /* Sign content */ + cms = SMIME_read_CMS(in, NULL); + + if (!cms) + goto err; + + out = BIO_new_file("smuncomp.txt", "w"); + if (!out) + goto err; + + /* Uncompress S/MIME message */ + if (!CMS_uncompress(cms, out, NULL, 0)) + goto err; + + ret = 0; + + err: + + if (ret) { + fprintf(stderr, "Error Uncompressing Data\n"); + ERR_print_errors_fp(stderr); + } + + CMS_ContentInfo_free(cms); + BIO_free(in); + BIO_free(out); + return ret; +} diff --git a/deps/openssl/openssl/demos/cms/cms_ver.c b/deps/openssl/openssl/demos/cms/cms_ver.c new file mode 100644 index 00000000000000..3c0a7aa19edec5 --- /dev/null +++ b/deps/openssl/openssl/demos/cms/cms_ver.c @@ -0,0 +1,88 @@ +/* + * Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +/* Simple S/MIME verification example */ +#include +#include +#include + +int main(int argc, char **argv) +{ + BIO *in = NULL, *out = NULL, *tbio = NULL, *cont = NULL; + X509_STORE *st = NULL; + X509 *cacert = NULL; + CMS_ContentInfo *cms = NULL; + + int ret = 1; + + OpenSSL_add_all_algorithms(); + ERR_load_crypto_strings(); + + /* Set up trusted CA certificate store */ + + st = X509_STORE_new(); + if (st == NULL) + goto err; + + /* Read in CA certificate */ + tbio = BIO_new_file("cacert.pem", "r"); + + if (tbio == NULL) + goto err; + + cacert = PEM_read_bio_X509(tbio, NULL, 0, NULL); + + if (cacert == NULL) + goto err; + + if (!X509_STORE_add_cert(st, cacert)) + goto err; + + /* Open message being verified */ + + in = BIO_new_file("smout.txt", "r"); + + if (in == NULL) + goto err; + + /* parse message */ + cms = SMIME_read_CMS(in, &cont); + + if (cms == NULL) + goto err; + + /* File to output verified content to */ + out = BIO_new_file("smver.txt", "w"); + if (out == NULL) + goto err; + + if (!CMS_verify(cms, NULL, st, cont, out, 0)) { + fprintf(stderr, "Verification Failure\n"); + goto err; + } + + fprintf(stderr, "Verification Successful\n"); + + ret = 0; + + err: + + if (ret) { + fprintf(stderr, "Error Verifying Data\n"); + ERR_print_errors_fp(stderr); + } + + X509_STORE_free(st); + CMS_ContentInfo_free(cms); + X509_free(cacert); + BIO_free(in); + BIO_free(out); + BIO_free(tbio); + return ret; +} diff --git a/deps/openssl/openssl/demos/cms/comp.txt b/deps/openssl/openssl/demos/cms/comp.txt new file mode 100644 index 00000000000000..1672328e773595 --- /dev/null +++ b/deps/openssl/openssl/demos/cms/comp.txt @@ -0,0 +1,22 @@ +Content-type: text/plain + +Some Text To be Compressed +Some Text To be Compressed +Some Text To be Compressed +Some Text To be Compressed +Some Text To be Compressed +Some Text To be Compressed +Some Text To be Compressed +Some Text To be Compressed +Some Text To be Compressed +Some Text To be Compressed +Some Text To be Compressed +Some Text To be Compressed +Some Text To be Compressed +Some Text To be Compressed +Some Text To be Compressed +Some Text To be Compressed +Some Text To be Compressed +Some Text To be Compressed +Some Text To be Compressed +Some Text To be Compressed diff --git a/deps/openssl/openssl/demos/cms/encr.txt b/deps/openssl/openssl/demos/cms/encr.txt new file mode 100644 index 00000000000000..0eceb407b53e20 --- /dev/null +++ b/deps/openssl/openssl/demos/cms/encr.txt @@ -0,0 +1,3 @@ +Content-type: text/plain + +Sample OpenSSL Data for CMS encryption diff --git a/deps/openssl/openssl/demos/cms/sign.txt b/deps/openssl/openssl/demos/cms/sign.txt new file mode 100644 index 00000000000000..c3f9d73d65ece1 --- /dev/null +++ b/deps/openssl/openssl/demos/cms/sign.txt @@ -0,0 +1,3 @@ +Content-type: text/plain + +Test OpenSSL CMS Signed Content diff --git a/deps/openssl/openssl/demos/cms/signer.pem b/deps/openssl/openssl/demos/cms/signer.pem new file mode 100644 index 00000000000000..4bbf7a69f38225 --- /dev/null +++ b/deps/openssl/openssl/demos/cms/signer.pem @@ -0,0 +1,52 @@ +-----BEGIN CERTIFICATE----- +MIIELDCCApSgAwIBAgIIcsOElVeHzfQwDQYJKoZIhvcNAQELBQAwVzELMAkGA1UE +BhMCVUsxEjAQBgNVBAcMCVRlc3QgQ2l0eTEWMBQGA1UECgwNT3BlblNTTCBHcm91 +cDEcMBoGA1UEAwwTVGVzdCBTL01JTUUgUm9vdCBDQTAgFw0xODA2MTQxMjQ2Mjha +GA8yMTE4MDYxNDEyNDYyOFowVjELMAkGA1UEBhMCVUsxJTAjBgNVBAMMHE9wZW5T +U0wgdGVzdCBTL01JTUUgc2lnbmVyIDExIDAeBgkqhkiG9w0BCQEWEXRlc3QxQG9w +ZW5zc2wub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1vvSgaL1 +byi9AE8Ep3v7Yv36JxYywaZhUy8dEFRiYn6NsVhhNo6SK1Mp8daQ0MZoMzbT1aKp +JTLTgDJZHit2t1d6l3aWJG+cbcLua+XKowaZjj6rirB390fuL4qt5PiAb571QFtu +L8apcydwGEdkaPRuCnvctN8VcZPTKh+M8VEESyxk5K37QYKaAB6ItWR5KhjiAuDt +zsJbjEtOvGtmu2FRCU47GzfkdjYo7tY38WTY+2WWh+idKErtmYSinmhE0H7+yoJB +s1VCI+cq5tVW+oEO9HF4vEDEUykEFFPsCEkIWM+RjCgK8cRSCpg6VQr+ZTii6k7C +m9CP81QhUoV3QwIDAQABo3sweTAJBgNVHRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1P +cGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUg1DE7OaNqMQQ +8Z1bvjhnlisxfsMwHwYDVR0jBBgwFoAUpJjGgWED0xBnKntZmlNiAzjC0HswDQYJ +KoZIhvcNAQELBQADggGBAGxAivCwPsAYmMZfVJTELWNNMBzKzmeRvrp6k/6S74Pw +LDEhTnslCV4U1gTSd3nQ+LRm1fkzxLA12A/rlqN51P8B+hyVSMN9dj54YUcFd+KO +XhkSDrSpph6hRqGy8zqELzlb1Q8yoIBclEmyv+CkXMrpnm+4JL4kzyj/iBRkZTDz +ns15jJD9KHgrOnclaoDRkOT6lGbsd3j+aviKEj8ZILufSMw+W2YORy3nSAencjbO +ezivVujqm+pjkfqdCS1HcFB7LhQEILfFqkssw8YmtJVrM9LF8VIcqueXbVZmeS/1 +QV5B7OEmtsM+NkoLF5ldWdPQvmftbShh+AAlpcsmqiRefQgA3aQn6YOnOHnnQwgB +oQRNjQXsjgxV4t2HFYpwkK41kx4HToVGciPNMkndzfY/GJmgXsXfB6/AfUfhLTDv +tbws1MZhaCNOffw3/SVS2nLREMFCGn5uAgNkqssWqeWJu3910XF640tqPBj5YGFc +fykwWNhG5xS04EHpztgKdQ== +-----END CERTIFICATE----- +-----BEGIN RSA PRIVATE KEY----- +MIIEpQIBAAKCAQEA1vvSgaL1byi9AE8Ep3v7Yv36JxYywaZhUy8dEFRiYn6NsVhh +No6SK1Mp8daQ0MZoMzbT1aKpJTLTgDJZHit2t1d6l3aWJG+cbcLua+XKowaZjj6r +irB390fuL4qt5PiAb571QFtuL8apcydwGEdkaPRuCnvctN8VcZPTKh+M8VEESyxk +5K37QYKaAB6ItWR5KhjiAuDtzsJbjEtOvGtmu2FRCU47GzfkdjYo7tY38WTY+2WW +h+idKErtmYSinmhE0H7+yoJBs1VCI+cq5tVW+oEO9HF4vEDEUykEFFPsCEkIWM+R +jCgK8cRSCpg6VQr+ZTii6k7Cm9CP81QhUoV3QwIDAQABAoIBAQC6LCWmIisNcmgK +RmOvbszKc0sYYj7eOGl8EgbHR2xUA2hNNk4pYtnuLvzZ84hBZDCEeWyFS3HTRuql +z/QhDl6mc1k0pXtsXkNHQlIamksbVvHPnzIKzrt1J5N7FEt3SERhZXTZoNQRB6di +k7qdK+YmhdZtucnt0GrPisaJaf0yU/EjLuX+MU/0Xrc23lVhR3yqYhaOhWvrxTHM +evykI0kOL+gU58eN2eWE4ELjS2z+njKDqcEyeIy00FdBAtCoKjMsWpRytKNmcFm9 +LdtMmizskF8VS3+XsDbkseIODx1xJ65IFmHHMV2xLG5/+bQppkB8JuE3EDrtFiUJ +lGdfmBlxAoGBAP3Asg0drdunv7imeEOGpyj5JwF1hCVQ71IBGdqTr3aPqOlDH/io +up7t+VBuSLqj1P20HygNjow+ALw/Ko+a0icodg7QA2Co0/RiBwa+u2SgpYDqC9Kt +KIdRcv+NXkhXF/DLIn0jJvI53OtKsbgTv/C+aCipblofnO9sF4AhShq1AoGBANjj +Ou0czloNORbk3qAxLi4b5P/YOyZBJDa0zijFdD1jImfOeyNFXeg2ID+8ZjDkP/eP +pLy/Gt/8bVb+O+9wMOho3kWKZBN3O2VsLJYakAehDsC5ax7i2HtEqg1L1krW2duS +POiKg3qNjETM30zTA4pHwkNAETIktResze7SRm0XAoGABH7KaLMS5mZFXjcMwF19 +TpuDVmJHkgWqB7DfTWD6ZcZLvr4irdwHWlNq7ELX5P6MAmaTerkqwk9C4hLYZSzf +9jOgS8jhlm/HOXgXGcZ9OV4jMHJ0/Sl2I1eNCvvtJKjuUqS2mrLpuLbPtBdhqJoo +91HYNIgz3ULcG921WN6+GlUCgYEA066T6LDgxgt52NpwXrEhfWdETmDg+ilCCxLU +0/5DwVZsUhy5Gmeti+Kn/w0GQFnGBP1xr7ZlqI9auDlSjhNV6L/RkNXNbyJEGm1F +5wrt4ERVfcx6vJ5y43zU7D1EXa7s2t0UDXKDeK2GZe//UZ/yKJh5BeIV5nblOMI0 +DA+3JOkCgYEA80QGLjGlCvxKceVbuohbIZ1+/EoXPq993ER9S8D2MTGATsEcygtF +rM8JcHTv75sjycqu68BAQr1Z5qwwrMyY0vWVEorKzvAXEWolC67asR4cDutOd+qy +WlEIyojX45GwHCHpcbVRiGRWuj3kwkc+WzdgusBoAJrPCigES/Cr8uA= +-----END RSA PRIVATE KEY----- diff --git a/deps/openssl/openssl/demos/cms/signer2.pem b/deps/openssl/openssl/demos/cms/signer2.pem new file mode 100644 index 00000000000000..52827297e8a314 --- /dev/null +++ b/deps/openssl/openssl/demos/cms/signer2.pem @@ -0,0 +1,52 @@ +-----BEGIN CERTIFICATE----- +MIIELDCCApSgAwIBAgIIcsOElVeHzfUwDQYJKoZIhvcNAQELBQAwVzELMAkGA1UE +BhMCVUsxEjAQBgNVBAcMCVRlc3QgQ2l0eTEWMBQGA1UECgwNT3BlblNTTCBHcm91 +cDEcMBoGA1UEAwwTVGVzdCBTL01JTUUgUm9vdCBDQTAgFw0xODA2MTQxMjQ2Mjha +GA8yMTE4MDYxNDEyNDYyOFowVjELMAkGA1UEBhMCVUsxJTAjBgNVBAMMHE9wZW5T +U0wgdGVzdCBTL01JTUUgc2lnbmVyIDIxIDAeBgkqhkiG9w0BCQEWEXRlc3QyQG9w +ZW5zc2wub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ledrM9R +3x3bZypZAEi00DJYAmLS5F6Gg3+xpjE745UWKrjDAY5KswavKKa3vZxoUz2omNSg +4nYfLSowq7AI3VnZ8LwNo8lAeo7AX9elrsmzQzhr2DCdCdbRhCWoiS/ba5tKIhlb +gFnP+pB8jhC9qZuQJkpVaivywMW8rA9DRbeDcQjDKhUi0ukVDYHDd9+FtNM3H1t3 +AUGWBecjWYa4hXC3CsH3+cFBZKjAepL74hqiEfsEyzKesft3NFd1AcVY9W5MRCK4 +lUFiDbBtIgPkvPJeoEs/kFp3+OvJFDwi4K4Z6XzALyT0LXNx6w3kSfx0TLdNjXLD +O9a2dzwhHhPtCQIDAQABo3sweTAJBgNVHRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1P +cGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUYJEUXnMb/ux0 +WrzSh+bnhpi6GS0wHwYDVR0jBBgwFoAUpJjGgWED0xBnKntZmlNiAzjC0HswDQYJ +KoZIhvcNAQELBQADggGBAFbrwfsSciDFI97c7oqS8jtxOSa3c4B7xhmcgUkYCiaD +7mbZuqTUf4ltJJZXP/TJ44fhL0zVAvRXSXw1LE3YvLGOlBc6dM3D7DyL5pfUTUBY +ICt+NLfG5iHtkiZPPSfK2t5f4UGFwU/ERT62sLu4keLI5igi9J2jKSykN3u5SQ3s +Zsennow5zUsFkcz9hkB4RczlHRogA0SgVhELQbN1nYIqJJDRFZL+CmarDRTFMilk +7dXCacw6xt9vIc3ZXO+pu2g1ezgSPwOoUykQcL3UhAEIIyt+TRe3fafh5TXwd8tr +FAecAuz5Mqsmek5nEW9ZeYmxNz5VFwc4F61y4xFj7lI0frLCCAu3gVoqiQrW+WwR +e27z1Nm4uUcduFqj45Pu2eTyV3LZtLUbFvL5ZSPUCSk1wVmC2otX8ksFDDTO1rIy +l5Qd1g1P8bLuj8NG98J2zVOabtaxYCAIBPZ3dUh2eNrPKoLAvrgKh1MH+K2Eh5Oy +z1T4Eu+e5Kq/uQkZpI5QzA== +-----END CERTIFICATE----- +-----BEGIN RSA PRIVATE KEY----- +MIIEogIBAAKCAQEA1ledrM9R3x3bZypZAEi00DJYAmLS5F6Gg3+xpjE745UWKrjD +AY5KswavKKa3vZxoUz2omNSg4nYfLSowq7AI3VnZ8LwNo8lAeo7AX9elrsmzQzhr +2DCdCdbRhCWoiS/ba5tKIhlbgFnP+pB8jhC9qZuQJkpVaivywMW8rA9DRbeDcQjD +KhUi0ukVDYHDd9+FtNM3H1t3AUGWBecjWYa4hXC3CsH3+cFBZKjAepL74hqiEfsE +yzKesft3NFd1AcVY9W5MRCK4lUFiDbBtIgPkvPJeoEs/kFp3+OvJFDwi4K4Z6XzA +LyT0LXNx6w3kSfx0TLdNjXLDO9a2dzwhHhPtCQIDAQABAoIBAGMEGJfTMiwS+979 +ph3GeJjRGO0JQAk1TYiDvcpbZiItJg9YSOV4GTP4u4PY+HqEPYFus2relu/mx2Iy +4kb9zCqNLmvSQ67M8pdrSJ093pEPJlvAPbmiQ3lfHmyghOnTDNb55tY3xphVZQmI +I7HxM9ydO4skva6NXNgGwLDvYBFc6z6d95ai/WEFWHOt5Mt7OVOWAHQ0lAOofWLA +2BwKmrQnCwMvm1TMoKaAU/ngTToUGBMIN1HwRcY6qDraZte5o3EDRABHB78OHrSu +I/Eoi//5C8A7iZ5Y189lMbahIN6xVMwHwwIqLptTV2GNZOKSiIXnM06vIf4CPZKl +3VlwBgECgYEA/BKnn23KtefA906QNkrIOXASLEE1T77NlTYIRDTsUoz6XTVSvOCI +ARxdsoLwFko5ICMhti9S/1G/MYH0BoJN8rbzvjmZDfwF612p0AYALyBlRgW+ID9L +41CJQcLWxeiQd/GcrUZmudVNUGXa8nsNHmFleGLchXeqU7M6fljJOkECgYEA2a56 +yvYQgMF/SIPkxU1+WcQC6+JGc+ax220/lysBsDb4SkXomfGtFWbenxwamuQu+n67 +DJWi9oJIi9Vj4eKOXS6vjCAkYeLgCpK6S26frPtxJuZwl/lF7mFl8Z4ZnJeiFJ4h +AXt5r9vqnOZtCnLqRRAlqF5OswWgv/mhJ6jpMMkCgYBMPaAxWlXLexMkOcDoiunQ +ZZM5i2eCfSVVEgiiCJfJyBYZhv1FX2wDWf8E9RGEzGJG1BloLxwdWS5I3RNfvJ2y +4Z8LVAR09Fsd+zBXWNlJZ7T53tbIjhx33m4FU9b9+P9pJ8zJo9eCMX+253e3i3xG +ShMUvGIShEUiF72DZXtHgQKBgDi867CfNmn5BW4nQqfSrQ5EsuY80lQ/WzhwX1TN +luERUuI5GomVnqGncHtUXfLlawFLqwF6t0E9cB9SfXhRDv5mvsbtUc5Zzj+zQu+K +ZAA4gaO8CLjz9jBOHr49kTtpootxM/Uo8+zMi3hd7yn8Def2b3pVKnorC10+eazW +sAFRAoGAet6fQbQD+4vZ1oukZcZhmVlIWTSZJ1vAGCcT/3E40pqpPY+Ho56Lcwh0 +9f4TAykuGwFgqvZvR8yD2gpuISYGYplWqa1N6qxMaiVzmY5q1XW+O74xRH5Kz5fr +D+3j2x4EiyG7AYyZMOphDtBd/TSQQMYmGW6PiyM9ceIVnDK1Dd4= +-----END RSA PRIVATE KEY----- diff --git a/deps/openssl/openssl/demos/digest/BIO_f_md.c b/deps/openssl/openssl/demos/digest/BIO_f_md.c new file mode 100644 index 00000000000000..2ecc53e137ae2b --- /dev/null +++ b/deps/openssl/openssl/demos/digest/BIO_f_md.c @@ -0,0 +1,122 @@ +/*- + * Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +/*- + * Example of using EVP_MD_fetch and EVP_Digest* methods to calculate + * a digest of static buffers + * You can find SHA3 test vectors from NIST here: + * https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Algorithm-Validation-Program/documents/sha3/sha-3bytetestvectors.zip + * For example, contains these lines: + Len = 80 + Msg = 1ca984dcc913344370cf + MD = 6915ea0eeffb99b9b246a0e34daf3947852684c3d618260119a22835659e4f23d4eb66a15d0affb8e93771578f5e8f25b7a5f2a55f511fb8b96325ba2cd14816 + * use xxd convert the hex message string to binary input for BIO_f_md: + * echo "1ca984dcc913344370cf" | xxd -r -p | ./BIO_f_md + * and then verify the output matches MD above. + */ + +#include +#include +#include +#include +#include + +/*- + * This demonstration will show how to digest data using + * a BIO configured with a message digest + * A message digest name may be passed as an argument. + * The default digest is SHA3-512 + */ + +int main(int argc, char * argv[]) +{ + int result = 1; + OSSL_LIB_CTX *library_context = NULL; + BIO *input = NULL; + BIO *bio_digest = NULL; + EVP_MD *md = NULL; + unsigned char buffer[512]; + size_t readct, writect; + size_t digest_size; + char *digest_value=NULL; + int j; + + input = BIO_new_fd( fileno(stdin), 1 ); + if (input == NULL) { + fprintf(stderr, "BIO_new_fd() for stdin returned NULL\n"); + goto cleanup; + } + library_context = OSSL_LIB_CTX_new(); + if (library_context == NULL) { + fprintf(stderr, "OSSL_LIB_CTX_new() returned NULL\n"); + goto cleanup; + } + + /* + * Fetch a message digest by name + * The algorithm name is case insensitive. + * See providers(7) for details about algorithm fetching + */ + md = EVP_MD_fetch( library_context, "SHA3-512", NULL ); + if (md == NULL) { + fprintf(stderr, "EVP_MD_fetch did not find SHA3-512.\n"); + goto cleanup; + } + digest_size = EVP_MD_get_size(md); + digest_value = OPENSSL_malloc(digest_size); + if (digest_value == NULL) { + fprintf(stderr, "Can't allocate %lu bytes for the digest value.\n", (unsigned long)digest_size); + goto cleanup; + } + /* Make a bio that uses the digest */ + bio_digest = BIO_new(BIO_f_md()); + if (bio_digest == NULL) { + fprintf(stderr, "BIO_new(BIO_f_md()) returned NULL\n"); + goto cleanup; + } + /* set our bio_digest BIO to digest data */ + if (BIO_set_md(bio_digest,md) != 1) { + fprintf(stderr, "BIO_set_md failed.\n"); + goto cleanup; + } + /*- + * We will use BIO chaining so that as we read, the digest gets updated + * See the man page for BIO_push + */ + BIO *reading = BIO_push( bio_digest, input ); + + while( BIO_read(reading, buffer, sizeof(buffer)) > 0 ) + ; + + /*- + * BIO_gets must be used to calculate the final + * digest value and then copy it to digest_value. + */ + if (BIO_gets(bio_digest, digest_value, digest_size) != digest_size) { + fprintf(stderr, "BIO_gets(bio_digest) failed\n"); + goto cleanup; + } + for (j=0; j +#include +#include +#include + +/*- + * This demonstration will show how to digest data using + * the soliloqy from Hamlet scene 1 act 3 + * The soliloqy is split into two parts to demonstrate using EVP_DigestUpdate + * more than once. + */ + +const char * hamlet_1 = + "To be, or not to be, that is the question,\n" + "Whether tis nobler in the minde to suffer\n" + "The ſlings and arrowes of outragious fortune,\n" + "Or to take Armes again in a sea of troubles,\n" + "And by opposing, end them, to die to sleep;\n" + "No more, and by a sleep, to say we end\n" + "The heart-ache, and the thousand natural shocks\n" + "That flesh is heir to? tis a consumation\n" + "Devoutly to be wished. To die to sleep,\n" + "To sleepe, perchance to dreame, Aye, there's the rub,\n" + "For in that sleep of death what dreams may come\n" + "When we haue shuffled off this mortal coil\n" + "Must give us pause. There's the respect\n" + "That makes calamity of so long life:\n" + "For who would bear the Ships and Scorns of time,\n" + "The oppressor's wrong, the proud man's Contumely,\n" + "The pangs of dispised love, the Law's delay,\n" +; +const char * hamlet_2 = + "The insolence of Office, and the spurns\n" + "That patient merit of the'unworthy takes,\n" + "When he himself might his Quietas make\n" + "With a bare bodkin? Who would fardels bear,\n" + "To grunt and sweat under a weary life,\n" + "But that the dread of something after death,\n" + "The undiscovered country, from whose bourn\n" + "No traveller returns, puzzles the will,\n" + "And makes us rather bear those ills we have,\n" + "Then fly to others we know not of?\n" + "Thus conscience does make cowards of us all,\n" + "And thus the native hue of Resolution\n" + "Is sickled o'er with the pale cast of Thought,\n" + "And enterprises of great pith and moment,\n" + "With this regard their currents turn awry,\n" + "And lose the name of Action. Soft you now,\n" + "The fair Ophelia? Nymph in thy Orisons\n" + "Be all my sins remember'd.\n" +; + +/* The known value of the SHA3-512 digest of the above soliloqy */ +const unsigned char known_answer[] = { + 0xbb, 0x69, 0xf8, 0x09, 0x9c, 0x2e, 0x00, 0x3d, + 0xa4, 0x29, 0x5f, 0x59, 0x4b, 0x89, 0xe4, 0xd9, + 0xdb, 0xa2, 0xe5, 0xaf, 0xa5, 0x87, 0x73, 0x9d, + 0x83, 0x72, 0xcf, 0xea, 0x84, 0x66, 0xc1, 0xf9, + 0xc9, 0x78, 0xef, 0xba, 0x3d, 0xe9, 0xc1, 0xff, + 0xa3, 0x75, 0xc7, 0x58, 0x74, 0x8e, 0x9c, 0x1d, + 0x14, 0xd9, 0xdd, 0xd1, 0xfd, 0x24, 0x30, 0xd6, + 0x81, 0xca, 0x8f, 0x78, 0x29, 0x19, 0x9a, 0xfe, +}; + +int demonstrate_digest(void) +{ + OSSL_LIB_CTX *library_context; + int result = 0; + const char *option_properties = NULL; + EVP_MD *message_digest = NULL; + EVP_MD_CTX *digest_context = NULL; + int digest_length; + unsigned char *digest_value = NULL; + int j; + + library_context = OSSL_LIB_CTX_new(); + if (library_context == NULL) { + fprintf(stderr, "OSSL_LIB_CTX_new() returned NULL\n"); + goto cleanup; + } + + /* + * Fetch a message digest by name + * The algorithm name is case insensitive. + * See providers(7) for details about algorithm fetching + */ + message_digest = EVP_MD_fetch(library_context, + "SHA3-512", option_properties); + if (message_digest == NULL) { + fprintf(stderr, "EVP_MD_fetch could not find SHA3-512."); + goto cleanup; + } + /* Determine the length of the fetched digest type */ + digest_length = EVP_MD_get_size(message_digest); + if (digest_length <= 0) { + fprintf(stderr, "EVP_MD_get_size returned invalid size.\n"); + goto cleanup; + } + + digest_value = OPENSSL_malloc(digest_length); + if (digest_value == NULL) { + fprintf(stderr, "No memory.\n"); + goto cleanup; + } + /* + * Make a message digest context to hold temporary state + * during digest creation + */ + digest_context = EVP_MD_CTX_new(); + if (digest_context == NULL) { + fprintf(stderr, "EVP_MD_CTX_new failed.\n"); + goto cleanup; + } + /* + * Initialize the message digest context to use the fetched + * digest provider + */ + if (EVP_DigestInit(digest_context, message_digest) != 1) { + fprintf(stderr, "EVP_DigestInit failed.\n"); + goto cleanup; + } + /* Digest parts one and two of the soliloqy */ + if (EVP_DigestUpdate(digest_context, hamlet_1, strlen(hamlet_1)) != 1) { + fprintf(stderr, "EVP_DigestUpdate(hamlet_1) failed.\n"); + goto cleanup; + } + if (EVP_DigestUpdate(digest_context, hamlet_2, strlen(hamlet_2)) != 1) { + fprintf(stderr, "EVP_DigestUpdate(hamlet_2) failed.\n"); + goto cleanup; + } + if (EVP_DigestFinal(digest_context, digest_value, &digest_length) != 1) { + fprintf(stderr, "EVP_DigestFinal() failed.\n"); + goto cleanup; + } + for (j=0; j +#include +#include +#include + +/*- + * This demonstration will show how to digest data using + * a BIO created to read from stdin + */ + +int demonstrate_digest(BIO *input) +{ + OSSL_LIB_CTX *library_context = NULL; + int result = 0; + const char * option_properties = NULL; + EVP_MD *message_digest = NULL; + EVP_MD_CTX *digest_context = NULL; + int digest_length; + unsigned char *digest_value = NULL; + unsigned char buffer[512]; + int ii; + + library_context = OSSL_LIB_CTX_new(); + if (library_context == NULL) { + fprintf(stderr, "OSSL_LIB_CTX_new() returned NULL\n"); + goto cleanup; + } + + /* + * Fetch a message digest by name + * The algorithm name is case insensitive. + * See providers(7) for details about algorithm fetching + */ + message_digest = EVP_MD_fetch(library_context, + "SHA3-512", option_properties); + if (message_digest == NULL) { + fprintf(stderr, "EVP_MD_fetch could not find SHA3-512."); + ERR_print_errors_fp(stderr); + OSSL_LIB_CTX_free(library_context); + return 0; + } + /* Determine the length of the fetched digest type */ + digest_length = EVP_MD_get_size(message_digest); + if (digest_length <= 0) { + fprintf(stderr, "EVP_MD_get_size returned invalid size.\n"); + goto cleanup; + } + + digest_value = OPENSSL_malloc(digest_length); + if (digest_value == NULL) { + fprintf(stderr, "No memory.\n"); + goto cleanup; + } + /* + * Make a message digest context to hold temporary state + * during digest creation + */ + digest_context = EVP_MD_CTX_new(); + if (digest_context == NULL) { + fprintf(stderr, "EVP_MD_CTX_new failed.\n"); + ERR_print_errors_fp(stderr); + goto cleanup; + } + /* + * Initialize the message digest context to use the fetched + * digest provider + */ + if (EVP_DigestInit(digest_context, message_digest) != 1) { + fprintf(stderr, "EVP_DigestInit failed.\n"); + ERR_print_errors_fp(stderr); + goto cleanup; + } + while ((ii = BIO_read(input, buffer, sizeof(buffer))) > 0) { + if (EVP_DigestUpdate(digest_context, buffer, ii) != 1) { + fprintf(stderr, "EVP_DigestUpdate() failed.\n"); + goto cleanup; + } + } + if (EVP_DigestFinal(digest_context, digest_value, &digest_length) != 1) { + fprintf(stderr, "EVP_DigestFinal() failed.\n"); + goto cleanup; + } + result = 1; + for (ii=0; ii +#include +#include +#include +#include + +/* + * Example of using an extendable-output hash function (XOF). A XOF is a hash + * function with configurable output length and which can generate an + * arbitrarily large output. + * + * This example uses SHAKE256, an extendable output variant of SHA3 (Keccak). + * + * To generate different output lengths, you can pass a single integer argument + * on the command line, which is the output size in bytes. By default, a 20-byte + * output is generated and (for this length only) a known answer test is + * performed. + */ + +/* Our input to the XOF hash function. */ +const char message[] = "This is a test message."; + +/* Expected output when an output length of 20 bytes is used. */ +static const char known_answer[] = { + 0x52, 0x97, 0x93, 0x78, 0x27, 0x58, 0x7d, 0x62, + 0x8b, 0x00, 0x25, 0xb5, 0xec, 0x39, 0x5e, 0x2d, + 0x7f, 0x3e, 0xd4, 0x19 +}; + +/* + * A property query used for selecting the SHAKE256 implementation. + */ +static const char *propq = NULL; + +int main(int argc, char **argv) +{ + int rv = 1; + OSSL_LIB_CTX *libctx = NULL; + EVP_MD *md = NULL; + EVP_MD_CTX *ctx = NULL; + unsigned int digest_len = 20; + int digest_len_i; + unsigned char *digest = NULL; + + /* Allow digest length to be changed for demonstration purposes. */ + if (argc > 1) { + digest_len_i = atoi(argv[1]); + if (digest_len_i <= 0) { + fprintf(stderr, "Specify a non-negative digest length\n"); + goto end; + } + + digest_len = (unsigned int)digest_len_i; + } + + /* + * Retrieve desired algorithm. This must be a hash algorithm which supports + * XOF. + */ + md = EVP_MD_fetch(libctx, "SHAKE256", propq); + if (md == NULL) { + fprintf(stderr, "Failed to retrieve SHAKE256 algorithm\n"); + goto end; + } + + /* Create context. */ + ctx = EVP_MD_CTX_new(); + if (ctx == NULL) { + fprintf(stderr, "Failed to create digest context\n"); + goto end; + } + + /* Initialize digest context. */ + if (EVP_DigestInit(ctx, md) == 0) { + fprintf(stderr, "Failed to initialize digest\n"); + goto end; + } + + /* + * Feed our message into the digest function. + * This may be called multiple times. + */ + if (EVP_DigestUpdate(ctx, message, sizeof(message)) == 0) { + fprintf(stderr, "Failed to hash input message\n"); + goto end; + } + + /* Allocate enough memory for our digest length. */ + digest = OPENSSL_malloc(digest_len); + if (digest == NULL) { + fprintf(stderr, "Failed to allocate memory for digest\n"); + goto end; + } + + /* Get computed digest. The digest will be of whatever length we specify. */ + if (EVP_DigestFinalXOF(ctx, digest, digest_len) == 0) { + fprintf(stderr, "Failed to finalize hash\n"); + goto end; + } + + printf("Output digest:\n"); + BIO_dump_indent_fp(stdout, digest, digest_len, 2); + + /* If digest length is 20 bytes, check it matches our known answer. */ + if (digest_len == 20) { + /* + * Always use a constant-time function such as CRYPTO_memcmp + * when comparing cryptographic values. Do not use memcmp(3). + */ + if (CRYPTO_memcmp(digest, known_answer, sizeof(known_answer)) != 0) { + fprintf(stderr, "Output does not match expected result\n"); + goto end; + } + } + + rv = 0; +end: + OPENSSL_free(digest); + EVP_MD_CTX_free(ctx); + EVP_MD_free(md); + OSSL_LIB_CTX_free(libctx); + return rv; +} diff --git a/deps/openssl/openssl/demos/digest/Makefile b/deps/openssl/openssl/demos/digest/Makefile new file mode 100644 index 00000000000000..0bfb6dd5f04470 --- /dev/null +++ b/deps/openssl/openssl/demos/digest/Makefile @@ -0,0 +1,23 @@ +# +# To run the demos when linked with a shared library (default): +# +# LD_LIBRARY_PATH=../.. ./EVP_MD_demo + +CFLAGS = -I../../include -g -Wall +LDFLAGS = -L../.. +LDLIBS = -lcrypto + +all: EVP_MD_demo EVP_MD_stdin EVP_MD_xof BIO_f_md + +%.o: %.c + $(CC) $(CFLAGS) -c $< + +EVP_MD_demo: EVP_MD_demo.o +EVP_MD_stdin: EVP_MD_stdin.o +EVP_MD_xof: EVP_MD_xof.o +BIO_f_md: BIO_f_md.o + +test: ; + +clean: + $(RM) *.o EVP_MD_demo EVP_MD_stdin EVP_MD_xof BIO_f_md diff --git a/deps/openssl/openssl/demos/encode/Makefile b/deps/openssl/openssl/demos/encode/Makefile new file mode 100644 index 00000000000000..b88d76b51de353 --- /dev/null +++ b/deps/openssl/openssl/demos/encode/Makefile @@ -0,0 +1,20 @@ +# +# To run the demos when linked with a shared library (default): +# +# LD_LIBRARY_PATH=../.. ./rsa_encode + +CFLAGS = -I../../include -g -Wall +LDFLAGS = -L../.. +LDLIBS = -lcrypto + +all: ec_encode rsa_encode + +%.o: %.c + $(CC) $(CFLAGS) -c $< + +%_encode: %_encode.o + +test: ; + +clean: + $(RM) *.o rsa_encode ec_encode diff --git a/deps/openssl/openssl/demos/encode/ec_encode.c b/deps/openssl/openssl/demos/encode/ec_encode.c new file mode 100644 index 00000000000000..8c296fbad852ea --- /dev/null +++ b/deps/openssl/openssl/demos/encode/ec_encode.c @@ -0,0 +1,205 @@ +/*- + * Copyright 2022 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ +#include +#include +#include +#include + +/* + * Example showing the encoding and decoding of EC public and private keys. A + * PEM-encoded EC key is read in from stdin, decoded, and then re-encoded and + * output for demonstration purposes. Both public and private keys are accepted. + * + * This can be used to load EC keys from a file or save EC keys to a file. + */ + +/* A property query used for selecting algorithm implementations. */ +static const char *propq = NULL; + +/* + * Load a PEM-encoded EC key from a file, optionally decrypting it with a + * supplied passphrase. + */ +static EVP_PKEY *load_key(OSSL_LIB_CTX *libctx, FILE *f, const char *passphrase) +{ + int rv = 0; + EVP_PKEY *pkey = NULL; + OSSL_DECODER_CTX *dctx = NULL; + int selection = 0; + + /* + * Create PEM decoder context expecting an EC key. + * + * For raw (non-PEM-encoded) keys, change "PEM" to "DER". + * + * The selection argument here specifies whether we are willing to accept a + * public key, private key, or either. If it is set to zero, either will be + * accepted. If set to EVP_PKEY_KEYPAIR, a private key will be required, and + * if set to EVP_PKEY_PUBLIC_KEY, a public key will be required. + */ + dctx = OSSL_DECODER_CTX_new_for_pkey(&pkey, "PEM", NULL, "EC", + selection, + libctx, propq); + if (dctx == NULL) { + fprintf(stderr, "OSSL_DECODER_CTX_new_for_pkey() failed\n"); + goto cleanup; + } + + /* + * Set passphrase if provided; needed to decrypt encrypted PEM files. + * If the input is not encrypted, any passphrase provided is ignored. + * + * Alternative methods for specifying passphrases exist, such as a callback + * (see OSSL_DECODER_CTX_set_passphrase_cb(3)), which may be more useful for + * interactive applications which do not know if a passphrase should be + * prompted for in advance, or for GUI applications. + */ + if (passphrase != NULL) { + if (OSSL_DECODER_CTX_set_passphrase(dctx, + (const unsigned char *)passphrase, + strlen(passphrase)) == 0) { + fprintf(stderr, "OSSL_DECODER_CTX_set_passphrase() failed\n"); + goto cleanup; + } + } + + /* Do the decode, reading from file. */ + if (OSSL_DECODER_from_fp(dctx, f) == 0) { + fprintf(stderr, "OSSL_DECODER_from_fp() failed\n"); + goto cleanup; + } + + rv = 1; +cleanup: + OSSL_DECODER_CTX_free(dctx); + + /* + * pkey is created by OSSL_DECODER_CTX_new_for_pkey, but we + * might fail subsequently, so ensure it's properly freed + * in this case. + */ + if (rv == 0) { + EVP_PKEY_free(pkey); + pkey = NULL; + } + + return pkey; +} + +/* + * Store a EC public or private key to a file using PEM encoding. + * + * If a passphrase is supplied, the file is encrypted, otherwise + * it is unencrypted. + */ +static int store_key(EVP_PKEY *pkey, FILE *f, const char *passphrase) +{ + int rv = 0; + int selection; + OSSL_ENCODER_CTX *ectx = NULL; + + /* + * Create a PEM encoder context. + * + * For raw (non-PEM-encoded) output, change "PEM" to "DER". + * + * The selection argument controls whether the private key is exported + * (EVP_PKEY_KEYPAIR), or only the public key (EVP_PKEY_PUBLIC_KEY). The + * former will fail if we only have a public key. + * + * Note that unlike the decode API, you cannot specify zero here. + * + * Purely for the sake of demonstration, here we choose to export the whole + * key if a passphrase is provided and the public key otherwise. + */ + selection = (passphrase != NULL) + ? EVP_PKEY_KEYPAIR + : EVP_PKEY_PUBLIC_KEY; + + ectx = OSSL_ENCODER_CTX_new_for_pkey(pkey, selection, "PEM", NULL, propq); + if (ectx == NULL) { + fprintf(stderr, "OSSL_ENCODER_CTX_new_for_pkey() failed\n"); + goto cleanup; + } + + /* + * Set passphrase if provided; the encoded output will then be encrypted + * using the passphrase. + * + * Alternative methods for specifying passphrases exist, such as a callback + * (see OSSL_ENCODER_CTX_set_passphrase_cb(3), just as for OSSL_DECODER_CTX; + * however you are less likely to need them as you presumably know whether + * encryption is desired in advance. + * + * Note that specifying a passphrase alone is not enough to cause the + * key to be encrypted. You must set both a cipher and a passphrase. + */ + if (passphrase != NULL) { + /* + * Set cipher. Let's use AES-256-CBC, because it is + * more quantum resistant. + */ + if (OSSL_ENCODER_CTX_set_cipher(ectx, "AES-256-CBC", propq) == 0) { + fprintf(stderr, "OSSL_ENCODER_CTX_set_cipher() failed\n"); + goto cleanup; + } + + /* Set passphrase. */ + if (OSSL_ENCODER_CTX_set_passphrase(ectx, + (const unsigned char *)passphrase, + strlen(passphrase)) == 0) { + fprintf(stderr, "OSSL_ENCODER_CTX_set_passphrase() failed\n"); + goto cleanup; + } + } + + /* Do the encode, writing to the given file. */ + if (OSSL_ENCODER_to_fp(ectx, f) == 0) { + fprintf(stderr, "OSSL_ENCODER_to_fp() failed\n"); + goto cleanup; + } + + rv = 1; +cleanup: + OSSL_ENCODER_CTX_free(ectx); + return rv; +} + +int main(int argc, char **argv) +{ + int rv = 1; + OSSL_LIB_CTX *libctx = NULL; + EVP_PKEY *pkey = NULL; + const char *passphrase_in = NULL, *passphrase_out = NULL; + + /* usage: ec_encode */ + if (argc > 1 && argv[1][0]) + passphrase_in = argv[1]; + + if (argc > 2 && argv[2][0]) + passphrase_out = argv[2]; + + /* Decode PEM key from stdin and then PEM encode it to stdout. */ + pkey = load_key(libctx, stdin, passphrase_in); + if (pkey == NULL) { + fprintf(stderr, "Failed to decode key\n"); + goto cleanup; + } + + if (store_key(pkey, stdout, passphrase_out) == 0) { + fprintf(stderr, "Failed to encode key\n"); + goto cleanup; + } + + rv = 0; +cleanup: + EVP_PKEY_free(pkey); + OSSL_LIB_CTX_free(libctx); + return rv; +} diff --git a/deps/openssl/openssl/demos/encode/rsa_encode.c b/deps/openssl/openssl/demos/encode/rsa_encode.c new file mode 100644 index 00000000000000..2bf6d13e6ff504 --- /dev/null +++ b/deps/openssl/openssl/demos/encode/rsa_encode.c @@ -0,0 +1,202 @@ +/*- + * Copyright 2022 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ +#include +#include +#include +#include + +/* + * Example showing the encoding and decoding of RSA public and private keys. A + * PEM-encoded RSA key is read in from stdin, decoded, and then re-encoded and + * output for demonstration purposes. Both public and private keys are accepted. + * + * This can be used to load RSA keys from a file or save RSA keys to a file. + */ + +/* A property query used for selecting algorithm implementations. */ +static const char *propq = NULL; + +/* + * Load a PEM-encoded RSA key from a file, optionally decrypting it with a + * supplied passphrase. + */ +static EVP_PKEY *load_key(OSSL_LIB_CTX *libctx, FILE *f, const char *passphrase) +{ + int rv = 0; + EVP_PKEY *pkey = NULL; + OSSL_DECODER_CTX *dctx = NULL; + int selection = 0; + + /* + * Create PEM decoder context expecting an RSA key. + * + * For raw (non-PEM-encoded) keys, change "PEM" to "DER". + * + * The selection argument here specifies whether we are willing to accept a + * public key, private key, or either. If it is set to zero, either will be + * accepted. If set to EVP_PKEY_KEYPAIR, a private key will be required, and + * if set to EVP_PKEY_PUBLIC_KEY, a public key will be required. + */ + dctx = OSSL_DECODER_CTX_new_for_pkey(&pkey, "PEM", NULL, "RSA", + selection, + libctx, propq); + if (dctx == NULL) { + fprintf(stderr, "OSSL_DECODER_CTX_new_for_pkey() failed\n"); + goto cleanup; + } + + /* + * Set passphrase if provided; needed to decrypt encrypted PEM files. + * If the input is not encrypted, any passphrase provided is ignored. + * + * Alternative methods for specifying passphrases exist, such as a callback + * (see OSSL_DECODER_CTX_set_passphrase_cb(3)), which may be more useful for + * interactive applications which do not know if a passphrase should be + * prompted for in advance, or for GUI applications. + */ + if (passphrase != NULL) { + if (OSSL_DECODER_CTX_set_passphrase(dctx, + (const unsigned char *)passphrase, + strlen(passphrase)) == 0) { + fprintf(stderr, "OSSL_DECODER_CTX_set_passphrase() failed\n"); + goto cleanup; + } + } + + /* Do the decode, reading from file. */ + if (OSSL_DECODER_from_fp(dctx, f) == 0) { + fprintf(stderr, "OSSL_DECODER_from_fp() failed\n"); + goto cleanup; + } + + rv = 1; +cleanup: + OSSL_DECODER_CTX_free(dctx); + + /* + * pkey is created by OSSL_DECODER_CTX_new_for_pkey, but we + * might fail subsequently, so ensure it's properly freed + * in this case. + */ + if (rv == 0) { + EVP_PKEY_free(pkey); + pkey = NULL; + } + + return pkey; +} + +/* + * Store an RSA public or private key to a file using PEM encoding. + * + * If a passphrase is supplied, the file is encrypted, otherwise + * it is unencrypted. + */ +static int store_key(EVP_PKEY *pkey, FILE *f, const char *passphrase) +{ + int rv = 0; + int selection; + OSSL_ENCODER_CTX *ectx = NULL; + + /* + * Create a PEM encoder context. + * + * For raw (non-PEM-encoded) output, change "PEM" to "DER". + * + * The selection argument controls whether the private key is exported + * (EVP_PKEY_KEYPAIR), or only the public key (EVP_PKEY_PUBLIC_KEY). The + * former will fail if we only have a public key. + * + * Note that unlike the decode API, you cannot specify zero here. + * + * Purely for the sake of demonstration, here we choose to export the whole + * key if a passphrase is provided and the public key otherwise. + */ + selection = (passphrase != NULL) + ? EVP_PKEY_KEYPAIR + : EVP_PKEY_PUBLIC_KEY; + + ectx = OSSL_ENCODER_CTX_new_for_pkey(pkey, selection, "PEM", NULL, propq); + if (ectx == NULL) { + fprintf(stderr, "OSSL_ENCODER_CTX_new_for_pkey() failed\n"); + goto cleanup; + } + + /* + * Set passphrase if provided; the encoded output will then be encrypted + * using the passphrase. + * + * Alternative methods for specifying passphrases exist, such as a callback + * (see OSSL_ENCODER_CTX_set_passphrase_cb(3), just as for OSSL_DECODER_CTX; + * however you are less likely to need them as you presumably know whether + * encryption is desired in advance. + * + * Note that specifying a passphrase alone is not enough to cause the + * key to be encrypted. You must set both a cipher and a passphrase. + */ + if (passphrase != NULL) { + /* Set cipher. AES-128-CBC is a reasonable default. */ + if (OSSL_ENCODER_CTX_set_cipher(ectx, "AES-128-CBC", propq) == 0) { + fprintf(stderr, "OSSL_ENCODER_CTX_set_cipher() failed\n"); + goto cleanup; + } + + /* Set passphrase. */ + if (OSSL_ENCODER_CTX_set_passphrase(ectx, + (const unsigned char *)passphrase, + strlen(passphrase)) == 0) { + fprintf(stderr, "OSSL_ENCODER_CTX_set_passphrase() failed\n"); + goto cleanup; + } + } + + /* Do the encode, writing to the given file. */ + if (OSSL_ENCODER_to_fp(ectx, f) == 0) { + fprintf(stderr, "OSSL_ENCODER_to_fp() failed\n"); + goto cleanup; + } + + rv = 1; +cleanup: + OSSL_ENCODER_CTX_free(ectx); + return rv; +} + +int main(int argc, char **argv) +{ + int rv = 1; + OSSL_LIB_CTX *libctx = NULL; + EVP_PKEY *pkey = NULL; + const char *passphrase_in = NULL, *passphrase_out = NULL; + + /* usage: rsa_encode */ + if (argc > 1 && argv[1][0]) + passphrase_in = argv[1]; + + if (argc > 2 && argv[2][0]) + passphrase_out = argv[2]; + + /* Decode PEM key from stdin and then PEM encode it to stdout. */ + pkey = load_key(libctx, stdin, passphrase_in); + if (pkey == NULL) { + fprintf(stderr, "Failed to decode key\n"); + goto cleanup; + } + + if (store_key(pkey, stdout, passphrase_out) == 0) { + fprintf(stderr, "Failed to encode key\n"); + goto cleanup; + } + + rv = 0; +cleanup: + EVP_PKEY_free(pkey); + OSSL_LIB_CTX_free(libctx); + return rv; +} diff --git a/deps/openssl/openssl/demos/kdf/Makefile b/deps/openssl/openssl/demos/kdf/Makefile new file mode 100644 index 00000000000000..0aa5113105045c --- /dev/null +++ b/deps/openssl/openssl/demos/kdf/Makefile @@ -0,0 +1,22 @@ +# +# To run the demos when linked with a shared library (default): +# +# LD_LIBRARY_PATH=../.. ./hkdf + +CFLAGS = -I../../include -g +LDFLAGS = -L../.. +LDLIBS = -lcrypto + +all: hkdf pbkdf2 scrypt + +%.o: %.c + $(CC) $(CFLAGS) -c $< + +hkdf: hkdf.o +pbkdf2: pbkdf2.o +scrypt: scrypt.o + +test: ; + +clean: + $(RM) *.o hkdf pbkdf2 scrypt diff --git a/deps/openssl/openssl/demos/kdf/hkdf.c b/deps/openssl/openssl/demos/kdf/hkdf.c new file mode 100644 index 00000000000000..cb7a170e948e9f --- /dev/null +++ b/deps/openssl/openssl/demos/kdf/hkdf.c @@ -0,0 +1,104 @@ +/* + * Copyright 2021 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include +#include +#include +#include +#include +#include + +/* + * test vector from + * https://datatracker.ietf.org/doc/html/rfc5869 + */ + +static unsigned char hkdf_salt[] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, + 0x0c +}; + +static unsigned char hkdf_ikm[] = { + 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, + 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b +}; + +static unsigned char hkdf_info[] = { + 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8, 0xf9 +}; + +/* Expected output keying material */ +static unsigned char hkdf_okm[] = { + 0x3c, 0xb2, 0x5f, 0x25, 0xfa, 0xac, 0xd5, 0x7a, 0x90, 0x43, 0x4f, 0x64, + 0xd0, 0x36, 0x2f, 0x2a, 0x2d, 0x2d, 0x0a, 0x90, 0xcf, 0x1a, 0x5a, 0x4c, + 0x5d, 0xb0, 0x2d, 0x56, 0xec, 0xc4, 0xc5, 0xbf, 0x34, 0x00, 0x72, 0x08, + 0xd5, 0xb8, 0x87, 0x18, 0x58, 0x65 +}; + +int main(int argc, char **argv) +{ + int rv = 1; + EVP_KDF *kdf = NULL; + EVP_KDF_CTX *kctx = NULL; + unsigned char out[42]; + OSSL_PARAM params[5], *p = params; + OSSL_LIB_CTX *library_context = NULL; + + library_context = OSSL_LIB_CTX_new(); + if (library_context == NULL) { + fprintf(stderr, "OSSL_LIB_CTX_new() returned NULL\n"); + goto end; + } + + /* Fetch the key derivation function implementation */ + kdf = EVP_KDF_fetch(library_context, "HKDF", NULL); + if (kdf == NULL) { + fprintf(stderr, "EVP_KDF_fetch() returned NULL\n"); + goto end; + } + + /* Create a context for the key derivation operation */ + kctx = EVP_KDF_CTX_new(kdf); + if (kctx == NULL) { + fprintf(stderr, "EVP_KDF_CTX_new() returned NULL\n"); + goto end; + } + + /* Set the underlying hash function used to derive the key */ + *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST, + "SHA256", 0); + /* Set input keying material */ + *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_KEY, hkdf_ikm, + sizeof(hkdf_ikm)); + /* Set application specific information */ + *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_INFO, hkdf_info, + sizeof(hkdf_info)); + /* Set salt */ + *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SALT, hkdf_salt, + sizeof(hkdf_salt)); + *p = OSSL_PARAM_construct_end(); + + /* Derive the key */ + if (EVP_KDF_derive(kctx, out, sizeof(out), params) != 1) { + fprintf(stderr, "EVP_KDF_derive() failed\n"); + goto end; + } + + if (CRYPTO_memcmp(hkdf_okm, out, sizeof(hkdf_okm)) != 0) { + fprintf(stderr, "Generated key does not match expected value\n"); + goto end; + } + + rv = 0; +end: + EVP_KDF_CTX_free(kctx); + EVP_KDF_free(kdf); + OSSL_LIB_CTX_free(library_context); + return rv; +} diff --git a/deps/openssl/openssl/demos/kdf/pbkdf2.c b/deps/openssl/openssl/demos/kdf/pbkdf2.c new file mode 100644 index 00000000000000..3e0adaee795f1a --- /dev/null +++ b/deps/openssl/openssl/demos/kdf/pbkdf2.c @@ -0,0 +1,117 @@ +/* + * Copyright 2021 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include +#include +#include +#include +#include +#include + +/* + * test vector from + * https://datatracker.ietf.org/doc/html/rfc7914 + */ + +/* + * Hard coding a password into an application is very bad. + * It is done here solely for educational purposes. + */ +static unsigned char password[] = { + 'P', 'a', 's', 's', 'w', 'o', 'r', 'd' +}; + +/* + * The salt is better not being hard coded too. Each password should have a + * different salt if possible. The salt is not considered secret information + * and is safe to store with an encrypted password. + */ +static unsigned char pbkdf2_salt[] = { + 'N', 'a', 'C', 'l' +}; + +/* + * The iteration parameter can be variable or hard coded. The disadvantage with + * hard coding them is that they cannot easily be adjusted for future + * technological improvements appear. + */ +static unsigned int pbkdf2_iterations = 80000; + +static const unsigned char expected_output[] = { + + 0x4d, 0xdc, 0xd8, 0xf6, 0x0b, 0x98, 0xbe, 0x21, + 0x83, 0x0c, 0xee, 0x5e, 0xf2, 0x27, 0x01, 0xf9, + 0x64, 0x1a, 0x44, 0x18, 0xd0, 0x4c, 0x04, 0x14, + 0xae, 0xff, 0x08, 0x87, 0x6b, 0x34, 0xab, 0x56, + 0xa1, 0xd4, 0x25, 0xa1, 0x22, 0x58, 0x33, 0x54, + 0x9a, 0xdb, 0x84, 0x1b, 0x51, 0xc9, 0xb3, 0x17, + 0x6a, 0x27, 0x2b, 0xde, 0xbb, 0xa1, 0xd0, 0x78, + 0x47, 0x8f, 0x62, 0xb3, 0x97, 0xf3, 0x3c, 0x8d +}; + +int main(int argc, char **argv) +{ + int rv = 1; + EVP_KDF *kdf = NULL; + EVP_KDF_CTX *kctx = NULL; + unsigned char out[64]; + OSSL_PARAM params[5], *p = params; + OSSL_LIB_CTX *library_context = NULL; + + library_context = OSSL_LIB_CTX_new(); + if (library_context == NULL) { + fprintf(stderr, "OSSL_LIB_CTX_new() returned NULL\n"); + goto end; + } + + /* Fetch the key derivation function implementation */ + kdf = EVP_KDF_fetch(library_context, "PBKDF2", NULL); + if (kdf == NULL) { + fprintf(stderr, "EVP_KDF_fetch() returned NULL\n"); + goto end; + } + + /* Create a context for the key derivation operation */ + kctx = EVP_KDF_CTX_new(kdf); + if (kctx == NULL) { + fprintf(stderr, "EVP_KDF_CTX_new() returned NULL\n"); + goto end; + } + + /* Set password */ + *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_PASSWORD, password, + sizeof(password)); + /* Set salt */ + *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SALT, pbkdf2_salt, + sizeof(pbkdf2_salt)); + /* Set iteration count (default 2048) */ + *p++ = OSSL_PARAM_construct_uint(OSSL_KDF_PARAM_ITER, &pbkdf2_iterations); + /* Set the underlying hash function used to derive the key */ + *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST, + "SHA256", 0); + *p = OSSL_PARAM_construct_end(); + + /* Derive the key */ + if (EVP_KDF_derive(kctx, out, sizeof(out), params) != 1) { + fprintf(stderr, "EVP_KDF_derive() failed\n"); + goto end; + } + + if (CRYPTO_memcmp(expected_output, out, sizeof(expected_output)) != 0) { + fprintf(stderr, "Generated key does not match expected value\n"); + goto end; + } + + rv = 0; +end: + EVP_KDF_CTX_free(kctx); + EVP_KDF_free(kdf); + OSSL_LIB_CTX_free(library_context); + return rv; +} diff --git a/deps/openssl/openssl/demos/kdf/scrypt.c b/deps/openssl/openssl/demos/kdf/scrypt.c new file mode 100644 index 00000000000000..2be99088007e36 --- /dev/null +++ b/deps/openssl/openssl/demos/kdf/scrypt.c @@ -0,0 +1,120 @@ +/* + * Copyright 2021 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include +#include +#include +#include +#include +#include + +/* + * test vector from + * https://datatracker.ietf.org/doc/html/rfc7914 + */ + +/* + * Hard coding a password into an application is very bad. + * It is done here solely for educational purposes. + */ +static unsigned char password[] = { + 'p', 'a', 's', 's', 'w', 'o', 'r', 'd' +}; + +/* + * The salt is better not being hard coded too. Each password should have a + * different salt if possible. The salt is not considered secret information + * and is safe to store with an encrypted password. + */ +static unsigned char scrypt_salt[] = { + 'N', 'a', 'C', 'l' +}; + +/* + * The SCRYPT parameters can be variable or hard coded. The disadvantage with + * hard coding them is that they cannot easily be adjusted for future + * technological improvements appear. + */ +static unsigned int scrypt_n = 1024; +static unsigned int scrypt_r = 8; +static unsigned int scrypt_p = 16; + +static const unsigned char expected_output[] = { + + 0xfd, 0xba, 0xbe, 0x1c, 0x9d, 0x34, 0x72, 0x00, + 0x78, 0x56, 0xe7, 0x19, 0x0d, 0x01, 0xe9, 0xfe, + 0x7c, 0x6a, 0xd7, 0xcb, 0xc8, 0x23, 0x78, 0x30, + 0xe7, 0x73, 0x76, 0x63, 0x4b, 0x37, 0x31, 0x62, + 0x2e, 0xaf, 0x30, 0xd9, 0x2e, 0x22, 0xa3, 0x88, + 0x6f, 0xf1, 0x09, 0x27, 0x9d, 0x98, 0x30, 0xda, + 0xc7, 0x27, 0xaf, 0xb9, 0x4a, 0x83, 0xee, 0x6d, + 0x83, 0x60, 0xcb, 0xdf, 0xa2, 0xcc, 0x06, 0x40 +}; + +int main(int argc, char **argv) +{ + int rv = 1; + EVP_KDF *kdf = NULL; + EVP_KDF_CTX *kctx = NULL; + unsigned char out[64]; + OSSL_PARAM params[6], *p = params; + OSSL_LIB_CTX *library_context = NULL; + + library_context = OSSL_LIB_CTX_new(); + if (library_context == NULL) { + fprintf(stderr, "OSSL_LIB_CTX_new() returned NULL\n"); + goto end; + } + + /* Fetch the key derivation function implementation */ + kdf = EVP_KDF_fetch(library_context, "SCRYPT", NULL); + if (kdf == NULL) { + fprintf(stderr, "EVP_KDF_fetch() returned NULL\n"); + goto end; + } + + /* Create a context for the key derivation operation */ + kctx = EVP_KDF_CTX_new(kdf); + if (kctx == NULL) { + fprintf(stderr, "EVP_KDF_CTX_new() returned NULL\n"); + goto end; + } + + /* Set password */ + *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_PASSWORD, password, + sizeof(password)); + /* Set salt */ + *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SALT, scrypt_salt, + sizeof(scrypt_salt)); + /* Set N (default 1048576) */ + *p++ = OSSL_PARAM_construct_uint(OSSL_KDF_PARAM_SCRYPT_N, &scrypt_n); + /* Set R (default 8) */ + *p++ = OSSL_PARAM_construct_uint(OSSL_KDF_PARAM_SCRYPT_R, &scrypt_r); + /* Set P (default 1) */ + *p++ = OSSL_PARAM_construct_uint(OSSL_KDF_PARAM_SCRYPT_P, &scrypt_p); + *p = OSSL_PARAM_construct_end(); + + /* Derive the key */ + if (EVP_KDF_derive(kctx, out, sizeof(out), params) != 1) { + fprintf(stderr, "EVP_KDF_derive() failed\n"); + goto end; + } + + if (CRYPTO_memcmp(expected_output, out, sizeof(expected_output)) != 0) { + fprintf(stderr, "Generated key does not match expected value\n"); + goto end; + } + + rv = 0; +end: + EVP_KDF_CTX_free(kctx); + EVP_KDF_free(kdf); + OSSL_LIB_CTX_free(library_context); + return rv; +} diff --git a/deps/openssl/openssl/demos/keyexch/x25519.c b/deps/openssl/openssl/demos/keyexch/x25519.c new file mode 100644 index 00000000000000..bd35e0a98c1453 --- /dev/null +++ b/deps/openssl/openssl/demos/keyexch/x25519.c @@ -0,0 +1,278 @@ +/* + * Copyright 2022 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include +#include +#include +#include + +/* + * This is a demonstration of key exchange using X25519. + * + * The variables beginning `peer1_` / `peer2_` are data which would normally be + * accessible to that peer. + * + * Ordinarily you would use random keys, which are demonstrated + * below when use_kat=0. A known answer test is demonstrated + * when use_kat=1. + */ + +/* A property query used for selecting the X25519 implementation. */ +static const char *propq = NULL; + +static const unsigned char peer1_privk_data[32] = { + 0x80, 0x5b, 0x30, 0x20, 0x25, 0x4a, 0x70, 0x2c, + 0xad, 0xa9, 0x8d, 0x7d, 0x47, 0xf8, 0x1b, 0x20, + 0x89, 0xd2, 0xf9, 0x14, 0xac, 0x92, 0x27, 0xf2, + 0x10, 0x7e, 0xdb, 0x21, 0xbd, 0x73, 0x73, 0x5d +}; + +static const unsigned char peer2_privk_data[32] = { + 0xf8, 0x84, 0x19, 0x69, 0x79, 0x13, 0x0d, 0xbd, + 0xb1, 0x76, 0xd7, 0x0e, 0x7e, 0x0f, 0xb6, 0xf4, + 0x8c, 0x4a, 0x8c, 0x5f, 0xd8, 0x15, 0x09, 0x0a, + 0x71, 0x78, 0x74, 0x92, 0x0f, 0x85, 0xc8, 0x43 +}; + +static const unsigned char expected_result[32] = { + 0x19, 0x71, 0x26, 0x12, 0x74, 0xb5, 0xb1, 0xce, + 0x77, 0xd0, 0x79, 0x24, 0xb6, 0x0a, 0x5c, 0x72, + 0x0c, 0xa6, 0x56, 0xc0, 0x11, 0xeb, 0x43, 0x11, + 0x94, 0x3b, 0x01, 0x45, 0xca, 0x19, 0xfe, 0x09 +}; + +typedef struct peer_data_st { + const char *name; /* name of peer */ + EVP_PKEY *privk; /* privk generated for peer */ + unsigned char pubk_data[32]; /* generated pubk to send to other peer */ + + unsigned char *secret; /* allocated shared secret buffer */ + size_t secret_len; +} PEER_DATA; + +/* + * Prepare for X25519 key exchange. The public key to be sent to the remote peer + * is put in pubk_data, which should be a 32-byte buffer. Returns 1 on success. + */ +static int keyexch_x25519_before( + OSSL_LIB_CTX *libctx, + const unsigned char *kat_privk_data, + PEER_DATA *local_peer) +{ + int rv = 0; + size_t pubk_data_len = 0; + + /* Generate or load X25519 key for the peer */ + if (kat_privk_data != NULL) + local_peer->privk = + EVP_PKEY_new_raw_private_key_ex(libctx, "X25519", propq, + kat_privk_data, + sizeof(peer1_privk_data)); + else + local_peer->privk = EVP_PKEY_Q_keygen(libctx, propq, "X25519"); + + if (local_peer->privk == NULL) { + fprintf(stderr, "Could not load or generate private key\n"); + goto end; + } + + /* Get public key corresponding to the private key */ + if (EVP_PKEY_get_octet_string_param(local_peer->privk, + OSSL_PKEY_PARAM_PUB_KEY, + local_peer->pubk_data, + sizeof(local_peer->pubk_data), + &pubk_data_len) == 0) { + fprintf(stderr, "EVP_PKEY_get_octet_string_param() failed\n"); + goto end; + } + + /* X25519 public keys are always 32 bytes */ + if (pubk_data_len != 32) { + fprintf(stderr, "EVP_PKEY_get_octet_string_param() " + "yielded wrong length\n"); + goto end; + } + + rv = 1; +end: + if (rv == 0) { + EVP_PKEY_free(local_peer->privk); + local_peer->privk = NULL; + } + + return rv; +} + +/* + * Complete X25519 key exchange. remote_peer_pubk_data should be the 32 byte + * public key value received from the remote peer. On success, returns 1 and the + * secret is pointed to by *secret. The caller must free it. + */ +static int keyexch_x25519_after( + OSSL_LIB_CTX *libctx, + int use_kat, + PEER_DATA *local_peer, + const unsigned char *remote_peer_pubk_data) +{ + int rv = 0; + EVP_PKEY *remote_peer_pubk = NULL; + EVP_PKEY_CTX *ctx = NULL; + + local_peer->secret = NULL; + + /* Load public key for remote peer. */ + remote_peer_pubk = + EVP_PKEY_new_raw_public_key_ex(libctx, "X25519", propq, + remote_peer_pubk_data, 32); + if (remote_peer_pubk == NULL) { + fprintf(stderr, "EVP_PKEY_new_raw_public_key_ex() failed\n"); + goto end; + } + + /* Create key exchange context. */ + ctx = EVP_PKEY_CTX_new_from_pkey(libctx, local_peer->privk, propq); + if (ctx == NULL) { + fprintf(stderr, "EVP_PKEY_CTX_new_from_pkey() failed\n"); + goto end; + } + + /* Initialize derivation process. */ + if (EVP_PKEY_derive_init(ctx) == 0) { + fprintf(stderr, "EVP_PKEY_derive_init() failed\n"); + goto end; + } + + /* Configure each peer with the other peer's public key. */ + if (EVP_PKEY_derive_set_peer(ctx, remote_peer_pubk) == 0) { + fprintf(stderr, "EVP_PKEY_derive_set_peer() failed\n"); + goto end; + } + + /* Determine the secret length. */ + if (EVP_PKEY_derive(ctx, NULL, &local_peer->secret_len) == 0) { + fprintf(stderr, "EVP_PKEY_derive() failed\n"); + goto end; + } + + /* + * We are using X25519, so the secret generated will always be 32 bytes. + * However for exposition, the code below demonstrates a generic + * implementation for arbitrary lengths. + */ + if (local_peer->secret_len != 32) { /* unreachable */ + fprintf(stderr, "Secret is always 32 bytes for X25519\n"); + goto end; + } + + /* Allocate memory for shared secrets. */ + local_peer->secret = OPENSSL_malloc(local_peer->secret_len); + if (local_peer->secret == NULL) { + fprintf(stderr, "Could not allocate memory for secret\n"); + goto end; + } + + /* Derive the shared secret. */ + if (EVP_PKEY_derive(ctx, local_peer->secret, + &local_peer->secret_len) == 0) { + fprintf(stderr, "EVP_PKEY_derive() failed\n"); + goto end; + } + + printf("Shared secret (%s):\n", local_peer->name); + BIO_dump_indent_fp(stdout, local_peer->secret, local_peer->secret_len, 2); + putchar('\n'); + + rv = 1; +end: + EVP_PKEY_CTX_free(ctx); + EVP_PKEY_free(remote_peer_pubk); + if (rv == 0) { + OPENSSL_clear_free(local_peer->secret, local_peer->secret_len); + local_peer->secret = NULL; + } + + return rv; +} + +static int keyexch_x25519(int use_kat) +{ + int rv = 0; + OSSL_LIB_CTX *libctx = NULL; + PEER_DATA peer1 = {"peer 1"}, peer2 = {"peer 2"}; + + /* + * Each peer generates its private key and sends its public key + * to the other peer. The private key is stored locally for + * later use. + */ + if (keyexch_x25519_before(libctx, use_kat ? peer1_privk_data : NULL, + &peer1) == 0) + return 0; + + if (keyexch_x25519_before(libctx, use_kat ? peer2_privk_data : NULL, + &peer2) == 0) + return 0; + + /* + * Each peer uses the other peer's public key to perform key exchange. + * After this succeeds, each peer has the same secret in its + * PEER_DATA. + */ + if (keyexch_x25519_after(libctx, use_kat, &peer1, peer2.pubk_data) == 0) + return 0; + + if (keyexch_x25519_after(libctx, use_kat, &peer2, peer1.pubk_data) == 0) + return 0; + + /* + * Here we demonstrate the secrets are equal for exposition purposes. + * + * Although in practice you will generally not need to compare secrets + * produced through key exchange, if you do compare cryptographic secrets, + * always do so using a constant-time function such as CRYPTO_memcmp, never + * using memcmp(3). + */ + if (CRYPTO_memcmp(peer1.secret, peer2.secret, peer1.secret_len) != 0) { + fprintf(stderr, "Negotiated secrets do not match\n"); + goto end; + } + + /* If we are doing the KAT, the secret should equal our reference result. */ + if (use_kat && CRYPTO_memcmp(peer1.secret, expected_result, + peer1.secret_len) != 0) { + fprintf(stderr, "Did not get expected result\n"); + goto end; + } + + rv = 1; +end: + /* The secrets are sensitive, so ensure they are erased before freeing. */ + OPENSSL_clear_free(peer1.secret, peer1.secret_len); + OPENSSL_clear_free(peer2.secret, peer2.secret_len); + + EVP_PKEY_free(peer1.privk); + EVP_PKEY_free(peer2.privk); + OSSL_LIB_CTX_free(libctx); + return rv; +} + +int main(int argc, char **argv) +{ + /* Test X25519 key exchange with known result. */ + printf("Key exchange using known answer (deterministic):\n"); + if (keyexch_x25519(1) == 0) + return 1; + + /* Test X25519 key exchange with random keys. */ + printf("Key exchange using random keys:\n"); + if (keyexch_x25519(0) == 0) + return 1; + + return 0; +} diff --git a/deps/openssl/openssl/demos/mac/Makefile b/deps/openssl/openssl/demos/mac/Makefile new file mode 100644 index 00000000000000..00d2d8dbe64aca --- /dev/null +++ b/deps/openssl/openssl/demos/mac/Makefile @@ -0,0 +1,25 @@ +# Quick instruction: +# To build against an OpenSSL built in the source tree, do this: +# +# make OPENSSL_INCS_LOCATION=-I../../include OPENSSL_LIBS_LOCATION=-L../.. +# +# To run the demos when linked with a shared library (default): +# +# LD_LIBRARY_PATH=../.. ./gmac +# LD_LIBRARY_PATH=../.. ./poly1305 + +CFLAGS = $(OPENSSL_INCS_LOCATION) -Wall +LDFLAGS = $(OPENSSL_LIBS_LOCATION) -lssl -lcrypto + +all: gmac hmac-sha512 cmac-aes256 poly1305 + +gmac: gmac.o +hmac-sha512: hmac-sha512.o +cmac-aes256: cmac-aes256.o +poly1305: poly1305.o + +gmac hmac-sha512 cmac-aes256 poly1305: + $(CC) $(CFLAGS) -o $@ $< $(LDFLAGS) + +clean: + $(RM) gmac hmac-sha512 cmac-aes256 poly1305 *.o diff --git a/deps/openssl/openssl/demos/mac/cmac-aes256.c b/deps/openssl/openssl/demos/mac/cmac-aes256.c new file mode 100644 index 00000000000000..6f4fd78b699f96 --- /dev/null +++ b/deps/openssl/openssl/demos/mac/cmac-aes256.c @@ -0,0 +1,154 @@ +/*- + * Copyright 2022 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +/* + * Example of using EVP_MAC_ methods to calculate + * a CMAC of static buffers + */ + +#include +#include +#include +#include +#include +#include +#include +#include + +/* + * Hard coding the key into an application is very bad. + * It is done here solely for educational purposes. + */ +static unsigned char key[] = { + 0x6c, 0xde, 0x14, 0xf5, 0xd5, 0x2a, 0x4a, 0xdf, + 0x12, 0x39, 0x1e, 0xbf, 0x36, 0xf9, 0x6a, 0x46, + 0x48, 0xd0, 0xb6, 0x51, 0x89, 0xfc, 0x24, 0x85, + 0xa8, 0x8d, 0xdf, 0x7e, 0x80, 0x14, 0xc8, 0xce, +}; + +static const unsigned char data[] = + "To be, or not to be, that is the question,\n" + "Whether tis nobler in the minde to suffer\n" + "The ſlings and arrowes of outragious fortune,\n" + "Or to take Armes again in a sea of troubles,\n" + "And by opposing, end them, to die to sleep;\n" + "No more, and by a sleep, to say we end\n" + "The heart-ache, and the thousand natural shocks\n" + "That flesh is heir to? tis a consumation\n" + "Devoutly to be wished. To die to sleep,\n" + "To sleepe, perchance to dreame, Aye, there's the rub,\n" + "For in that sleep of death what dreams may come\n" + "When we haue shuffled off this mortal coil\n" + "Must give us pause. There's the respect\n" + "That makes calamity of so long life:\n" + "For who would bear the Ships and Scorns of time,\n" + "The oppressor's wrong, the proud man's Contumely,\n" + "The pangs of dispised love, the Law's delay,\n" +; + +/* The known value of the CMAC/AES256 MAC of the above soliloqy */ +static const unsigned char expected_output[] = { + 0x67, 0x92, 0x32, 0x23, 0x50, 0x3d, 0xc5, 0xba, + 0x78, 0xd4, 0x6d, 0x63, 0xf2, 0x2b, 0xe9, 0x56, +}; + +/* + * A property query used for selecting the MAC implementation. + */ +static const char *propq = NULL; + +int main(void) +{ + int rv = EXIT_FAILURE; + OSSL_LIB_CTX *library_context = NULL; + EVP_MAC *mac = NULL; + EVP_MAC_CTX *mctx = NULL; + unsigned char *out = NULL; + size_t out_len = 0; + OSSL_PARAM params[4], *p = params; + char cipher_name[] = "aes256"; + + library_context = OSSL_LIB_CTX_new(); + if (library_context == NULL) { + fprintf(stderr, "OSSL_LIB_CTX_new() returned NULL\n"); + goto end; + } + + /* Fetch the CMAC implementation */ + mac = EVP_MAC_fetch(library_context, "CMAC", propq); + if (mac == NULL) { + fprintf(stderr, "EVP_MAC_fetch() returned NULL\n"); + goto end; + } + + /* Create a context for the CMAC operation */ + mctx = EVP_MAC_CTX_new(mac); + if (mctx == NULL) { + fprintf(stderr, "EVP_MAC_CTX_new() returned NULL\n"); + goto end; + } + + /* The underlying cipher to be used */ + *p++ = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_CIPHER, cipher_name, + sizeof(cipher_name)); + *p = OSSL_PARAM_construct_end(); + + /* Initialise the CMAC operation */ + if (!EVP_MAC_init(mctx, key, sizeof(key), params)) { + fprintf(stderr, "EVP_MAC_init() failed\n"); + goto end; + } + + /* Make one or more calls to process the data to be authenticated */ + if (!EVP_MAC_update(mctx, data, sizeof(data))) { + fprintf(stderr, "EVP_MAC_update() failed\n"); + goto end; + } + + /* Make a call to the final with a NULL buffer to get the length of the MAC */ + if (!EVP_MAC_final(mctx, NULL, &out_len, 0)) { + fprintf(stderr, "EVP_MAC_final() failed\n"); + goto end; + } + out = OPENSSL_malloc(out_len); + if (out == NULL) { + fprintf(stderr, "malloc failed\n"); + goto end; + } + /* Make one call to the final to get the MAC */ + if (!EVP_MAC_final(mctx, out, &out_len, out_len)) { + fprintf(stderr, "EVP_MAC_final() failed\n"); + goto end; + } + + printf("Generated MAC:\n"); + BIO_dump_indent_fp(stdout, out, out_len, 2); + putchar('\n'); + + if (out_len != sizeof(expected_output)) { + fprintf(stderr, "Generated MAC has an unexpected length\n"); + goto end; + } + + if (CRYPTO_memcmp(expected_output, out, sizeof(expected_output)) != 0) { + fprintf(stderr, "Generated MAC does not match expected value\n"); + goto end; + } + + rv = EXIT_SUCCESS; +end: + if (rv != EXIT_SUCCESS) + ERR_print_errors_fp(stderr); + /* OpenSSL free functions will ignore NULL arguments */ + OPENSSL_free(out); + EVP_MAC_CTX_free(mctx); + EVP_MAC_free(mac); + OSSL_LIB_CTX_free(library_context); + return rv; +} diff --git a/deps/openssl/openssl/demos/mac/gmac.c b/deps/openssl/openssl/demos/mac/gmac.c new file mode 100644 index 00000000000000..bdaa9b1daa31a5 --- /dev/null +++ b/deps/openssl/openssl/demos/mac/gmac.c @@ -0,0 +1,145 @@ +/* + * Copyright 2021 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include +#include +#include +#include +#include +#include + +/* + * Taken from NIST's GCM Test Vectors + * http://csrc.nist.gov/groups/STM/cavp/ + */ + +/* + * Hard coding the key into an application is very bad. + * It is done here solely for educational purposes. + */ +static unsigned char key[] = { + 0x77, 0xbe, 0x63, 0x70, 0x89, 0x71, 0xc4, 0xe2, + 0x40, 0xd1, 0xcb, 0x79, 0xe8, 0xd7, 0x7f, 0xeb +}; + +/* + * The initialisation vector (IV) is better not being hard coded too. + * Repeating password/IV pairs compromises the integrity of GMAC. + * The IV is not considered secret information and is safe to store with + * an encrypted password. + */ +static unsigned char iv[] = { + 0xe0, 0xe0, 0x0f, 0x19, 0xfe, 0xd7, 0xba, + 0x01, 0x36, 0xa7, 0x97, 0xf3 +}; + +static unsigned char data[] = { + 0x7a, 0x43, 0xec, 0x1d, 0x9c, 0x0a, 0x5a, 0x78, + 0xa0, 0xb1, 0x65, 0x33, 0xa6, 0x21, 0x3c, 0xab +}; + +static const unsigned char expected_output[] = { + 0x20, 0x9f, 0xcc, 0x8d, 0x36, 0x75, 0xed, 0x93, + 0x8e, 0x9c, 0x71, 0x66, 0x70, 0x9d, 0xd9, 0x46 +}; + +/* + * A property query used for selecting the GMAC implementation and the + * underlying GCM mode cipher. + */ +static char *propq = NULL; + +int main(int argc, char **argv) +{ + int rv = EXIT_FAILURE; + EVP_MAC *mac = NULL; + EVP_MAC_CTX *mctx = NULL; + unsigned char out[16]; + OSSL_PARAM params[4], *p = params; + OSSL_LIB_CTX *library_context = NULL; + size_t out_len = 0; + + library_context = OSSL_LIB_CTX_new(); + if (library_context == NULL) { + fprintf(stderr, "OSSL_LIB_CTX_new() returned NULL\n"); + goto end; + } + + /* Fetch the GMAC implementation */ + mac = EVP_MAC_fetch(library_context, "GMAC", propq); + if (mac == NULL) { + fprintf(stderr, "EVP_MAC_fetch() returned NULL\n"); + goto end; + } + + /* Create a context for the GMAC operation */ + mctx = EVP_MAC_CTX_new(mac); + if (mctx == NULL) { + fprintf(stderr, "EVP_MAC_CTX_new() returned NULL\n"); + goto end; + } + + /* GMAC requries a GCM mode cipher to be specified */ + *p++ = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_CIPHER, + "AES-128-GCM", 0); + + /* + * If a non-default property query is required when fetching the GCM mode + * cipher, it needs to be specified too. + */ + if (propq != NULL) + *p++ = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_PROPERTIES, + propq, 0); + + /* Set the initialisation vector (IV) */ + *p++ = OSSL_PARAM_construct_octet_string(OSSL_CIPHER_PARAM_IV, + iv, sizeof(iv)); + *p = OSSL_PARAM_construct_end(); + + /* Initialise the GMAC operation */ + if (!EVP_MAC_init(mctx, key, sizeof(key), params)) { + fprintf(stderr, "EVP_MAC_init() failed\n"); + goto end; + } + + /* Make one or more calls to process the data to be authenticated */ + if (!EVP_MAC_update(mctx, data, sizeof(data))) { + fprintf(stderr, "EVP_MAC_update() failed\n"); + goto end; + } + + /* Make one call to the final to get the MAC */ + if (!EVP_MAC_final(mctx, out, &out_len, sizeof(out))) { + fprintf(stderr, "EVP_MAC_final() failed\n"); + goto end; + } + + printf("Generated MAC:\n"); + BIO_dump_indent_fp(stdout, out, out_len, 2); + putchar('\n'); + + if (out_len != sizeof(expected_output)) { + fprintf(stderr, "Generated MAC has an unexpected length\n"); + goto end; + } + + if (CRYPTO_memcmp(expected_output, out, sizeof(expected_output)) != 0) { + fprintf(stderr, "Generated MAC does not match expected value\n"); + goto end; + } + + rv = EXIT_SUCCESS; +end: + EVP_MAC_CTX_free(mctx); + EVP_MAC_free(mac); + OSSL_LIB_CTX_free(library_context); + if (rv != EXIT_SUCCESS) + ERR_print_errors_fp(stderr); + return rv; +} diff --git a/deps/openssl/openssl/demos/mac/hmac-sha512.c b/deps/openssl/openssl/demos/mac/hmac-sha512.c new file mode 100644 index 00000000000000..c258b90ee3952b --- /dev/null +++ b/deps/openssl/openssl/demos/mac/hmac-sha512.c @@ -0,0 +1,166 @@ +/*- + * Copyright 2022 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +/* + * Example of using EVP_MAC_ methods to calculate + * a HMAC of static buffers + */ + +#include +#include +#include +#include +#include +#include +#include +#include + +/* + * Hard coding the key into an application is very bad. + * It is done here solely for educational purposes. + */ +static unsigned char key[] = { + 0x25, 0xfd, 0x12, 0x99, 0xdf, 0xad, 0x1a, 0x03, + 0x0a, 0x81, 0x3c, 0x2d, 0xcc, 0x05, 0xd1, 0x5c, + 0x17, 0x7a, 0x36, 0x73, 0x17, 0xef, 0x41, 0x75, + 0x71, 0x18, 0xe0, 0x1a, 0xda, 0x99, 0xc3, 0x61, + 0x38, 0xb5, 0xb1, 0xe0, 0x82, 0x2c, 0x70, 0xa4, + 0xc0, 0x8e, 0x5e, 0xf9, 0x93, 0x9f, 0xcf, 0xf7, + 0x32, 0x4d, 0x0c, 0xbd, 0x31, 0x12, 0x0f, 0x9a, + 0x15, 0xee, 0x82, 0xdb, 0x8d, 0x29, 0x54, 0x14, +}; + +static const unsigned char data[] = + "To be, or not to be, that is the question,\n" + "Whether tis nobler in the minde to suffer\n" + "The ſlings and arrowes of outragious fortune,\n" + "Or to take Armes again in a sea of troubles,\n" + "And by opposing, end them, to die to sleep;\n" + "No more, and by a sleep, to say we end\n" + "The heart-ache, and the thousand natural shocks\n" + "That flesh is heir to? tis a consumation\n" + "Devoutly to be wished. To die to sleep,\n" + "To sleepe, perchance to dreame, Aye, there's the rub,\n" + "For in that sleep of death what dreams may come\n" + "When we haue shuffled off this mortal coil\n" + "Must give us pause. There's the respect\n" + "That makes calamity of so long life:\n" + "For who would bear the Ships and Scorns of time,\n" + "The oppressor's wrong, the proud man's Contumely,\n" + "The pangs of dispised love, the Law's delay,\n" +; + +/* The known value of the HMAC/SHA3-512 MAC of the above soliloqy */ +static const unsigned char expected_output[] = { + 0x3b, 0x77, 0x5f, 0xf1, 0x4f, 0x9e, 0xb9, 0x23, + 0x8f, 0xdc, 0xa0, 0x68, 0x15, 0x7b, 0x8a, 0xf1, + 0x96, 0x23, 0xaa, 0x3c, 0x1f, 0xe9, 0xdc, 0x89, + 0x11, 0x7d, 0x58, 0x07, 0xe7, 0x96, 0x17, 0xe3, + 0x44, 0x8b, 0x03, 0x37, 0x91, 0xc0, 0x6e, 0x06, + 0x7c, 0x54, 0xe4, 0xa4, 0xcc, 0xd5, 0x16, 0xbb, + 0x5e, 0x4d, 0x64, 0x7d, 0x88, 0x23, 0xc9, 0xb7, + 0x25, 0xda, 0xbe, 0x4b, 0xe4, 0xd5, 0x34, 0x30, +}; + +/* + * A property query used for selecting the MAC implementation. + */ +static const char *propq = NULL; + +int main(void) +{ + int rv = EXIT_FAILURE; + OSSL_LIB_CTX *library_context = NULL; + EVP_MAC *mac = NULL; + EVP_MAC_CTX *mctx = NULL; + EVP_MD_CTX *digest_context = NULL; + unsigned char *out = NULL; + size_t out_len = 0; + OSSL_PARAM params[4], *p = params; + char digest_name[] = "SHA3-512"; + + library_context = OSSL_LIB_CTX_new(); + if (library_context == NULL) { + fprintf(stderr, "OSSL_LIB_CTX_new() returned NULL\n"); + goto end; + } + + /* Fetch the HMAC implementation */ + mac = EVP_MAC_fetch(library_context, "HMAC", propq); + if (mac == NULL) { + fprintf(stderr, "EVP_MAC_fetch() returned NULL\n"); + goto end; + } + + /* Create a context for the HMAC operation */ + mctx = EVP_MAC_CTX_new(mac); + if (mctx == NULL) { + fprintf(stderr, "EVP_MAC_CTX_new() returned NULL\n"); + goto end; + } + + /* The underlying digest to be used */ + *p++ = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_DIGEST, digest_name, + sizeof(digest_name)); + *p = OSSL_PARAM_construct_end(); + + /* Initialise the HMAC operation */ + if (!EVP_MAC_init(mctx, key, sizeof(key), params)) { + fprintf(stderr, "EVP_MAC_init() failed\n"); + goto end; + } + + /* Make one or more calls to process the data to be authenticated */ + if (!EVP_MAC_update(mctx, data, sizeof(data))) { + fprintf(stderr, "EVP_MAC_update() failed\n"); + goto end; + } + + /* Make a call to the final with a NULL buffer to get the length of the MAC */ + if (!EVP_MAC_final(mctx, NULL, &out_len, 0)) { + fprintf(stderr, "EVP_MAC_final() failed\n"); + goto end; + } + out = OPENSSL_malloc(out_len); + if (out == NULL) { + fprintf(stderr, "malloc failed\n"); + goto end; + } + /* Make one call to the final to get the MAC */ + if (!EVP_MAC_final(mctx, out, &out_len, out_len)) { + fprintf(stderr, "EVP_MAC_final() failed\n"); + goto end; + } + + printf("Generated MAC:\n"); + BIO_dump_indent_fp(stdout, out, out_len, 2); + putchar('\n'); + + if (out_len != sizeof(expected_output)) { + fprintf(stderr, "Generated MAC has an unexpected length\n"); + goto end; + } + + if (CRYPTO_memcmp(expected_output, out, sizeof(expected_output)) != 0) { + fprintf(stderr, "Generated MAC does not match expected value\n"); + goto end; + } + + rv = EXIT_SUCCESS; +end: + if (rv != EXIT_SUCCESS) + ERR_print_errors_fp(stderr); + /* OpenSSL free functions will ignore NULL arguments */ + OPENSSL_free(out); + EVP_MD_CTX_free(digest_context); + EVP_MAC_CTX_free(mctx); + EVP_MAC_free(mac); + OSSL_LIB_CTX_free(library_context); + return rv; +} diff --git a/deps/openssl/openssl/demos/mac/poly1305.c b/deps/openssl/openssl/demos/mac/poly1305.c new file mode 100644 index 00000000000000..1aa95e583dadde --- /dev/null +++ b/deps/openssl/openssl/demos/mac/poly1305.c @@ -0,0 +1,209 @@ +/* + * Copyright 2021-2022 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include +#include +#include +#include +#include +#include +#include + +/* + * This is a demonstration of how to compute Poly1305-AES using the OpenSSL + * Poly1305 and AES providers and the EVP API. + * + * Please note that: + * + * - Poly1305 must never be used alone and must be used in conjunction with + * another primitive which processes the input nonce to be secure; + * + * - you must never pass a nonce to the Poly1305 primitive directly; + * + * - Poly1305 exhibits catastrophic failure (that is, can be broken) if a + * nonce is ever reused for a given key. + * + * If you are looking for a general purpose MAC, you should consider using a + * different MAC and looking at one of the other examples, unless you have a + * good familiarity with the details and caveats of Poly1305. + * + * This example uses AES, as described in the original paper, "The Poly1305-AES + * message authentication code": + * https://cr.yp.to/mac/poly1305-20050329.pdf + * + * The test vectors below are from that paper. + */ + +/* + * Hard coding the key into an application is very bad. + * It is done here solely for educational purposes. + * These are the "r" and "k" inputs to Poly1305-AES. + */ +static const unsigned char test_r[] = { + 0x85, 0x1f, 0xc4, 0x0c, 0x34, 0x67, 0xac, 0x0b, + 0xe0, 0x5c, 0xc2, 0x04, 0x04, 0xf3, 0xf7, 0x00 +}; + +static const unsigned char test_k[] = { + 0xec, 0x07, 0x4c, 0x83, 0x55, 0x80, 0x74, 0x17, + 0x01, 0x42, 0x5b, 0x62, 0x32, 0x35, 0xad, 0xd6 +}; + +/* + * Hard coding a nonce must not be done under any circumstances and is done here + * purely for demonstration purposes. Please note that Poly1305 exhibits + * catastrophic failure (that is, can be broken) if a nonce is ever reused for a + * given key. + */ +static const unsigned char test_n[] = { + 0xfb, 0x44, 0x73, 0x50, 0xc4, 0xe8, 0x68, 0xc5, + 0x2a, 0xc3, 0x27, 0x5c, 0xf9, 0xd4, 0x32, 0x7e +}; + +/* Input message. */ +static const unsigned char test_m[] = { + 0xf3, 0xf6 +}; + +static const unsigned char expected_output[] = { + 0xf4, 0xc6, 0x33, 0xc3, 0x04, 0x4f, 0xc1, 0x45, + 0xf8, 0x4f, 0x33, 0x5c, 0xb8, 0x19, 0x53, 0xde +}; + +/* + * A property query used for selecting the POLY1305 implementation. + */ +static char *propq = NULL; + +int main(int argc, char **argv) +{ + int rv = EXIT_FAILURE; + EVP_CIPHER *aes = NULL; + EVP_CIPHER_CTX *aesctx = NULL; + EVP_MAC *mac = NULL; + EVP_MAC_CTX *mctx = NULL; + unsigned char composite_key[32]; + unsigned char out[16]; + OSSL_LIB_CTX *library_context = NULL; + size_t out_len = 0; + int aes_len = 0; + + library_context = OSSL_LIB_CTX_new(); + if (library_context == NULL) { + fprintf(stderr, "OSSL_LIB_CTX_new() returned NULL\n"); + goto end; + } + + /* Fetch the Poly1305 implementation */ + mac = EVP_MAC_fetch(library_context, "POLY1305", propq); + if (mac == NULL) { + fprintf(stderr, "EVP_MAC_fetch() returned NULL\n"); + goto end; + } + + /* Create a context for the Poly1305 operation */ + mctx = EVP_MAC_CTX_new(mac); + if (mctx == NULL) { + fprintf(stderr, "EVP_MAC_CTX_new() returned NULL\n"); + goto end; + } + + /* Fetch the AES implementation */ + aes = EVP_CIPHER_fetch(library_context, "AES-128-ECB", propq); + if (aes == NULL) { + fprintf(stderr, "EVP_CIPHER_fetch() returned NULL\n"); + goto end; + } + + /* Create a context for AES */ + aesctx = EVP_CIPHER_CTX_new(); + if (aesctx == NULL) { + fprintf(stderr, "EVP_CIPHER_CTX_new() returned NULL\n"); + goto end; + } + + /* Initialize the AES cipher with the 128-bit key k */ + if (!EVP_EncryptInit_ex(aesctx, aes, NULL, test_k, NULL)) { + fprintf(stderr, "EVP_EncryptInit_ex() failed\n"); + goto end; + } + + /* + * Disable padding for the AES cipher. We do not strictly need to do this as + * we are encrypting a single block and thus there are no alignment or + * padding concerns, but this ensures that the operation below fails if + * padding would be required for some reason, which in this circumstance + * would indicate an implementation bug. + */ + if (!EVP_CIPHER_CTX_set_padding(aesctx, 0)) { + fprintf(stderr, "EVP_CIPHER_CTX_set_padding() failed\n"); + goto end; + } + + /* + * Computes the value AES_k(n) which we need for our Poly1305-AES + * computation below. + */ + if (!EVP_EncryptUpdate(aesctx, composite_key + 16, &aes_len, + test_n, sizeof(test_n))) { + fprintf(stderr, "EVP_EncryptUpdate() failed\n"); + goto end; + } + + /* + * The Poly1305 provider expects the key r to be passed as the first 16 + * bytes of the "key" and the processed nonce (that is, AES_k(n)) to be + * passed as the second 16 bytes of the "key". We already put the processed + * nonce in the correct place above, so copy r into place. + */ + memcpy(composite_key, test_r, 16); + + /* Initialise the Poly1305 operation */ + if (!EVP_MAC_init(mctx, composite_key, sizeof(composite_key), NULL)) { + fprintf(stderr, "EVP_MAC_init() failed\n"); + goto end; + } + + /* Make one or more calls to process the data to be authenticated */ + if (!EVP_MAC_update(mctx, test_m, sizeof(test_m))) { + fprintf(stderr, "EVP_MAC_update() failed\n"); + goto end; + } + + /* Make one call to the final to get the MAC */ + if (!EVP_MAC_final(mctx, out, &out_len, sizeof(out))) { + fprintf(stderr, "EVP_MAC_final() failed\n"); + goto end; + } + + printf("Generated MAC:\n"); + BIO_dump_indent_fp(stdout, out, out_len, 2); + putchar('\n'); + + if (out_len != sizeof(expected_output)) { + fprintf(stderr, "Generated MAC has an unexpected length\n"); + goto end; + } + + if (CRYPTO_memcmp(expected_output, out, sizeof(expected_output)) != 0) { + fprintf(stderr, "Generated MAC does not match expected value\n"); + goto end; + } + + rv = EXIT_SUCCESS; +end: + EVP_CIPHER_CTX_free(aesctx); + EVP_CIPHER_free(aes); + EVP_MAC_CTX_free(mctx); + EVP_MAC_free(mac); + OSSL_LIB_CTX_free(library_context); + if (rv != EXIT_SUCCESS) + ERR_print_errors_fp(stderr); + return rv; +} diff --git a/deps/openssl/openssl/demos/mac/siphash.c b/deps/openssl/openssl/demos/mac/siphash.c new file mode 100644 index 00000000000000..4d36a9d4868b86 --- /dev/null +++ b/deps/openssl/openssl/demos/mac/siphash.c @@ -0,0 +1,129 @@ +/* + * Copyright 2021-2022 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include +#include +#include +#include +#include +#include + +/* + * Taken from the test vector from the paper "SipHash: a fast short-input PRF". + * https://www.aumasson.jp/siphash/siphash.pdf + */ + +/* + * Hard coding the key into an application is very bad. + * It is done here solely for educational purposes. + */ +static unsigned char key[] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f +}; + +static unsigned char data[] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e +}; + +static const unsigned char expected_output[] = { + 0xe5, 0x45, 0xbe, 0x49, 0x61, 0xca, 0x29, 0xa1 +}; + +/* + * A property query used for selecting the SIPHASH implementation. + */ +static char *propq = NULL; + +int main(int argc, char **argv) +{ + int rv = EXIT_FAILURE; + EVP_MAC *mac = NULL; + EVP_MAC_CTX *mctx = NULL; + unsigned char out[8]; + OSSL_PARAM params[4], *p = params; + OSSL_LIB_CTX *library_context = NULL; + unsigned int digest_len = 8, c_rounds = 2, d_rounds = 4; + size_t out_len = 0; + + library_context = OSSL_LIB_CTX_new(); + if (library_context == NULL) { + fprintf(stderr, "OSSL_LIB_CTX_new() returned NULL\n"); + goto end; + } + + /* Fetch the SipHash implementation */ + mac = EVP_MAC_fetch(library_context, "SIPHASH", propq); + if (mac == NULL) { + fprintf(stderr, "EVP_MAC_fetch() returned NULL\n"); + goto end; + } + + /* Create a context for the SipHash operation */ + mctx = EVP_MAC_CTX_new(mac); + if (mctx == NULL) { + fprintf(stderr, "EVP_MAC_CTX_new() returned NULL\n"); + goto end; + } + + /* SipHash can support either 8 or 16-byte digests. */ + *p++ = OSSL_PARAM_construct_uint(OSSL_MAC_PARAM_SIZE, &digest_len); + + /* + * The number of C-rounds and D-rounds is configurable. Standard SipHash + * uses values of 2 and 4 respectively. The following lines are unnecessary + * as they set the default, but demonstrate how to change these values. + */ + *p++ = OSSL_PARAM_construct_uint(OSSL_MAC_PARAM_C_ROUNDS, &c_rounds); + *p++ = OSSL_PARAM_construct_uint(OSSL_MAC_PARAM_D_ROUNDS, &d_rounds); + + *p = OSSL_PARAM_construct_end(); + + /* Initialise the SIPHASH operation */ + if (!EVP_MAC_init(mctx, key, sizeof(key), params)) { + fprintf(stderr, "EVP_MAC_init() failed\n"); + goto end; + } + + /* Make one or more calls to process the data to be authenticated */ + if (!EVP_MAC_update(mctx, data, sizeof(data))) { + fprintf(stderr, "EVP_MAC_update() failed\n"); + goto end; + } + + /* Make one call to the final to get the MAC */ + if (!EVP_MAC_final(mctx, out, &out_len, sizeof(out))) { + fprintf(stderr, "EVP_MAC_final() failed\n"); + goto end; + } + + printf("Generated MAC:\n"); + BIO_dump_indent_fp(stdout, out, out_len, 2); + putchar('\n'); + + if (out_len != sizeof(expected_output)) { + fprintf(stderr, "Generated MAC has an unexpected length\n"); + goto end; + } + + if (CRYPTO_memcmp(expected_output, out, sizeof(expected_output)) != 0) { + fprintf(stderr, "Generated MAC does not match expected value\n"); + goto end; + } + + rv = EXIT_SUCCESS; +end: + EVP_MAC_CTX_free(mctx); + EVP_MAC_free(mac); + OSSL_LIB_CTX_free(library_context); + if (rv != EXIT_SUCCESS) + ERR_print_errors_fp(stderr); + return rv; +} diff --git a/deps/openssl/openssl/demos/pkcs12/pkread.c b/deps/openssl/openssl/demos/pkcs12/pkread.c new file mode 100644 index 00000000000000..3b153f8edf151f --- /dev/null +++ b/deps/openssl/openssl/demos/pkcs12/pkread.c @@ -0,0 +1,111 @@ +/* + * Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include +#include +#include +#include +#include + +/* Simple PKCS#12 file reader */ + +static char *find_friendly_name(PKCS12 *p12) +{ + STACK_OF(PKCS7) *safes; + int n, m; + char *name = NULL; + PKCS7 *safe; + STACK_OF(PKCS12_SAFEBAG) *bags; + PKCS12_SAFEBAG *bag; + + if ((safes = PKCS12_unpack_authsafes(p12)) == NULL) + return NULL; + + for (n = 0; n < sk_PKCS7_num(safes) && name == NULL; n++) { + safe = sk_PKCS7_value(safes, n); + if (OBJ_obj2nid(safe->type) != NID_pkcs7_data + || (bags = PKCS12_unpack_p7data(safe)) == NULL) + continue; + + for (m = 0; m < sk_PKCS12_SAFEBAG_num(bags) && name == NULL; m++) { + bag = sk_PKCS12_SAFEBAG_value(bags, m); + name = PKCS12_get_friendlyname(bag); + } + sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free); + } + + sk_PKCS7_pop_free(safes, PKCS7_free); + + return name; +} + +int main(int argc, char **argv) +{ + FILE *fp; + EVP_PKEY *pkey = NULL; + X509 *cert = NULL; + STACK_OF(X509) *ca = NULL; + PKCS12 *p12 = NULL; + char *name = NULL; + int i, ret = EXIT_FAILURE; + + if (argc != 4) { + fprintf(stderr, "Usage: pkread p12file password opfile\n"); + exit(EXIT_FAILURE); + } + + if ((fp = fopen(argv[1], "rb")) == NULL) { + fprintf(stderr, "Error opening file %s\n", argv[1]); + exit(EXIT_FAILURE); + } + p12 = d2i_PKCS12_fp(fp, NULL); + fclose(fp); + if (p12 == NULL) { + fprintf(stderr, "Error reading PKCS#12 file\n"); + ERR_print_errors_fp(stderr); + goto err; + } + if (!PKCS12_parse(p12, argv[2], &pkey, &cert, &ca)) { + fprintf(stderr, "Error parsing PKCS#12 file\n"); + ERR_print_errors_fp(stderr); + goto err; + } + name = find_friendly_name(p12); + PKCS12_free(p12); + if ((fp = fopen(argv[3], "w")) == NULL) { + fprintf(stderr, "Error opening file %s\n", argv[3]); + goto err; + } + if (name != NULL) + fprintf(fp, "***Friendly Name***\n%s\n", name); + if (pkey != NULL) { + fprintf(fp, "***Private Key***\n"); + PEM_write_PrivateKey(fp, pkey, NULL, NULL, 0, NULL, NULL); + } + if (cert != NULL) { + fprintf(fp, "***User Certificate***\n"); + PEM_write_X509_AUX(fp, cert); + } + if (ca != NULL && sk_X509_num(ca) > 0) { + fprintf(fp, "***Other Certificates***\n"); + for (i = 0; i < sk_X509_num(ca); i++) + PEM_write_X509_AUX(fp, sk_X509_value(ca, i)); + } + fclose(fp); + + ret = EXIT_SUCCESS; + + err: + OPENSSL_free(name); + X509_free(cert); + EVP_PKEY_free(pkey); + sk_X509_pop_free(ca, X509_free); + + return ret; +} diff --git a/deps/openssl/openssl/demos/pkcs12/pkwrite.c b/deps/openssl/openssl/demos/pkcs12/pkwrite.c new file mode 100644 index 00000000000000..51afd25a260d83 --- /dev/null +++ b/deps/openssl/openssl/demos/pkcs12/pkwrite.c @@ -0,0 +1,53 @@ +/* + * Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include +#include +#include +#include +#include + +/* Simple PKCS#12 file creator */ + +int main(int argc, char **argv) +{ + FILE *fp; + EVP_PKEY *pkey; + X509 *cert; + PKCS12 *p12; + if (argc != 5) { + fprintf(stderr, "Usage: pkwrite infile password name p12file\n"); + exit(1); + } + OpenSSL_add_all_algorithms(); + ERR_load_crypto_strings(); + if ((fp = fopen(argv[1], "r")) == NULL) { + fprintf(stderr, "Error opening file %s\n", argv[1]); + exit(1); + } + cert = PEM_read_X509(fp, NULL, NULL, NULL); + rewind(fp); + pkey = PEM_read_PrivateKey(fp, NULL, NULL, NULL); + fclose(fp); + p12 = PKCS12_create(argv[2], argv[3], pkey, cert, NULL, 0, 0, 0, 0, 0); + if (!p12) { + fprintf(stderr, "Error creating PKCS#12 structure\n"); + ERR_print_errors_fp(stderr); + exit(1); + } + if ((fp = fopen(argv[4], "wb")) == NULL) { + fprintf(stderr, "Error opening file %s\n", argv[4]); + ERR_print_errors_fp(stderr); + exit(1); + } + i2d_PKCS12_fp(fp, p12); + PKCS12_free(p12); + fclose(fp); + return 0; +} diff --git a/deps/openssl/openssl/demos/pkey/EVP_PKEY_DSA_keygen.c b/deps/openssl/openssl/demos/pkey/EVP_PKEY_DSA_keygen.c new file mode 100644 index 00000000000000..bf74a2e6230ad7 --- /dev/null +++ b/deps/openssl/openssl/demos/pkey/EVP_PKEY_DSA_keygen.c @@ -0,0 +1,83 @@ +/*- + * Copyright 2022 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +/* + * Example showing how to generate an DSA key pair. + */ + +#include +#include "dsa.inc" + +/* + * Generate dsa params using default values. + * See the EVP_PKEY_DSA_param_fromdata demo if you need + * to load DSA params from raw values. + * See the EVP_PKEY_DSA_paramgen demo if you need to + * use non default parameters. + */ +EVP_PKEY *dsa_genparams(OSSL_LIB_CTX *libctx, const char *propq) +{ + EVP_PKEY *dsaparamkey = NULL; + EVP_PKEY_CTX *ctx = NULL; + + /* Use the dsa params in a EVP_PKEY ctx */ + ctx = EVP_PKEY_CTX_new_from_name(libctx, "DSA", propq); + if (ctx == NULL) { + fprintf(stderr, "EVP_PKEY_CTX_new_from_name() failed\n"); + return NULL; + } + + if (EVP_PKEY_paramgen_init(ctx) <= 0 + || EVP_PKEY_paramgen(ctx, &dsaparamkey) <= 0) { + fprintf(stderr, "DSA paramgen failed\n"); + goto cleanup; + } +cleanup: + EVP_PKEY_CTX_free(ctx); + return dsaparamkey; +} + +int main(int argc, char **argv) +{ + int rv = EXIT_FAILURE; + OSSL_LIB_CTX *libctx = NULL; + const char *propq = NULL; + EVP_PKEY *dsaparamskey = NULL; + EVP_PKEY *dsakey = NULL; + EVP_PKEY_CTX *ctx = NULL; + + /* Generate random dsa params */ + dsaparamskey = dsa_genparams(libctx, propq); + if (dsaparamskey == NULL) + goto cleanup; + + /* Use the dsa params in a EVP_PKEY ctx */ + ctx = EVP_PKEY_CTX_new_from_pkey(libctx, dsaparamskey, propq); + if (ctx == NULL) { + fprintf(stderr, "EVP_PKEY_CTX_new_from_pkey() failed\n"); + goto cleanup; + } + + /* Generate a key using the dsa params */ + if (EVP_PKEY_keygen_init(ctx) <= 0 + || EVP_PKEY_keygen(ctx, &dsakey) <= 0) { + fprintf(stderr, "DSA keygen failed\n"); + goto cleanup; + } + + if (!dsa_print_key(dsakey, 1, libctx, propq)) + goto cleanup; + + rv = EXIT_SUCCESS; +cleanup: + EVP_PKEY_free(dsakey); + EVP_PKEY_free(dsaparamskey); + EVP_PKEY_CTX_free(ctx); + return rv; +} diff --git a/deps/openssl/openssl/demos/pkey/EVP_PKEY_DSA_paramfromdata.c b/deps/openssl/openssl/demos/pkey/EVP_PKEY_DSA_paramfromdata.c new file mode 100644 index 00000000000000..4c9e55820e9430 --- /dev/null +++ b/deps/openssl/openssl/demos/pkey/EVP_PKEY_DSA_paramfromdata.c @@ -0,0 +1,75 @@ +/*- + * Copyright 2022 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +/* + * Example showing how to load DSA params from raw data + * using EVP_PKEY_fromdata() + */ + +#include +#include +#include +#include "dsa.inc" + +int main(int argc, char **argv) +{ + int rv = EXIT_FAILURE; + OSSL_LIB_CTX *libctx = NULL; + const char *propq = NULL; + EVP_PKEY_CTX *ctx = NULL; + EVP_PKEY *dsaparamkey = NULL; + OSSL_PARAM_BLD *bld = NULL; + OSSL_PARAM *params = NULL; + BIGNUM *p = NULL, *q = NULL, *g = NULL; + + p = BN_bin2bn(dsa_p, sizeof(dsa_p), NULL); + q = BN_bin2bn(dsa_q, sizeof(dsa_q), NULL); + g = BN_bin2bn(dsa_g, sizeof(dsa_g), NULL); + if (p == NULL || q == NULL || g == NULL) + goto cleanup; + + /* Use OSSL_PARAM_BLD if you need to handle BIGNUM Parameters */ + bld = OSSL_PARAM_BLD_new(); + if (bld == NULL) + goto cleanup; + if (!OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_P, p) + || !OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_Q, q) + || !OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_G, g)) + goto cleanup; + params = OSSL_PARAM_BLD_to_param(bld); + if (params == NULL) + goto cleanup; + + ctx = EVP_PKEY_CTX_new_from_name(libctx, "DSA", propq); + if (ctx == NULL) { + fprintf(stderr, "EVP_PKEY_CTX_new_from_name() failed\n"); + goto cleanup; + } + + if (EVP_PKEY_fromdata_init(ctx) <= 0 + || EVP_PKEY_fromdata(ctx, &dsaparamkey, EVP_PKEY_KEY_PARAMETERS, params) <= 0) { + fprintf(stderr, "EVP_PKEY_fromdata() failed\n"); + goto cleanup; + } + + if (!dsa_print_key(dsaparamkey, 0, libctx, propq)) + goto cleanup; + + rv = EXIT_SUCCESS; +cleanup: + EVP_PKEY_free(dsaparamkey); + EVP_PKEY_CTX_free(ctx); + OSSL_PARAM_free(params); + OSSL_PARAM_BLD_free(bld); + BN_free(g); + BN_free(q); + BN_free(p); + + return rv; +} diff --git a/deps/openssl/openssl/demos/pkey/EVP_PKEY_DSA_paramgen.c b/deps/openssl/openssl/demos/pkey/EVP_PKEY_DSA_paramgen.c new file mode 100644 index 00000000000000..05dda29c9667aa --- /dev/null +++ b/deps/openssl/openssl/demos/pkey/EVP_PKEY_DSA_paramgen.c @@ -0,0 +1,66 @@ +/*- + * Copyright 2022 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +/* + * Example showing how to generate DSA params using + * FIPS 186-4 DSA FFC parameter generation. + */ + +#include +#include "dsa.inc" + +int main(int argc, char **argv) +{ + int rv = EXIT_FAILURE; + OSSL_LIB_CTX *libctx = NULL; + const char *propq = NULL; + EVP_PKEY_CTX *ctx = NULL; + EVP_PKEY *dsaparamkey = NULL; + OSSL_PARAM params[7]; + unsigned int pbits = 2048; + unsigned int qbits = 256; + int gindex = 42; + + ctx = EVP_PKEY_CTX_new_from_name(libctx, "DSA", propq); + if (ctx == NULL) + goto cleanup; + + /* + * Demonstrate how to set optional DSA fields as params. + * See doc/man7/EVP_PKEY-FFC.pod and doc/man7/EVP_PKEY-DSA.pod + * for more information. + */ + params[0] = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_FFC_TYPE, + "fips186_4", 0); + params[1] = OSSL_PARAM_construct_uint(OSSL_PKEY_PARAM_FFC_PBITS, &pbits); + params[2] = OSSL_PARAM_construct_uint(OSSL_PKEY_PARAM_FFC_QBITS, &qbits); + params[3] = OSSL_PARAM_construct_int(OSSL_PKEY_PARAM_FFC_GINDEX, &gindex); + params[4] = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_FFC_DIGEST, + "SHA384", 0); + params[5] = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_FFC_DIGEST_PROPS, + "provider=default", 0); + params[6] = OSSL_PARAM_construct_end(); + + /* Generate a dsa param key using optional params */ + if (EVP_PKEY_paramgen_init(ctx) <= 0 + || EVP_PKEY_CTX_set_params(ctx, params) <= 0 + || EVP_PKEY_paramgen(ctx, &dsaparamkey) <= 0) { + fprintf(stderr, "DSA paramgen failed\n"); + goto cleanup; + } + + if (!dsa_print_key(dsaparamkey, 0, libctx, propq)) + goto cleanup; + + rv = EXIT_SUCCESS; +cleanup: + EVP_PKEY_free(dsaparamkey); + EVP_PKEY_CTX_free(ctx); + return rv; +} diff --git a/deps/openssl/openssl/demos/pkey/EVP_PKEY_DSA_paramvalidate.c b/deps/openssl/openssl/demos/pkey/EVP_PKEY_DSA_paramvalidate.c new file mode 100644 index 00000000000000..f726d30fbf7f2b --- /dev/null +++ b/deps/openssl/openssl/demos/pkey/EVP_PKEY_DSA_paramvalidate.c @@ -0,0 +1,202 @@ +/*- + * Copyright 2022 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +/* + * Example showing how to validate DSA parameters. + * + * Proper FIPS 186-4 DSA (FFC) parameter validation requires that all + * the parameters used during parameter generation are supplied + * when doing the validation. Unfortunately saving DSA parameters as + * a PEM or DER file does not write out all required fields. Because + * of this the default provider normally only does a partial + * validation. The FIPS provider will however try to do a full + * validation. To force the default provider to use full + * validation the 'seed' that is output during generation must be + * added to the key. See doc/man7/EVP_PKEY-FFC for more information. + */ + +#include +#include +#include +#include "dsa.inc" + +/* The following values were output from the EVP_PKEY_DSA_paramgen demo */ +static const char dsapem[] = + "-----BEGIN DSA PARAMETERS-----\n" + "MIICLAKCAQEA1pobSR1FJ3+Tvi0J6Tk1PSV2owZey1Nuo847hGw/59VCS6RPQEqr\n" + "vp5fhbvBjupBeVGA/AMH6rI4i4h6jlhurrqH1CqUHVcDhJzxV668bMLiP3mIxg5o\n" + "9Yq8x6BnSOtH5Je0tpeE0/fEvvLjCwBUbwnwWxzjANcvDUEt9XYeRrtB2v52fr56\n" + "hVYz3wMMNog4CEDOLTvx7/84eVPuUeWDRQFH1EaHMdulP34KBcatEEpEZapkepng\n" + "nohm9sFSPQhq2utpkH7pNXdG0EILBtRDCvUpF5720a48LYofdggh2VEZfgElAGFk\n" + "dW/CkvyBDmGIzil5aTz4MMsdudaVYgzt6wIhAPsSGC42Qa+X0AFGvonb5nmfUVm/\n" + "8aC+tHk7Nb2AYLHXAoIBADx5C0H1+QHsmGKvuOaY+WKUt7aWUrEivD1zBMJAQ6bL\n" + "Wv9lbCq1CFHvVzojeOVpn872NqDEpkx4HTpvqhxWL5CkbN/HaGItsQzkD59AQg3v\n" + "4YsLlkesq9Jq6x/aWetJXWO36fszFv1gpD3NY3wliBvMYHx62jfc5suh9D3ZZvu7\n" + "PLGH4X4kcfzK/R2b0oVbEBjVTe5GMRYZRqnvfSW2f2fA7BzI1OL83UxDDe58cL2M\n" + "GcAoUYXOBAfZ37qLMm2juf+o5gCrT4CXfRPu6kbapt7V/YIc1nsNgeAOKKoFBHBQ\n" + "gc5u5G6G/j79FVoSDq9DYwTJcHPsU+eHj1uWHso1AjQ=\n" + "-----END DSA PARAMETERS-----\n"; + +static const char hexseed[] = + "cba30ccd905aa7675a0b81769704bf3c" + "ccf2ca1892b2eaf6b9e2b38d9bf6affc" + "42ada55986d8a1772b442770954d0b65"; +const int gindex = 42; +const int pcounter = 363; +static const char digest[] = "SHA384"; + +/* + * Create a new dsa param key that is the combination of an existing param key + * plus extra parameters. + */ +EVP_PKEY_CTX *create_merged_key(EVP_PKEY *dsaparams, const OSSL_PARAM *newparams, + OSSL_LIB_CTX *libctx, const char *propq) +{ + EVP_PKEY_CTX *out = NULL; + EVP_PKEY_CTX *ctx = NULL; + EVP_PKEY *pkey = NULL; + OSSL_PARAM *mergedparams = NULL; + OSSL_PARAM *loadedparams = NULL; + + /* Specify EVP_PKEY_KEY_PUBLIC here if you have a public key */ + if (EVP_PKEY_todata(dsaparams, EVP_PKEY_KEY_PARAMETERS, &loadedparams) <= 0) { + fprintf(stderr, "EVP_PKEY_todata() failed\n"); + goto cleanup; + } + mergedparams = OSSL_PARAM_merge(loadedparams, newparams); + if (mergedparams == NULL) { + fprintf(stderr, "OSSL_PARAM_merge() failed\n"); + goto cleanup; + } + + ctx = EVP_PKEY_CTX_new_from_name(libctx, "DSA", propq); + if (ctx == NULL) { + fprintf(stderr, "EVP_PKEY_CTX_new_from_name() failed\n"); + goto cleanup; + } + if (EVP_PKEY_fromdata_init(ctx) <= 0 + || EVP_PKEY_fromdata(ctx, &pkey, + EVP_PKEY_KEY_PARAMETERS, mergedparams) <= 0) { + fprintf(stderr, "EVP_PKEY_fromdata() failed\n"); + goto cleanup; + } + out = EVP_PKEY_CTX_new_from_pkey(libctx, pkey, propq); + if (out == NULL) { + fprintf(stderr, "EVP_PKEY_CTX_new_from_pkey() failed\n"); + goto cleanup; + } + +cleanup: + EVP_PKEY_free(pkey); + OSSL_PARAM_free(loadedparams); + OSSL_PARAM_free(mergedparams); + EVP_PKEY_CTX_free(ctx); + return out; +} + +int main(int argc, char **argv) +{ + int rv = EXIT_FAILURE; + OSSL_LIB_CTX *libctx = NULL; + const char *propq = NULL; + EVP_PKEY *dsaparamskey = NULL; + EVP_PKEY_CTX *ctx = NULL; + EVP_PKEY_CTX *ctx1 = NULL; + EVP_PKEY_CTX *ctx2 = NULL; + BIO *in = NULL; + OSSL_PARAM params[6]; + unsigned char seed[64]; + size_t seedlen; + + if (!OPENSSL_hexstr2buf_ex(seed, sizeof(seed), &seedlen, hexseed, '\0')) + goto cleanup; + /* + * This example loads the PEM data from a memory buffer + * Use BIO_new_fp() to load a PEM file instead + */ + in = BIO_new_mem_buf(dsapem, strlen(dsapem)); + if (in == NULL) { + fprintf(stderr, "BIO_new_mem_buf() failed\n"); + goto cleanup; + } + + /* Load DSA params from pem data */ + dsaparamskey = PEM_read_bio_Parameters_ex(in, NULL, libctx, propq); + if (dsaparamskey == NULL) { + fprintf(stderr, "Failed to load dsa params\n"); + goto cleanup; + } + + ctx = EVP_PKEY_CTX_new_from_pkey(libctx, dsaparamskey, propq); + if (ctx == NULL) { + fprintf(stderr, "EVP_PKEY_CTX_new_from_pkey() failed\n"); + goto cleanup; + } + /* + * When using the default provider this only does a partial check to + * make sure that the values of p, q and g are ok. + * This will fail however if the FIPS provider is used since it does + * a proper FIPS 186-4 key validation which requires extra parameters + */ + if (EVP_PKEY_param_check(ctx) <= 0) { + fprintf(stderr, "Simple EVP_PKEY_param_check() failed \n"); + goto cleanup; + } + + /* + * Setup parameters that we want to add. + * For illustration purposes it deliberately omits a required parameter. + */ + params[0] = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_FFC_TYPE, + "fips186_4", 0); + /* Force it to do a proper validation by setting the seed */ + params[1] = OSSL_PARAM_construct_octet_string(OSSL_PKEY_PARAM_FFC_SEED, + (void *)seed, seedlen); + params[2] = OSSL_PARAM_construct_int(OSSL_PKEY_PARAM_FFC_GINDEX, (int *)&gindex); + params[3] = OSSL_PARAM_construct_int(OSSL_PKEY_PARAM_FFC_PCOUNTER, (int *)&pcounter); + params[4] = OSSL_PARAM_construct_end(); + + /* generate a new key that is the combination of the existing key and the new params */ + ctx1 = create_merged_key(dsaparamskey, params, libctx, propq); + if (ctx1 == NULL) + goto cleanup; + /* This will fail since not all the parameters used for key generation are added */ + if (EVP_PKEY_param_check(ctx1) > 0) { + fprintf(stderr, "EVP_PKEY_param_check() should fail\n"); + goto cleanup; + } + + /* + * Add the missing parameters onto the end of the existing list of params + * If the default was used for the generation then this parameter is not + * needed + */ + params[4] = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_FFC_DIGEST, + (char *)digest, 0); + params[5] = OSSL_PARAM_construct_end(); + ctx2 = create_merged_key(dsaparamskey, params, libctx, propq); + if (ctx2 == NULL) + goto cleanup; + if (EVP_PKEY_param_check(ctx2) <= 0) { + fprintf(stderr, "EVP_PKEY_param_check() failed\n"); + goto cleanup; + } + + if (!dsa_print_key(EVP_PKEY_CTX_get0_pkey(ctx2), 0, libctx, propq)) + goto cleanup; + + rv = EXIT_SUCCESS; +cleanup: + EVP_PKEY_free(dsaparamskey); + EVP_PKEY_CTX_free(ctx2); + EVP_PKEY_CTX_free(ctx1); + EVP_PKEY_CTX_free(ctx); + BIO_free(in); + return rv; +} diff --git a/deps/openssl/openssl/demos/pkey/EVP_PKEY_EC_keygen.c b/deps/openssl/openssl/demos/pkey/EVP_PKEY_EC_keygen.c new file mode 100644 index 00000000000000..fa862bdaa07ef6 --- /dev/null +++ b/deps/openssl/openssl/demos/pkey/EVP_PKEY_EC_keygen.c @@ -0,0 +1,155 @@ +/*- + * Copyright 2021-2022 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +/* + * Example showing how to generate an EC key and extract values from the + * generated key. + */ + +#include +#include +#include +#include +#include + +static int get_key_values(EVP_PKEY *pkey); + +/* + * The following code shows how to generate an EC key from a curve name + * with additional parameters. If only the curve name is required then the + * simple helper can be used instead i.e. Either + * pkey = EVP_EC_gen(curvename); OR + * pkey = EVP_PKEY_Q_keygen(libctx, propq, "EC", curvename); + */ +static EVP_PKEY *do_ec_keygen(void) +{ + /* + * The libctx and propq can be set if required, they are included here + * to show how they are passed to EVP_PKEY_CTX_new_from_name(). + */ + OSSL_LIB_CTX *libctx = NULL; + const char *propq = NULL; + EVP_PKEY *key = NULL; + OSSL_PARAM params[3]; + EVP_PKEY_CTX *genctx = NULL; + const char *curvename = "P-256"; + int use_cofactordh = 1; + + genctx = EVP_PKEY_CTX_new_from_name(libctx, "EC", propq); + if (genctx == NULL) { + fprintf(stderr, "EVP_PKEY_CTX_new_from_name() failed\n"); + goto cleanup; + } + + if (EVP_PKEY_keygen_init(genctx) <= 0) { + fprintf(stderr, "EVP_PKEY_keygen_init() failed\n"); + goto cleanup; + } + + params[0] = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_GROUP_NAME, + (char *)curvename, 0); + /* + * This is an optional parameter. + * For many curves where the cofactor is 1, setting this has no effect. + */ + params[1] = OSSL_PARAM_construct_int(OSSL_PKEY_PARAM_USE_COFACTOR_ECDH, + &use_cofactordh); + params[2] = OSSL_PARAM_construct_end(); + if (!EVP_PKEY_CTX_set_params(genctx, params)) { + fprintf(stderr, "EVP_PKEY_CTX_set_params() failed\n"); + goto cleanup; + } + + fprintf(stdout, "Generating EC key\n\n"); + if (EVP_PKEY_generate(genctx, &key) <= 0) { + fprintf(stderr, "EVP_PKEY_generate() failed\n"); + goto cleanup; + } +cleanup: + EVP_PKEY_CTX_free(genctx); + return key; +} + +/* + * The following code shows how retrieve key data from the generated + * EC key. See doc/man7/EVP_PKEY-EC.pod for more information. + * + * EVP_PKEY_print_private() could also be used to display the values. + */ +static int get_key_values(EVP_PKEY *pkey) +{ + int result = 0; + char out_curvename[80]; + unsigned char out_pubkey[80]; + unsigned char out_privkey[80]; + BIGNUM *out_priv = NULL; + size_t out_pubkey_len, out_privkey_len = 0; + + if (!EVP_PKEY_get_utf8_string_param(pkey, OSSL_PKEY_PARAM_GROUP_NAME, + out_curvename, sizeof(out_curvename), + NULL)) { + fprintf(stderr, "Failed to get curve name\n"); + goto cleanup; + } + + if (!EVP_PKEY_get_octet_string_param(pkey, OSSL_PKEY_PARAM_PUB_KEY, + out_pubkey, sizeof(out_pubkey), + &out_pubkey_len)) { + fprintf(stderr, "Failed to get public key\n"); + goto cleanup; + } + + if (!EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_PRIV_KEY, &out_priv)) { + fprintf(stderr, "Failed to get private key\n"); + goto cleanup; + } + + out_privkey_len = BN_bn2bin(out_priv, out_privkey); + if (out_privkey_len <= 0 || out_privkey_len > sizeof(out_privkey)) { + fprintf(stderr, "BN_bn2bin failed\n"); + goto cleanup; + } + + fprintf(stdout, "Curve name: %s\n", out_curvename); + fprintf(stdout, "Public key:\n"); + BIO_dump_indent_fp(stdout, out_pubkey, out_pubkey_len, 2); + fprintf(stdout, "Private Key:\n"); + BIO_dump_indent_fp(stdout, out_privkey, out_privkey_len, 2); + + result = 1; +cleanup: + /* Zeroize the private key data when we free it */ + BN_clear_free(out_priv); + return result; +} + +int main(void) +{ + int result = 0; + EVP_PKEY *pkey; + + pkey = do_ec_keygen(); + if (pkey == NULL) + goto cleanup; + + if (!get_key_values(pkey)) + goto cleanup; + + /* + * At this point we can write out the generated key using + * i2d_PrivateKey() and i2d_PublicKey() if required. + */ + result = 1; +cleanup: + if (result != 1) + ERR_print_errors_fp(stderr); + + EVP_PKEY_free(pkey); + return result == 0; +} diff --git a/deps/openssl/openssl/demos/pkey/EVP_PKEY_RSA_keygen.c b/deps/openssl/openssl/demos/pkey/EVP_PKEY_RSA_keygen.c new file mode 100644 index 00000000000000..fbecfb6bdb0ab7 --- /dev/null +++ b/deps/openssl/openssl/demos/pkey/EVP_PKEY_RSA_keygen.c @@ -0,0 +1,289 @@ +/*- + * Copyright 2022 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +/* + * Example showing how to generate an RSA key pair. + * + * When generating an RSA key, you must specify the number of bits in the key. A + * reasonable value would be 4096. Avoid using values below 2048. These values + * are reasonable as of 2022. + */ + +#include +#include +#include +#include +#include +#include +#include + +/* A property query used for selecting algorithm implementations. */ +static const char *propq = NULL; + +/* + * Generates an RSA public-private key pair and returns it. + * The number of bits is specified by the bits argument. + * + * This uses the long way of generating an RSA key. + */ +static EVP_PKEY *generate_rsa_key_long(OSSL_LIB_CTX *libctx, unsigned int bits) +{ + EVP_PKEY_CTX *genctx = NULL; + EVP_PKEY *pkey = NULL; + unsigned int primes = 2; + + /* Create context using RSA algorithm. "RSA-PSS" could also be used here. */ + genctx = EVP_PKEY_CTX_new_from_name(libctx, "RSA", propq); + if (genctx == NULL) { + fprintf(stderr, "EVP_PKEY_CTX_new_from_name() failed\n"); + goto cleanup; + } + + /* Initialize context for key generation purposes. */ + if (EVP_PKEY_keygen_init(genctx) <= 0) { + fprintf(stderr, "EVP_PKEY_keygen_init() failed\n"); + goto cleanup; + } + + /* + * Here we set the number of bits to use in the RSA key. + * See comment at top of file for information on appropriate values. + */ + if (EVP_PKEY_CTX_set_rsa_keygen_bits(genctx, bits) <= 0) { + fprintf(stderr, "EVP_PKEY_CTX_set_rsa_keygen_bits() failed\n"); + goto cleanup; + } + + /* + * It is possible to create an RSA key using more than two primes. + * Do not do this unless you know why you need this. + * You ordinarily do not need to specify this, as the default is two. + * + * Both of these parameters can also be set via EVP_PKEY_CTX_set_params, but + * these functions provide a more concise way to do so. + */ + if (EVP_PKEY_CTX_set_rsa_keygen_primes(genctx, primes) <= 0) { + fprintf(stderr, "EVP_PKEY_CTX_set_rsa_keygen_primes() failed\n"); + goto cleanup; + } + + /* + * Generating an RSA key with a number of bits large enough to be secure for + * modern applications can take a fairly substantial amount of time (e.g. + * one second). If you require fast key generation, consider using an EC key + * instead. + * + * If you require progress information during the key generation process, + * you can set a progress callback using EVP_PKEY_set_cb; see the example in + * EVP_PKEY_generate(3). + */ + fprintf(stderr, "Generating RSA key, this may take some time...\n"); + if (EVP_PKEY_generate(genctx, &pkey) <= 0) { + fprintf(stderr, "EVP_PKEY_generate() failed\n"); + goto cleanup; + } + + /* pkey is now set to an object representing the generated key pair. */ + +cleanup: + EVP_PKEY_CTX_free(genctx); + return pkey; +} + +/* + * Generates an RSA public-private key pair and returns it. + * The number of bits is specified by the bits argument. + * + * This uses a more concise way of generating an RSA key, which is suitable for + * simple cases. It is used if -s is passed on the command line, otherwise the + * long method above is used. The ability to choose between these two methods is + * shown here only for demonstration; the results are equivalent. + */ +static EVP_PKEY *generate_rsa_key_short(OSSL_LIB_CTX *libctx, unsigned int bits) +{ + EVP_PKEY *pkey = NULL; + + fprintf(stderr, "Generating RSA key, this may take some time...\n"); + pkey = EVP_PKEY_Q_keygen(libctx, propq, "RSA", (size_t)bits); + + if (pkey == NULL) + fprintf(stderr, "EVP_PKEY_Q_keygen() failed\n"); + + return pkey; +} + +/* + * Prints information on an EVP_PKEY object representing an RSA key pair. + */ +static int dump_key(const EVP_PKEY *pkey) +{ + int rv = 0; + int bits = 0; + BIGNUM *n = NULL, *e = NULL, *d = NULL, *p = NULL, *q = NULL; + + /* + * Retrieve value of n. This value is not secret and forms part of the + * public key. + * + * Calling EVP_PKEY_get_bn_param with a NULL BIGNUM pointer causes + * a new BIGNUM to be allocated, so these must be freed subsequently. + */ + if (EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_N, &n) == 0) { + fprintf(stderr, "Failed to retrieve n\n"); + goto cleanup; + } + + /* + * Retrieve value of e. This value is not secret and forms part of the + * public key. It is typically 65537 and need not be changed. + */ + if (EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_E, &e) == 0) { + fprintf(stderr, "Failed to retrieve e\n"); + goto cleanup; + } + + /* + * Retrieve value of d. This value is secret and forms part of the private + * key. It must not be published. + */ + if (EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_D, &d) == 0) { + fprintf(stderr, "Failed to retrieve d\n"); + goto cleanup; + } + + /* + * Retrieve value of the first prime factor, commonly known as p. This value + * is secret and forms part of the private key. It must not be published. + */ + if (EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_FACTOR1, &p) == 0) { + fprintf(stderr, "Failed to retrieve p\n"); + goto cleanup; + } + + /* + * Retrieve value of the second prime factor, commonly known as q. This value + * is secret and forms part of the private key. It must not be published. + * + * If you are creating an RSA key with more than two primes for special + * applications, you can retrieve these primes with + * OSSL_PKEY_PARAM_RSA_FACTOR3, etc. + */ + if (EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_FACTOR2, &q) == 0) { + fprintf(stderr, "Failed to retrieve q\n"); + goto cleanup; + } + + /* + * We can also retrieve the key size in bits for informational purposes. + */ + if (EVP_PKEY_get_int_param(pkey, OSSL_PKEY_PARAM_BITS, &bits) == 0) { + fprintf(stderr, "Failed to retrieve bits\n"); + goto cleanup; + } + + /* Output hexadecimal representations of the BIGNUM objects. */ + fprintf(stdout, "\nNumber of bits: %d\n\n", bits); + fprintf(stderr, "Public values:\n"); + fprintf(stdout, " n = 0x"); + BN_print_fp(stdout, n); + fprintf(stdout, "\n"); + + fprintf(stdout, " e = 0x"); + BN_print_fp(stdout, e); + fprintf(stdout, "\n\n"); + + fprintf(stdout, "Private values:\n"); + fprintf(stdout, " d = 0x"); + BN_print_fp(stdout, d); + fprintf(stdout, "\n"); + + fprintf(stdout, " p = 0x"); + BN_print_fp(stdout, p); + fprintf(stdout, "\n"); + + fprintf(stdout, " q = 0x"); + BN_print_fp(stdout, q); + fprintf(stdout, "\n\n"); + + /* Output a PEM encoding of the public key. */ + if (PEM_write_PUBKEY(stdout, pkey) == 0) { + fprintf(stderr, "Failed to output PEM-encoded public key\n"); + goto cleanup; + } + + /* + * Output a PEM encoding of the private key. Please note that this output is + * not encrypted. You may wish to use the arguments to specify encryption of + * the key if you are storing it on disk. See PEM_write_PrivateKey(3). + */ + if (PEM_write_PrivateKey(stdout, pkey, NULL, NULL, 0, NULL, NULL) == 0) { + fprintf(stderr, "Failed to output PEM-encoded private key\n"); + goto cleanup; + } + + rv = 1; +cleanup: + BN_free(n); /* not secret */ + BN_free(e); /* not secret */ + BN_clear_free(d); /* secret - scrub before freeing */ + BN_clear_free(p); /* secret - scrub before freeing */ + BN_clear_free(q); /* secret - scrub before freeing */ + return rv; +} + +int main(int argc, char **argv) +{ + int rv = 1; + OSSL_LIB_CTX *libctx = NULL; + EVP_PKEY *pkey = NULL; + unsigned int bits = 4096; + int bits_i, use_short = 0; + + /* usage: [-s] [] */ + if (argc > 1 && strcmp(argv[1], "-s") == 0) { + --argc; + ++argv; + use_short = 1; + } + + if (argc > 1) { + bits_i = atoi(argv[1]); + if (bits < 512) { + fprintf(stderr, "Invalid RSA key size\n"); + return 1; + } + + bits = (unsigned int)bits_i; + } + + /* Avoid using key sizes less than 2048 bits; see comment at top of file. */ + if (bits < 2048) + fprintf(stderr, "Warning: very weak key size\n\n"); + + /* Generate RSA key. */ + if (use_short) + pkey = generate_rsa_key_short(libctx, bits); + else + pkey = generate_rsa_key_long(libctx, bits); + + if (pkey == NULL) + goto cleanup; + + /* Dump the integers comprising the key. */ + if (dump_key(pkey) == 0) { + fprintf(stderr, "Failed to dump key\n"); + goto cleanup; + } + + rv = 0; +cleanup: + EVP_PKEY_free(pkey); + OSSL_LIB_CTX_free(libctx); + return rv; +} diff --git a/deps/openssl/openssl/demos/pkey/Makefile b/deps/openssl/openssl/demos/pkey/Makefile new file mode 100644 index 00000000000000..9e7013003d6138 --- /dev/null +++ b/deps/openssl/openssl/demos/pkey/Makefile @@ -0,0 +1,37 @@ +# +# To run the demos when linked with a shared library (default): +# +# LD_LIBRARY_PATH=../.. ./EVP_PKEY_EC_keygen +# LD_LIBRARY_PATH=../.. ./EVP_PKEY_RSA_keygen +# LD_LIBRARY_PATH=../.. ./EVP_PKEY_DSA_keygen +# LD_LIBRARY_PATH=../.. ./EVP_PKEY_DSA_paramgen +# LD_LIBRARY_PATH=../.. ./EVP_PKEY_DSA_paramvalidate +# LD_LIBRARY_PATH=../.. ./EVP_PKEY_DSA_paramfromdata + +CFLAGS = -I../../include -g -Wall +LDFLAGS = -L../.. +LDLIBS = -lcrypto + +all: EVP_PKEY_EC_keygen EVP_PKEY_RSA_keygen EVP_PKEY_DSA_keygen \ + EVP_PKEY_DSA_paramgen EVP_PKEY_DSA_paramvalidate EVP_PKEY_DSA_paramfromdata \ + +%.o: %.c dsa.inc + $(CC) $(CFLAGS) -c $< + +EVP_PKEY_EC_keygen: EVP_PKEY_EC_keygen.o + +EVP_PKEY_RSA_keygen: EVP_PKEY_RSA_keygen.o + +EVP_PKEY_DSA_keygen: EVP_PKEY_DSA_keygen.o + +EVP_PKEY_DSA_paramgen: EVP_PKEY_DSA_paramgen.o + +EVP_PKEY_DSA_paramvalidate: EVP_PKEY_DSA_paramvalidate.o + +EVP_PKEY_DSA_paramfromdata: EVP_PKEY_DSA_paramfromdata.o + +test: ; + +clean: + $(RM) *.o EVP_PKEY_EC_keygen EVP_PKEY_RSA_keygen EVP_PKEY_DSA_keygen \ + EVP_PKEY_DSA_paramgen EVP_PKEY_DSA_paramfromdata EVP_PKEY_DSA_paramvalidate diff --git a/deps/openssl/openssl/demos/pkey/dsa.inc b/deps/openssl/openssl/demos/pkey/dsa.inc new file mode 100644 index 00000000000000..82c65057eb2af4 --- /dev/null +++ b/deps/openssl/openssl/demos/pkey/dsa.inc @@ -0,0 +1,172 @@ +/*- + * Copyright 2022 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include +#include + +/* Raw DSA params for P, Q and G */ +static const unsigned char dsa_p[] = { + 0xa2, 0x9b, 0x88, 0x72, 0xce, 0x8b, 0x84, 0x23, + 0xb7, 0xd5, 0xd2, 0x1d, 0x4b, 0x02, 0xf5, 0x7e, + 0x03, 0xe9, 0xe6, 0xb8, 0xa2, 0x58, 0xdc, 0x16, + 0x61, 0x1b, 0xa0, 0x98, 0xab, 0x54, 0x34, 0x15, + 0xe4, 0x15, 0xf1, 0x56, 0x99, 0x7a, 0x3e, 0xe2, + 0x36, 0x65, 0x8f, 0xa0, 0x93, 0x26, 0x0d, 0xe3, + 0xad, 0x42, 0x2e, 0x05, 0xe0, 0x46, 0xf9, 0xec, + 0x29, 0x16, 0x1a, 0x37, 0x5f, 0x0e, 0xb4, 0xef, + 0xfc, 0xef, 0x58, 0x28, 0x5c, 0x5d, 0x39, 0xed, + 0x42, 0x5d, 0x7a, 0x62, 0xca, 0x12, 0x89, 0x6c, + 0x4a, 0x92, 0xcb, 0x19, 0x46, 0xf2, 0x95, 0x2a, + 0x48, 0x13, 0x3f, 0x07, 0xda, 0x36, 0x4d, 0x1b, + 0xdf, 0x6b, 0x0f, 0x71, 0x39, 0x98, 0x3e, 0x69, + 0x3c, 0x80, 0x05, 0x9b, 0x0e, 0xac, 0xd1, 0x47, + 0x9b, 0xa9, 0xf2, 0x85, 0x77, 0x54, 0xed, 0xe7, + 0x5f, 0x11, 0x2b, 0x07, 0xeb, 0xbf, 0x35, 0x34, + 0x8b, 0xbf, 0x3e, 0x01, 0xe0, 0x2f, 0x2d, 0x47, + 0x3d, 0xe3, 0x94, 0x53, 0xf9, 0x9d, 0xd2, 0x36, + 0x75, 0x41, 0xca, 0xca, 0x3b, 0xa0, 0x11, 0x66, + 0x34, 0x3d, 0x7b, 0x5b, 0x58, 0xa3, 0x7b, 0xd1, + 0xb7, 0x52, 0x1d, 0xb2, 0xf1, 0x3b, 0x86, 0x70, + 0x71, 0x32, 0xfe, 0x09, 0xf4, 0xcd, 0x09, 0xdc, + 0x16, 0x18, 0xfa, 0x34, 0x01, 0xeb, 0xf9, 0xcc, + 0x7b, 0x19, 0xfa, 0x94, 0xaa, 0x47, 0x20, 0x88, + 0x13, 0x3d, 0x6c, 0xb2, 0xd3, 0x5c, 0x11, 0x79, + 0xc8, 0xc8, 0xff, 0x36, 0x87, 0x58, 0xd5, 0x07, + 0xd9, 0xf9, 0xa1, 0x7d, 0x46, 0xc1, 0x10, 0xfe, + 0x31, 0x44, 0xce, 0x9b, 0x02, 0x2b, 0x42, 0xe4, + 0x19, 0xeb, 0x4f, 0x53, 0x88, 0x61, 0x3b, 0xfc, + 0x3e, 0x26, 0x24, 0x1a, 0x43, 0x2e, 0x87, 0x06, + 0xbc, 0x58, 0xef, 0x76, 0x11, 0x72, 0x78, 0xde, + 0xab, 0x6c, 0xf6, 0x92, 0x61, 0x82, 0x91, 0xb7 +}; + +static const unsigned char dsa_q[] = { + 0xa3, 0xbf, 0xd9, 0xab, 0x78, 0x84, 0x79, 0x4e, + 0x38, 0x34, 0x50, 0xd5, 0x89, 0x1d, 0xc1, 0x8b, + 0x65, 0x15, 0x7b, 0xdc, 0xfc, 0xda, 0xc5, 0x15, + 0x18, 0x90, 0x28, 0x67 +}; + +static const unsigned char dsa_g[] = { + 0x68, 0x19, 0x27, 0x88, 0x69, 0xc7, 0xfd, 0x3d, + 0x2d, 0x7b, 0x77, 0xf7, 0x7e, 0x81, 0x50, 0xd9, + 0xad, 0x43, 0x3b, 0xea, 0x3b, 0xa8, 0x5e, 0xfc, + 0x80, 0x41, 0x5a, 0xa3, 0x54, 0x5f, 0x78, 0xf7, + 0x22, 0x96, 0xf0, 0x6c, 0xb1, 0x9c, 0xed, 0xa0, + 0x6c, 0x94, 0xb0, 0x55, 0x1c, 0xfe, 0x6e, 0x6f, + 0x86, 0x3e, 0x31, 0xd1, 0xde, 0x6e, 0xed, 0x7d, + 0xab, 0x8b, 0x0c, 0x9d, 0xf2, 0x31, 0xe0, 0x84, + 0x34, 0xd1, 0x18, 0x4f, 0x91, 0xd0, 0x33, 0x69, + 0x6b, 0xb3, 0x82, 0xf8, 0x45, 0x5e, 0x98, 0x88, + 0xf5, 0xd3, 0x1d, 0x47, 0x84, 0xec, 0x40, 0x12, + 0x02, 0x46, 0xf4, 0xbe, 0xa6, 0x17, 0x94, 0xbb, + 0xa5, 0x86, 0x6f, 0x09, 0x74, 0x64, 0x63, 0xbd, + 0xf8, 0xe9, 0xe1, 0x08, 0xcd, 0x95, 0x29, 0xc3, + 0xd0, 0xf6, 0xdf, 0x80, 0x31, 0x6e, 0x2e, 0x70, + 0xaa, 0xeb, 0x1b, 0x26, 0xcd, 0xb8, 0xad, 0x97, + 0xbc, 0x3d, 0x28, 0x7e, 0x0b, 0x8d, 0x61, 0x6c, + 0x42, 0xe6, 0x5b, 0x87, 0xdb, 0x20, 0xde, 0xb7, + 0x00, 0x5b, 0xc4, 0x16, 0x74, 0x7a, 0x64, 0x70, + 0x14, 0x7a, 0x68, 0xa7, 0x82, 0x03, 0x88, 0xeb, + 0xf4, 0x4d, 0x52, 0xe0, 0x62, 0x8a, 0xf9, 0xcf, + 0x1b, 0x71, 0x66, 0xd0, 0x34, 0x65, 0xf3, 0x5a, + 0xcc, 0x31, 0xb6, 0x11, 0x0c, 0x43, 0xda, 0xbc, + 0x7c, 0x5d, 0x59, 0x1e, 0x67, 0x1e, 0xaf, 0x7c, + 0x25, 0x2c, 0x1c, 0x14, 0x53, 0x36, 0xa1, 0xa4, + 0xdd, 0xf1, 0x32, 0x44, 0xd5, 0x5e, 0x83, 0x56, + 0x80, 0xca, 0xb2, 0x53, 0x3b, 0x82, 0xdf, 0x2e, + 0xfe, 0x55, 0xec, 0x18, 0xc1, 0xe6, 0xcd, 0x00, + 0x7b, 0xb0, 0x89, 0x75, 0x8b, 0xb1, 0x7c, 0x2c, + 0xbe, 0x14, 0x44, 0x1b, 0xd0, 0x93, 0xae, 0x66, + 0xe5, 0x97, 0x6d, 0x53, 0x73, 0x3f, 0x4f, 0xa3, + 0x26, 0x97, 0x01, 0xd3, 0x1d, 0x23, 0xd4, 0x67 +}; + +/* Helper function to retrieve and print a key BIGNUM field */ +static void print_bn(BIO *bio, const EVP_PKEY *pkey, const char *name) +{ + BIGNUM *bn = NULL; + + if (EVP_PKEY_get_bn_param(pkey, name, &bn) == 0) + return; + + BIO_printf(bio, " %s = 0x", name); + BN_print(bio, bn); + BIO_printf(bio, "\n"); + BN_clear_free(bn); +} + +/* + * Print DSA key info + * + * This method shows how to extract DSA data from an EVP_PKEY. + * There are simpler ways to print using EVP_PKEY_print_XXXX(). + */ +static int dsa_print_key(const EVP_PKEY *pkey, int keypair, + OSSL_LIB_CTX *libctx, const char *propq) +{ + + int rv = 0, gindex, counter; + BIO *bio = BIO_new_fp(stdout, BIO_NOCLOSE); + unsigned char seed[2048]; + size_t seedlen; + + if (bio == NULL) + return 0; + + /* Output hexadecimal representations of the BIGNUM objects. */ + BIO_printf(bio, "\nPublic values:\n"); + print_bn(bio, pkey, OSSL_PKEY_PARAM_FFC_P); + print_bn(bio, pkey, OSSL_PKEY_PARAM_FFC_Q); + print_bn(bio, pkey, OSSL_PKEY_PARAM_FFC_G); + + if (EVP_PKEY_get_octet_string_param(pkey, OSSL_PKEY_PARAM_FFC_SEED, seed, + sizeof(seed), &seedlen) > 0) { + BIO_printf(bio, " %s\n", OSSL_PKEY_PARAM_FFC_SEED); + BIO_dump(bio, seed, seedlen); + } + if (EVP_PKEY_get_int_param(pkey, OSSL_PKEY_PARAM_FFC_GINDEX, &gindex) > 0) { + if (gindex != -1) + BIO_printf(bio, " %s = %d\n", OSSL_PKEY_PARAM_FFC_GINDEX, gindex); + } + if (EVP_PKEY_get_int_param(pkey, OSSL_PKEY_PARAM_FFC_PCOUNTER, &counter) > 0) { + if (counter != -1) + BIO_printf(bio, " %s = %d\n", OSSL_PKEY_PARAM_FFC_PCOUNTER, counter); + } + + if (keypair) { + fprintf(stdout, "\nPrivate value:\n"); + print_bn(bio, pkey, OSSL_PKEY_PARAM_PRIV_KEY); + + /* Output a PEM encoding of the public key. */ + if (PEM_write_bio_PUBKEY_ex(bio, pkey, libctx, propq) == 0) { + fprintf(stderr, "Failed to output PEM-encoded public key\n"); + goto cleanup; + } + + /* + * Output a PEM encoding of the private key. Please note that this output is + * not encrypted. You may wish to use the arguments to specify encryption of + * the key if you are storing it on disk. See PEM_write_bio_PrivateKey_ex(3). + */ + if (PEM_write_bio_PrivateKey_ex(bio, pkey, NULL, NULL, 0, NULL, NULL, libctx, propq) == 0) { + fprintf(stderr, "Failed to output PEM-encoded private key\n"); + goto cleanup; + } + } else { + if (PEM_write_bio_Parameters(bio, pkey) == 0) { + fprintf(stderr, "Failed to output PEM-encoded params\n"); + goto cleanup; + } + } + rv = 1; +cleanup: + BIO_free(bio); + return rv; +} diff --git a/deps/openssl/openssl/demos/signature/EVP_Signature_demo.c b/deps/openssl/openssl/demos/signature/EVP_Signature_demo.c new file mode 100644 index 00000000000000..123c95c26ad8a1 --- /dev/null +++ b/deps/openssl/openssl/demos/signature/EVP_Signature_demo.c @@ -0,0 +1,235 @@ +/*- + * Copyright 2021 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +/* + * An example that uses the EVP_MD*, EVP_DigestSign* and EVP_DigestVerify* + * methods to calculate and verify a signature of two static buffers. + */ + +#include +#include +#include +#include +#include +#include "EVP_Signature_demo.h" + +/* + * This demonstration will calculate and verify a signature of data using + * the soliloquy from Hamlet scene 1 act 3 + */ + +static const char *hamlet_1 = + "To be, or not to be, that is the question,\n" + "Whether tis nobler in the minde to suffer\n" + "The slings and arrowes of outragious fortune,\n" + "Or to take Armes again in a sea of troubles,\n" +; +static const char *hamlet_2 = + "And by opposing, end them, to die to sleep;\n" + "No more, and by a sleep, to say we end\n" + "The heart-ache, and the thousand natural shocks\n" + "That flesh is heir to? tis a consumation\n" +; + +/* + * For demo_sign, load EC private key priv_key from priv_key_der[]. + * For demo_verify, load EC public key pub_key from pub_key_der[]. + */ +static EVP_PKEY *get_key(OSSL_LIB_CTX *libctx, const char *propq, int public) +{ + OSSL_DECODER_CTX *dctx = NULL; + EVP_PKEY *pkey = NULL; + int selection; + const unsigned char *data; + size_t data_len; + + if (public) { + selection = EVP_PKEY_PUBLIC_KEY; + data = pub_key_der; + data_len = sizeof(pub_key_der); + } else { + selection = EVP_PKEY_KEYPAIR; + data = priv_key_der; + data_len = sizeof(priv_key_der); + } + dctx = OSSL_DECODER_CTX_new_for_pkey(&pkey, "DER", NULL, "EC", + selection, libctx, propq); + (void)OSSL_DECODER_from_data(dctx, &data, &data_len); + OSSL_DECODER_CTX_free(dctx); + if (pkey == NULL) + fprintf(stderr, "Failed to load %s key.\n", public ? "public" : "private"); + return pkey; +} + +static int demo_sign(OSSL_LIB_CTX *libctx, const char *sig_name, + size_t *sig_out_len, unsigned char **sig_out_value) +{ + int result = 0, public = 0; + size_t sig_len; + unsigned char *sig_value = NULL; + const char *propq = NULL; + EVP_MD_CTX *sign_context = NULL; + EVP_PKEY *priv_key = NULL; + + /* Get private key */ + priv_key = get_key(libctx, propq, public); + if (priv_key == NULL) { + fprintf(stderr, "Get private key failed.\n"); + goto cleanup; + } + /* + * Make a message signature context to hold temporary state + * during signature creation + */ + sign_context = EVP_MD_CTX_new(); + if (sign_context == NULL) { + fprintf(stderr, "EVP_MD_CTX_new failed.\n"); + goto cleanup; + } + /* + * Initialize the sign context to use the fetched + * sign provider. + */ + if (!EVP_DigestSignInit_ex(sign_context, NULL, sig_name, + libctx, NULL, priv_key, NULL)) { + fprintf(stderr, "EVP_DigestSignInit_ex failed.\n"); + goto cleanup; + } + /* + * EVP_DigestSignUpdate() can be called several times on the same context + * to include additional data. + */ + if (!EVP_DigestSignUpdate(sign_context, hamlet_1, strlen(hamlet_1))) { + fprintf(stderr, "EVP_DigestSignUpdate(hamlet_1) failed.\n"); + goto cleanup; + } + if (!EVP_DigestSignUpdate(sign_context, hamlet_2, strlen(hamlet_2))) { + fprintf(stderr, "EVP_DigestSignUpdate(hamlet_2) failed.\n"); + goto cleanup; + } + /* Call EVP_DigestSignFinal to get signature length sig_len */ + if (!EVP_DigestSignFinal(sign_context, NULL, &sig_len)) { + fprintf(stderr, "EVP_DigestSignFinal failed.\n"); + goto cleanup; + } + if (sig_len <= 0) { + fprintf(stderr, "EVP_DigestSignFinal returned invalid signature length.\n"); + goto cleanup; + } + sig_value = OPENSSL_malloc(sig_len); + if (sig_value == NULL) { + fprintf(stderr, "No memory.\n"); + goto cleanup; + } + if (!EVP_DigestSignFinal(sign_context, sig_value, &sig_len)) { + fprintf(stderr, "EVP_DigestSignFinal failed.\n"); + goto cleanup; + } + *sig_out_len = sig_len; + *sig_out_value = sig_value; + fprintf(stdout, "Generating signature:\n"); + BIO_dump_indent_fp(stdout, sig_value, sig_len, 2); + fprintf(stdout, "\n"); + result = 1; + +cleanup: + /* OpenSSL free functions will ignore NULL arguments */ + if (!result) + OPENSSL_free(sig_value); + EVP_PKEY_free(priv_key); + EVP_MD_CTX_free(sign_context); + return result; +} + +static int demo_verify(OSSL_LIB_CTX *libctx, const char *sig_name, + size_t sig_len, unsigned char *sig_value) +{ + int result = 0, public = 1; + const char *propq = NULL; + EVP_MD_CTX *verify_context = NULL; + EVP_PKEY *pub_key = NULL; + + /* + * Make a verify signature context to hold temporary state + * during signature verification + */ + verify_context = EVP_MD_CTX_new(); + if (verify_context == NULL) { + fprintf(stderr, "EVP_MD_CTX_new failed.\n"); + goto cleanup; + } + /* Get public key */ + pub_key = get_key(libctx, propq, public); + if (pub_key == NULL) { + fprintf(stderr, "Get public key failed.\n"); + goto cleanup; + } + /* Verify */ + if (!EVP_DigestVerifyInit_ex(verify_context, NULL, sig_name, + libctx, NULL, pub_key, NULL)) { + fprintf(stderr, "EVP_DigestVerifyInit failed.\n"); + goto cleanup; + } + /* + * EVP_DigestVerifyUpdate() can be called several times on the same context + * to include additional data. + */ + if (!EVP_DigestVerifyUpdate(verify_context, hamlet_1, strlen(hamlet_1))) { + fprintf(stderr, "EVP_DigestVerifyUpdate(hamlet_1) failed.\n"); + goto cleanup; + } + if (!EVP_DigestVerifyUpdate(verify_context, hamlet_2, strlen(hamlet_2))) { + fprintf(stderr, "EVP_DigestVerifyUpdate(hamlet_2) failed.\n"); + goto cleanup; + } + if (EVP_DigestVerifyFinal(verify_context, sig_value, sig_len) <= 0) { + fprintf(stderr, "EVP_DigestVerifyFinal failed.\n"); + goto cleanup; + } + fprintf(stdout, "Signature verified.\n"); + result = 1; + +cleanup: + /* OpenSSL free functions will ignore NULL arguments */ + EVP_PKEY_free(pub_key); + EVP_MD_CTX_free(verify_context); + return result; +} + +int main(void) +{ + OSSL_LIB_CTX *libctx = NULL; + const char *sig_name = "SHA3-512"; + size_t sig_len = 0; + unsigned char *sig_value = NULL; + int result = 0; + + libctx = OSSL_LIB_CTX_new(); + if (libctx == NULL) { + fprintf(stderr, "OSSL_LIB_CTX_new() returned NULL\n"); + goto cleanup; + } + if (!demo_sign(libctx, sig_name, &sig_len, &sig_value)) { + fprintf(stderr, "demo_sign failed.\n"); + goto cleanup; + } + if (!demo_verify(libctx, sig_name, sig_len, sig_value)) { + fprintf(stderr, "demo_verify failed.\n"); + goto cleanup; + } + result = 1; + +cleanup: + if (result != 1) + ERR_print_errors_fp(stderr); + /* OpenSSL free functions will ignore NULL arguments */ + OSSL_LIB_CTX_free(libctx); + OPENSSL_free(sig_value); + return result == 0; +} diff --git a/deps/openssl/openssl/demos/signature/EVP_Signature_demo.h b/deps/openssl/openssl/demos/signature/EVP_Signature_demo.h new file mode 100644 index 00000000000000..aef3e60783e85a --- /dev/null +++ b/deps/openssl/openssl/demos/signature/EVP_Signature_demo.h @@ -0,0 +1,76 @@ +/*- + * Copyright 2021 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +/* Signers private EC key */ +static const unsigned char priv_key_der[] = { +0x30, 0x82, 0x01, 0x68, 0x02, 0x01, 0x01, 0x04, 0x20, 0x51, 0x77, 0xae, +0xf4, 0x18, 0xf4, 0x6b, 0xc4, 0xe5, 0xbb, 0xe9, 0xe6, 0x9e, 0x6d, 0xb0, +0xea, 0x12, 0xf9, 0xf3, 0xdb, 0x9d, 0x56, 0x59, 0xf7, 0x5a, 0x17, 0xd7, +0xd1, 0xe4, 0xd7, 0x47, 0x28, 0xa0, 0x81, 0xfa, 0x30, 0x81, 0xf7, 0x02, +0x01, 0x01, 0x30, 0x2c, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x01, +0x01, 0x02, 0x21, 0x00, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00, 0x01, +0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, +0x30, 0x5b, 0x04, 0x20, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00, 0x01, +0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xfc, +0x04, 0x20, 0x5a, 0xc6, 0x35, 0xd8, 0xaa, 0x3a, 0x93, 0xe7, 0xb3, 0xeb, +0xbd, 0x55, 0x76, 0x98, 0x86, 0xbc, 0x65, 0x1d, 0x06, 0xb0, 0xcc, 0x53, +0xb0, 0xf6, 0x3b, 0xce, 0x3c, 0x3e, 0x27, 0xd2, 0x60, 0x4b, 0x03, 0x15, +0x00, 0xc4, 0x9d, 0x36, 0x08, 0x86, 0xe7, 0x04, 0x93, 0x6a, 0x66, 0x78, +0xe1, 0x13, 0x9d, 0x26, 0xb7, 0x81, 0x9f, 0x7e, 0x90, 0x04, 0x41, 0x04, +0x6b, 0x17, 0xd1, 0xf2, 0xe1, 0x2c, 0x42, 0x47, 0xf8, 0xbc, 0xe6, 0xe5, +0x63, 0xa4, 0x40, 0xf2, 0x77, 0x03, 0x7d, 0x81, 0x2d, 0xeb, 0x33, 0xa0, +0xf4, 0xa1, 0x39, 0x45, 0xd8, 0x98, 0xc2, 0x96, 0x4f, 0xe3, 0x42, 0xe2, +0xfe, 0x1a, 0x7f, 0x9b, 0x8e, 0xe7, 0xeb, 0x4a, 0x7c, 0x0f, 0x9e, 0x16, +0x2b, 0xce, 0x33, 0x57, 0x6b, 0x31, 0x5e, 0xce, 0xcb, 0xb6, 0x40, 0x68, +0x37, 0xbf, 0x51, 0xf5, 0x02, 0x21, 0x00, 0xff, 0xff, 0xff, 0xff, 0x00, +0x00, 0x00, 0x00, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xbc, +0xe6, 0xfa, 0xad, 0xa7, 0x17, 0x9e, 0x84, 0xf3, 0xb9, 0xca, 0xc2, 0xfc, +0x63, 0x25, 0x51, 0x02, 0x01, 0x01, 0xa1, 0x44, 0x03, 0x42, 0x00, 0x04, +0x4f, 0xe7, 0x7b, 0xb6, 0xbb, 0x54, 0x42, 0x39, 0xed, 0x5d, 0xe5, 0x40, +0xc8, 0xd8, 0x71, 0xca, 0x6d, 0x83, 0x71, 0xd1, 0x88, 0x2a, 0x65, 0x00, +0x6c, 0xc6, 0x2f, 0x01, 0x31, 0x49, 0xbe, 0x76, 0x7a, 0x67, 0x6a, 0x28, +0x33, 0xc7, 0x5b, 0xb9, 0x24, 0x45, 0x24, 0x6e, 0xf0, 0x6d, 0x2f, 0x34, +0x06, 0x53, 0x73, 0x6a, 0xff, 0x90, 0x90, 0xc1, 0x6d, 0x9b, 0x94, 0x0d, +0x0e, 0x1f, 0x95, 0x65, +}; + +/* The matching public key used for verifying */ +static const unsigned char pub_key_der[] = { +0x30, 0x82, 0x01, 0x4b, 0x30, 0x82, 0x01, 0x03, 0x06, 0x07, 0x2a, 0x86, +0x48, 0xce, 0x3d, 0x02, 0x01, 0x30, 0x81, 0xf7, 0x02, 0x01, 0x01, 0x30, +0x2c, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x01, 0x01, 0x02, 0x21, +0x00, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, +0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0xff, 0xff, +0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x30, 0x5b, 0x04, +0x20, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, +0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0xff, 0xff, +0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xfc, 0x04, 0x20, 0x5a, +0xc6, 0x35, 0xd8, 0xaa, 0x3a, 0x93, 0xe7, 0xb3, 0xeb, 0xbd, 0x55, 0x76, +0x98, 0x86, 0xbc, 0x65, 0x1d, 0x06, 0xb0, 0xcc, 0x53, 0xb0, 0xf6, 0x3b, +0xce, 0x3c, 0x3e, 0x27, 0xd2, 0x60, 0x4b, 0x03, 0x15, 0x00, 0xc4, 0x9d, +0x36, 0x08, 0x86, 0xe7, 0x04, 0x93, 0x6a, 0x66, 0x78, 0xe1, 0x13, 0x9d, +0x26, 0xb7, 0x81, 0x9f, 0x7e, 0x90, 0x04, 0x41, 0x04, 0x6b, 0x17, 0xd1, +0xf2, 0xe1, 0x2c, 0x42, 0x47, 0xf8, 0xbc, 0xe6, 0xe5, 0x63, 0xa4, 0x40, +0xf2, 0x77, 0x03, 0x7d, 0x81, 0x2d, 0xeb, 0x33, 0xa0, 0xf4, 0xa1, 0x39, +0x45, 0xd8, 0x98, 0xc2, 0x96, 0x4f, 0xe3, 0x42, 0xe2, 0xfe, 0x1a, 0x7f, +0x9b, 0x8e, 0xe7, 0xeb, 0x4a, 0x7c, 0x0f, 0x9e, 0x16, 0x2b, 0xce, 0x33, +0x57, 0x6b, 0x31, 0x5e, 0xce, 0xcb, 0xb6, 0x40, 0x68, 0x37, 0xbf, 0x51, +0xf5, 0x02, 0x21, 0x00, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00, 0x00, +0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xbc, 0xe6, 0xfa, 0xad, +0xa7, 0x17, 0x9e, 0x84, 0xf3, 0xb9, 0xca, 0xc2, 0xfc, 0x63, 0x25, 0x51, +0x02, 0x01, 0x01, 0x03, 0x42, 0x00, 0x04, 0x4f, 0xe7, 0x7b, 0xb6, 0xbb, +0x54, 0x42, 0x39, 0xed, 0x5d, 0xe5, 0x40, 0xc8, 0xd8, 0x71, 0xca, 0x6d, +0x83, 0x71, 0xd1, 0x88, 0x2a, 0x65, 0x00, 0x6c, 0xc6, 0x2f, 0x01, 0x31, +0x49, 0xbe, 0x76, 0x7a, 0x67, 0x6a, 0x28, 0x33, 0xc7, 0x5b, 0xb9, 0x24, +0x45, 0x24, 0x6e, 0xf0, 0x6d, 0x2f, 0x34, 0x06, 0x53, 0x73, 0x6a, 0xff, +0x90, 0x90, 0xc1, 0x6d, 0x9b, 0x94, 0x0d, 0x0e, 0x1f, 0x95, 0x65, +}; + diff --git a/deps/openssl/openssl/demos/signature/Makefile b/deps/openssl/openssl/demos/signature/Makefile new file mode 100644 index 00000000000000..563ec7799fb8b4 --- /dev/null +++ b/deps/openssl/openssl/demos/signature/Makefile @@ -0,0 +1,22 @@ +# +# To run the demos when linked with a shared library (default): +# +# LD_LIBRARY_PATH=../.. ./EVP_Signature_demo + +CFLAGS = -I../../include -g -Wall +LDFLAGS = -L../.. +LDLIBS = -lcrypto + +all: EVP_Signature_demo rsa_pss_direct rsa_pss_hash + +%.o: %.c + $(CC) $(CFLAGS) -c $< + +EVP_Signature_demo: EVP_Signature_demo.o +rsa_pss_direct: rsa_pss_direct.o +rsa_pss_hash: rsa_pss_hash.o + +test: ; + +clean: + $(RM) *.o EVP_Signature_demo rsa_pss_direct rsa_pss_hash diff --git a/deps/openssl/openssl/demos/signature/rsa_pss.h b/deps/openssl/openssl/demos/signature/rsa_pss.h new file mode 100644 index 00000000000000..bdab9f891e3c0a --- /dev/null +++ b/deps/openssl/openssl/demos/signature/rsa_pss.h @@ -0,0 +1,256 @@ +/*- + * Copyright 2022 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +/* 4096-bit RSA private key, DER. */ +static const unsigned char rsa_priv_key[] = { + 0x30, 0x82, 0x09, 0x28, 0x02, 0x01, 0x00, 0x02, 0x82, 0x02, 0x01, 0x00, + 0xa3, 0x14, 0xe4, 0xb8, 0xd8, 0x58, 0x0d, 0xab, 0xd7, 0x87, 0xa4, 0xf6, + 0x84, 0x51, 0x74, 0x60, 0x4c, 0xe3, 0x60, 0x28, 0x89, 0x49, 0x65, 0x18, + 0x5c, 0x8f, 0x1a, 0x1b, 0xe9, 0xdb, 0xc1, 0xc1, 0xf7, 0x08, 0x27, 0x44, + 0xe5, 0x9d, 0x9a, 0x33, 0xc3, 0xac, 0x5a, 0xca, 0xba, 0x20, 0x5a, 0x9e, + 0x3a, 0x18, 0xb5, 0x3d, 0xe3, 0x9d, 0x94, 0x58, 0xa7, 0xa9, 0x5a, 0x0b, + 0x4f, 0xb8, 0xe5, 0xa3, 0x7b, 0x01, 0x11, 0x0f, 0x16, 0x11, 0xb8, 0x65, + 0x2f, 0xa8, 0x95, 0xf7, 0x58, 0x2c, 0xec, 0x1d, 0x41, 0xad, 0xd1, 0x12, + 0xca, 0x4a, 0x80, 0x35, 0x35, 0x43, 0x7e, 0xe0, 0x97, 0xfc, 0x86, 0x8f, + 0xcf, 0x4b, 0xdc, 0xbc, 0x15, 0x2c, 0x8e, 0x90, 0x84, 0x26, 0x83, 0xc1, + 0x96, 0x97, 0xf4, 0xd7, 0x90, 0xce, 0xfe, 0xd4, 0xf3, 0x70, 0x22, 0xa8, + 0xb0, 0x1f, 0xed, 0x08, 0xd7, 0xc5, 0xc0, 0xd6, 0x41, 0x6b, 0x24, 0x68, + 0x5c, 0x07, 0x1f, 0x44, 0x97, 0xd8, 0x6e, 0x18, 0x93, 0x67, 0xc3, 0xba, + 0x3a, 0xaf, 0xfd, 0xc2, 0x65, 0x00, 0x21, 0x63, 0xdf, 0xb7, 0x28, 0x68, + 0xd6, 0xc0, 0x20, 0x86, 0x92, 0xed, 0x68, 0x6a, 0x27, 0x3a, 0x07, 0xec, + 0x66, 0x00, 0xfe, 0x51, 0x51, 0x86, 0x41, 0x6f, 0x83, 0x69, 0xd2, 0xf0, + 0xe6, 0xf7, 0x61, 0xda, 0x12, 0x45, 0x53, 0x09, 0xdf, 0xf8, 0x42, 0xc7, + 0x30, 0x6a, 0xe5, 0xd8, 0x2b, 0xa2, 0x49, 0x7a, 0x05, 0x10, 0xee, 0xb2, + 0x59, 0x0a, 0xe5, 0xbe, 0xf8, 0x4d, 0x0f, 0xa8, 0x9e, 0x63, 0x81, 0x39, + 0x32, 0xaa, 0xfd, 0xa8, 0x03, 0xf6, 0xd8, 0xc6, 0xaa, 0x02, 0x93, 0x03, + 0xeb, 0x15, 0xd3, 0x38, 0xc8, 0x1a, 0x78, 0xcf, 0xf3, 0xa7, 0x9f, 0x98, + 0x4b, 0x91, 0x5b, 0x79, 0xf8, 0x4e, 0x53, 0xaf, 0x0c, 0x65, 0xe9, 0xb0, + 0x93, 0xc2, 0xcb, 0x5d, 0x3c, 0x5f, 0x6e, 0x39, 0xd2, 0x58, 0x23, 0x50, + 0xe5, 0x2e, 0xef, 0x12, 0x00, 0xa4, 0x59, 0x13, 0x2b, 0x2f, 0x2c, 0x0a, + 0x7b, 0x36, 0x89, 0xc5, 0xe5, 0x8f, 0x95, 0x5e, 0x14, 0x0f, 0x0f, 0x94, + 0x5a, 0xe9, 0xdc, 0x0b, 0x49, 0x14, 0xbe, 0x0a, 0x70, 0x45, 0xc1, 0x7c, + 0xbf, 0x83, 0x70, 0xfd, 0x3d, 0x99, 0xe6, 0x8a, 0xf5, 0x9c, 0x09, 0x71, + 0x84, 0x9a, 0x18, 0xa0, 0xe0, 0x6c, 0x43, 0x5c, 0x7e, 0x48, 0x33, 0xc8, + 0xbe, 0x5d, 0xdd, 0xd8, 0x77, 0xe3, 0xe7, 0x6b, 0x34, 0x4b, 0xa2, 0xb7, + 0x54, 0x07, 0x72, 0x2e, 0xab, 0xa9, 0x91, 0x1e, 0x4b, 0xe3, 0xb5, 0xd8, + 0xfa, 0x35, 0x64, 0x8a, 0xe9, 0x03, 0xa1, 0xa8, 0x26, 0xbd, 0x72, 0x58, + 0x10, 0x6a, 0xec, 0x1a, 0xf6, 0x1e, 0xb8, 0xc0, 0x46, 0x19, 0x31, 0x2c, + 0xca, 0xf9, 0x6a, 0xd7, 0x2e, 0xd0, 0xa7, 0x2c, 0x60, 0x58, 0xc4, 0x8f, + 0x46, 0x63, 0x61, 0x8d, 0x29, 0x6f, 0xe2, 0x5f, 0xe2, 0x43, 0x90, 0x9c, + 0xe6, 0xfc, 0x08, 0x41, 0xc8, 0xb5, 0x23, 0x56, 0x24, 0x3e, 0x3a, 0x2c, + 0x41, 0x22, 0x43, 0xda, 0x22, 0x15, 0x2b, 0xad, 0xd0, 0xfa, 0xc8, 0x47, + 0x44, 0xe6, 0x2a, 0xf9, 0x38, 0x90, 0x13, 0x62, 0x22, 0xea, 0x06, 0x8c, + 0x44, 0x9c, 0xd6, 0xca, 0x50, 0x93, 0xe9, 0xd4, 0x03, 0xd8, 0x3e, 0x71, + 0x36, 0x4b, 0xaa, 0xab, 0xbb, 0xe2, 0x48, 0x66, 0x26, 0x53, 0xb1, 0x6d, + 0x3b, 0x82, 0x2c, 0x8c, 0x25, 0x05, 0xf0, 0xf8, 0xcf, 0x55, 0xbf, 0x8e, + 0x29, 0xf7, 0x54, 0x5b, 0x6f, 0x30, 0x54, 0xa6, 0xad, 0x46, 0xff, 0x22, + 0x95, 0xb1, 0x87, 0x98, 0x00, 0x51, 0x69, 0x15, 0x07, 0xbd, 0x3d, 0x9c, + 0x6e, 0xaa, 0xaa, 0x3b, 0x0b, 0x74, 0x65, 0x4c, 0x04, 0xe0, 0x80, 0x3e, + 0xaf, 0x5e, 0x10, 0xd6, 0x9b, 0x28, 0x37, 0x6f, 0x02, 0x03, 0x01, 0x00, + 0x01, 0x02, 0x82, 0x02, 0x00, 0x09, 0x6e, 0xf8, 0xf8, 0x14, 0x53, 0xab, + 0x9e, 0xc8, 0x1d, 0xe9, 0x95, 0xf4, 0xfb, 0x7d, 0x3e, 0xe0, 0xd3, 0xba, + 0x49, 0x3d, 0xff, 0xc7, 0xe0, 0x4b, 0xe2, 0x5f, 0x41, 0x44, 0x1a, 0xd9, + 0x2f, 0x6e, 0x29, 0xc3, 0x93, 0xc1, 0xb0, 0x87, 0x2d, 0xfd, 0x60, 0xa7, + 0xf3, 0xd8, 0x26, 0x6c, 0xf7, 0x80, 0x26, 0xd3, 0xbd, 0x1b, 0xc0, 0x8e, + 0xc7, 0x3e, 0x13, 0x96, 0xc8, 0xd6, 0xb8, 0xbc, 0x57, 0xe3, 0x92, 0xa1, + 0x38, 0xfd, 0x2e, 0xd3, 0x3a, 0xcf, 0x31, 0xf2, 0x52, 0xd7, 0x7f, 0xe9, + 0xbc, 0x9b, 0x83, 0x01, 0x78, 0x13, 0xc9, 0x91, 0x77, 0x02, 0x78, 0xc0, + 0x0b, 0x1f, 0xdf, 0x94, 0xad, 0x16, 0xf1, 0xad, 0x78, 0x17, 0xc5, 0x77, + 0x0d, 0xb7, 0x07, 0x3f, 0x51, 0xe0, 0x73, 0x33, 0xcf, 0x90, 0x69, 0xd8, + 0xe5, 0xda, 0x9b, 0x1e, 0xf6, 0x21, 0x12, 0x07, 0xb5, 0x1e, 0x3e, 0x2b, + 0x34, 0x79, 0x9e, 0x48, 0x01, 0xdd, 0x68, 0xf0, 0x0f, 0x18, 0xb5, 0x85, + 0x50, 0xd8, 0x9e, 0x04, 0xfd, 0x6d, 0xcd, 0xa6, 0x61, 0x2b, 0x54, 0x81, + 0x99, 0xf4, 0x63, 0xf4, 0xeb, 0x73, 0x98, 0xb3, 0x88, 0xf5, 0x50, 0xd4, + 0x5c, 0x67, 0x9e, 0x7c, 0xbc, 0xd8, 0xfd, 0xaf, 0xb8, 0x66, 0x7d, 0xdc, + 0xa5, 0x25, 0xb5, 0xe6, 0x64, 0xd7, 0x07, 0x72, 0x5a, 0x99, 0xf9, 0xf6, + 0x9e, 0xb8, 0x9c, 0xf4, 0xc7, 0xee, 0xee, 0x10, 0x13, 0x9c, 0x1a, 0x8c, + 0x23, 0x89, 0xcd, 0x7b, 0xf1, 0x47, 0x23, 0x51, 0x3c, 0xe5, 0xc2, 0x17, + 0x68, 0xca, 0x98, 0xb8, 0xed, 0xe5, 0x17, 0x6d, 0x0a, 0xde, 0x07, 0xd6, + 0x6c, 0x4f, 0x83, 0x4c, 0x9b, 0xca, 0x6a, 0x7d, 0xc8, 0x68, 0x12, 0xd7, + 0xf0, 0x37, 0x88, 0xf7, 0xbb, 0x68, 0x8b, 0xa4, 0xfd, 0xfe, 0x36, 0x11, + 0xb3, 0x2b, 0x85, 0x6d, 0xaa, 0x30, 0x31, 0xf1, 0x6f, 0x80, 0x72, 0x42, + 0x23, 0xfe, 0x93, 0x88, 0xcc, 0x1e, 0x4b, 0x53, 0x4f, 0x8e, 0x24, 0x67, + 0x4a, 0x72, 0xb6, 0x3c, 0x13, 0x00, 0x11, 0x4f, 0xe1, 0x30, 0xd6, 0xe7, + 0x45, 0x8f, 0xaf, 0xdd, 0xe5, 0xaa, 0xb7, 0x02, 0x17, 0x04, 0xf8, 0xd2, + 0xc1, 0x7b, 0x6c, 0x92, 0xec, 0x76, 0x94, 0x1b, 0xb0, 0xe4, 0xc3, 0x0c, + 0x9e, 0xee, 0xb5, 0xdc, 0x97, 0xca, 0x10, 0x1d, 0x17, 0x96, 0x45, 0xd4, + 0x04, 0x0c, 0xea, 0xca, 0x45, 0xfc, 0x52, 0x54, 0x82, 0x9b, 0xdf, 0x64, + 0xd6, 0x59, 0x6c, 0x12, 0x70, 0xf0, 0x19, 0xd8, 0x46, 0xbb, 0x08, 0x43, + 0x81, 0xa1, 0x73, 0xa8, 0x00, 0xc9, 0x4e, 0xb9, 0xd5, 0xfd, 0x42, 0x5f, + 0xcf, 0x94, 0x14, 0x18, 0xab, 0x9d, 0x11, 0xd0, 0xbd, 0x44, 0x88, 0x2c, + 0xd8, 0x29, 0xec, 0x94, 0x70, 0xf9, 0x42, 0x14, 0xf4, 0xb0, 0x3f, 0xfe, + 0x27, 0x16, 0x43, 0x59, 0x90, 0x14, 0x48, 0x61, 0x8c, 0x91, 0xd9, 0x37, + 0x41, 0xef, 0xf1, 0xe9, 0x15, 0x4a, 0x4f, 0x5e, 0x1f, 0x50, 0x25, 0x20, + 0x2d, 0xa6, 0xf8, 0x79, 0x0d, 0x92, 0xb0, 0x00, 0x0b, 0xa2, 0xfb, 0xc3, + 0x7b, 0x0f, 0xa6, 0xff, 0x75, 0x5d, 0x70, 0xaa, 0xcf, 0x0a, 0xdf, 0xe1, + 0xfc, 0x32, 0x53, 0x1e, 0xf6, 0xe6, 0x69, 0x9f, 0x09, 0xd0, 0xc8, 0xab, + 0xaf, 0xec, 0xb0, 0x04, 0xfa, 0x83, 0xe2, 0x29, 0x23, 0x54, 0x37, 0x87, + 0x63, 0x47, 0x75, 0x9b, 0xdb, 0x1f, 0x4f, 0x1b, 0x6b, 0xa6, 0xe2, 0x67, + 0x1c, 0xb4, 0x74, 0x9e, 0x48, 0x77, 0x61, 0xc2, 0x9a, 0x3e, 0x6b, 0x89, + 0xa9, 0x68, 0x74, 0x27, 0x01, 0x29, 0xd6, 0x46, 0xe8, 0x0f, 0xd0, 0x33, + 0x22, 0x00, 0x45, 0x6c, 0xde, 0x32, 0x28, 0x42, 0x57, 0xaf, 0x70, 0x28, + 0xa0, 0xd5, 0x99, 0xbb, 0x1f, 0xd7, 0x3c, 0x84, 0x20, 0x70, 0x1f, 0xe3, + 0xa9, 0x02, 0x82, 0x01, 0x01, 0x00, 0xe6, 0x68, 0xfe, 0x5f, 0x75, 0x71, + 0x2a, 0xd8, 0xcf, 0x0d, 0x1d, 0xf4, 0xa1, 0x06, 0x8b, 0xa5, 0x70, 0x6f, + 0x29, 0x03, 0xf3, 0x50, 0xd3, 0x83, 0x39, 0xf9, 0xf6, 0xe5, 0x79, 0x7a, + 0x29, 0x75, 0xde, 0xda, 0x6a, 0x98, 0x7c, 0x33, 0xf8, 0x64, 0xca, 0x86, + 0x5a, 0xda, 0x55, 0x5b, 0x4d, 0x7b, 0x1a, 0xe5, 0x5d, 0x19, 0x7d, 0xf3, + 0x57, 0x49, 0x3d, 0x7a, 0xe8, 0x3f, 0x5a, 0x40, 0x8c, 0x15, 0xc7, 0xb0, + 0x53, 0xf8, 0x63, 0x42, 0x17, 0x7c, 0x20, 0xb9, 0xfc, 0xff, 0x27, 0xd0, + 0xc2, 0x0c, 0x45, 0x52, 0x1b, 0x75, 0x1f, 0x89, 0x87, 0xc4, 0xa8, 0x07, + 0x3b, 0x73, 0x16, 0xc7, 0xd7, 0x77, 0x2e, 0x47, 0xa2, 0x7d, 0x12, 0xb4, + 0x25, 0x24, 0x5e, 0xa5, 0xb2, 0x12, 0x76, 0x65, 0xd1, 0xcd, 0xa4, 0x66, + 0x33, 0x2d, 0xed, 0xb2, 0x85, 0xb0, 0xb3, 0x33, 0x56, 0x18, 0x5a, 0xb3, + 0x75, 0x43, 0x4d, 0x40, 0x14, 0x22, 0x55, 0xf6, 0x5a, 0x0c, 0x6a, 0xb3, + 0xc3, 0x8a, 0x9b, 0x76, 0x1e, 0x23, 0x8d, 0x4a, 0x8f, 0x38, 0x21, 0x25, + 0x43, 0x45, 0xf6, 0x25, 0x46, 0xdb, 0xae, 0x42, 0x43, 0x74, 0x69, 0x15, + 0x46, 0xf0, 0x3a, 0x41, 0x4f, 0x9f, 0xfe, 0xda, 0x07, 0x0b, 0x38, 0xbe, + 0x6b, 0xad, 0xc2, 0xef, 0x5b, 0x97, 0x18, 0x42, 0x13, 0xac, 0x13, 0x15, + 0x70, 0x7b, 0xe2, 0x00, 0xbb, 0x41, 0x22, 0x99, 0xe5, 0xd3, 0x67, 0xfe, + 0xfd, 0xbd, 0x8e, 0xc3, 0xca, 0x60, 0x59, 0x3d, 0x8f, 0x85, 0x76, 0x41, + 0xf0, 0xb8, 0x09, 0x1a, 0x48, 0x50, 0xe4, 0x9c, 0x4a, 0x56, 0x02, 0x60, + 0x76, 0xff, 0xde, 0xd4, 0x8e, 0x76, 0xa3, 0x9c, 0x30, 0xb4, 0xa4, 0x73, + 0xe6, 0xb0, 0x70, 0xac, 0x67, 0x5f, 0x25, 0xd2, 0x94, 0xc5, 0x25, 0xb6, + 0xbf, 0xf6, 0x0b, 0xd8, 0x9f, 0x35, 0x8c, 0x20, 0xb6, 0xdd, 0x02, 0x82, + 0x01, 0x01, 0x00, 0xb5, 0x31, 0x9e, 0xa2, 0x10, 0x38, 0xca, 0x2b, 0x07, + 0xc9, 0x3f, 0x0f, 0x18, 0x2c, 0x98, 0x7f, 0x15, 0x87, 0x92, 0x93, 0x2e, + 0xce, 0x6b, 0x11, 0x42, 0x2a, 0x94, 0x3e, 0x31, 0xd0, 0xf5, 0xae, 0x9d, + 0xc7, 0x67, 0x51, 0x3c, 0x0a, 0x52, 0x04, 0x94, 0x86, 0x2e, 0x50, 0x32, + 0xe1, 0x48, 0x83, 0x85, 0xe8, 0x82, 0x04, 0x2f, 0x25, 0xbc, 0xea, 0xfc, + 0x3d, 0x4b, 0xd1, 0x53, 0x90, 0x61, 0x97, 0x47, 0x73, 0xcd, 0x1f, 0xa9, + 0x5a, 0x3f, 0xfb, 0xbf, 0xc3, 0xd5, 0x19, 0xb6, 0xd3, 0x59, 0x57, 0x37, + 0xd9, 0x09, 0x29, 0xd3, 0x80, 0xc4, 0xae, 0x52, 0xce, 0xce, 0x82, 0x29, + 0x6b, 0x95, 0x44, 0x69, 0x33, 0xfd, 0x6a, 0x6d, 0x65, 0xf7, 0xa9, 0xc0, + 0x65, 0x25, 0x91, 0x05, 0xdf, 0x07, 0xbe, 0x61, 0x5c, 0xaa, 0x8f, 0x87, + 0xc8, 0x43, 0xd7, 0x30, 0xd0, 0x8b, 0x25, 0xaf, 0xb8, 0x5d, 0x50, 0x4e, + 0x31, 0x4a, 0xc9, 0x79, 0x56, 0xbf, 0x8d, 0xcc, 0x40, 0xa7, 0xea, 0xd4, + 0xf7, 0x66, 0x86, 0xe2, 0x0b, 0xf3, 0x13, 0xbc, 0xdc, 0x0d, 0x62, 0x28, + 0x4e, 0xb7, 0x31, 0xb4, 0x5a, 0x9b, 0x97, 0x65, 0x76, 0x24, 0xbb, 0xef, + 0x90, 0x1b, 0xdb, 0x93, 0x98, 0xae, 0xce, 0xb0, 0x69, 0x82, 0x49, 0x94, + 0xc0, 0xc3, 0x8f, 0x9c, 0x5d, 0x26, 0x45, 0xa0, 0xad, 0x15, 0x3b, 0x6e, + 0xda, 0x6e, 0x78, 0xc1, 0x78, 0xc3, 0x15, 0x8e, 0x64, 0xaf, 0x50, 0xa6, + 0xb7, 0xd9, 0xfb, 0x8f, 0x68, 0xa0, 0x2d, 0x59, 0xa9, 0xce, 0x5b, 0xa7, + 0x91, 0x36, 0xb8, 0x05, 0x28, 0x31, 0x25, 0xc7, 0x7e, 0xa4, 0x68, 0x9d, + 0xea, 0x5c, 0x71, 0x10, 0x84, 0xab, 0xc4, 0xd7, 0xbe, 0x7d, 0xe9, 0x4a, + 0x11, 0x22, 0xa6, 0xd5, 0xa3, 0x6e, 0x46, 0x07, 0x70, 0x78, 0xcc, 0xd5, + 0xbc, 0xfe, 0xc4, 0x39, 0x58, 0xf4, 0xbb, 0x02, 0x82, 0x01, 0x01, 0x00, + 0xaa, 0x0c, 0x73, 0x30, 0x20, 0x8d, 0x15, 0x02, 0x4e, 0x4d, 0x6f, 0xfe, + 0x4b, 0x99, 0x79, 0x16, 0xf0, 0x94, 0x19, 0xc1, 0x40, 0xa2, 0x36, 0x78, + 0x73, 0x21, 0x78, 0x86, 0x83, 0xd1, 0x15, 0x28, 0x59, 0x00, 0xfa, 0x0a, + 0xf0, 0x1f, 0xab, 0x03, 0x38, 0x35, 0x50, 0x78, 0x32, 0xe6, 0xdf, 0x98, + 0x2b, 0x91, 0x7b, 0xd4, 0x84, 0x90, 0x43, 0xab, 0x5a, 0x24, 0x8b, 0xa3, + 0xb6, 0x08, 0x4d, 0x5b, 0x05, 0xb5, 0xad, 0x43, 0x74, 0x7e, 0x22, 0xb7, + 0x09, 0xb0, 0x3a, 0x78, 0x55, 0xfa, 0x4c, 0x3c, 0xa2, 0x2c, 0xa6, 0xf7, + 0x19, 0xff, 0x76, 0xa4, 0x3d, 0x1e, 0x99, 0x51, 0xa7, 0x4e, 0x76, 0x47, + 0x0f, 0x70, 0xef, 0x0b, 0x3f, 0xf2, 0x94, 0x36, 0xf3, 0x63, 0x76, 0xb9, + 0x09, 0x88, 0xbb, 0xfe, 0xf9, 0x86, 0x33, 0xdf, 0x81, 0xbe, 0x6f, 0xcc, + 0xa9, 0x75, 0x09, 0xe5, 0x8f, 0x8b, 0x42, 0xd0, 0x19, 0x03, 0x61, 0xd8, + 0xb5, 0x78, 0xcb, 0x9c, 0xbe, 0x63, 0x4d, 0xbd, 0xce, 0x5e, 0xae, 0x7f, + 0xae, 0x97, 0x88, 0x7b, 0xf4, 0x7a, 0x7b, 0xdb, 0xf6, 0x7e, 0x2c, 0x7d, + 0x95, 0x6e, 0x72, 0x3a, 0x48, 0x13, 0xdb, 0xf7, 0x10, 0x07, 0x83, 0xac, + 0xa1, 0x7a, 0x68, 0x18, 0x70, 0x18, 0x99, 0x7f, 0xf4, 0x8e, 0x93, 0x1a, + 0x40, 0x5d, 0x04, 0x07, 0xcb, 0x4d, 0xd7, 0x66, 0x96, 0xb5, 0xd3, 0x7d, + 0x8e, 0xfb, 0xe6, 0x12, 0xd0, 0x7d, 0xf0, 0xe7, 0x25, 0xa6, 0x7a, 0x86, + 0x01, 0x56, 0xdd, 0xc5, 0xb2, 0x31, 0x98, 0x67, 0x3a, 0xd0, 0x9a, 0xee, + 0x98, 0xca, 0x80, 0x52, 0x5a, 0x0e, 0xb7, 0xc4, 0xbf, 0xc0, 0x40, 0x24, + 0x6f, 0x3b, 0xa6, 0xf6, 0xab, 0x28, 0x9e, 0xe9, 0x39, 0x3f, 0x04, 0x4b, + 0xc4, 0xae, 0x55, 0xfd, 0xea, 0x87, 0xa5, 0xc5, 0x01, 0x99, 0x2e, 0x67, + 0x66, 0xb3, 0xfe, 0x41, 0x02, 0x82, 0x01, 0x00, 0x05, 0x26, 0x96, 0xf2, + 0xd6, 0x71, 0x36, 0xd6, 0x08, 0x4f, 0xa1, 0x3a, 0x45, 0x9e, 0xa6, 0xeb, + 0x1d, 0xea, 0x8f, 0xb1, 0x1d, 0x68, 0x82, 0xc4, 0xa7, 0xd3, 0xdc, 0x08, + 0xf4, 0x93, 0x93, 0x18, 0x56, 0xa5, 0xdf, 0x7b, 0x00, 0xb0, 0xee, 0x69, + 0xf0, 0xea, 0xeb, 0x90, 0x1e, 0x12, 0x27, 0x64, 0x8d, 0xbe, 0xf1, 0x4b, + 0x3b, 0x27, 0xe0, 0x79, 0xf1, 0x97, 0xb0, 0x7b, 0x0f, 0xdc, 0x0f, 0xda, + 0x24, 0x0e, 0xd7, 0xaa, 0xe9, 0xbe, 0x86, 0x09, 0x1b, 0x07, 0x6f, 0x1c, + 0x5f, 0x05, 0x1d, 0x0a, 0x0c, 0xad, 0x5f, 0xc4, 0x4f, 0x9d, 0xde, 0x79, + 0x72, 0x23, 0x2c, 0xdd, 0xa8, 0x5d, 0xc5, 0x8d, 0x7f, 0x4c, 0x1a, 0x0d, + 0x17, 0x75, 0x09, 0x98, 0x4a, 0xbe, 0xd5, 0x55, 0x8d, 0x0c, 0x2d, 0x05, + 0x2d, 0x71, 0x5b, 0xeb, 0xde, 0x99, 0x43, 0xcc, 0x6f, 0x37, 0xce, 0x6c, + 0xd0, 0xd4, 0xf5, 0xda, 0x1d, 0x8e, 0xeb, 0x28, 0x55, 0x09, 0xb1, 0x42, + 0x4f, 0xa7, 0x1a, 0xde, 0xe3, 0x14, 0xf1, 0x56, 0x2e, 0x40, 0xd6, 0xb5, + 0x1d, 0xee, 0x47, 0x77, 0x1d, 0xdc, 0x36, 0xfa, 0xf3, 0xbc, 0x8b, 0xa5, + 0xbf, 0x1d, 0x9f, 0xa7, 0xb4, 0x04, 0xad, 0xb6, 0x0d, 0x39, 0x0e, 0xe7, + 0x13, 0x3e, 0xbc, 0x94, 0x68, 0xe5, 0x1d, 0xea, 0x0c, 0x30, 0xdd, 0xb0, + 0xa7, 0x03, 0xa4, 0x91, 0xde, 0xf1, 0xd8, 0xa8, 0x18, 0x1f, 0xdd, 0xb3, + 0xd4, 0x2b, 0x6a, 0x8c, 0x69, 0x60, 0xda, 0x92, 0x7b, 0x1e, 0x27, 0x47, + 0x82, 0xbf, 0xff, 0xfc, 0xbd, 0x03, 0xb4, 0xc1, 0x80, 0x6c, 0x07, 0x11, + 0xa2, 0xdd, 0x27, 0xc1, 0x4d, 0x93, 0xe6, 0xf2, 0xd3, 0xdc, 0x61, 0xa1, + 0xa3, 0xdc, 0x67, 0x69, 0xe5, 0x50, 0x1d, 0x63, 0x0e, 0xb9, 0xa9, 0x9d, + 0xd6, 0x02, 0x4d, 0x7c, 0xcd, 0x2a, 0xa5, 0x37, 0x60, 0xc5, 0xf5, 0x97, + 0x02, 0x82, 0x01, 0x00, 0x14, 0x8b, 0x04, 0xdb, 0x4e, 0x41, 0x4a, 0xcd, + 0x86, 0x2e, 0x5f, 0x13, 0xb3, 0x48, 0x1e, 0x00, 0xdf, 0x8d, 0x0b, 0x35, + 0x51, 0x51, 0x1b, 0x16, 0x3d, 0x49, 0x4e, 0xe1, 0xee, 0x4d, 0xc7, 0x03, + 0xc0, 0xf6, 0x5c, 0x6c, 0x36, 0xe8, 0x22, 0xa5, 0x79, 0xb4, 0x4c, 0xce, + 0xa8, 0x45, 0x12, 0x2c, 0xf3, 0x6a, 0xcd, 0x33, 0xbd, 0xd0, 0x84, 0x4d, + 0xf7, 0x8f, 0xb5, 0x80, 0x1f, 0x18, 0x52, 0xad, 0xad, 0xce, 0xcd, 0x94, + 0xc9, 0xc6, 0xb4, 0xd2, 0x14, 0x29, 0xe4, 0xc7, 0x40, 0xf1, 0x0b, 0x85, + 0x43, 0xaf, 0x11, 0xd3, 0x46, 0x0a, 0xb1, 0x15, 0x87, 0x1f, 0x4e, 0x2e, + 0xc1, 0x11, 0xe9, 0x24, 0x70, 0x40, 0xba, 0x0b, 0x0e, 0x4a, 0xac, 0x45, + 0x21, 0xcc, 0x6d, 0xa4, 0x1d, 0x55, 0x33, 0x89, 0x4c, 0x65, 0x21, 0x23, + 0xab, 0x61, 0x31, 0xcb, 0x11, 0x65, 0xb3, 0x80, 0xa4, 0x5a, 0x2b, 0xf1, + 0x65, 0xdb, 0x4c, 0x58, 0x5a, 0xbe, 0xf3, 0x15, 0xcd, 0x94, 0xa1, 0xe4, + 0xcb, 0x30, 0xfa, 0xe1, 0x28, 0x51, 0x52, 0xd2, 0xb8, 0xb4, 0x8c, 0xfc, + 0x3a, 0xcc, 0xd1, 0x19, 0xa2, 0x27, 0x36, 0xfa, 0xc4, 0x23, 0x96, 0xb9, + 0xc7, 0x74, 0xca, 0xf1, 0x45, 0x1f, 0x4b, 0xc2, 0x77, 0x4d, 0x32, 0x3f, + 0xab, 0x7a, 0xd9, 0x2b, 0x22, 0x1d, 0xcb, 0x24, 0x58, 0x29, 0xa3, 0xb8, + 0x92, 0xdb, 0x1c, 0xda, 0x84, 0x01, 0xca, 0x6d, 0x4a, 0x50, 0xd4, 0x2b, + 0x79, 0xfa, 0xc5, 0x4c, 0x9d, 0x79, 0x49, 0xf1, 0xde, 0xbd, 0x3f, 0x50, + 0xa7, 0xa6, 0xc6, 0xc7, 0x99, 0x61, 0x9b, 0xda, 0x38, 0xdc, 0xbe, 0x85, + 0x75, 0x81, 0xb9, 0x0f, 0x33, 0xd0, 0xd4, 0xd0, 0xaa, 0xbd, 0x32, 0xc9, + 0x62, 0xe8, 0x21, 0x24, 0xeb, 0x03, 0x73, 0x46, 0xb3, 0x84, 0x65, 0xf2, + 0x40, 0x7d, 0x1b, 0x1b, 0x8f, 0x86, 0x7c, 0xe7 +}; + +/* The corresponding public key, DER. */ +static const unsigned char rsa_pub_key[] = { + 0x30, 0x82, 0x02, 0x0a, 0x02, 0x82, 0x02, 0x01, 0x00, 0xa3, 0x14, 0xe4, + 0xb8, 0xd8, 0x58, 0x0d, 0xab, 0xd7, 0x87, 0xa4, 0xf6, 0x84, 0x51, 0x74, + 0x60, 0x4c, 0xe3, 0x60, 0x28, 0x89, 0x49, 0x65, 0x18, 0x5c, 0x8f, 0x1a, + 0x1b, 0xe9, 0xdb, 0xc1, 0xc1, 0xf7, 0x08, 0x27, 0x44, 0xe5, 0x9d, 0x9a, + 0x33, 0xc3, 0xac, 0x5a, 0xca, 0xba, 0x20, 0x5a, 0x9e, 0x3a, 0x18, 0xb5, + 0x3d, 0xe3, 0x9d, 0x94, 0x58, 0xa7, 0xa9, 0x5a, 0x0b, 0x4f, 0xb8, 0xe5, + 0xa3, 0x7b, 0x01, 0x11, 0x0f, 0x16, 0x11, 0xb8, 0x65, 0x2f, 0xa8, 0x95, + 0xf7, 0x58, 0x2c, 0xec, 0x1d, 0x41, 0xad, 0xd1, 0x12, 0xca, 0x4a, 0x80, + 0x35, 0x35, 0x43, 0x7e, 0xe0, 0x97, 0xfc, 0x86, 0x8f, 0xcf, 0x4b, 0xdc, + 0xbc, 0x15, 0x2c, 0x8e, 0x90, 0x84, 0x26, 0x83, 0xc1, 0x96, 0x97, 0xf4, + 0xd7, 0x90, 0xce, 0xfe, 0xd4, 0xf3, 0x70, 0x22, 0xa8, 0xb0, 0x1f, 0xed, + 0x08, 0xd7, 0xc5, 0xc0, 0xd6, 0x41, 0x6b, 0x24, 0x68, 0x5c, 0x07, 0x1f, + 0x44, 0x97, 0xd8, 0x6e, 0x18, 0x93, 0x67, 0xc3, 0xba, 0x3a, 0xaf, 0xfd, + 0xc2, 0x65, 0x00, 0x21, 0x63, 0xdf, 0xb7, 0x28, 0x68, 0xd6, 0xc0, 0x20, + 0x86, 0x92, 0xed, 0x68, 0x6a, 0x27, 0x3a, 0x07, 0xec, 0x66, 0x00, 0xfe, + 0x51, 0x51, 0x86, 0x41, 0x6f, 0x83, 0x69, 0xd2, 0xf0, 0xe6, 0xf7, 0x61, + 0xda, 0x12, 0x45, 0x53, 0x09, 0xdf, 0xf8, 0x42, 0xc7, 0x30, 0x6a, 0xe5, + 0xd8, 0x2b, 0xa2, 0x49, 0x7a, 0x05, 0x10, 0xee, 0xb2, 0x59, 0x0a, 0xe5, + 0xbe, 0xf8, 0x4d, 0x0f, 0xa8, 0x9e, 0x63, 0x81, 0x39, 0x32, 0xaa, 0xfd, + 0xa8, 0x03, 0xf6, 0xd8, 0xc6, 0xaa, 0x02, 0x93, 0x03, 0xeb, 0x15, 0xd3, + 0x38, 0xc8, 0x1a, 0x78, 0xcf, 0xf3, 0xa7, 0x9f, 0x98, 0x4b, 0x91, 0x5b, + 0x79, 0xf8, 0x4e, 0x53, 0xaf, 0x0c, 0x65, 0xe9, 0xb0, 0x93, 0xc2, 0xcb, + 0x5d, 0x3c, 0x5f, 0x6e, 0x39, 0xd2, 0x58, 0x23, 0x50, 0xe5, 0x2e, 0xef, + 0x12, 0x00, 0xa4, 0x59, 0x13, 0x2b, 0x2f, 0x2c, 0x0a, 0x7b, 0x36, 0x89, + 0xc5, 0xe5, 0x8f, 0x95, 0x5e, 0x14, 0x0f, 0x0f, 0x94, 0x5a, 0xe9, 0xdc, + 0x0b, 0x49, 0x14, 0xbe, 0x0a, 0x70, 0x45, 0xc1, 0x7c, 0xbf, 0x83, 0x70, + 0xfd, 0x3d, 0x99, 0xe6, 0x8a, 0xf5, 0x9c, 0x09, 0x71, 0x84, 0x9a, 0x18, + 0xa0, 0xe0, 0x6c, 0x43, 0x5c, 0x7e, 0x48, 0x33, 0xc8, 0xbe, 0x5d, 0xdd, + 0xd8, 0x77, 0xe3, 0xe7, 0x6b, 0x34, 0x4b, 0xa2, 0xb7, 0x54, 0x07, 0x72, + 0x2e, 0xab, 0xa9, 0x91, 0x1e, 0x4b, 0xe3, 0xb5, 0xd8, 0xfa, 0x35, 0x64, + 0x8a, 0xe9, 0x03, 0xa1, 0xa8, 0x26, 0xbd, 0x72, 0x58, 0x10, 0x6a, 0xec, + 0x1a, 0xf6, 0x1e, 0xb8, 0xc0, 0x46, 0x19, 0x31, 0x2c, 0xca, 0xf9, 0x6a, + 0xd7, 0x2e, 0xd0, 0xa7, 0x2c, 0x60, 0x58, 0xc4, 0x8f, 0x46, 0x63, 0x61, + 0x8d, 0x29, 0x6f, 0xe2, 0x5f, 0xe2, 0x43, 0x90, 0x9c, 0xe6, 0xfc, 0x08, + 0x41, 0xc8, 0xb5, 0x23, 0x56, 0x24, 0x3e, 0x3a, 0x2c, 0x41, 0x22, 0x43, + 0xda, 0x22, 0x15, 0x2b, 0xad, 0xd0, 0xfa, 0xc8, 0x47, 0x44, 0xe6, 0x2a, + 0xf9, 0x38, 0x90, 0x13, 0x62, 0x22, 0xea, 0x06, 0x8c, 0x44, 0x9c, 0xd6, + 0xca, 0x50, 0x93, 0xe9, 0xd4, 0x03, 0xd8, 0x3e, 0x71, 0x36, 0x4b, 0xaa, + 0xab, 0xbb, 0xe2, 0x48, 0x66, 0x26, 0x53, 0xb1, 0x6d, 0x3b, 0x82, 0x2c, + 0x8c, 0x25, 0x05, 0xf0, 0xf8, 0xcf, 0x55, 0xbf, 0x8e, 0x29, 0xf7, 0x54, + 0x5b, 0x6f, 0x30, 0x54, 0xa6, 0xad, 0x46, 0xff, 0x22, 0x95, 0xb1, 0x87, + 0x98, 0x00, 0x51, 0x69, 0x15, 0x07, 0xbd, 0x3d, 0x9c, 0x6e, 0xaa, 0xaa, + 0x3b, 0x0b, 0x74, 0x65, 0x4c, 0x04, 0xe0, 0x80, 0x3e, 0xaf, 0x5e, 0x10, + 0xd6, 0x9b, 0x28, 0x37, 0x6f, 0x02, 0x03, 0x01, 0x00, 0x01 +}; diff --git a/deps/openssl/openssl/demos/signature/rsa_pss_direct.c b/deps/openssl/openssl/demos/signature/rsa_pss_direct.c new file mode 100644 index 00000000000000..1ecfa9d89747e7 --- /dev/null +++ b/deps/openssl/openssl/demos/signature/rsa_pss_direct.c @@ -0,0 +1,204 @@ +/* + * Copyright 2022 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include "rsa_pss.h" + +/* + * The digest to be signed. This should be the output of a hash function. + * Here we sign an all-zeroes digest for demonstration purposes. + */ +static const unsigned char test_digest[32] = {0}; + +/* A property query used for selecting algorithm implementations. */ +static const char *propq = NULL; + +/* + * This function demonstrates RSA signing of a SHA-256 digest using the PSS + * padding scheme. You must already have hashed the data you want to sign. + * For a higher-level demonstration which does the hashing for you, see + * rsa_pss_hash.c. + * + * For more information, see RFC 8017 section 9.1. The digest passed in + * (test_digest above) corresponds to the 'mHash' value. + */ +static int sign(OSSL_LIB_CTX *libctx, unsigned char **sig, size_t *sig_len) +{ + int rv = 0; + EVP_PKEY *pkey = NULL; + EVP_PKEY_CTX *ctx = NULL; + EVP_MD *md = NULL; + const unsigned char *ppriv_key = NULL; + + *sig = NULL; + + /* Load DER-encoded RSA private key. */ + ppriv_key = rsa_priv_key; + pkey = d2i_PrivateKey_ex(EVP_PKEY_RSA, NULL, &ppriv_key, + sizeof(rsa_priv_key), libctx, propq); + if (pkey == NULL) { + fprintf(stderr, "Failed to load private key\n"); + goto end; + } + + /* Fetch hash algorithm we want to use. */ + md = EVP_MD_fetch(libctx, "SHA256", propq); + if (md == NULL) { + fprintf(stderr, "Failed to fetch hash algorithm\n"); + goto end; + } + + /* Create signing context. */ + ctx = EVP_PKEY_CTX_new_from_pkey(libctx, pkey, propq); + if (ctx == NULL) { + fprintf(stderr, "Failed to create signing context\n"); + goto end; + } + + /* Initialize context for signing and set options. */ + if (EVP_PKEY_sign_init(ctx) == 0) { + fprintf(stderr, "Failed to initialize signing context\n"); + goto end; + } + + if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PSS_PADDING) == 0) { + fprintf(stderr, "Failed to configure padding\n"); + goto end; + } + + if (EVP_PKEY_CTX_set_signature_md(ctx, md) == 0) { + fprintf(stderr, "Failed to configure digest type\n"); + goto end; + } + + /* Determine length of signature. */ + if (EVP_PKEY_sign(ctx, NULL, sig_len, + test_digest, sizeof(test_digest)) == 0) { + fprintf(stderr, "Failed to get signature length\n"); + goto end; + } + + /* Allocate memory for signature. */ + *sig = OPENSSL_malloc(*sig_len); + if (*sig == NULL) { + fprintf(stderr, "Failed to allocate memory for signature\n"); + goto end; + } + + /* Generate signature. */ + if (EVP_PKEY_sign(ctx, *sig, sig_len, + test_digest, sizeof(test_digest)) != 1) { + fprintf(stderr, "Failed to sign\n"); + goto end; + } + + rv = 1; +end: + EVP_PKEY_CTX_free(ctx); + EVP_PKEY_free(pkey); + EVP_MD_free(md); + + if (rv == 0) + OPENSSL_free(*sig); + + return rv; +} + +/* + * This function demonstrates verification of an RSA signature over a SHA-256 + * digest using the PSS signature scheme. + */ +static int verify(OSSL_LIB_CTX *libctx, const unsigned char *sig, size_t sig_len) +{ + int rv = 0; + const unsigned char *ppub_key = NULL; + EVP_PKEY *pkey = NULL; + EVP_PKEY_CTX *ctx = NULL; + EVP_MD *md = NULL; + + /* Load DER-encoded RSA public key. */ + ppub_key = rsa_pub_key; + pkey = d2i_PublicKey(EVP_PKEY_RSA, NULL, &ppub_key, sizeof(rsa_pub_key)); + if (pkey == NULL) { + fprintf(stderr, "Failed to load public key\n"); + goto end; + } + + /* Fetch hash algorithm we want to use. */ + md = EVP_MD_fetch(libctx, "SHA256", propq); + if (md == NULL) { + fprintf(stderr, "Failed to fetch hash algorithm\n"); + goto end; + } + + /* Create verification context. */ + ctx = EVP_PKEY_CTX_new_from_pkey(libctx, pkey, propq); + if (ctx == NULL) { + fprintf(stderr, "Failed to create verification context\n"); + goto end; + } + + /* Initialize context for verification and set options. */ + if (EVP_PKEY_verify_init(ctx) == 0) { + fprintf(stderr, "Failed to initialize verification context\n"); + goto end; + } + + if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PSS_PADDING) == 0) { + fprintf(stderr, "Failed to configure padding\n"); + goto end; + } + + if (EVP_PKEY_CTX_set_signature_md(ctx, md) == 0) { + fprintf(stderr, "Failed to configure digest type\n"); + goto end; + } + + /* Verify signature. */ + if (EVP_PKEY_verify(ctx, sig, sig_len, + test_digest, sizeof(test_digest)) == 0) { + fprintf(stderr, "Failed to verify signature; " + "signature may be invalid\n"); + goto end; + } + + rv = 1; +end: + EVP_PKEY_CTX_free(ctx); + EVP_PKEY_free(pkey); + EVP_MD_free(md); + return rv; +} + +int main(int argc, char **argv) +{ + int rv = 1; + OSSL_LIB_CTX *libctx = NULL; + unsigned char *sig = NULL; + size_t sig_len = 0; + + if (sign(libctx, &sig, &sig_len) == 0) + goto end; + + if (verify(libctx, sig, sig_len) == 0) + goto end; + + rv = 0; +end: + OPENSSL_free(sig); + OSSL_LIB_CTX_free(libctx); + return rv; +} diff --git a/deps/openssl/openssl/demos/signature/rsa_pss_hash.c b/deps/openssl/openssl/demos/signature/rsa_pss_hash.c new file mode 100644 index 00000000000000..e1d4e7cc9d0b5e --- /dev/null +++ b/deps/openssl/openssl/demos/signature/rsa_pss_hash.c @@ -0,0 +1,189 @@ +/* + * Copyright 2022 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include "rsa_pss.h" + +/* The data to be signed. This will be hashed. */ +static const char test_message[] = + "This is an example message to be signed."; + +/* A property query used for selecting algorithm implementations. */ +static const char *propq = NULL; + +/* + * This function demonstrates RSA signing of an arbitrary-length message. + * Hashing is performed automatically. In this example, SHA-256 is used. If you + * have already hashed your message and simply want to sign the hash directly, + * see rsa_pss_direct.c. + */ +static int sign(OSSL_LIB_CTX *libctx, unsigned char **sig, size_t *sig_len) +{ + int rv = 0; + EVP_PKEY *pkey = NULL; + EVP_MD_CTX *mctx = NULL; + OSSL_PARAM params[2], *p = params; + const unsigned char *ppriv_key = NULL; + + *sig = NULL; + + /* Load DER-encoded RSA private key. */ + ppriv_key = rsa_priv_key; + pkey = d2i_PrivateKey_ex(EVP_PKEY_RSA, NULL, &ppriv_key, + sizeof(rsa_priv_key), libctx, propq); + if (pkey == NULL) { + fprintf(stderr, "Failed to load private key\n"); + goto end; + } + + /* Create MD context used for signing. */ + mctx = EVP_MD_CTX_new(); + if (mctx == NULL) { + fprintf(stderr, "Failed to create MD context\n"); + goto end; + } + + /* Initialize MD context for signing. */ + *p++ = OSSL_PARAM_construct_utf8_string(OSSL_SIGNATURE_PARAM_PAD_MODE, + OSSL_PKEY_RSA_PAD_MODE_PSS, 0); + *p = OSSL_PARAM_construct_end(); + + if (EVP_DigestSignInit_ex(mctx, NULL, "SHA256", libctx, propq, + pkey, params) == 0) { + fprintf(stderr, "Failed to initialize signing context\n"); + goto end; + } + + /* + * Feed data to be signed into the algorithm. This may + * be called multiple times. + */ + if (EVP_DigestSignUpdate(mctx, test_message, sizeof(test_message)) == 0) { + fprintf(stderr, "Failed to hash message into signing context\n"); + goto end; + } + + /* Determine signature length. */ + if (EVP_DigestSignFinal(mctx, NULL, sig_len) == 0) { + fprintf(stderr, "Failed to get signature length\n"); + goto end; + } + + /* Allocate memory for signature. */ + *sig = OPENSSL_malloc(*sig_len); + if (*sig == NULL) { + fprintf(stderr, "Failed to allocate memory for signature\n"); + goto end; + } + + /* Generate signature. */ + if (EVP_DigestSignFinal(mctx, *sig, sig_len) == 0) { + fprintf(stderr, "Failed to sign\n"); + goto end; + } + + rv = 1; +end: + EVP_MD_CTX_free(mctx); + EVP_PKEY_free(pkey); + + if (rv == 0) + OPENSSL_free(*sig); + + return rv; +} + +/* + * This function demonstrates verification of an RSA signature over an + * arbitrary-length message using the PSS signature scheme. Hashing is performed + * automatically. + */ +static int verify(OSSL_LIB_CTX *libctx, const unsigned char *sig, size_t sig_len) +{ + int rv = 0; + EVP_PKEY *pkey = NULL; + EVP_MD_CTX *mctx = NULL; + OSSL_PARAM params[2], *p = params; + const unsigned char *ppub_key = NULL; + + /* Load DER-encoded RSA public key. */ + ppub_key = rsa_pub_key; + pkey = d2i_PublicKey(EVP_PKEY_RSA, NULL, &ppub_key, sizeof(rsa_pub_key)); + if (pkey == NULL) { + fprintf(stderr, "Failed to load public key\n"); + goto end; + } + + /* Create MD context used for verification. */ + mctx = EVP_MD_CTX_new(); + if (mctx == NULL) { + fprintf(stderr, "Failed to create MD context\n"); + goto end; + } + + /* Initialize MD context for verification. */ + *p++ = OSSL_PARAM_construct_utf8_string(OSSL_SIGNATURE_PARAM_PAD_MODE, + OSSL_PKEY_RSA_PAD_MODE_PSS, 0); + *p = OSSL_PARAM_construct_end(); + + if (EVP_DigestVerifyInit_ex(mctx, NULL, "SHA256", libctx, propq, + pkey, params) == 0) { + fprintf(stderr, "Failed to initialize signing context\n"); + goto end; + } + + /* + * Feed data to be signed into the algorithm. This may + * be called multiple times. + */ + if (EVP_DigestVerifyUpdate(mctx, test_message, sizeof(test_message)) == 0) { + fprintf(stderr, "Failed to hash message into signing context\n"); + goto end; + } + + /* Verify signature. */ + if (EVP_DigestVerifyFinal(mctx, sig, sig_len) == 0) { + fprintf(stderr, "Failed to verify signature; " + "signature may be invalid\n"); + goto end; + } + + rv = 1; +end: + EVP_MD_CTX_free(mctx); + EVP_PKEY_free(pkey); + return rv; +} + +int main(int argc, char **argv) +{ + int rv = 1; + OSSL_LIB_CTX *libctx = NULL; + unsigned char *sig = NULL; + size_t sig_len = 0; + + if (sign(libctx, &sig, &sig_len) == 0) + goto end; + + if (verify(libctx, sig, sig_len) == 0) + goto end; + + rv = 0; +end: + OPENSSL_free(sig); + OSSL_LIB_CTX_free(libctx); + return rv; +} diff --git a/deps/openssl/openssl/demos/smime/cacert.pem b/deps/openssl/openssl/demos/smime/cacert.pem new file mode 100644 index 00000000000000..1949fc33aed4f2 --- /dev/null +++ b/deps/openssl/openssl/demos/smime/cacert.pem @@ -0,0 +1,29 @@ +-----BEGIN CERTIFICATE----- +MIIFBjCCA26gAwIBAgIUM/WihZJZUTZvqoyNaUlp59DOaWYwDQYJKoZIhvcNAQEL +BQAwVzELMAkGA1UEBhMCVUsxEjAQBgNVBAcMCVRlc3QgQ2l0eTEWMBQGA1UECgwN +T3BlblNTTCBHcm91cDEcMBoGA1UEAwwTVGVzdCBTL01JTUUgUm9vdCBDQTAgFw0x +ODA2MTQxMjQ2MjhaGA8yMTE4MDYxNDEyNDYyOFowVzELMAkGA1UEBhMCVUsxEjAQ +BgNVBAcMCVRlc3QgQ2l0eTEWMBQGA1UECgwNT3BlblNTTCBHcm91cDEcMBoGA1UE +AwwTVGVzdCBTL01JTUUgUm9vdCBDQTCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCC +AYoCggGBAMzxOVHZFVxN9XQIVW3y1bK5ir3jKpKkU6zKrw8MdRvm233eqWSOYJvs +3rgdT59iv+CaPcBT5offbP0eH43H96CubJji/vQLMUzc/cLrJuCbLHREbSCsFNpf +lYw5mkT98dCFV66HuN6Nwqi5kW8TxGSXkD4OZqklbbicrXoXh5qhREID5hgbrijy +BiIHyp6bDq5zUCcmHP/Gdw2aTMEQZNsdw4MavtB65vI7dYxo2zEzdmJ3NnjlG7qZ +6Od6V4IW8yRAK9GLj0TUCZl28pq6rNio+F5Lst3clX9PDxh7LphNrXXYiHjXp2Kn +LZbOnz1SJSmCeisy/EFN6fRtwdwqcM1AcKNBU+UqFq0Mv0sgNdRwghYWGQht0mT9 ++Pg5HxTzDlOOmBT1kAduxJNLiRQlgysPDN94Os0EpzJyA87Z6yJRGvYGZ5mrdfx2 +8p6bHptf46h1WzCX4wDy2J86y+odgWMnSkmF9h8ySj66rgmLrz40n+mDm8bhUblK +AV8IqN8WmQIDAQABo4HHMIHEMB0GA1UdDgQWBBSkmMaBYQPTEGcqe1maU2IDOMLQ +ezCBlAYDVR0jBIGMMIGJgBSkmMaBYQPTEGcqe1maU2IDOMLQe6FbpFkwVzELMAkG +A1UEBhMCVUsxEjAQBgNVBAcMCVRlc3QgQ2l0eTEWMBQGA1UECgwNT3BlblNTTCBH +cm91cDEcMBoGA1UEAwwTVGVzdCBTL01JTUUgUm9vdCBDQYIUM/WihZJZUTZvqoyN +aUlp59DOaWYwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAYEAqP1CQRGM +roHvk6dhI4ElNae5seRdSQNTtwAhlP1RoSoFz8xybMgDksKE07t77gDsKvU2SuXV +fdICqVpjpN9cRYKM6VmiREdU6OGsPQ74u4sOg4cT/tuou0RsD/uQaznb5NOvo2T0 +8rmX0Ai3+lbEuMBCaGNU0KYJifYy4QrSqEapq4W3NbqH85msOiKHEDh1vz9IWz6z +WKjdv9lst56XuLTZrJ/O0T0qD6aMXyqK6ZART/FELjDXc+9Ey4TH+msOEKq0uQWt +y7Grfmz52dTnAjBw+6/ggE9sA8Wo6DhwbEUaOA9BB5YP+XWsIkUUbiVHU7D8TyiE +KHt2DkaWvjl1/RdtzQUO/vGI4yuFTZfLf23KcwgtHJI3JxLNAMLM3I2jmoWhKm/d +GkVYsGH1GWonv0UTv/TKlOXaTYWK9fQVoYkFc+FrwUd2lev5FizJNigL9qatGyRZ +giJmWWlf0bMMIxwWZzQswxLyKdkNlvkKf9T6BjEmGLeOHZCn0x2sOyUi +-----END CERTIFICATE----- diff --git a/deps/openssl/openssl/demos/smime/cakey.pem b/deps/openssl/openssl/demos/smime/cakey.pem new file mode 100644 index 00000000000000..486c975b722d17 --- /dev/null +++ b/deps/openssl/openssl/demos/smime/cakey.pem @@ -0,0 +1,39 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIG5QIBAAKCAYEAzPE5UdkVXE31dAhVbfLVsrmKveMqkqRTrMqvDwx1G+bbfd6p +ZI5gm+zeuB1Pn2K/4Jo9wFPmh99s/R4fjcf3oK5smOL+9AsxTNz9wusm4JssdERt +IKwU2l+VjDmaRP3x0IVXroe43o3CqLmRbxPEZJeQPg5mqSVtuJyteheHmqFEQgPm +GBuuKPIGIgfKnpsOrnNQJyYc/8Z3DZpMwRBk2x3Dgxq+0Hrm8jt1jGjbMTN2Ync2 +eOUbupno53pXghbzJEAr0YuPRNQJmXbymrqs2Kj4Xkuy3dyVf08PGHsumE2tddiI +eNenYqctls6fPVIlKYJ6KzL8QU3p9G3B3CpwzUBwo0FT5SoWrQy/SyA11HCCFhYZ +CG3SZP34+DkfFPMOU46YFPWQB27Ek0uJFCWDKw8M33g6zQSnMnIDztnrIlEa9gZn +mat1/Hbynpsem1/jqHVbMJfjAPLYnzrL6h2BYydKSYX2HzJKPrquCYuvPjSf6YOb +xuFRuUoBXwio3xaZAgMBAAECggGBAJrqILzozke2ujpablEtBTITJHgC9lRgmMt9 +bjR+4ysTJ4kOvZbANPDIbVZY+a3uVEIv9UujYBgG4Hi4w3tF074G+xnaRIQuzbZf +OgaUABA527GLY74VtbGYHRAhHqbWGmrX0H6iIzE/kQw/MVr4YzTyiFsQQbPMEhNB +g7RNgvh0vIb2MYC5s71JrS8eGqAnb0KY8daV7ce9upJyt2Acx1AGQJqipegrbtVd +8q4PONkJIIyvtmJONNaprq8DAJDaTNdcZu7f7mymF5UFpp4Lh6raAvOZAZjgkPYW +PsX2uMAsYchXTmSDGOHNafqeyTS0UEaw6FRhpxzMoSxRXX4/RhjeShadYwHxbh7s +UwFU7S9EWlj8CjgGs00KFM1eMV0sEYsL8sRf7ZiWM5XJsmXKbRZjA5V+7OoSGElB +zJcERK6NFCISijApZlVveEVZS0qESivKd9bspOzbMdoJyjBW1LZdMH85YIwM8Dox +VqGR0QD3UP8RpZBRwTiFenqOpwARnQKBwQD1NBGcTxLLUUluEBG/TD9KM5sCnkm8 +cn5RomwTeBrUr9SXOJuUPa8RNLrAeosuWCrx9JkF25IBExQbbs1NRHuziOIOyI0+ +hvqP85zJln7kUDtiDMFfUdS8Q6PF3b3wJl6cbipowWwsahvUSkx3W8UWrzZHsvrO +LBtvEZdwetNWN50FK040uM6y/x71xfvUhlKBsuZBgDFU9aXJZAGpkCklZnByURN6 +LZudDQETdYo7/X8qqPlcHwHStGj9YXg/e38CgcEA1fdVA6s+KlRUGRTUDaUFPDji +MciTcvA3teXJWNAsFWd71oLT5eQNI50afF242ikTT6JuXFH0mMYKoVe/LFo7m2mf +uLcW4yM/FiKTkhnBQGm7KNqyvXB0T0DWTDSeS7hTzD6KjuJPf7JVH5I4In8jSKJd +3mzTA9keIosnxjX7EOsZNQd0+MKaJYHnvJsxYaoT9FXoONuyzQu96TQ8Q+fkVHXh +I/ENAw0qfoJ5mw5dQnU2UtjP6cSNVQ9Rsr48GNnnAoHBAJcI65AMZNc3yrMw0r2y +iYl7IBAMz/5zx7shANE9OcmoRJqhE7PMCvneMOo+kVyKkmlW8KrbBKQEzG3ZYjwl +4sxDlHrmrZnGKrBgrkK9oIuhn/JVSQcdsJwGTeqjG0vBVqWkdhrwiWESOvIYkeEz +dcLzScwAQtyb7ooLm+x8u5Bv0RhOBG4VJ7y5yKg6u1O9KTUarRnLjJd4eBYEs8Fu +Oun+n2TK6+RmE2Q5jmAeFne9PYdZbb+Ame7fkYwBbcAsoQKBwQC1KHQSZyp7LGsH +0Vq5Mr77/i2FeQ1eg4SnvaZ8S8UHWla/iIVgX3XAcYO7SJ76F00CX8SQ5dLyhrr5 +YBG8u6k8LHHPMzVtmqoPU7cePDAjGWIddQ1g15WihILsgqCD+8z3YPxvfa1RsOvh +jyt4Ca0WEmLnr7v5xhp9pNRIPewUpvjwrR+cfyeEGjjat4tX5Wh/tzym51y7vvVM +Pa3I0M3BtQyqIa2ip8MS2eWcIs1TN2qHOorOolwHaLEDZY38fIECgcAKns98A2G3 +tLvZaDZlVsJWZsdSDUrFCKvx9QbTZHbyOL5JU/8TgLBgfOgV2yxLXn9Pq+0Quvb2 +EjaFuA3GKOFi50WtfwR6Yo1DaFcx5n0bDShnaHOF+dUi0BVQd2V1DsqAwF5/Eh3A +lX+XuWeSam4/91WhmNMCZpfYv0GErs4ZBHHsl54jmvrrjbhg/efUvpWKi/9vlKm+ ++ITH+nG1xCnyEEVZ+vm9Qq57lCLBZGyGT4PetllpsRrGcdO4/gfK8lY= +-----END RSA PRIVATE KEY----- diff --git a/deps/openssl/openssl/demos/smime/encr.txt b/deps/openssl/openssl/demos/smime/encr.txt new file mode 100644 index 00000000000000..f163a326ed2513 --- /dev/null +++ b/deps/openssl/openssl/demos/smime/encr.txt @@ -0,0 +1,3 @@ +Content-type: text/plain + +Sample OpenSSL Data for PKCS#7 encryption diff --git a/deps/openssl/openssl/demos/smime/sign.txt b/deps/openssl/openssl/demos/smime/sign.txt new file mode 100644 index 00000000000000..af1341d0a859ca --- /dev/null +++ b/deps/openssl/openssl/demos/smime/sign.txt @@ -0,0 +1,3 @@ +Content-type: text/plain + +Test OpenSSL Signed Content diff --git a/deps/openssl/openssl/demos/smime/signer.pem b/deps/openssl/openssl/demos/smime/signer.pem new file mode 100644 index 00000000000000..4bbf7a69f38225 --- /dev/null +++ b/deps/openssl/openssl/demos/smime/signer.pem @@ -0,0 +1,52 @@ +-----BEGIN CERTIFICATE----- +MIIELDCCApSgAwIBAgIIcsOElVeHzfQwDQYJKoZIhvcNAQELBQAwVzELMAkGA1UE +BhMCVUsxEjAQBgNVBAcMCVRlc3QgQ2l0eTEWMBQGA1UECgwNT3BlblNTTCBHcm91 +cDEcMBoGA1UEAwwTVGVzdCBTL01JTUUgUm9vdCBDQTAgFw0xODA2MTQxMjQ2Mjha +GA8yMTE4MDYxNDEyNDYyOFowVjELMAkGA1UEBhMCVUsxJTAjBgNVBAMMHE9wZW5T +U0wgdGVzdCBTL01JTUUgc2lnbmVyIDExIDAeBgkqhkiG9w0BCQEWEXRlc3QxQG9w +ZW5zc2wub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1vvSgaL1 +byi9AE8Ep3v7Yv36JxYywaZhUy8dEFRiYn6NsVhhNo6SK1Mp8daQ0MZoMzbT1aKp +JTLTgDJZHit2t1d6l3aWJG+cbcLua+XKowaZjj6rirB390fuL4qt5PiAb571QFtu +L8apcydwGEdkaPRuCnvctN8VcZPTKh+M8VEESyxk5K37QYKaAB6ItWR5KhjiAuDt +zsJbjEtOvGtmu2FRCU47GzfkdjYo7tY38WTY+2WWh+idKErtmYSinmhE0H7+yoJB +s1VCI+cq5tVW+oEO9HF4vEDEUykEFFPsCEkIWM+RjCgK8cRSCpg6VQr+ZTii6k7C +m9CP81QhUoV3QwIDAQABo3sweTAJBgNVHRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1P +cGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUg1DE7OaNqMQQ +8Z1bvjhnlisxfsMwHwYDVR0jBBgwFoAUpJjGgWED0xBnKntZmlNiAzjC0HswDQYJ +KoZIhvcNAQELBQADggGBAGxAivCwPsAYmMZfVJTELWNNMBzKzmeRvrp6k/6S74Pw +LDEhTnslCV4U1gTSd3nQ+LRm1fkzxLA12A/rlqN51P8B+hyVSMN9dj54YUcFd+KO +XhkSDrSpph6hRqGy8zqELzlb1Q8yoIBclEmyv+CkXMrpnm+4JL4kzyj/iBRkZTDz +ns15jJD9KHgrOnclaoDRkOT6lGbsd3j+aviKEj8ZILufSMw+W2YORy3nSAencjbO +ezivVujqm+pjkfqdCS1HcFB7LhQEILfFqkssw8YmtJVrM9LF8VIcqueXbVZmeS/1 +QV5B7OEmtsM+NkoLF5ldWdPQvmftbShh+AAlpcsmqiRefQgA3aQn6YOnOHnnQwgB +oQRNjQXsjgxV4t2HFYpwkK41kx4HToVGciPNMkndzfY/GJmgXsXfB6/AfUfhLTDv +tbws1MZhaCNOffw3/SVS2nLREMFCGn5uAgNkqssWqeWJu3910XF640tqPBj5YGFc +fykwWNhG5xS04EHpztgKdQ== +-----END CERTIFICATE----- +-----BEGIN RSA PRIVATE KEY----- +MIIEpQIBAAKCAQEA1vvSgaL1byi9AE8Ep3v7Yv36JxYywaZhUy8dEFRiYn6NsVhh +No6SK1Mp8daQ0MZoMzbT1aKpJTLTgDJZHit2t1d6l3aWJG+cbcLua+XKowaZjj6r +irB390fuL4qt5PiAb571QFtuL8apcydwGEdkaPRuCnvctN8VcZPTKh+M8VEESyxk +5K37QYKaAB6ItWR5KhjiAuDtzsJbjEtOvGtmu2FRCU47GzfkdjYo7tY38WTY+2WW +h+idKErtmYSinmhE0H7+yoJBs1VCI+cq5tVW+oEO9HF4vEDEUykEFFPsCEkIWM+R +jCgK8cRSCpg6VQr+ZTii6k7Cm9CP81QhUoV3QwIDAQABAoIBAQC6LCWmIisNcmgK +RmOvbszKc0sYYj7eOGl8EgbHR2xUA2hNNk4pYtnuLvzZ84hBZDCEeWyFS3HTRuql +z/QhDl6mc1k0pXtsXkNHQlIamksbVvHPnzIKzrt1J5N7FEt3SERhZXTZoNQRB6di +k7qdK+YmhdZtucnt0GrPisaJaf0yU/EjLuX+MU/0Xrc23lVhR3yqYhaOhWvrxTHM +evykI0kOL+gU58eN2eWE4ELjS2z+njKDqcEyeIy00FdBAtCoKjMsWpRytKNmcFm9 +LdtMmizskF8VS3+XsDbkseIODx1xJ65IFmHHMV2xLG5/+bQppkB8JuE3EDrtFiUJ +lGdfmBlxAoGBAP3Asg0drdunv7imeEOGpyj5JwF1hCVQ71IBGdqTr3aPqOlDH/io +up7t+VBuSLqj1P20HygNjow+ALw/Ko+a0icodg7QA2Co0/RiBwa+u2SgpYDqC9Kt +KIdRcv+NXkhXF/DLIn0jJvI53OtKsbgTv/C+aCipblofnO9sF4AhShq1AoGBANjj +Ou0czloNORbk3qAxLi4b5P/YOyZBJDa0zijFdD1jImfOeyNFXeg2ID+8ZjDkP/eP +pLy/Gt/8bVb+O+9wMOho3kWKZBN3O2VsLJYakAehDsC5ax7i2HtEqg1L1krW2duS +POiKg3qNjETM30zTA4pHwkNAETIktResze7SRm0XAoGABH7KaLMS5mZFXjcMwF19 +TpuDVmJHkgWqB7DfTWD6ZcZLvr4irdwHWlNq7ELX5P6MAmaTerkqwk9C4hLYZSzf +9jOgS8jhlm/HOXgXGcZ9OV4jMHJ0/Sl2I1eNCvvtJKjuUqS2mrLpuLbPtBdhqJoo +91HYNIgz3ULcG921WN6+GlUCgYEA066T6LDgxgt52NpwXrEhfWdETmDg+ilCCxLU +0/5DwVZsUhy5Gmeti+Kn/w0GQFnGBP1xr7ZlqI9auDlSjhNV6L/RkNXNbyJEGm1F +5wrt4ERVfcx6vJ5y43zU7D1EXa7s2t0UDXKDeK2GZe//UZ/yKJh5BeIV5nblOMI0 +DA+3JOkCgYEA80QGLjGlCvxKceVbuohbIZ1+/EoXPq993ER9S8D2MTGATsEcygtF +rM8JcHTv75sjycqu68BAQr1Z5qwwrMyY0vWVEorKzvAXEWolC67asR4cDutOd+qy +WlEIyojX45GwHCHpcbVRiGRWuj3kwkc+WzdgusBoAJrPCigES/Cr8uA= +-----END RSA PRIVATE KEY----- diff --git a/deps/openssl/openssl/demos/smime/signer2.pem b/deps/openssl/openssl/demos/smime/signer2.pem new file mode 100644 index 00000000000000..52827297e8a314 --- /dev/null +++ b/deps/openssl/openssl/demos/smime/signer2.pem @@ -0,0 +1,52 @@ +-----BEGIN CERTIFICATE----- +MIIELDCCApSgAwIBAgIIcsOElVeHzfUwDQYJKoZIhvcNAQELBQAwVzELMAkGA1UE +BhMCVUsxEjAQBgNVBAcMCVRlc3QgQ2l0eTEWMBQGA1UECgwNT3BlblNTTCBHcm91 +cDEcMBoGA1UEAwwTVGVzdCBTL01JTUUgUm9vdCBDQTAgFw0xODA2MTQxMjQ2Mjha +GA8yMTE4MDYxNDEyNDYyOFowVjELMAkGA1UEBhMCVUsxJTAjBgNVBAMMHE9wZW5T +U0wgdGVzdCBTL01JTUUgc2lnbmVyIDIxIDAeBgkqhkiG9w0BCQEWEXRlc3QyQG9w +ZW5zc2wub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ledrM9R +3x3bZypZAEi00DJYAmLS5F6Gg3+xpjE745UWKrjDAY5KswavKKa3vZxoUz2omNSg +4nYfLSowq7AI3VnZ8LwNo8lAeo7AX9elrsmzQzhr2DCdCdbRhCWoiS/ba5tKIhlb +gFnP+pB8jhC9qZuQJkpVaivywMW8rA9DRbeDcQjDKhUi0ukVDYHDd9+FtNM3H1t3 +AUGWBecjWYa4hXC3CsH3+cFBZKjAepL74hqiEfsEyzKesft3NFd1AcVY9W5MRCK4 +lUFiDbBtIgPkvPJeoEs/kFp3+OvJFDwi4K4Z6XzALyT0LXNx6w3kSfx0TLdNjXLD +O9a2dzwhHhPtCQIDAQABo3sweTAJBgNVHRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1P +cGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUYJEUXnMb/ux0 +WrzSh+bnhpi6GS0wHwYDVR0jBBgwFoAUpJjGgWED0xBnKntZmlNiAzjC0HswDQYJ +KoZIhvcNAQELBQADggGBAFbrwfsSciDFI97c7oqS8jtxOSa3c4B7xhmcgUkYCiaD +7mbZuqTUf4ltJJZXP/TJ44fhL0zVAvRXSXw1LE3YvLGOlBc6dM3D7DyL5pfUTUBY +ICt+NLfG5iHtkiZPPSfK2t5f4UGFwU/ERT62sLu4keLI5igi9J2jKSykN3u5SQ3s +Zsennow5zUsFkcz9hkB4RczlHRogA0SgVhELQbN1nYIqJJDRFZL+CmarDRTFMilk +7dXCacw6xt9vIc3ZXO+pu2g1ezgSPwOoUykQcL3UhAEIIyt+TRe3fafh5TXwd8tr +FAecAuz5Mqsmek5nEW9ZeYmxNz5VFwc4F61y4xFj7lI0frLCCAu3gVoqiQrW+WwR +e27z1Nm4uUcduFqj45Pu2eTyV3LZtLUbFvL5ZSPUCSk1wVmC2otX8ksFDDTO1rIy +l5Qd1g1P8bLuj8NG98J2zVOabtaxYCAIBPZ3dUh2eNrPKoLAvrgKh1MH+K2Eh5Oy +z1T4Eu+e5Kq/uQkZpI5QzA== +-----END CERTIFICATE----- +-----BEGIN RSA PRIVATE KEY----- +MIIEogIBAAKCAQEA1ledrM9R3x3bZypZAEi00DJYAmLS5F6Gg3+xpjE745UWKrjD +AY5KswavKKa3vZxoUz2omNSg4nYfLSowq7AI3VnZ8LwNo8lAeo7AX9elrsmzQzhr +2DCdCdbRhCWoiS/ba5tKIhlbgFnP+pB8jhC9qZuQJkpVaivywMW8rA9DRbeDcQjD +KhUi0ukVDYHDd9+FtNM3H1t3AUGWBecjWYa4hXC3CsH3+cFBZKjAepL74hqiEfsE +yzKesft3NFd1AcVY9W5MRCK4lUFiDbBtIgPkvPJeoEs/kFp3+OvJFDwi4K4Z6XzA +LyT0LXNx6w3kSfx0TLdNjXLDO9a2dzwhHhPtCQIDAQABAoIBAGMEGJfTMiwS+979 +ph3GeJjRGO0JQAk1TYiDvcpbZiItJg9YSOV4GTP4u4PY+HqEPYFus2relu/mx2Iy +4kb9zCqNLmvSQ67M8pdrSJ093pEPJlvAPbmiQ3lfHmyghOnTDNb55tY3xphVZQmI +I7HxM9ydO4skva6NXNgGwLDvYBFc6z6d95ai/WEFWHOt5Mt7OVOWAHQ0lAOofWLA +2BwKmrQnCwMvm1TMoKaAU/ngTToUGBMIN1HwRcY6qDraZte5o3EDRABHB78OHrSu +I/Eoi//5C8A7iZ5Y189lMbahIN6xVMwHwwIqLptTV2GNZOKSiIXnM06vIf4CPZKl +3VlwBgECgYEA/BKnn23KtefA906QNkrIOXASLEE1T77NlTYIRDTsUoz6XTVSvOCI +ARxdsoLwFko5ICMhti9S/1G/MYH0BoJN8rbzvjmZDfwF612p0AYALyBlRgW+ID9L +41CJQcLWxeiQd/GcrUZmudVNUGXa8nsNHmFleGLchXeqU7M6fljJOkECgYEA2a56 +yvYQgMF/SIPkxU1+WcQC6+JGc+ax220/lysBsDb4SkXomfGtFWbenxwamuQu+n67 +DJWi9oJIi9Vj4eKOXS6vjCAkYeLgCpK6S26frPtxJuZwl/lF7mFl8Z4ZnJeiFJ4h +AXt5r9vqnOZtCnLqRRAlqF5OswWgv/mhJ6jpMMkCgYBMPaAxWlXLexMkOcDoiunQ +ZZM5i2eCfSVVEgiiCJfJyBYZhv1FX2wDWf8E9RGEzGJG1BloLxwdWS5I3RNfvJ2y +4Z8LVAR09Fsd+zBXWNlJZ7T53tbIjhx33m4FU9b9+P9pJ8zJo9eCMX+253e3i3xG +ShMUvGIShEUiF72DZXtHgQKBgDi867CfNmn5BW4nQqfSrQ5EsuY80lQ/WzhwX1TN +luERUuI5GomVnqGncHtUXfLlawFLqwF6t0E9cB9SfXhRDv5mvsbtUc5Zzj+zQu+K +ZAA4gaO8CLjz9jBOHr49kTtpootxM/Uo8+zMi3hd7yn8Def2b3pVKnorC10+eazW +sAFRAoGAet6fQbQD+4vZ1oukZcZhmVlIWTSZJ1vAGCcT/3E40pqpPY+Ho56Lcwh0 +9f4TAykuGwFgqvZvR8yD2gpuISYGYplWqa1N6qxMaiVzmY5q1XW+O74xRH5Kz5fr +D+3j2x4EiyG7AYyZMOphDtBd/TSQQMYmGW6PiyM9ceIVnDK1Dd4= +-----END RSA PRIVATE KEY----- diff --git a/deps/openssl/openssl/demos/smime/smdec.c b/deps/openssl/openssl/demos/smime/smdec.c new file mode 100644 index 00000000000000..debcedd5e866cf --- /dev/null +++ b/deps/openssl/openssl/demos/smime/smdec.c @@ -0,0 +1,78 @@ +/* + * Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +/* Simple S/MIME signing example */ +#include +#include +#include + +int main(int argc, char **argv) +{ + BIO *in = NULL, *out = NULL, *tbio = NULL; + X509 *rcert = NULL; + EVP_PKEY *rkey = NULL; + PKCS7 *p7 = NULL; + int ret = 1; + + OpenSSL_add_all_algorithms(); + ERR_load_crypto_strings(); + + /* Read in recipient certificate and private key */ + tbio = BIO_new_file("signer.pem", "r"); + + if (!tbio) + goto err; + + rcert = PEM_read_bio_X509(tbio, NULL, 0, NULL); + + BIO_reset(tbio); + + rkey = PEM_read_bio_PrivateKey(tbio, NULL, 0, NULL); + + if (!rcert || !rkey) + goto err; + + /* Open content being signed */ + + in = BIO_new_file("smencr.txt", "r"); + + if (!in) + goto err; + + /* Sign content */ + p7 = SMIME_read_PKCS7(in, NULL); + + if (!p7) + goto err; + + out = BIO_new_file("encrout.txt", "w"); + if (!out) + goto err; + + /* Decrypt S/MIME message */ + if (!PKCS7_decrypt(p7, rkey, rcert, out, 0)) + goto err; + + ret = 0; + + err: + if (ret) { + fprintf(stderr, "Error Signing Data\n"); + ERR_print_errors_fp(stderr); + } + PKCS7_free(p7); + X509_free(rcert); + EVP_PKEY_free(rkey); + BIO_free(in); + BIO_free(out); + BIO_free(tbio); + + return ret; + +} diff --git a/deps/openssl/openssl/demos/smime/smenc.c b/deps/openssl/openssl/demos/smime/smenc.c new file mode 100644 index 00000000000000..0714dddfd2c917 --- /dev/null +++ b/deps/openssl/openssl/demos/smime/smenc.c @@ -0,0 +1,91 @@ +/* + * Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +/* Simple S/MIME encrypt example */ +#include +#include +#include + +int main(int argc, char **argv) +{ + BIO *in = NULL, *out = NULL, *tbio = NULL; + X509 *rcert = NULL; + STACK_OF(X509) *recips = NULL; + PKCS7 *p7 = NULL; + int ret = 1; + + /* + * On OpenSSL 0.9.9 only: + * for streaming set PKCS7_STREAM + */ + int flags = PKCS7_STREAM; + + OpenSSL_add_all_algorithms(); + ERR_load_crypto_strings(); + + /* Read in recipient certificate */ + tbio = BIO_new_file("signer.pem", "r"); + + if (!tbio) + goto err; + + rcert = PEM_read_bio_X509(tbio, NULL, 0, NULL); + + if (!rcert) + goto err; + + /* Create recipient STACK and add recipient cert to it */ + recips = sk_X509_new_null(); + + if (!recips || !sk_X509_push(recips, rcert)) + goto err; + + /* + * sk_X509_pop_free will free up recipient STACK and its contents so set + * rcert to NULL so it isn't freed up twice. + */ + rcert = NULL; + + /* Open content being encrypted */ + + in = BIO_new_file("encr.txt", "r"); + + if (!in) + goto err; + + /* encrypt content */ + p7 = PKCS7_encrypt(recips, in, EVP_des_ede3_cbc(), flags); + + if (!p7) + goto err; + + out = BIO_new_file("smencr.txt", "w"); + if (!out) + goto err; + + /* Write out S/MIME message */ + if (!SMIME_write_PKCS7(out, p7, in, flags)) + goto err; + + ret = 0; + + err: + if (ret) { + fprintf(stderr, "Error Encrypting Data\n"); + ERR_print_errors_fp(stderr); + } + PKCS7_free(p7); + X509_free(rcert); + sk_X509_pop_free(recips, X509_free); + BIO_free(in); + BIO_free(out); + BIO_free(tbio); + return ret; + +} diff --git a/deps/openssl/openssl/demos/smime/smsign.c b/deps/openssl/openssl/demos/smime/smsign.c new file mode 100644 index 00000000000000..ac2c27b52591b8 --- /dev/null +++ b/deps/openssl/openssl/demos/smime/smsign.c @@ -0,0 +1,88 @@ +/* + * Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +/* Simple S/MIME signing example */ +#include +#include +#include + +int main(int argc, char **argv) +{ + BIO *in = NULL, *out = NULL, *tbio = NULL; + X509 *scert = NULL; + EVP_PKEY *skey = NULL; + PKCS7 *p7 = NULL; + int ret = 1; + + /* + * For simple S/MIME signing use PKCS7_DETACHED. On OpenSSL 0.9.9 only: + * for streaming detached set PKCS7_DETACHED|PKCS7_STREAM for streaming + * non-detached set PKCS7_STREAM + */ + int flags = PKCS7_DETACHED | PKCS7_STREAM; + + OpenSSL_add_all_algorithms(); + ERR_load_crypto_strings(); + + /* Read in signer certificate and private key */ + tbio = BIO_new_file("signer.pem", "r"); + + if (!tbio) + goto err; + + scert = PEM_read_bio_X509(tbio, NULL, 0, NULL); + + BIO_reset(tbio); + + skey = PEM_read_bio_PrivateKey(tbio, NULL, 0, NULL); + + if (!scert || !skey) + goto err; + + /* Open content being signed */ + + in = BIO_new_file("sign.txt", "r"); + + if (!in) + goto err; + + /* Sign content */ + p7 = PKCS7_sign(scert, skey, NULL, in, flags); + + if (!p7) + goto err; + + out = BIO_new_file("smout.txt", "w"); + if (!out) + goto err; + + if (!(flags & PKCS7_STREAM)) + BIO_reset(in); + + /* Write out S/MIME message */ + if (!SMIME_write_PKCS7(out, p7, in, flags)) + goto err; + + ret = 0; + + err: + if (ret) { + fprintf(stderr, "Error Signing Data\n"); + ERR_print_errors_fp(stderr); + } + PKCS7_free(p7); + X509_free(scert); + EVP_PKEY_free(skey); + BIO_free(in); + BIO_free(out); + BIO_free(tbio); + + return ret; + +} diff --git a/deps/openssl/openssl/demos/smime/smsign2.c b/deps/openssl/openssl/demos/smime/smsign2.c new file mode 100644 index 00000000000000..a9e70257481bda --- /dev/null +++ b/deps/openssl/openssl/demos/smime/smsign2.c @@ -0,0 +1,96 @@ +/* + * Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +/* S/MIME signing example: 2 signers. OpenSSL 0.9.9 only */ +#include +#include +#include + +int main(int argc, char **argv) +{ + BIO *in = NULL, *out = NULL, *tbio = NULL; + X509 *scert = NULL, *scert2 = NULL; + EVP_PKEY *skey = NULL, *skey2 = NULL; + PKCS7 *p7 = NULL; + int ret = 1; + + OpenSSL_add_all_algorithms(); + ERR_load_crypto_strings(); + + tbio = BIO_new_file("signer.pem", "r"); + + if (!tbio) + goto err; + + scert = PEM_read_bio_X509(tbio, NULL, 0, NULL); + + BIO_reset(tbio); + + skey = PEM_read_bio_PrivateKey(tbio, NULL, 0, NULL); + + BIO_free(tbio); + + tbio = BIO_new_file("signer2.pem", "r"); + + if (!tbio) + goto err; + + scert2 = PEM_read_bio_X509(tbio, NULL, 0, NULL); + + BIO_reset(tbio); + + skey2 = PEM_read_bio_PrivateKey(tbio, NULL, 0, NULL); + + if (!scert2 || !skey2) + goto err; + + in = BIO_new_file("sign.txt", "r"); + + if (!in) + goto err; + + p7 = PKCS7_sign(NULL, NULL, NULL, in, PKCS7_STREAM | PKCS7_PARTIAL); + + if (!p7) + goto err; + + /* Add each signer in turn */ + + if (!PKCS7_sign_add_signer(p7, scert, skey, NULL, 0)) + goto err; + + if (!PKCS7_sign_add_signer(p7, scert2, skey2, NULL, 0)) + goto err; + + out = BIO_new_file("smout.txt", "w"); + if (!out) + goto err; + + /* NB: content included and finalized by SMIME_write_PKCS7 */ + + if (!SMIME_write_PKCS7(out, p7, in, PKCS7_STREAM)) + goto err; + + ret = 0; + + err: + if (ret) { + fprintf(stderr, "Error Signing Data\n"); + ERR_print_errors_fp(stderr); + } + PKCS7_free(p7); + X509_free(scert); + EVP_PKEY_free(skey); + X509_free(scert2); + EVP_PKEY_free(skey2); + BIO_free(in); + BIO_free(out); + BIO_free(tbio); + return ret; +} diff --git a/deps/openssl/openssl/demos/smime/smver.c b/deps/openssl/openssl/demos/smime/smver.c new file mode 100644 index 00000000000000..5d552b18082ab5 --- /dev/null +++ b/deps/openssl/openssl/demos/smime/smver.c @@ -0,0 +1,87 @@ +/* + * Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +/* Simple S/MIME verification example */ +#include +#include +#include + +int main(int argc, char **argv) +{ + BIO *in = NULL, *out = NULL, *tbio = NULL, *cont = NULL; + X509_STORE *st = NULL; + X509 *cacert = NULL; + PKCS7 *p7 = NULL; + + int ret = 1; + + OpenSSL_add_all_algorithms(); + ERR_load_crypto_strings(); + + /* Set up trusted CA certificate store */ + + st = X509_STORE_new(); + if (st == NULL) + goto err; + + /* Read in signer certificate and private key */ + tbio = BIO_new_file("cacert.pem", "r"); + + if (tbio == NULL) + goto err; + + cacert = PEM_read_bio_X509(tbio, NULL, 0, NULL); + + if (cacert == NULL) + goto err; + + if (!X509_STORE_add_cert(st, cacert)) + goto err; + + /* Open content being signed */ + + in = BIO_new_file("smout.txt", "r"); + + if (in == NULL) + goto err; + + /* Sign content */ + p7 = SMIME_read_PKCS7(in, &cont); + + if (p7 == NULL) + goto err; + + /* File to output verified content to */ + out = BIO_new_file("smver.txt", "w"); + if (out == NULL) + goto err; + + if (!PKCS7_verify(p7, NULL, st, cont, out, 0)) { + fprintf(stderr, "Verification Failure\n"); + goto err; + } + + fprintf(stderr, "Verification Successful\n"); + + ret = 0; + + err: + if (ret) { + fprintf(stderr, "Error Verifying Data\n"); + ERR_print_errors_fp(stderr); + } + + X509_STORE_free(st); + PKCS7_free(p7); + X509_free(cacert); + BIO_free(in); + BIO_free(out); + BIO_free(tbio); + return ret; +} diff --git a/deps/openssl/openssl/doc/HOWTO/certificates.txt b/deps/openssl/openssl/doc/HOWTO/certificates.txt new file mode 100644 index 00000000000000..82ce502a1d3de4 --- /dev/null +++ b/deps/openssl/openssl/doc/HOWTO/certificates.txt @@ -0,0 +1,110 @@ + + HOWTO certificates + +1. Introduction + +How you handle certificates depends a great deal on what your role is. +Your role can be one or several of: + + - User of some client application + - User of some server application + - Certificate authority + +This file is for users who wish to get a certificate of their own. +Certificate authorities should read https://www.openssl.org/docs/apps/ca.html. + +In all the cases shown below, the standard configuration file, as +compiled into openssl, will be used. You may find it in /etc/, +/usr/local/ssl/ or somewhere else. By default the file is named +openssl.cnf and is described at https://www.openssl.org/docs/apps/config.html. +You can specify a different configuration file using the +'-config {file}' argument with the commands shown below. + + +2. Relationship with keys + +Certificates are related to public key cryptography by containing a +public key. To be useful, there must be a corresponding private key +somewhere. With OpenSSL, public keys are easily derived from private +keys, so before you create a certificate or a certificate request, you +need to create a private key. + +Private keys are generated with 'openssl genrsa -out privkey.pem' if +you want an RSA private key, or if you want a DSA private key: +'openssl dsaparam -out dsaparam.pem 2048; openssl gendsa -out privkey.pem dsaparam.pem'. + +The private keys created by these commands are not passphrase protected; +it might or might not be the desirable thing. Further information on how to +create private keys can be found at https://www.openssl.org/docs/HOWTO/keys.txt. +The rest of this text assumes you have a private key in the file privkey.pem. + + +3. Creating a certificate request + +To create a certificate, you need to start with a certificate request +(or, as some certificate authorities like to put it, "certificate +signing request", since that's exactly what they do, they sign it and +give you the result back, thus making it authentic according to their +policies). A certificate request is sent to a certificate authority +to get it signed into a certificate. You can also sign the certificate +yourself if you have your own certificate authority or create a +self-signed certificate (typically for testing purpose). + +The certificate request is created like this: + + openssl req -new -key privkey.pem -out cert.csr + +Now, cert.csr can be sent to the certificate authority, if they can +handle files in PEM format. If not, use the extra argument '-outform' +followed by the keyword for the format to use (see another HOWTO +). In some cases, -outform does not let you output the +certificate request in the right format and you will have to use one +of the various other commands that are exposed by openssl (or get +creative and use a combination of tools). + +The certificate authority performs various checks (according to their +policies) and usually waits for payment from you. Once that is +complete, they send you your new certificate. + +Section 5 will tell you more on how to handle the certificate you +received. + + +4. Creating a self-signed test certificate + +You can create a self-signed certificate if you don't want to deal +with a certificate authority, or if you just want to create a test +certificate for yourself. This is similar to creating a certificate +request, but creates a certificate instead of a certificate request. +This is NOT the recommended way to create a CA certificate, see +https://www.openssl.org/docs/apps/ca.html. + + openssl req -new -x509 -key privkey.pem -out cacert.pem -days 1095 + + +5. What to do with the certificate + +If you created everything yourself, or if the certificate authority +was kind enough, your certificate is a raw DER thing in PEM format. +Your key most definitely is if you have followed the examples above. +However, some (most?) certificate authorities will encode them with +things like PKCS7 or PKCS12, or something else. Depending on your +applications, this may be perfectly OK. It all depends on what they +know how to decode. If not, there are a number of OpenSSL tools to +convert between some (most?) formats. + +So, depending on your application, you may have to convert your +certificate and your key to various formats, most often also putting +them together into one file. The ways to do this is described in +another HOWTO , I will just mention the simplest case. +In the case of a raw DER thing in PEM format, and assuming that's all +right for your applications, simply concatenating the certificate and +the key into a new file and using that one should be enough. With +some applications, you don't even have to do that. + + +By now, you have your certificate and your private key and can start +using applications that depend on it. + +-- +Richard Levitte diff --git a/deps/openssl/openssl/doc/HOWTO/keys.txt b/deps/openssl/openssl/doc/HOWTO/keys.txt new file mode 100644 index 00000000000000..c4a74c54fcb8c1 --- /dev/null +++ b/deps/openssl/openssl/doc/HOWTO/keys.txt @@ -0,0 +1,105 @@ + + HOWTO keys + +1. Introduction + +Keys are the basis of public key algorithms and PKI. Keys usually +come in pairs, with one half being the public key and the other half +being the private key. With OpenSSL, the private key contains the +public key information as well, so a public key doesn't need to be +generated separately. + +Public keys come in several flavors, using different cryptographic +algorithms. The most popular ones associated with certificates are +RSA and DSA, and this HOWTO will show how to generate each of them. + + +2. To generate an RSA key + +An RSA key can be used both for encryption and for signing. + +Generating a key for the RSA algorithm is quite easy, all you have to +do is the following: + + openssl genrsa -des3 -out privkey.pem 2048 + +With this variant, you will be prompted for a protecting password. If +you don't want your key to be protected by a password, remove the flag +'-des3' from the command line above. + +The number 2048 is the size of the key, in bits. Today, 2048 or +higher is recommended for RSA keys, as fewer amount of bits is +consider insecure or to be insecure pretty soon. + + +3. To generate a DSA key + +A DSA key can be used for signing only. It is important to +know what a certificate request with a DSA key can really be used for. + +Generating a key for the DSA algorithm is a two-step process. First, +you have to generate parameters from which to generate the key: + + openssl dsaparam -out dsaparam.pem 2048 + +The number 2048 is the size of the key, in bits. Today, 2048 or +higher is recommended for DSA keys, as fewer amount of bits is +consider insecure or to be insecure pretty soon. + +When that is done, you can generate a key using the parameters in +question (actually, several keys can be generated from the same +parameters): + + openssl gendsa -des3 -out privkey.pem dsaparam.pem + +With this variant, you will be prompted for a protecting password. If +you don't want your key to be protected by a password, remove the flag +'-des3' from the command line above. + + +4. To generate an EC key + +An EC key can be used both for key agreement (ECDH) and signing (ECDSA). + +Generating a key for ECC is similar to generating a DSA key. These are +two-step processes. First, you have to get the EC parameters from which +the key will be generated: + + openssl ecparam -name prime256v1 -out prime256v1.pem + +The prime256v1, or NIST P-256, which stands for 'X9.62/SECG curve over +a 256-bit prime field', is the name of an elliptic curve which generates the +parameters. You can use the following command to list all supported curves: + + openssl ecparam -list_curves + +When that is done, you can generate a key using the created parameters (several +keys can be produced from the same parameters): + + openssl genpkey -des3 -paramfile prime256v1.pem -out private.key + +With this variant, you will be prompted for a password to protect your key. +If you don't want your key to be protected by a password, remove the flag +'-des3' from the command line above. + +You can also directly generate the key in one step: + + openssl ecparam -genkey -name prime256v1 -out private.key + +or + + openssl genpkey -algorithm EC -pkeyopt ec_paramgen_curve:P-256 + + +5. NOTE + +If you intend to use the key together with a server certificate, +it may be reasonable to avoid protecting it with a password, since +otherwise someone would have to type in the password every time the +server needs to access the key. + +For X25519 and X448, it's treated as a distinct algorithm but not as one of +the curves listed with 'ecparam -list_curves' option. You can use +the following command to generate an X25519 key: + + openssl genpkey -algorithm X25519 -out xkey.pem diff --git a/deps/openssl/openssl/doc/README.md b/deps/openssl/openssl/doc/README.md new file mode 100644 index 00000000000000..12bb37ddb8fce0 --- /dev/null +++ b/deps/openssl/openssl/doc/README.md @@ -0,0 +1,30 @@ +OpenSSL Documentation +===================== + +README.md This file + +[fingerprints.txt](fingerprints.txt) + PGP fingerprints of authorised release signers + +standards.txt +standards.txt + Moved to the web, + +[HOWTO/](HOWTO/) + A few how-to documents; not necessarily up-to-date + +[man1/](man1/) + The openssl command-line tools; start with openssl.pod + +[man3/](man3/) + The SSL library and the crypto library + +[man5/](man5/) + File formats + +[man7/](man7/) + Overviews; start with crypto.pod and ssl.pod, for example + Algorithm specific EVP_PKEY documentation. + +Formatted versions of the manpages (apps,ssl,crypto) can be found at + diff --git a/deps/openssl/openssl/doc/build.info b/deps/openssl/openssl/doc/build.info new file mode 100644 index 00000000000000..0279e2390a3242 --- /dev/null +++ b/deps/openssl/openssl/doc/build.info @@ -0,0 +1,4902 @@ +SUBDIRS = man1 + +DEPEND[html/man1/CA.pl.html]=man1/CA.pl.pod +GENERATE[html/man1/CA.pl.html]=man1/CA.pl.pod +DEPEND[man/man1/CA.pl.1]=man1/CA.pl.pod +GENERATE[man/man1/CA.pl.1]=man1/CA.pl.pod +DEPEND[html/man1/openssl-asn1parse.html]=man1/openssl-asn1parse.pod +GENERATE[html/man1/openssl-asn1parse.html]=man1/openssl-asn1parse.pod +DEPEND[man/man1/openssl-asn1parse.1]=man1/openssl-asn1parse.pod +GENERATE[man/man1/openssl-asn1parse.1]=man1/openssl-asn1parse.pod +DEPEND[man1/openssl-asn1parse.pod]{pod}=man1/openssl-asn1parse.pod.in +GENERATE[man1/openssl-asn1parse.pod]=man1/openssl-asn1parse.pod.in +DEPEND[html/man1/openssl-ca.html]=man1/openssl-ca.pod +GENERATE[html/man1/openssl-ca.html]=man1/openssl-ca.pod +DEPEND[man/man1/openssl-ca.1]=man1/openssl-ca.pod +GENERATE[man/man1/openssl-ca.1]=man1/openssl-ca.pod +DEPEND[man1/openssl-ca.pod]{pod}=man1/openssl-ca.pod.in +GENERATE[man1/openssl-ca.pod]=man1/openssl-ca.pod.in +DEPEND[html/man1/openssl-ciphers.html]=man1/openssl-ciphers.pod +GENERATE[html/man1/openssl-ciphers.html]=man1/openssl-ciphers.pod +DEPEND[man/man1/openssl-ciphers.1]=man1/openssl-ciphers.pod +GENERATE[man/man1/openssl-ciphers.1]=man1/openssl-ciphers.pod +DEPEND[man1/openssl-ciphers.pod]{pod}=man1/openssl-ciphers.pod.in +GENERATE[man1/openssl-ciphers.pod]=man1/openssl-ciphers.pod.in +DEPEND[html/man1/openssl-cmds.html]=man1/openssl-cmds.pod +GENERATE[html/man1/openssl-cmds.html]=man1/openssl-cmds.pod +DEPEND[man/man1/openssl-cmds.1]=man1/openssl-cmds.pod +GENERATE[man/man1/openssl-cmds.1]=man1/openssl-cmds.pod +DEPEND[man1/openssl-cmds.pod]{pod}=man1/openssl-cmds.pod.in +GENERATE[man1/openssl-cmds.pod]=man1/openssl-cmds.pod.in +DEPEND[html/man1/openssl-cmp.html]=man1/openssl-cmp.pod +GENERATE[html/man1/openssl-cmp.html]=man1/openssl-cmp.pod +DEPEND[man/man1/openssl-cmp.1]=man1/openssl-cmp.pod +GENERATE[man/man1/openssl-cmp.1]=man1/openssl-cmp.pod +DEPEND[man1/openssl-cmp.pod]{pod}=man1/openssl-cmp.pod.in +GENERATE[man1/openssl-cmp.pod]=man1/openssl-cmp.pod.in +DEPEND[html/man1/openssl-cms.html]=man1/openssl-cms.pod +GENERATE[html/man1/openssl-cms.html]=man1/openssl-cms.pod +DEPEND[man/man1/openssl-cms.1]=man1/openssl-cms.pod +GENERATE[man/man1/openssl-cms.1]=man1/openssl-cms.pod +DEPEND[man1/openssl-cms.pod]{pod}=man1/openssl-cms.pod.in +GENERATE[man1/openssl-cms.pod]=man1/openssl-cms.pod.in +DEPEND[html/man1/openssl-crl.html]=man1/openssl-crl.pod +GENERATE[html/man1/openssl-crl.html]=man1/openssl-crl.pod +DEPEND[man/man1/openssl-crl.1]=man1/openssl-crl.pod +GENERATE[man/man1/openssl-crl.1]=man1/openssl-crl.pod +DEPEND[man1/openssl-crl.pod]{pod}=man1/openssl-crl.pod.in +GENERATE[man1/openssl-crl.pod]=man1/openssl-crl.pod.in +DEPEND[html/man1/openssl-crl2pkcs7.html]=man1/openssl-crl2pkcs7.pod +GENERATE[html/man1/openssl-crl2pkcs7.html]=man1/openssl-crl2pkcs7.pod +DEPEND[man/man1/openssl-crl2pkcs7.1]=man1/openssl-crl2pkcs7.pod +GENERATE[man/man1/openssl-crl2pkcs7.1]=man1/openssl-crl2pkcs7.pod +DEPEND[man1/openssl-crl2pkcs7.pod]{pod}=man1/openssl-crl2pkcs7.pod.in +GENERATE[man1/openssl-crl2pkcs7.pod]=man1/openssl-crl2pkcs7.pod.in +DEPEND[html/man1/openssl-dgst.html]=man1/openssl-dgst.pod +GENERATE[html/man1/openssl-dgst.html]=man1/openssl-dgst.pod +DEPEND[man/man1/openssl-dgst.1]=man1/openssl-dgst.pod +GENERATE[man/man1/openssl-dgst.1]=man1/openssl-dgst.pod +DEPEND[man1/openssl-dgst.pod]{pod}=man1/openssl-dgst.pod.in +GENERATE[man1/openssl-dgst.pod]=man1/openssl-dgst.pod.in +DEPEND[html/man1/openssl-dhparam.html]=man1/openssl-dhparam.pod +GENERATE[html/man1/openssl-dhparam.html]=man1/openssl-dhparam.pod +DEPEND[man/man1/openssl-dhparam.1]=man1/openssl-dhparam.pod +GENERATE[man/man1/openssl-dhparam.1]=man1/openssl-dhparam.pod +DEPEND[man1/openssl-dhparam.pod]{pod}=man1/openssl-dhparam.pod.in +GENERATE[man1/openssl-dhparam.pod]=man1/openssl-dhparam.pod.in +DEPEND[html/man1/openssl-dsa.html]=man1/openssl-dsa.pod +GENERATE[html/man1/openssl-dsa.html]=man1/openssl-dsa.pod +DEPEND[man/man1/openssl-dsa.1]=man1/openssl-dsa.pod +GENERATE[man/man1/openssl-dsa.1]=man1/openssl-dsa.pod +DEPEND[man1/openssl-dsa.pod]{pod}=man1/openssl-dsa.pod.in +GENERATE[man1/openssl-dsa.pod]=man1/openssl-dsa.pod.in +DEPEND[html/man1/openssl-dsaparam.html]=man1/openssl-dsaparam.pod +GENERATE[html/man1/openssl-dsaparam.html]=man1/openssl-dsaparam.pod +DEPEND[man/man1/openssl-dsaparam.1]=man1/openssl-dsaparam.pod +GENERATE[man/man1/openssl-dsaparam.1]=man1/openssl-dsaparam.pod +DEPEND[man1/openssl-dsaparam.pod]{pod}=man1/openssl-dsaparam.pod.in +GENERATE[man1/openssl-dsaparam.pod]=man1/openssl-dsaparam.pod.in +DEPEND[html/man1/openssl-ec.html]=man1/openssl-ec.pod +GENERATE[html/man1/openssl-ec.html]=man1/openssl-ec.pod +DEPEND[man/man1/openssl-ec.1]=man1/openssl-ec.pod +GENERATE[man/man1/openssl-ec.1]=man1/openssl-ec.pod +DEPEND[man1/openssl-ec.pod]{pod}=man1/openssl-ec.pod.in +GENERATE[man1/openssl-ec.pod]=man1/openssl-ec.pod.in +DEPEND[html/man1/openssl-ecparam.html]=man1/openssl-ecparam.pod +GENERATE[html/man1/openssl-ecparam.html]=man1/openssl-ecparam.pod +DEPEND[man/man1/openssl-ecparam.1]=man1/openssl-ecparam.pod +GENERATE[man/man1/openssl-ecparam.1]=man1/openssl-ecparam.pod +DEPEND[man1/openssl-ecparam.pod]{pod}=man1/openssl-ecparam.pod.in +GENERATE[man1/openssl-ecparam.pod]=man1/openssl-ecparam.pod.in +DEPEND[html/man1/openssl-enc.html]=man1/openssl-enc.pod +GENERATE[html/man1/openssl-enc.html]=man1/openssl-enc.pod +DEPEND[man/man1/openssl-enc.1]=man1/openssl-enc.pod +GENERATE[man/man1/openssl-enc.1]=man1/openssl-enc.pod +DEPEND[man1/openssl-enc.pod]{pod}=man1/openssl-enc.pod.in +GENERATE[man1/openssl-enc.pod]=man1/openssl-enc.pod.in +DEPEND[html/man1/openssl-engine.html]=man1/openssl-engine.pod +GENERATE[html/man1/openssl-engine.html]=man1/openssl-engine.pod +DEPEND[man/man1/openssl-engine.1]=man1/openssl-engine.pod +GENERATE[man/man1/openssl-engine.1]=man1/openssl-engine.pod +DEPEND[man1/openssl-engine.pod]{pod}=man1/openssl-engine.pod.in +GENERATE[man1/openssl-engine.pod]=man1/openssl-engine.pod.in +DEPEND[html/man1/openssl-errstr.html]=man1/openssl-errstr.pod +GENERATE[html/man1/openssl-errstr.html]=man1/openssl-errstr.pod +DEPEND[man/man1/openssl-errstr.1]=man1/openssl-errstr.pod +GENERATE[man/man1/openssl-errstr.1]=man1/openssl-errstr.pod +DEPEND[man1/openssl-errstr.pod]{pod}=man1/openssl-errstr.pod.in +GENERATE[man1/openssl-errstr.pod]=man1/openssl-errstr.pod.in +DEPEND[html/man1/openssl-fipsinstall.html]=man1/openssl-fipsinstall.pod +GENERATE[html/man1/openssl-fipsinstall.html]=man1/openssl-fipsinstall.pod +DEPEND[man/man1/openssl-fipsinstall.1]=man1/openssl-fipsinstall.pod +GENERATE[man/man1/openssl-fipsinstall.1]=man1/openssl-fipsinstall.pod +DEPEND[man1/openssl-fipsinstall.pod]{pod}=man1/openssl-fipsinstall.pod.in +GENERATE[man1/openssl-fipsinstall.pod]=man1/openssl-fipsinstall.pod.in +DEPEND[html/man1/openssl-format-options.html]=man1/openssl-format-options.pod +GENERATE[html/man1/openssl-format-options.html]=man1/openssl-format-options.pod +DEPEND[man/man1/openssl-format-options.1]=man1/openssl-format-options.pod +GENERATE[man/man1/openssl-format-options.1]=man1/openssl-format-options.pod +DEPEND[html/man1/openssl-gendsa.html]=man1/openssl-gendsa.pod +GENERATE[html/man1/openssl-gendsa.html]=man1/openssl-gendsa.pod +DEPEND[man/man1/openssl-gendsa.1]=man1/openssl-gendsa.pod +GENERATE[man/man1/openssl-gendsa.1]=man1/openssl-gendsa.pod +DEPEND[man1/openssl-gendsa.pod]{pod}=man1/openssl-gendsa.pod.in +GENERATE[man1/openssl-gendsa.pod]=man1/openssl-gendsa.pod.in +DEPEND[html/man1/openssl-genpkey.html]=man1/openssl-genpkey.pod +GENERATE[html/man1/openssl-genpkey.html]=man1/openssl-genpkey.pod +DEPEND[man/man1/openssl-genpkey.1]=man1/openssl-genpkey.pod +GENERATE[man/man1/openssl-genpkey.1]=man1/openssl-genpkey.pod +DEPEND[man1/openssl-genpkey.pod]{pod}=man1/openssl-genpkey.pod.in +GENERATE[man1/openssl-genpkey.pod]=man1/openssl-genpkey.pod.in +DEPEND[html/man1/openssl-genrsa.html]=man1/openssl-genrsa.pod +GENERATE[html/man1/openssl-genrsa.html]=man1/openssl-genrsa.pod +DEPEND[man/man1/openssl-genrsa.1]=man1/openssl-genrsa.pod +GENERATE[man/man1/openssl-genrsa.1]=man1/openssl-genrsa.pod +DEPEND[man1/openssl-genrsa.pod]{pod}=man1/openssl-genrsa.pod.in +GENERATE[man1/openssl-genrsa.pod]=man1/openssl-genrsa.pod.in +DEPEND[html/man1/openssl-info.html]=man1/openssl-info.pod +GENERATE[html/man1/openssl-info.html]=man1/openssl-info.pod +DEPEND[man/man1/openssl-info.1]=man1/openssl-info.pod +GENERATE[man/man1/openssl-info.1]=man1/openssl-info.pod +DEPEND[man1/openssl-info.pod]{pod}=man1/openssl-info.pod.in +GENERATE[man1/openssl-info.pod]=man1/openssl-info.pod.in +DEPEND[html/man1/openssl-kdf.html]=man1/openssl-kdf.pod +GENERATE[html/man1/openssl-kdf.html]=man1/openssl-kdf.pod +DEPEND[man/man1/openssl-kdf.1]=man1/openssl-kdf.pod +GENERATE[man/man1/openssl-kdf.1]=man1/openssl-kdf.pod +DEPEND[man1/openssl-kdf.pod]{pod}=man1/openssl-kdf.pod.in +GENERATE[man1/openssl-kdf.pod]=man1/openssl-kdf.pod.in +DEPEND[html/man1/openssl-list.html]=man1/openssl-list.pod +GENERATE[html/man1/openssl-list.html]=man1/openssl-list.pod +DEPEND[man/man1/openssl-list.1]=man1/openssl-list.pod +GENERATE[man/man1/openssl-list.1]=man1/openssl-list.pod +DEPEND[man1/openssl-list.pod]{pod}=man1/openssl-list.pod.in +GENERATE[man1/openssl-list.pod]=man1/openssl-list.pod.in +DEPEND[html/man1/openssl-mac.html]=man1/openssl-mac.pod +GENERATE[html/man1/openssl-mac.html]=man1/openssl-mac.pod +DEPEND[man/man1/openssl-mac.1]=man1/openssl-mac.pod +GENERATE[man/man1/openssl-mac.1]=man1/openssl-mac.pod +DEPEND[man1/openssl-mac.pod]{pod}=man1/openssl-mac.pod.in +GENERATE[man1/openssl-mac.pod]=man1/openssl-mac.pod.in +DEPEND[html/man1/openssl-namedisplay-options.html]=man1/openssl-namedisplay-options.pod +GENERATE[html/man1/openssl-namedisplay-options.html]=man1/openssl-namedisplay-options.pod +DEPEND[man/man1/openssl-namedisplay-options.1]=man1/openssl-namedisplay-options.pod +GENERATE[man/man1/openssl-namedisplay-options.1]=man1/openssl-namedisplay-options.pod +DEPEND[html/man1/openssl-nseq.html]=man1/openssl-nseq.pod +GENERATE[html/man1/openssl-nseq.html]=man1/openssl-nseq.pod +DEPEND[man/man1/openssl-nseq.1]=man1/openssl-nseq.pod +GENERATE[man/man1/openssl-nseq.1]=man1/openssl-nseq.pod +DEPEND[man1/openssl-nseq.pod]{pod}=man1/openssl-nseq.pod.in +GENERATE[man1/openssl-nseq.pod]=man1/openssl-nseq.pod.in +DEPEND[html/man1/openssl-ocsp.html]=man1/openssl-ocsp.pod +GENERATE[html/man1/openssl-ocsp.html]=man1/openssl-ocsp.pod +DEPEND[man/man1/openssl-ocsp.1]=man1/openssl-ocsp.pod +GENERATE[man/man1/openssl-ocsp.1]=man1/openssl-ocsp.pod +DEPEND[man1/openssl-ocsp.pod]{pod}=man1/openssl-ocsp.pod.in +GENERATE[man1/openssl-ocsp.pod]=man1/openssl-ocsp.pod.in +DEPEND[html/man1/openssl-passphrase-options.html]=man1/openssl-passphrase-options.pod +GENERATE[html/man1/openssl-passphrase-options.html]=man1/openssl-passphrase-options.pod +DEPEND[man/man1/openssl-passphrase-options.1]=man1/openssl-passphrase-options.pod +GENERATE[man/man1/openssl-passphrase-options.1]=man1/openssl-passphrase-options.pod +DEPEND[html/man1/openssl-passwd.html]=man1/openssl-passwd.pod +GENERATE[html/man1/openssl-passwd.html]=man1/openssl-passwd.pod +DEPEND[man/man1/openssl-passwd.1]=man1/openssl-passwd.pod +GENERATE[man/man1/openssl-passwd.1]=man1/openssl-passwd.pod +DEPEND[man1/openssl-passwd.pod]{pod}=man1/openssl-passwd.pod.in +GENERATE[man1/openssl-passwd.pod]=man1/openssl-passwd.pod.in +DEPEND[html/man1/openssl-pkcs12.html]=man1/openssl-pkcs12.pod +GENERATE[html/man1/openssl-pkcs12.html]=man1/openssl-pkcs12.pod +DEPEND[man/man1/openssl-pkcs12.1]=man1/openssl-pkcs12.pod +GENERATE[man/man1/openssl-pkcs12.1]=man1/openssl-pkcs12.pod +DEPEND[man1/openssl-pkcs12.pod]{pod}=man1/openssl-pkcs12.pod.in +GENERATE[man1/openssl-pkcs12.pod]=man1/openssl-pkcs12.pod.in +DEPEND[html/man1/openssl-pkcs7.html]=man1/openssl-pkcs7.pod +GENERATE[html/man1/openssl-pkcs7.html]=man1/openssl-pkcs7.pod +DEPEND[man/man1/openssl-pkcs7.1]=man1/openssl-pkcs7.pod +GENERATE[man/man1/openssl-pkcs7.1]=man1/openssl-pkcs7.pod +DEPEND[man1/openssl-pkcs7.pod]{pod}=man1/openssl-pkcs7.pod.in +GENERATE[man1/openssl-pkcs7.pod]=man1/openssl-pkcs7.pod.in +DEPEND[html/man1/openssl-pkcs8.html]=man1/openssl-pkcs8.pod +GENERATE[html/man1/openssl-pkcs8.html]=man1/openssl-pkcs8.pod +DEPEND[man/man1/openssl-pkcs8.1]=man1/openssl-pkcs8.pod +GENERATE[man/man1/openssl-pkcs8.1]=man1/openssl-pkcs8.pod +DEPEND[man1/openssl-pkcs8.pod]{pod}=man1/openssl-pkcs8.pod.in +GENERATE[man1/openssl-pkcs8.pod]=man1/openssl-pkcs8.pod.in +DEPEND[html/man1/openssl-pkey.html]=man1/openssl-pkey.pod +GENERATE[html/man1/openssl-pkey.html]=man1/openssl-pkey.pod +DEPEND[man/man1/openssl-pkey.1]=man1/openssl-pkey.pod +GENERATE[man/man1/openssl-pkey.1]=man1/openssl-pkey.pod +DEPEND[man1/openssl-pkey.pod]{pod}=man1/openssl-pkey.pod.in +GENERATE[man1/openssl-pkey.pod]=man1/openssl-pkey.pod.in +DEPEND[html/man1/openssl-pkeyparam.html]=man1/openssl-pkeyparam.pod +GENERATE[html/man1/openssl-pkeyparam.html]=man1/openssl-pkeyparam.pod +DEPEND[man/man1/openssl-pkeyparam.1]=man1/openssl-pkeyparam.pod +GENERATE[man/man1/openssl-pkeyparam.1]=man1/openssl-pkeyparam.pod +DEPEND[man1/openssl-pkeyparam.pod]{pod}=man1/openssl-pkeyparam.pod.in +GENERATE[man1/openssl-pkeyparam.pod]=man1/openssl-pkeyparam.pod.in +DEPEND[html/man1/openssl-pkeyutl.html]=man1/openssl-pkeyutl.pod +GENERATE[html/man1/openssl-pkeyutl.html]=man1/openssl-pkeyutl.pod +DEPEND[man/man1/openssl-pkeyutl.1]=man1/openssl-pkeyutl.pod +GENERATE[man/man1/openssl-pkeyutl.1]=man1/openssl-pkeyutl.pod +DEPEND[man1/openssl-pkeyutl.pod]{pod}=man1/openssl-pkeyutl.pod.in +GENERATE[man1/openssl-pkeyutl.pod]=man1/openssl-pkeyutl.pod.in +DEPEND[html/man1/openssl-prime.html]=man1/openssl-prime.pod +GENERATE[html/man1/openssl-prime.html]=man1/openssl-prime.pod +DEPEND[man/man1/openssl-prime.1]=man1/openssl-prime.pod +GENERATE[man/man1/openssl-prime.1]=man1/openssl-prime.pod +DEPEND[man1/openssl-prime.pod]{pod}=man1/openssl-prime.pod.in +GENERATE[man1/openssl-prime.pod]=man1/openssl-prime.pod.in +DEPEND[html/man1/openssl-rand.html]=man1/openssl-rand.pod +GENERATE[html/man1/openssl-rand.html]=man1/openssl-rand.pod +DEPEND[man/man1/openssl-rand.1]=man1/openssl-rand.pod +GENERATE[man/man1/openssl-rand.1]=man1/openssl-rand.pod +DEPEND[man1/openssl-rand.pod]{pod}=man1/openssl-rand.pod.in +GENERATE[man1/openssl-rand.pod]=man1/openssl-rand.pod.in +DEPEND[html/man1/openssl-rehash.html]=man1/openssl-rehash.pod +GENERATE[html/man1/openssl-rehash.html]=man1/openssl-rehash.pod +DEPEND[man/man1/openssl-rehash.1]=man1/openssl-rehash.pod +GENERATE[man/man1/openssl-rehash.1]=man1/openssl-rehash.pod +DEPEND[man1/openssl-rehash.pod]{pod}=man1/openssl-rehash.pod.in +GENERATE[man1/openssl-rehash.pod]=man1/openssl-rehash.pod.in +DEPEND[html/man1/openssl-req.html]=man1/openssl-req.pod +GENERATE[html/man1/openssl-req.html]=man1/openssl-req.pod +DEPEND[man/man1/openssl-req.1]=man1/openssl-req.pod +GENERATE[man/man1/openssl-req.1]=man1/openssl-req.pod +DEPEND[man1/openssl-req.pod]{pod}=man1/openssl-req.pod.in +GENERATE[man1/openssl-req.pod]=man1/openssl-req.pod.in +DEPEND[html/man1/openssl-rsa.html]=man1/openssl-rsa.pod +GENERATE[html/man1/openssl-rsa.html]=man1/openssl-rsa.pod +DEPEND[man/man1/openssl-rsa.1]=man1/openssl-rsa.pod +GENERATE[man/man1/openssl-rsa.1]=man1/openssl-rsa.pod +DEPEND[man1/openssl-rsa.pod]{pod}=man1/openssl-rsa.pod.in +GENERATE[man1/openssl-rsa.pod]=man1/openssl-rsa.pod.in +DEPEND[html/man1/openssl-rsautl.html]=man1/openssl-rsautl.pod +GENERATE[html/man1/openssl-rsautl.html]=man1/openssl-rsautl.pod +DEPEND[man/man1/openssl-rsautl.1]=man1/openssl-rsautl.pod +GENERATE[man/man1/openssl-rsautl.1]=man1/openssl-rsautl.pod +DEPEND[man1/openssl-rsautl.pod]{pod}=man1/openssl-rsautl.pod.in +GENERATE[man1/openssl-rsautl.pod]=man1/openssl-rsautl.pod.in +DEPEND[html/man1/openssl-s_client.html]=man1/openssl-s_client.pod +GENERATE[html/man1/openssl-s_client.html]=man1/openssl-s_client.pod +DEPEND[man/man1/openssl-s_client.1]=man1/openssl-s_client.pod +GENERATE[man/man1/openssl-s_client.1]=man1/openssl-s_client.pod +DEPEND[man1/openssl-s_client.pod]{pod}=man1/openssl-s_client.pod.in +GENERATE[man1/openssl-s_client.pod]=man1/openssl-s_client.pod.in +DEPEND[html/man1/openssl-s_server.html]=man1/openssl-s_server.pod +GENERATE[html/man1/openssl-s_server.html]=man1/openssl-s_server.pod +DEPEND[man/man1/openssl-s_server.1]=man1/openssl-s_server.pod +GENERATE[man/man1/openssl-s_server.1]=man1/openssl-s_server.pod +DEPEND[man1/openssl-s_server.pod]{pod}=man1/openssl-s_server.pod.in +GENERATE[man1/openssl-s_server.pod]=man1/openssl-s_server.pod.in +DEPEND[html/man1/openssl-s_time.html]=man1/openssl-s_time.pod +GENERATE[html/man1/openssl-s_time.html]=man1/openssl-s_time.pod +DEPEND[man/man1/openssl-s_time.1]=man1/openssl-s_time.pod +GENERATE[man/man1/openssl-s_time.1]=man1/openssl-s_time.pod +DEPEND[man1/openssl-s_time.pod]{pod}=man1/openssl-s_time.pod.in +GENERATE[man1/openssl-s_time.pod]=man1/openssl-s_time.pod.in +DEPEND[html/man1/openssl-sess_id.html]=man1/openssl-sess_id.pod +GENERATE[html/man1/openssl-sess_id.html]=man1/openssl-sess_id.pod +DEPEND[man/man1/openssl-sess_id.1]=man1/openssl-sess_id.pod +GENERATE[man/man1/openssl-sess_id.1]=man1/openssl-sess_id.pod +DEPEND[man1/openssl-sess_id.pod]{pod}=man1/openssl-sess_id.pod.in +GENERATE[man1/openssl-sess_id.pod]=man1/openssl-sess_id.pod.in +DEPEND[html/man1/openssl-smime.html]=man1/openssl-smime.pod +GENERATE[html/man1/openssl-smime.html]=man1/openssl-smime.pod +DEPEND[man/man1/openssl-smime.1]=man1/openssl-smime.pod +GENERATE[man/man1/openssl-smime.1]=man1/openssl-smime.pod +DEPEND[man1/openssl-smime.pod]{pod}=man1/openssl-smime.pod.in +GENERATE[man1/openssl-smime.pod]=man1/openssl-smime.pod.in +DEPEND[html/man1/openssl-speed.html]=man1/openssl-speed.pod +GENERATE[html/man1/openssl-speed.html]=man1/openssl-speed.pod +DEPEND[man/man1/openssl-speed.1]=man1/openssl-speed.pod +GENERATE[man/man1/openssl-speed.1]=man1/openssl-speed.pod +DEPEND[man1/openssl-speed.pod]{pod}=man1/openssl-speed.pod.in +GENERATE[man1/openssl-speed.pod]=man1/openssl-speed.pod.in +DEPEND[html/man1/openssl-spkac.html]=man1/openssl-spkac.pod +GENERATE[html/man1/openssl-spkac.html]=man1/openssl-spkac.pod +DEPEND[man/man1/openssl-spkac.1]=man1/openssl-spkac.pod +GENERATE[man/man1/openssl-spkac.1]=man1/openssl-spkac.pod +DEPEND[man1/openssl-spkac.pod]{pod}=man1/openssl-spkac.pod.in +GENERATE[man1/openssl-spkac.pod]=man1/openssl-spkac.pod.in +DEPEND[html/man1/openssl-srp.html]=man1/openssl-srp.pod +GENERATE[html/man1/openssl-srp.html]=man1/openssl-srp.pod +DEPEND[man/man1/openssl-srp.1]=man1/openssl-srp.pod +GENERATE[man/man1/openssl-srp.1]=man1/openssl-srp.pod +DEPEND[man1/openssl-srp.pod]{pod}=man1/openssl-srp.pod.in +GENERATE[man1/openssl-srp.pod]=man1/openssl-srp.pod.in +DEPEND[html/man1/openssl-storeutl.html]=man1/openssl-storeutl.pod +GENERATE[html/man1/openssl-storeutl.html]=man1/openssl-storeutl.pod +DEPEND[man/man1/openssl-storeutl.1]=man1/openssl-storeutl.pod +GENERATE[man/man1/openssl-storeutl.1]=man1/openssl-storeutl.pod +DEPEND[man1/openssl-storeutl.pod]{pod}=man1/openssl-storeutl.pod.in +GENERATE[man1/openssl-storeutl.pod]=man1/openssl-storeutl.pod.in +DEPEND[html/man1/openssl-ts.html]=man1/openssl-ts.pod +GENERATE[html/man1/openssl-ts.html]=man1/openssl-ts.pod +DEPEND[man/man1/openssl-ts.1]=man1/openssl-ts.pod +GENERATE[man/man1/openssl-ts.1]=man1/openssl-ts.pod +DEPEND[man1/openssl-ts.pod]{pod}=man1/openssl-ts.pod.in +GENERATE[man1/openssl-ts.pod]=man1/openssl-ts.pod.in +DEPEND[html/man1/openssl-verification-options.html]=man1/openssl-verification-options.pod +GENERATE[html/man1/openssl-verification-options.html]=man1/openssl-verification-options.pod +DEPEND[man/man1/openssl-verification-options.1]=man1/openssl-verification-options.pod +GENERATE[man/man1/openssl-verification-options.1]=man1/openssl-verification-options.pod +DEPEND[html/man1/openssl-verify.html]=man1/openssl-verify.pod +GENERATE[html/man1/openssl-verify.html]=man1/openssl-verify.pod +DEPEND[man/man1/openssl-verify.1]=man1/openssl-verify.pod +GENERATE[man/man1/openssl-verify.1]=man1/openssl-verify.pod +DEPEND[man1/openssl-verify.pod]{pod}=man1/openssl-verify.pod.in +GENERATE[man1/openssl-verify.pod]=man1/openssl-verify.pod.in +DEPEND[html/man1/openssl-version.html]=man1/openssl-version.pod +GENERATE[html/man1/openssl-version.html]=man1/openssl-version.pod +DEPEND[man/man1/openssl-version.1]=man1/openssl-version.pod +GENERATE[man/man1/openssl-version.1]=man1/openssl-version.pod +DEPEND[man1/openssl-version.pod]{pod}=man1/openssl-version.pod.in +GENERATE[man1/openssl-version.pod]=man1/openssl-version.pod.in +DEPEND[html/man1/openssl-x509.html]=man1/openssl-x509.pod +GENERATE[html/man1/openssl-x509.html]=man1/openssl-x509.pod +DEPEND[man/man1/openssl-x509.1]=man1/openssl-x509.pod +GENERATE[man/man1/openssl-x509.1]=man1/openssl-x509.pod +DEPEND[man1/openssl-x509.pod]{pod}=man1/openssl-x509.pod.in +GENERATE[man1/openssl-x509.pod]=man1/openssl-x509.pod.in +DEPEND[html/man1/openssl.html]=man1/openssl.pod +GENERATE[html/man1/openssl.html]=man1/openssl.pod +DEPEND[man/man1/openssl.1]=man1/openssl.pod +GENERATE[man/man1/openssl.1]=man1/openssl.pod +DEPEND[html/man1/tsget.html]=man1/tsget.pod +GENERATE[html/man1/tsget.html]=man1/tsget.pod +DEPEND[man/man1/tsget.1]=man1/tsget.pod +GENERATE[man/man1/tsget.1]=man1/tsget.pod +IMAGEDOCS[man1]= +HTMLDOCS[man1]=html/man1/CA.pl.html \ +html/man1/openssl-asn1parse.html \ +html/man1/openssl-ca.html \ +html/man1/openssl-ciphers.html \ +html/man1/openssl-cmds.html \ +html/man1/openssl-cmp.html \ +html/man1/openssl-cms.html \ +html/man1/openssl-crl.html \ +html/man1/openssl-crl2pkcs7.html \ +html/man1/openssl-dgst.html \ +html/man1/openssl-dhparam.html \ +html/man1/openssl-dsa.html \ +html/man1/openssl-dsaparam.html \ +html/man1/openssl-ec.html \ +html/man1/openssl-ecparam.html \ +html/man1/openssl-enc.html \ +html/man1/openssl-engine.html \ +html/man1/openssl-errstr.html \ +html/man1/openssl-fipsinstall.html \ +html/man1/openssl-format-options.html \ +html/man1/openssl-gendsa.html \ +html/man1/openssl-genpkey.html \ +html/man1/openssl-genrsa.html \ +html/man1/openssl-info.html \ +html/man1/openssl-kdf.html \ +html/man1/openssl-list.html \ +html/man1/openssl-mac.html \ +html/man1/openssl-namedisplay-options.html \ +html/man1/openssl-nseq.html \ +html/man1/openssl-ocsp.html \ +html/man1/openssl-passphrase-options.html \ +html/man1/openssl-passwd.html \ +html/man1/openssl-pkcs12.html \ +html/man1/openssl-pkcs7.html \ +html/man1/openssl-pkcs8.html \ +html/man1/openssl-pkey.html \ +html/man1/openssl-pkeyparam.html \ +html/man1/openssl-pkeyutl.html \ +html/man1/openssl-prime.html \ +html/man1/openssl-rand.html \ +html/man1/openssl-rehash.html \ +html/man1/openssl-req.html \ +html/man1/openssl-rsa.html \ +html/man1/openssl-rsautl.html \ +html/man1/openssl-s_client.html \ +html/man1/openssl-s_server.html \ +html/man1/openssl-s_time.html \ +html/man1/openssl-sess_id.html \ +html/man1/openssl-smime.html \ +html/man1/openssl-speed.html \ +html/man1/openssl-spkac.html \ +html/man1/openssl-srp.html \ +html/man1/openssl-storeutl.html \ +html/man1/openssl-ts.html \ +html/man1/openssl-verification-options.html \ +html/man1/openssl-verify.html \ +html/man1/openssl-version.html \ +html/man1/openssl-x509.html \ +html/man1/openssl.html \ +html/man1/tsget.html +MANDOCS[man1]=man/man1/CA.pl.1 \ +man/man1/openssl-asn1parse.1 \ +man/man1/openssl-ca.1 \ +man/man1/openssl-ciphers.1 \ +man/man1/openssl-cmds.1 \ +man/man1/openssl-cmp.1 \ +man/man1/openssl-cms.1 \ +man/man1/openssl-crl.1 \ +man/man1/openssl-crl2pkcs7.1 \ +man/man1/openssl-dgst.1 \ +man/man1/openssl-dhparam.1 \ +man/man1/openssl-dsa.1 \ +man/man1/openssl-dsaparam.1 \ +man/man1/openssl-ec.1 \ +man/man1/openssl-ecparam.1 \ +man/man1/openssl-enc.1 \ +man/man1/openssl-engine.1 \ +man/man1/openssl-errstr.1 \ +man/man1/openssl-fipsinstall.1 \ +man/man1/openssl-format-options.1 \ +man/man1/openssl-gendsa.1 \ +man/man1/openssl-genpkey.1 \ +man/man1/openssl-genrsa.1 \ +man/man1/openssl-info.1 \ +man/man1/openssl-kdf.1 \ +man/man1/openssl-list.1 \ +man/man1/openssl-mac.1 \ +man/man1/openssl-namedisplay-options.1 \ +man/man1/openssl-nseq.1 \ +man/man1/openssl-ocsp.1 \ +man/man1/openssl-passphrase-options.1 \ +man/man1/openssl-passwd.1 \ +man/man1/openssl-pkcs12.1 \ +man/man1/openssl-pkcs7.1 \ +man/man1/openssl-pkcs8.1 \ +man/man1/openssl-pkey.1 \ +man/man1/openssl-pkeyparam.1 \ +man/man1/openssl-pkeyutl.1 \ +man/man1/openssl-prime.1 \ +man/man1/openssl-rand.1 \ +man/man1/openssl-rehash.1 \ +man/man1/openssl-req.1 \ +man/man1/openssl-rsa.1 \ +man/man1/openssl-rsautl.1 \ +man/man1/openssl-s_client.1 \ +man/man1/openssl-s_server.1 \ +man/man1/openssl-s_time.1 \ +man/man1/openssl-sess_id.1 \ +man/man1/openssl-smime.1 \ +man/man1/openssl-speed.1 \ +man/man1/openssl-spkac.1 \ +man/man1/openssl-srp.1 \ +man/man1/openssl-storeutl.1 \ +man/man1/openssl-ts.1 \ +man/man1/openssl-verification-options.1 \ +man/man1/openssl-verify.1 \ +man/man1/openssl-version.1 \ +man/man1/openssl-x509.1 \ +man/man1/openssl.1 \ +man/man1/tsget.1 +DEPEND[html/man3/ADMISSIONS.html]=man3/ADMISSIONS.pod +GENERATE[html/man3/ADMISSIONS.html]=man3/ADMISSIONS.pod +DEPEND[man/man3/ADMISSIONS.3]=man3/ADMISSIONS.pod +GENERATE[man/man3/ADMISSIONS.3]=man3/ADMISSIONS.pod +DEPEND[html/man3/ASN1_EXTERN_FUNCS.html]=man3/ASN1_EXTERN_FUNCS.pod +GENERATE[html/man3/ASN1_EXTERN_FUNCS.html]=man3/ASN1_EXTERN_FUNCS.pod +DEPEND[man/man3/ASN1_EXTERN_FUNCS.3]=man3/ASN1_EXTERN_FUNCS.pod +GENERATE[man/man3/ASN1_EXTERN_FUNCS.3]=man3/ASN1_EXTERN_FUNCS.pod +DEPEND[html/man3/ASN1_INTEGER_get_int64.html]=man3/ASN1_INTEGER_get_int64.pod +GENERATE[html/man3/ASN1_INTEGER_get_int64.html]=man3/ASN1_INTEGER_get_int64.pod +DEPEND[man/man3/ASN1_INTEGER_get_int64.3]=man3/ASN1_INTEGER_get_int64.pod +GENERATE[man/man3/ASN1_INTEGER_get_int64.3]=man3/ASN1_INTEGER_get_int64.pod +DEPEND[html/man3/ASN1_INTEGER_new.html]=man3/ASN1_INTEGER_new.pod +GENERATE[html/man3/ASN1_INTEGER_new.html]=man3/ASN1_INTEGER_new.pod +DEPEND[man/man3/ASN1_INTEGER_new.3]=man3/ASN1_INTEGER_new.pod +GENERATE[man/man3/ASN1_INTEGER_new.3]=man3/ASN1_INTEGER_new.pod +DEPEND[html/man3/ASN1_ITEM_lookup.html]=man3/ASN1_ITEM_lookup.pod +GENERATE[html/man3/ASN1_ITEM_lookup.html]=man3/ASN1_ITEM_lookup.pod +DEPEND[man/man3/ASN1_ITEM_lookup.3]=man3/ASN1_ITEM_lookup.pod +GENERATE[man/man3/ASN1_ITEM_lookup.3]=man3/ASN1_ITEM_lookup.pod +DEPEND[html/man3/ASN1_OBJECT_new.html]=man3/ASN1_OBJECT_new.pod +GENERATE[html/man3/ASN1_OBJECT_new.html]=man3/ASN1_OBJECT_new.pod +DEPEND[man/man3/ASN1_OBJECT_new.3]=man3/ASN1_OBJECT_new.pod +GENERATE[man/man3/ASN1_OBJECT_new.3]=man3/ASN1_OBJECT_new.pod +DEPEND[html/man3/ASN1_STRING_TABLE_add.html]=man3/ASN1_STRING_TABLE_add.pod +GENERATE[html/man3/ASN1_STRING_TABLE_add.html]=man3/ASN1_STRING_TABLE_add.pod +DEPEND[man/man3/ASN1_STRING_TABLE_add.3]=man3/ASN1_STRING_TABLE_add.pod +GENERATE[man/man3/ASN1_STRING_TABLE_add.3]=man3/ASN1_STRING_TABLE_add.pod +DEPEND[html/man3/ASN1_STRING_length.html]=man3/ASN1_STRING_length.pod +GENERATE[html/man3/ASN1_STRING_length.html]=man3/ASN1_STRING_length.pod +DEPEND[man/man3/ASN1_STRING_length.3]=man3/ASN1_STRING_length.pod +GENERATE[man/man3/ASN1_STRING_length.3]=man3/ASN1_STRING_length.pod +DEPEND[html/man3/ASN1_STRING_new.html]=man3/ASN1_STRING_new.pod +GENERATE[html/man3/ASN1_STRING_new.html]=man3/ASN1_STRING_new.pod +DEPEND[man/man3/ASN1_STRING_new.3]=man3/ASN1_STRING_new.pod +GENERATE[man/man3/ASN1_STRING_new.3]=man3/ASN1_STRING_new.pod +DEPEND[html/man3/ASN1_STRING_print_ex.html]=man3/ASN1_STRING_print_ex.pod +GENERATE[html/man3/ASN1_STRING_print_ex.html]=man3/ASN1_STRING_print_ex.pod +DEPEND[man/man3/ASN1_STRING_print_ex.3]=man3/ASN1_STRING_print_ex.pod +GENERATE[man/man3/ASN1_STRING_print_ex.3]=man3/ASN1_STRING_print_ex.pod +DEPEND[html/man3/ASN1_TIME_set.html]=man3/ASN1_TIME_set.pod +GENERATE[html/man3/ASN1_TIME_set.html]=man3/ASN1_TIME_set.pod +DEPEND[man/man3/ASN1_TIME_set.3]=man3/ASN1_TIME_set.pod +GENERATE[man/man3/ASN1_TIME_set.3]=man3/ASN1_TIME_set.pod +DEPEND[html/man3/ASN1_TYPE_get.html]=man3/ASN1_TYPE_get.pod +GENERATE[html/man3/ASN1_TYPE_get.html]=man3/ASN1_TYPE_get.pod +DEPEND[man/man3/ASN1_TYPE_get.3]=man3/ASN1_TYPE_get.pod +GENERATE[man/man3/ASN1_TYPE_get.3]=man3/ASN1_TYPE_get.pod +DEPEND[html/man3/ASN1_aux_cb.html]=man3/ASN1_aux_cb.pod +GENERATE[html/man3/ASN1_aux_cb.html]=man3/ASN1_aux_cb.pod +DEPEND[man/man3/ASN1_aux_cb.3]=man3/ASN1_aux_cb.pod +GENERATE[man/man3/ASN1_aux_cb.3]=man3/ASN1_aux_cb.pod +DEPEND[html/man3/ASN1_generate_nconf.html]=man3/ASN1_generate_nconf.pod +GENERATE[html/man3/ASN1_generate_nconf.html]=man3/ASN1_generate_nconf.pod +DEPEND[man/man3/ASN1_generate_nconf.3]=man3/ASN1_generate_nconf.pod +GENERATE[man/man3/ASN1_generate_nconf.3]=man3/ASN1_generate_nconf.pod +DEPEND[html/man3/ASN1_item_d2i_bio.html]=man3/ASN1_item_d2i_bio.pod +GENERATE[html/man3/ASN1_item_d2i_bio.html]=man3/ASN1_item_d2i_bio.pod +DEPEND[man/man3/ASN1_item_d2i_bio.3]=man3/ASN1_item_d2i_bio.pod +GENERATE[man/man3/ASN1_item_d2i_bio.3]=man3/ASN1_item_d2i_bio.pod +DEPEND[html/man3/ASN1_item_new.html]=man3/ASN1_item_new.pod +GENERATE[html/man3/ASN1_item_new.html]=man3/ASN1_item_new.pod +DEPEND[man/man3/ASN1_item_new.3]=man3/ASN1_item_new.pod +GENERATE[man/man3/ASN1_item_new.3]=man3/ASN1_item_new.pod +DEPEND[html/man3/ASN1_item_sign.html]=man3/ASN1_item_sign.pod +GENERATE[html/man3/ASN1_item_sign.html]=man3/ASN1_item_sign.pod +DEPEND[man/man3/ASN1_item_sign.3]=man3/ASN1_item_sign.pod +GENERATE[man/man3/ASN1_item_sign.3]=man3/ASN1_item_sign.pod +DEPEND[html/man3/ASYNC_WAIT_CTX_new.html]=man3/ASYNC_WAIT_CTX_new.pod +GENERATE[html/man3/ASYNC_WAIT_CTX_new.html]=man3/ASYNC_WAIT_CTX_new.pod +DEPEND[man/man3/ASYNC_WAIT_CTX_new.3]=man3/ASYNC_WAIT_CTX_new.pod +GENERATE[man/man3/ASYNC_WAIT_CTX_new.3]=man3/ASYNC_WAIT_CTX_new.pod +DEPEND[html/man3/ASYNC_start_job.html]=man3/ASYNC_start_job.pod +GENERATE[html/man3/ASYNC_start_job.html]=man3/ASYNC_start_job.pod +DEPEND[man/man3/ASYNC_start_job.3]=man3/ASYNC_start_job.pod +GENERATE[man/man3/ASYNC_start_job.3]=man3/ASYNC_start_job.pod +DEPEND[html/man3/BF_encrypt.html]=man3/BF_encrypt.pod +GENERATE[html/man3/BF_encrypt.html]=man3/BF_encrypt.pod +DEPEND[man/man3/BF_encrypt.3]=man3/BF_encrypt.pod +GENERATE[man/man3/BF_encrypt.3]=man3/BF_encrypt.pod +DEPEND[html/man3/BIO_ADDR.html]=man3/BIO_ADDR.pod +GENERATE[html/man3/BIO_ADDR.html]=man3/BIO_ADDR.pod +DEPEND[man/man3/BIO_ADDR.3]=man3/BIO_ADDR.pod +GENERATE[man/man3/BIO_ADDR.3]=man3/BIO_ADDR.pod +DEPEND[html/man3/BIO_ADDRINFO.html]=man3/BIO_ADDRINFO.pod +GENERATE[html/man3/BIO_ADDRINFO.html]=man3/BIO_ADDRINFO.pod +DEPEND[man/man3/BIO_ADDRINFO.3]=man3/BIO_ADDRINFO.pod +GENERATE[man/man3/BIO_ADDRINFO.3]=man3/BIO_ADDRINFO.pod +DEPEND[html/man3/BIO_connect.html]=man3/BIO_connect.pod +GENERATE[html/man3/BIO_connect.html]=man3/BIO_connect.pod +DEPEND[man/man3/BIO_connect.3]=man3/BIO_connect.pod +GENERATE[man/man3/BIO_connect.3]=man3/BIO_connect.pod +DEPEND[html/man3/BIO_ctrl.html]=man3/BIO_ctrl.pod +GENERATE[html/man3/BIO_ctrl.html]=man3/BIO_ctrl.pod +DEPEND[man/man3/BIO_ctrl.3]=man3/BIO_ctrl.pod +GENERATE[man/man3/BIO_ctrl.3]=man3/BIO_ctrl.pod +DEPEND[html/man3/BIO_f_base64.html]=man3/BIO_f_base64.pod +GENERATE[html/man3/BIO_f_base64.html]=man3/BIO_f_base64.pod +DEPEND[man/man3/BIO_f_base64.3]=man3/BIO_f_base64.pod +GENERATE[man/man3/BIO_f_base64.3]=man3/BIO_f_base64.pod +DEPEND[html/man3/BIO_f_buffer.html]=man3/BIO_f_buffer.pod +GENERATE[html/man3/BIO_f_buffer.html]=man3/BIO_f_buffer.pod +DEPEND[man/man3/BIO_f_buffer.3]=man3/BIO_f_buffer.pod +GENERATE[man/man3/BIO_f_buffer.3]=man3/BIO_f_buffer.pod +DEPEND[html/man3/BIO_f_cipher.html]=man3/BIO_f_cipher.pod +GENERATE[html/man3/BIO_f_cipher.html]=man3/BIO_f_cipher.pod +DEPEND[man/man3/BIO_f_cipher.3]=man3/BIO_f_cipher.pod +GENERATE[man/man3/BIO_f_cipher.3]=man3/BIO_f_cipher.pod +DEPEND[html/man3/BIO_f_md.html]=man3/BIO_f_md.pod +GENERATE[html/man3/BIO_f_md.html]=man3/BIO_f_md.pod +DEPEND[man/man3/BIO_f_md.3]=man3/BIO_f_md.pod +GENERATE[man/man3/BIO_f_md.3]=man3/BIO_f_md.pod +DEPEND[html/man3/BIO_f_null.html]=man3/BIO_f_null.pod +GENERATE[html/man3/BIO_f_null.html]=man3/BIO_f_null.pod +DEPEND[man/man3/BIO_f_null.3]=man3/BIO_f_null.pod +GENERATE[man/man3/BIO_f_null.3]=man3/BIO_f_null.pod +DEPEND[html/man3/BIO_f_prefix.html]=man3/BIO_f_prefix.pod +GENERATE[html/man3/BIO_f_prefix.html]=man3/BIO_f_prefix.pod +DEPEND[man/man3/BIO_f_prefix.3]=man3/BIO_f_prefix.pod +GENERATE[man/man3/BIO_f_prefix.3]=man3/BIO_f_prefix.pod +DEPEND[html/man3/BIO_f_readbuffer.html]=man3/BIO_f_readbuffer.pod +GENERATE[html/man3/BIO_f_readbuffer.html]=man3/BIO_f_readbuffer.pod +DEPEND[man/man3/BIO_f_readbuffer.3]=man3/BIO_f_readbuffer.pod +GENERATE[man/man3/BIO_f_readbuffer.3]=man3/BIO_f_readbuffer.pod +DEPEND[html/man3/BIO_f_ssl.html]=man3/BIO_f_ssl.pod +GENERATE[html/man3/BIO_f_ssl.html]=man3/BIO_f_ssl.pod +DEPEND[man/man3/BIO_f_ssl.3]=man3/BIO_f_ssl.pod +GENERATE[man/man3/BIO_f_ssl.3]=man3/BIO_f_ssl.pod +DEPEND[html/man3/BIO_find_type.html]=man3/BIO_find_type.pod +GENERATE[html/man3/BIO_find_type.html]=man3/BIO_find_type.pod +DEPEND[man/man3/BIO_find_type.3]=man3/BIO_find_type.pod +GENERATE[man/man3/BIO_find_type.3]=man3/BIO_find_type.pod +DEPEND[html/man3/BIO_get_data.html]=man3/BIO_get_data.pod +GENERATE[html/man3/BIO_get_data.html]=man3/BIO_get_data.pod +DEPEND[man/man3/BIO_get_data.3]=man3/BIO_get_data.pod +GENERATE[man/man3/BIO_get_data.3]=man3/BIO_get_data.pod +DEPEND[html/man3/BIO_get_ex_new_index.html]=man3/BIO_get_ex_new_index.pod +GENERATE[html/man3/BIO_get_ex_new_index.html]=man3/BIO_get_ex_new_index.pod +DEPEND[man/man3/BIO_get_ex_new_index.3]=man3/BIO_get_ex_new_index.pod +GENERATE[man/man3/BIO_get_ex_new_index.3]=man3/BIO_get_ex_new_index.pod +DEPEND[html/man3/BIO_meth_new.html]=man3/BIO_meth_new.pod +GENERATE[html/man3/BIO_meth_new.html]=man3/BIO_meth_new.pod +DEPEND[man/man3/BIO_meth_new.3]=man3/BIO_meth_new.pod +GENERATE[man/man3/BIO_meth_new.3]=man3/BIO_meth_new.pod +DEPEND[html/man3/BIO_new.html]=man3/BIO_new.pod +GENERATE[html/man3/BIO_new.html]=man3/BIO_new.pod +DEPEND[man/man3/BIO_new.3]=man3/BIO_new.pod +GENERATE[man/man3/BIO_new.3]=man3/BIO_new.pod +DEPEND[html/man3/BIO_new_CMS.html]=man3/BIO_new_CMS.pod +GENERATE[html/man3/BIO_new_CMS.html]=man3/BIO_new_CMS.pod +DEPEND[man/man3/BIO_new_CMS.3]=man3/BIO_new_CMS.pod +GENERATE[man/man3/BIO_new_CMS.3]=man3/BIO_new_CMS.pod +DEPEND[html/man3/BIO_parse_hostserv.html]=man3/BIO_parse_hostserv.pod +GENERATE[html/man3/BIO_parse_hostserv.html]=man3/BIO_parse_hostserv.pod +DEPEND[man/man3/BIO_parse_hostserv.3]=man3/BIO_parse_hostserv.pod +GENERATE[man/man3/BIO_parse_hostserv.3]=man3/BIO_parse_hostserv.pod +DEPEND[html/man3/BIO_printf.html]=man3/BIO_printf.pod +GENERATE[html/man3/BIO_printf.html]=man3/BIO_printf.pod +DEPEND[man/man3/BIO_printf.3]=man3/BIO_printf.pod +GENERATE[man/man3/BIO_printf.3]=man3/BIO_printf.pod +DEPEND[html/man3/BIO_push.html]=man3/BIO_push.pod +GENERATE[html/man3/BIO_push.html]=man3/BIO_push.pod +DEPEND[man/man3/BIO_push.3]=man3/BIO_push.pod +GENERATE[man/man3/BIO_push.3]=man3/BIO_push.pod +DEPEND[html/man3/BIO_read.html]=man3/BIO_read.pod +GENERATE[html/man3/BIO_read.html]=man3/BIO_read.pod +DEPEND[man/man3/BIO_read.3]=man3/BIO_read.pod +GENERATE[man/man3/BIO_read.3]=man3/BIO_read.pod +DEPEND[html/man3/BIO_s_accept.html]=man3/BIO_s_accept.pod +GENERATE[html/man3/BIO_s_accept.html]=man3/BIO_s_accept.pod +DEPEND[man/man3/BIO_s_accept.3]=man3/BIO_s_accept.pod +GENERATE[man/man3/BIO_s_accept.3]=man3/BIO_s_accept.pod +DEPEND[html/man3/BIO_s_bio.html]=man3/BIO_s_bio.pod +GENERATE[html/man3/BIO_s_bio.html]=man3/BIO_s_bio.pod +DEPEND[man/man3/BIO_s_bio.3]=man3/BIO_s_bio.pod +GENERATE[man/man3/BIO_s_bio.3]=man3/BIO_s_bio.pod +DEPEND[html/man3/BIO_s_connect.html]=man3/BIO_s_connect.pod +GENERATE[html/man3/BIO_s_connect.html]=man3/BIO_s_connect.pod +DEPEND[man/man3/BIO_s_connect.3]=man3/BIO_s_connect.pod +GENERATE[man/man3/BIO_s_connect.3]=man3/BIO_s_connect.pod +DEPEND[html/man3/BIO_s_core.html]=man3/BIO_s_core.pod +GENERATE[html/man3/BIO_s_core.html]=man3/BIO_s_core.pod +DEPEND[man/man3/BIO_s_core.3]=man3/BIO_s_core.pod +GENERATE[man/man3/BIO_s_core.3]=man3/BIO_s_core.pod +DEPEND[html/man3/BIO_s_datagram.html]=man3/BIO_s_datagram.pod +GENERATE[html/man3/BIO_s_datagram.html]=man3/BIO_s_datagram.pod +DEPEND[man/man3/BIO_s_datagram.3]=man3/BIO_s_datagram.pod +GENERATE[man/man3/BIO_s_datagram.3]=man3/BIO_s_datagram.pod +DEPEND[html/man3/BIO_s_fd.html]=man3/BIO_s_fd.pod +GENERATE[html/man3/BIO_s_fd.html]=man3/BIO_s_fd.pod +DEPEND[man/man3/BIO_s_fd.3]=man3/BIO_s_fd.pod +GENERATE[man/man3/BIO_s_fd.3]=man3/BIO_s_fd.pod +DEPEND[html/man3/BIO_s_file.html]=man3/BIO_s_file.pod +GENERATE[html/man3/BIO_s_file.html]=man3/BIO_s_file.pod +DEPEND[man/man3/BIO_s_file.3]=man3/BIO_s_file.pod +GENERATE[man/man3/BIO_s_file.3]=man3/BIO_s_file.pod +DEPEND[html/man3/BIO_s_mem.html]=man3/BIO_s_mem.pod +GENERATE[html/man3/BIO_s_mem.html]=man3/BIO_s_mem.pod +DEPEND[man/man3/BIO_s_mem.3]=man3/BIO_s_mem.pod +GENERATE[man/man3/BIO_s_mem.3]=man3/BIO_s_mem.pod +DEPEND[html/man3/BIO_s_null.html]=man3/BIO_s_null.pod +GENERATE[html/man3/BIO_s_null.html]=man3/BIO_s_null.pod +DEPEND[man/man3/BIO_s_null.3]=man3/BIO_s_null.pod +GENERATE[man/man3/BIO_s_null.3]=man3/BIO_s_null.pod +DEPEND[html/man3/BIO_s_socket.html]=man3/BIO_s_socket.pod +GENERATE[html/man3/BIO_s_socket.html]=man3/BIO_s_socket.pod +DEPEND[man/man3/BIO_s_socket.3]=man3/BIO_s_socket.pod +GENERATE[man/man3/BIO_s_socket.3]=man3/BIO_s_socket.pod +DEPEND[html/man3/BIO_set_callback.html]=man3/BIO_set_callback.pod +GENERATE[html/man3/BIO_set_callback.html]=man3/BIO_set_callback.pod +DEPEND[man/man3/BIO_set_callback.3]=man3/BIO_set_callback.pod +GENERATE[man/man3/BIO_set_callback.3]=man3/BIO_set_callback.pod +DEPEND[html/man3/BIO_should_retry.html]=man3/BIO_should_retry.pod +GENERATE[html/man3/BIO_should_retry.html]=man3/BIO_should_retry.pod +DEPEND[man/man3/BIO_should_retry.3]=man3/BIO_should_retry.pod +GENERATE[man/man3/BIO_should_retry.3]=man3/BIO_should_retry.pod +DEPEND[html/man3/BIO_socket_wait.html]=man3/BIO_socket_wait.pod +GENERATE[html/man3/BIO_socket_wait.html]=man3/BIO_socket_wait.pod +DEPEND[man/man3/BIO_socket_wait.3]=man3/BIO_socket_wait.pod +GENERATE[man/man3/BIO_socket_wait.3]=man3/BIO_socket_wait.pod +DEPEND[html/man3/BN_BLINDING_new.html]=man3/BN_BLINDING_new.pod +GENERATE[html/man3/BN_BLINDING_new.html]=man3/BN_BLINDING_new.pod +DEPEND[man/man3/BN_BLINDING_new.3]=man3/BN_BLINDING_new.pod +GENERATE[man/man3/BN_BLINDING_new.3]=man3/BN_BLINDING_new.pod +DEPEND[html/man3/BN_CTX_new.html]=man3/BN_CTX_new.pod +GENERATE[html/man3/BN_CTX_new.html]=man3/BN_CTX_new.pod +DEPEND[man/man3/BN_CTX_new.3]=man3/BN_CTX_new.pod +GENERATE[man/man3/BN_CTX_new.3]=man3/BN_CTX_new.pod +DEPEND[html/man3/BN_CTX_start.html]=man3/BN_CTX_start.pod +GENERATE[html/man3/BN_CTX_start.html]=man3/BN_CTX_start.pod +DEPEND[man/man3/BN_CTX_start.3]=man3/BN_CTX_start.pod +GENERATE[man/man3/BN_CTX_start.3]=man3/BN_CTX_start.pod +DEPEND[html/man3/BN_add.html]=man3/BN_add.pod +GENERATE[html/man3/BN_add.html]=man3/BN_add.pod +DEPEND[man/man3/BN_add.3]=man3/BN_add.pod +GENERATE[man/man3/BN_add.3]=man3/BN_add.pod +DEPEND[html/man3/BN_add_word.html]=man3/BN_add_word.pod +GENERATE[html/man3/BN_add_word.html]=man3/BN_add_word.pod +DEPEND[man/man3/BN_add_word.3]=man3/BN_add_word.pod +GENERATE[man/man3/BN_add_word.3]=man3/BN_add_word.pod +DEPEND[html/man3/BN_bn2bin.html]=man3/BN_bn2bin.pod +GENERATE[html/man3/BN_bn2bin.html]=man3/BN_bn2bin.pod +DEPEND[man/man3/BN_bn2bin.3]=man3/BN_bn2bin.pod +GENERATE[man/man3/BN_bn2bin.3]=man3/BN_bn2bin.pod +DEPEND[html/man3/BN_cmp.html]=man3/BN_cmp.pod +GENERATE[html/man3/BN_cmp.html]=man3/BN_cmp.pod +DEPEND[man/man3/BN_cmp.3]=man3/BN_cmp.pod +GENERATE[man/man3/BN_cmp.3]=man3/BN_cmp.pod +DEPEND[html/man3/BN_copy.html]=man3/BN_copy.pod +GENERATE[html/man3/BN_copy.html]=man3/BN_copy.pod +DEPEND[man/man3/BN_copy.3]=man3/BN_copy.pod +GENERATE[man/man3/BN_copy.3]=man3/BN_copy.pod +DEPEND[html/man3/BN_generate_prime.html]=man3/BN_generate_prime.pod +GENERATE[html/man3/BN_generate_prime.html]=man3/BN_generate_prime.pod +DEPEND[man/man3/BN_generate_prime.3]=man3/BN_generate_prime.pod +GENERATE[man/man3/BN_generate_prime.3]=man3/BN_generate_prime.pod +DEPEND[html/man3/BN_mod_exp_mont.html]=man3/BN_mod_exp_mont.pod +GENERATE[html/man3/BN_mod_exp_mont.html]=man3/BN_mod_exp_mont.pod +DEPEND[man/man3/BN_mod_exp_mont.3]=man3/BN_mod_exp_mont.pod +GENERATE[man/man3/BN_mod_exp_mont.3]=man3/BN_mod_exp_mont.pod +DEPEND[html/man3/BN_mod_inverse.html]=man3/BN_mod_inverse.pod +GENERATE[html/man3/BN_mod_inverse.html]=man3/BN_mod_inverse.pod +DEPEND[man/man3/BN_mod_inverse.3]=man3/BN_mod_inverse.pod +GENERATE[man/man3/BN_mod_inverse.3]=man3/BN_mod_inverse.pod +DEPEND[html/man3/BN_mod_mul_montgomery.html]=man3/BN_mod_mul_montgomery.pod +GENERATE[html/man3/BN_mod_mul_montgomery.html]=man3/BN_mod_mul_montgomery.pod +DEPEND[man/man3/BN_mod_mul_montgomery.3]=man3/BN_mod_mul_montgomery.pod +GENERATE[man/man3/BN_mod_mul_montgomery.3]=man3/BN_mod_mul_montgomery.pod +DEPEND[html/man3/BN_mod_mul_reciprocal.html]=man3/BN_mod_mul_reciprocal.pod +GENERATE[html/man3/BN_mod_mul_reciprocal.html]=man3/BN_mod_mul_reciprocal.pod +DEPEND[man/man3/BN_mod_mul_reciprocal.3]=man3/BN_mod_mul_reciprocal.pod +GENERATE[man/man3/BN_mod_mul_reciprocal.3]=man3/BN_mod_mul_reciprocal.pod +DEPEND[html/man3/BN_new.html]=man3/BN_new.pod +GENERATE[html/man3/BN_new.html]=man3/BN_new.pod +DEPEND[man/man3/BN_new.3]=man3/BN_new.pod +GENERATE[man/man3/BN_new.3]=man3/BN_new.pod +DEPEND[html/man3/BN_num_bytes.html]=man3/BN_num_bytes.pod +GENERATE[html/man3/BN_num_bytes.html]=man3/BN_num_bytes.pod +DEPEND[man/man3/BN_num_bytes.3]=man3/BN_num_bytes.pod +GENERATE[man/man3/BN_num_bytes.3]=man3/BN_num_bytes.pod +DEPEND[html/man3/BN_rand.html]=man3/BN_rand.pod +GENERATE[html/man3/BN_rand.html]=man3/BN_rand.pod +DEPEND[man/man3/BN_rand.3]=man3/BN_rand.pod +GENERATE[man/man3/BN_rand.3]=man3/BN_rand.pod +DEPEND[html/man3/BN_security_bits.html]=man3/BN_security_bits.pod +GENERATE[html/man3/BN_security_bits.html]=man3/BN_security_bits.pod +DEPEND[man/man3/BN_security_bits.3]=man3/BN_security_bits.pod +GENERATE[man/man3/BN_security_bits.3]=man3/BN_security_bits.pod +DEPEND[html/man3/BN_set_bit.html]=man3/BN_set_bit.pod +GENERATE[html/man3/BN_set_bit.html]=man3/BN_set_bit.pod +DEPEND[man/man3/BN_set_bit.3]=man3/BN_set_bit.pod +GENERATE[man/man3/BN_set_bit.3]=man3/BN_set_bit.pod +DEPEND[html/man3/BN_swap.html]=man3/BN_swap.pod +GENERATE[html/man3/BN_swap.html]=man3/BN_swap.pod +DEPEND[man/man3/BN_swap.3]=man3/BN_swap.pod +GENERATE[man/man3/BN_swap.3]=man3/BN_swap.pod +DEPEND[html/man3/BN_zero.html]=man3/BN_zero.pod +GENERATE[html/man3/BN_zero.html]=man3/BN_zero.pod +DEPEND[man/man3/BN_zero.3]=man3/BN_zero.pod +GENERATE[man/man3/BN_zero.3]=man3/BN_zero.pod +DEPEND[html/man3/BUF_MEM_new.html]=man3/BUF_MEM_new.pod +GENERATE[html/man3/BUF_MEM_new.html]=man3/BUF_MEM_new.pod +DEPEND[man/man3/BUF_MEM_new.3]=man3/BUF_MEM_new.pod +GENERATE[man/man3/BUF_MEM_new.3]=man3/BUF_MEM_new.pod +DEPEND[html/man3/CMS_EncryptedData_decrypt.html]=man3/CMS_EncryptedData_decrypt.pod +GENERATE[html/man3/CMS_EncryptedData_decrypt.html]=man3/CMS_EncryptedData_decrypt.pod +DEPEND[man/man3/CMS_EncryptedData_decrypt.3]=man3/CMS_EncryptedData_decrypt.pod +GENERATE[man/man3/CMS_EncryptedData_decrypt.3]=man3/CMS_EncryptedData_decrypt.pod +DEPEND[html/man3/CMS_EncryptedData_encrypt.html]=man3/CMS_EncryptedData_encrypt.pod +GENERATE[html/man3/CMS_EncryptedData_encrypt.html]=man3/CMS_EncryptedData_encrypt.pod +DEPEND[man/man3/CMS_EncryptedData_encrypt.3]=man3/CMS_EncryptedData_encrypt.pod +GENERATE[man/man3/CMS_EncryptedData_encrypt.3]=man3/CMS_EncryptedData_encrypt.pod +DEPEND[html/man3/CMS_EnvelopedData_create.html]=man3/CMS_EnvelopedData_create.pod +GENERATE[html/man3/CMS_EnvelopedData_create.html]=man3/CMS_EnvelopedData_create.pod +DEPEND[man/man3/CMS_EnvelopedData_create.3]=man3/CMS_EnvelopedData_create.pod +GENERATE[man/man3/CMS_EnvelopedData_create.3]=man3/CMS_EnvelopedData_create.pod +DEPEND[html/man3/CMS_add0_cert.html]=man3/CMS_add0_cert.pod +GENERATE[html/man3/CMS_add0_cert.html]=man3/CMS_add0_cert.pod +DEPEND[man/man3/CMS_add0_cert.3]=man3/CMS_add0_cert.pod +GENERATE[man/man3/CMS_add0_cert.3]=man3/CMS_add0_cert.pod +DEPEND[html/man3/CMS_add1_recipient_cert.html]=man3/CMS_add1_recipient_cert.pod +GENERATE[html/man3/CMS_add1_recipient_cert.html]=man3/CMS_add1_recipient_cert.pod +DEPEND[man/man3/CMS_add1_recipient_cert.3]=man3/CMS_add1_recipient_cert.pod +GENERATE[man/man3/CMS_add1_recipient_cert.3]=man3/CMS_add1_recipient_cert.pod +DEPEND[html/man3/CMS_add1_signer.html]=man3/CMS_add1_signer.pod +GENERATE[html/man3/CMS_add1_signer.html]=man3/CMS_add1_signer.pod +DEPEND[man/man3/CMS_add1_signer.3]=man3/CMS_add1_signer.pod +GENERATE[man/man3/CMS_add1_signer.3]=man3/CMS_add1_signer.pod +DEPEND[html/man3/CMS_compress.html]=man3/CMS_compress.pod +GENERATE[html/man3/CMS_compress.html]=man3/CMS_compress.pod +DEPEND[man/man3/CMS_compress.3]=man3/CMS_compress.pod +GENERATE[man/man3/CMS_compress.3]=man3/CMS_compress.pod +DEPEND[html/man3/CMS_data_create.html]=man3/CMS_data_create.pod +GENERATE[html/man3/CMS_data_create.html]=man3/CMS_data_create.pod +DEPEND[man/man3/CMS_data_create.3]=man3/CMS_data_create.pod +GENERATE[man/man3/CMS_data_create.3]=man3/CMS_data_create.pod +DEPEND[html/man3/CMS_decrypt.html]=man3/CMS_decrypt.pod +GENERATE[html/man3/CMS_decrypt.html]=man3/CMS_decrypt.pod +DEPEND[man/man3/CMS_decrypt.3]=man3/CMS_decrypt.pod +GENERATE[man/man3/CMS_decrypt.3]=man3/CMS_decrypt.pod +DEPEND[html/man3/CMS_digest_create.html]=man3/CMS_digest_create.pod +GENERATE[html/man3/CMS_digest_create.html]=man3/CMS_digest_create.pod +DEPEND[man/man3/CMS_digest_create.3]=man3/CMS_digest_create.pod +GENERATE[man/man3/CMS_digest_create.3]=man3/CMS_digest_create.pod +DEPEND[html/man3/CMS_encrypt.html]=man3/CMS_encrypt.pod +GENERATE[html/man3/CMS_encrypt.html]=man3/CMS_encrypt.pod +DEPEND[man/man3/CMS_encrypt.3]=man3/CMS_encrypt.pod +GENERATE[man/man3/CMS_encrypt.3]=man3/CMS_encrypt.pod +DEPEND[html/man3/CMS_final.html]=man3/CMS_final.pod +GENERATE[html/man3/CMS_final.html]=man3/CMS_final.pod +DEPEND[man/man3/CMS_final.3]=man3/CMS_final.pod +GENERATE[man/man3/CMS_final.3]=man3/CMS_final.pod +DEPEND[html/man3/CMS_get0_RecipientInfos.html]=man3/CMS_get0_RecipientInfos.pod +GENERATE[html/man3/CMS_get0_RecipientInfos.html]=man3/CMS_get0_RecipientInfos.pod +DEPEND[man/man3/CMS_get0_RecipientInfos.3]=man3/CMS_get0_RecipientInfos.pod +GENERATE[man/man3/CMS_get0_RecipientInfos.3]=man3/CMS_get0_RecipientInfos.pod +DEPEND[html/man3/CMS_get0_SignerInfos.html]=man3/CMS_get0_SignerInfos.pod +GENERATE[html/man3/CMS_get0_SignerInfos.html]=man3/CMS_get0_SignerInfos.pod +DEPEND[man/man3/CMS_get0_SignerInfos.3]=man3/CMS_get0_SignerInfos.pod +GENERATE[man/man3/CMS_get0_SignerInfos.3]=man3/CMS_get0_SignerInfos.pod +DEPEND[html/man3/CMS_get0_type.html]=man3/CMS_get0_type.pod +GENERATE[html/man3/CMS_get0_type.html]=man3/CMS_get0_type.pod +DEPEND[man/man3/CMS_get0_type.3]=man3/CMS_get0_type.pod +GENERATE[man/man3/CMS_get0_type.3]=man3/CMS_get0_type.pod +DEPEND[html/man3/CMS_get1_ReceiptRequest.html]=man3/CMS_get1_ReceiptRequest.pod +GENERATE[html/man3/CMS_get1_ReceiptRequest.html]=man3/CMS_get1_ReceiptRequest.pod +DEPEND[man/man3/CMS_get1_ReceiptRequest.3]=man3/CMS_get1_ReceiptRequest.pod +GENERATE[man/man3/CMS_get1_ReceiptRequest.3]=man3/CMS_get1_ReceiptRequest.pod +DEPEND[html/man3/CMS_sign.html]=man3/CMS_sign.pod +GENERATE[html/man3/CMS_sign.html]=man3/CMS_sign.pod +DEPEND[man/man3/CMS_sign.3]=man3/CMS_sign.pod +GENERATE[man/man3/CMS_sign.3]=man3/CMS_sign.pod +DEPEND[html/man3/CMS_sign_receipt.html]=man3/CMS_sign_receipt.pod +GENERATE[html/man3/CMS_sign_receipt.html]=man3/CMS_sign_receipt.pod +DEPEND[man/man3/CMS_sign_receipt.3]=man3/CMS_sign_receipt.pod +GENERATE[man/man3/CMS_sign_receipt.3]=man3/CMS_sign_receipt.pod +DEPEND[html/man3/CMS_signed_get_attr.html]=man3/CMS_signed_get_attr.pod +GENERATE[html/man3/CMS_signed_get_attr.html]=man3/CMS_signed_get_attr.pod +DEPEND[man/man3/CMS_signed_get_attr.3]=man3/CMS_signed_get_attr.pod +GENERATE[man/man3/CMS_signed_get_attr.3]=man3/CMS_signed_get_attr.pod +DEPEND[html/man3/CMS_uncompress.html]=man3/CMS_uncompress.pod +GENERATE[html/man3/CMS_uncompress.html]=man3/CMS_uncompress.pod +DEPEND[man/man3/CMS_uncompress.3]=man3/CMS_uncompress.pod +GENERATE[man/man3/CMS_uncompress.3]=man3/CMS_uncompress.pod +DEPEND[html/man3/CMS_verify.html]=man3/CMS_verify.pod +GENERATE[html/man3/CMS_verify.html]=man3/CMS_verify.pod +DEPEND[man/man3/CMS_verify.3]=man3/CMS_verify.pod +GENERATE[man/man3/CMS_verify.3]=man3/CMS_verify.pod +DEPEND[html/man3/CMS_verify_receipt.html]=man3/CMS_verify_receipt.pod +GENERATE[html/man3/CMS_verify_receipt.html]=man3/CMS_verify_receipt.pod +DEPEND[man/man3/CMS_verify_receipt.3]=man3/CMS_verify_receipt.pod +GENERATE[man/man3/CMS_verify_receipt.3]=man3/CMS_verify_receipt.pod +DEPEND[html/man3/CONF_modules_free.html]=man3/CONF_modules_free.pod +GENERATE[html/man3/CONF_modules_free.html]=man3/CONF_modules_free.pod +DEPEND[man/man3/CONF_modules_free.3]=man3/CONF_modules_free.pod +GENERATE[man/man3/CONF_modules_free.3]=man3/CONF_modules_free.pod +DEPEND[html/man3/CONF_modules_load_file.html]=man3/CONF_modules_load_file.pod +GENERATE[html/man3/CONF_modules_load_file.html]=man3/CONF_modules_load_file.pod +DEPEND[man/man3/CONF_modules_load_file.3]=man3/CONF_modules_load_file.pod +GENERATE[man/man3/CONF_modules_load_file.3]=man3/CONF_modules_load_file.pod +DEPEND[html/man3/CRYPTO_THREAD_run_once.html]=man3/CRYPTO_THREAD_run_once.pod +GENERATE[html/man3/CRYPTO_THREAD_run_once.html]=man3/CRYPTO_THREAD_run_once.pod +DEPEND[man/man3/CRYPTO_THREAD_run_once.3]=man3/CRYPTO_THREAD_run_once.pod +GENERATE[man/man3/CRYPTO_THREAD_run_once.3]=man3/CRYPTO_THREAD_run_once.pod +DEPEND[html/man3/CRYPTO_get_ex_new_index.html]=man3/CRYPTO_get_ex_new_index.pod +GENERATE[html/man3/CRYPTO_get_ex_new_index.html]=man3/CRYPTO_get_ex_new_index.pod +DEPEND[man/man3/CRYPTO_get_ex_new_index.3]=man3/CRYPTO_get_ex_new_index.pod +GENERATE[man/man3/CRYPTO_get_ex_new_index.3]=man3/CRYPTO_get_ex_new_index.pod +DEPEND[html/man3/CRYPTO_memcmp.html]=man3/CRYPTO_memcmp.pod +GENERATE[html/man3/CRYPTO_memcmp.html]=man3/CRYPTO_memcmp.pod +DEPEND[man/man3/CRYPTO_memcmp.3]=man3/CRYPTO_memcmp.pod +GENERATE[man/man3/CRYPTO_memcmp.3]=man3/CRYPTO_memcmp.pod +DEPEND[html/man3/CTLOG_STORE_get0_log_by_id.html]=man3/CTLOG_STORE_get0_log_by_id.pod +GENERATE[html/man3/CTLOG_STORE_get0_log_by_id.html]=man3/CTLOG_STORE_get0_log_by_id.pod +DEPEND[man/man3/CTLOG_STORE_get0_log_by_id.3]=man3/CTLOG_STORE_get0_log_by_id.pod +GENERATE[man/man3/CTLOG_STORE_get0_log_by_id.3]=man3/CTLOG_STORE_get0_log_by_id.pod +DEPEND[html/man3/CTLOG_STORE_new.html]=man3/CTLOG_STORE_new.pod +GENERATE[html/man3/CTLOG_STORE_new.html]=man3/CTLOG_STORE_new.pod +DEPEND[man/man3/CTLOG_STORE_new.3]=man3/CTLOG_STORE_new.pod +GENERATE[man/man3/CTLOG_STORE_new.3]=man3/CTLOG_STORE_new.pod +DEPEND[html/man3/CTLOG_new.html]=man3/CTLOG_new.pod +GENERATE[html/man3/CTLOG_new.html]=man3/CTLOG_new.pod +DEPEND[man/man3/CTLOG_new.3]=man3/CTLOG_new.pod +GENERATE[man/man3/CTLOG_new.3]=man3/CTLOG_new.pod +DEPEND[html/man3/CT_POLICY_EVAL_CTX_new.html]=man3/CT_POLICY_EVAL_CTX_new.pod +GENERATE[html/man3/CT_POLICY_EVAL_CTX_new.html]=man3/CT_POLICY_EVAL_CTX_new.pod +DEPEND[man/man3/CT_POLICY_EVAL_CTX_new.3]=man3/CT_POLICY_EVAL_CTX_new.pod +GENERATE[man/man3/CT_POLICY_EVAL_CTX_new.3]=man3/CT_POLICY_EVAL_CTX_new.pod +DEPEND[html/man3/DEFINE_STACK_OF.html]=man3/DEFINE_STACK_OF.pod +GENERATE[html/man3/DEFINE_STACK_OF.html]=man3/DEFINE_STACK_OF.pod +DEPEND[man/man3/DEFINE_STACK_OF.3]=man3/DEFINE_STACK_OF.pod +GENERATE[man/man3/DEFINE_STACK_OF.3]=man3/DEFINE_STACK_OF.pod +DEPEND[html/man3/DES_random_key.html]=man3/DES_random_key.pod +GENERATE[html/man3/DES_random_key.html]=man3/DES_random_key.pod +DEPEND[man/man3/DES_random_key.3]=man3/DES_random_key.pod +GENERATE[man/man3/DES_random_key.3]=man3/DES_random_key.pod +DEPEND[html/man3/DH_generate_key.html]=man3/DH_generate_key.pod +GENERATE[html/man3/DH_generate_key.html]=man3/DH_generate_key.pod +DEPEND[man/man3/DH_generate_key.3]=man3/DH_generate_key.pod +GENERATE[man/man3/DH_generate_key.3]=man3/DH_generate_key.pod +DEPEND[html/man3/DH_generate_parameters.html]=man3/DH_generate_parameters.pod +GENERATE[html/man3/DH_generate_parameters.html]=man3/DH_generate_parameters.pod +DEPEND[man/man3/DH_generate_parameters.3]=man3/DH_generate_parameters.pod +GENERATE[man/man3/DH_generate_parameters.3]=man3/DH_generate_parameters.pod +DEPEND[html/man3/DH_get0_pqg.html]=man3/DH_get0_pqg.pod +GENERATE[html/man3/DH_get0_pqg.html]=man3/DH_get0_pqg.pod +DEPEND[man/man3/DH_get0_pqg.3]=man3/DH_get0_pqg.pod +GENERATE[man/man3/DH_get0_pqg.3]=man3/DH_get0_pqg.pod +DEPEND[html/man3/DH_get_1024_160.html]=man3/DH_get_1024_160.pod +GENERATE[html/man3/DH_get_1024_160.html]=man3/DH_get_1024_160.pod +DEPEND[man/man3/DH_get_1024_160.3]=man3/DH_get_1024_160.pod +GENERATE[man/man3/DH_get_1024_160.3]=man3/DH_get_1024_160.pod +DEPEND[html/man3/DH_meth_new.html]=man3/DH_meth_new.pod +GENERATE[html/man3/DH_meth_new.html]=man3/DH_meth_new.pod +DEPEND[man/man3/DH_meth_new.3]=man3/DH_meth_new.pod +GENERATE[man/man3/DH_meth_new.3]=man3/DH_meth_new.pod +DEPEND[html/man3/DH_new.html]=man3/DH_new.pod +GENERATE[html/man3/DH_new.html]=man3/DH_new.pod +DEPEND[man/man3/DH_new.3]=man3/DH_new.pod +GENERATE[man/man3/DH_new.3]=man3/DH_new.pod +DEPEND[html/man3/DH_new_by_nid.html]=man3/DH_new_by_nid.pod +GENERATE[html/man3/DH_new_by_nid.html]=man3/DH_new_by_nid.pod +DEPEND[man/man3/DH_new_by_nid.3]=man3/DH_new_by_nid.pod +GENERATE[man/man3/DH_new_by_nid.3]=man3/DH_new_by_nid.pod +DEPEND[html/man3/DH_set_method.html]=man3/DH_set_method.pod +GENERATE[html/man3/DH_set_method.html]=man3/DH_set_method.pod +DEPEND[man/man3/DH_set_method.3]=man3/DH_set_method.pod +GENERATE[man/man3/DH_set_method.3]=man3/DH_set_method.pod +DEPEND[html/man3/DH_size.html]=man3/DH_size.pod +GENERATE[html/man3/DH_size.html]=man3/DH_size.pod +DEPEND[man/man3/DH_size.3]=man3/DH_size.pod +GENERATE[man/man3/DH_size.3]=man3/DH_size.pod +DEPEND[html/man3/DSA_SIG_new.html]=man3/DSA_SIG_new.pod +GENERATE[html/man3/DSA_SIG_new.html]=man3/DSA_SIG_new.pod +DEPEND[man/man3/DSA_SIG_new.3]=man3/DSA_SIG_new.pod +GENERATE[man/man3/DSA_SIG_new.3]=man3/DSA_SIG_new.pod +DEPEND[html/man3/DSA_do_sign.html]=man3/DSA_do_sign.pod +GENERATE[html/man3/DSA_do_sign.html]=man3/DSA_do_sign.pod +DEPEND[man/man3/DSA_do_sign.3]=man3/DSA_do_sign.pod +GENERATE[man/man3/DSA_do_sign.3]=man3/DSA_do_sign.pod +DEPEND[html/man3/DSA_dup_DH.html]=man3/DSA_dup_DH.pod +GENERATE[html/man3/DSA_dup_DH.html]=man3/DSA_dup_DH.pod +DEPEND[man/man3/DSA_dup_DH.3]=man3/DSA_dup_DH.pod +GENERATE[man/man3/DSA_dup_DH.3]=man3/DSA_dup_DH.pod +DEPEND[html/man3/DSA_generate_key.html]=man3/DSA_generate_key.pod +GENERATE[html/man3/DSA_generate_key.html]=man3/DSA_generate_key.pod +DEPEND[man/man3/DSA_generate_key.3]=man3/DSA_generate_key.pod +GENERATE[man/man3/DSA_generate_key.3]=man3/DSA_generate_key.pod +DEPEND[html/man3/DSA_generate_parameters.html]=man3/DSA_generate_parameters.pod +GENERATE[html/man3/DSA_generate_parameters.html]=man3/DSA_generate_parameters.pod +DEPEND[man/man3/DSA_generate_parameters.3]=man3/DSA_generate_parameters.pod +GENERATE[man/man3/DSA_generate_parameters.3]=man3/DSA_generate_parameters.pod +DEPEND[html/man3/DSA_get0_pqg.html]=man3/DSA_get0_pqg.pod +GENERATE[html/man3/DSA_get0_pqg.html]=man3/DSA_get0_pqg.pod +DEPEND[man/man3/DSA_get0_pqg.3]=man3/DSA_get0_pqg.pod +GENERATE[man/man3/DSA_get0_pqg.3]=man3/DSA_get0_pqg.pod +DEPEND[html/man3/DSA_meth_new.html]=man3/DSA_meth_new.pod +GENERATE[html/man3/DSA_meth_new.html]=man3/DSA_meth_new.pod +DEPEND[man/man3/DSA_meth_new.3]=man3/DSA_meth_new.pod +GENERATE[man/man3/DSA_meth_new.3]=man3/DSA_meth_new.pod +DEPEND[html/man3/DSA_new.html]=man3/DSA_new.pod +GENERATE[html/man3/DSA_new.html]=man3/DSA_new.pod +DEPEND[man/man3/DSA_new.3]=man3/DSA_new.pod +GENERATE[man/man3/DSA_new.3]=man3/DSA_new.pod +DEPEND[html/man3/DSA_set_method.html]=man3/DSA_set_method.pod +GENERATE[html/man3/DSA_set_method.html]=man3/DSA_set_method.pod +DEPEND[man/man3/DSA_set_method.3]=man3/DSA_set_method.pod +GENERATE[man/man3/DSA_set_method.3]=man3/DSA_set_method.pod +DEPEND[html/man3/DSA_sign.html]=man3/DSA_sign.pod +GENERATE[html/man3/DSA_sign.html]=man3/DSA_sign.pod +DEPEND[man/man3/DSA_sign.3]=man3/DSA_sign.pod +GENERATE[man/man3/DSA_sign.3]=man3/DSA_sign.pod +DEPEND[html/man3/DSA_size.html]=man3/DSA_size.pod +GENERATE[html/man3/DSA_size.html]=man3/DSA_size.pod +DEPEND[man/man3/DSA_size.3]=man3/DSA_size.pod +GENERATE[man/man3/DSA_size.3]=man3/DSA_size.pod +DEPEND[html/man3/DTLS_get_data_mtu.html]=man3/DTLS_get_data_mtu.pod +GENERATE[html/man3/DTLS_get_data_mtu.html]=man3/DTLS_get_data_mtu.pod +DEPEND[man/man3/DTLS_get_data_mtu.3]=man3/DTLS_get_data_mtu.pod +GENERATE[man/man3/DTLS_get_data_mtu.3]=man3/DTLS_get_data_mtu.pod +DEPEND[html/man3/DTLS_set_timer_cb.html]=man3/DTLS_set_timer_cb.pod +GENERATE[html/man3/DTLS_set_timer_cb.html]=man3/DTLS_set_timer_cb.pod +DEPEND[man/man3/DTLS_set_timer_cb.3]=man3/DTLS_set_timer_cb.pod +GENERATE[man/man3/DTLS_set_timer_cb.3]=man3/DTLS_set_timer_cb.pod +DEPEND[html/man3/DTLSv1_listen.html]=man3/DTLSv1_listen.pod +GENERATE[html/man3/DTLSv1_listen.html]=man3/DTLSv1_listen.pod +DEPEND[man/man3/DTLSv1_listen.3]=man3/DTLSv1_listen.pod +GENERATE[man/man3/DTLSv1_listen.3]=man3/DTLSv1_listen.pod +DEPEND[html/man3/ECDSA_SIG_new.html]=man3/ECDSA_SIG_new.pod +GENERATE[html/man3/ECDSA_SIG_new.html]=man3/ECDSA_SIG_new.pod +DEPEND[man/man3/ECDSA_SIG_new.3]=man3/ECDSA_SIG_new.pod +GENERATE[man/man3/ECDSA_SIG_new.3]=man3/ECDSA_SIG_new.pod +DEPEND[html/man3/ECDSA_sign.html]=man3/ECDSA_sign.pod +GENERATE[html/man3/ECDSA_sign.html]=man3/ECDSA_sign.pod +DEPEND[man/man3/ECDSA_sign.3]=man3/ECDSA_sign.pod +GENERATE[man/man3/ECDSA_sign.3]=man3/ECDSA_sign.pod +DEPEND[html/man3/ECPKParameters_print.html]=man3/ECPKParameters_print.pod +GENERATE[html/man3/ECPKParameters_print.html]=man3/ECPKParameters_print.pod +DEPEND[man/man3/ECPKParameters_print.3]=man3/ECPKParameters_print.pod +GENERATE[man/man3/ECPKParameters_print.3]=man3/ECPKParameters_print.pod +DEPEND[html/man3/EC_GFp_simple_method.html]=man3/EC_GFp_simple_method.pod +GENERATE[html/man3/EC_GFp_simple_method.html]=man3/EC_GFp_simple_method.pod +DEPEND[man/man3/EC_GFp_simple_method.3]=man3/EC_GFp_simple_method.pod +GENERATE[man/man3/EC_GFp_simple_method.3]=man3/EC_GFp_simple_method.pod +DEPEND[html/man3/EC_GROUP_copy.html]=man3/EC_GROUP_copy.pod +GENERATE[html/man3/EC_GROUP_copy.html]=man3/EC_GROUP_copy.pod +DEPEND[man/man3/EC_GROUP_copy.3]=man3/EC_GROUP_copy.pod +GENERATE[man/man3/EC_GROUP_copy.3]=man3/EC_GROUP_copy.pod +DEPEND[html/man3/EC_GROUP_new.html]=man3/EC_GROUP_new.pod +GENERATE[html/man3/EC_GROUP_new.html]=man3/EC_GROUP_new.pod +DEPEND[man/man3/EC_GROUP_new.3]=man3/EC_GROUP_new.pod +GENERATE[man/man3/EC_GROUP_new.3]=man3/EC_GROUP_new.pod +DEPEND[html/man3/EC_KEY_get_enc_flags.html]=man3/EC_KEY_get_enc_flags.pod +GENERATE[html/man3/EC_KEY_get_enc_flags.html]=man3/EC_KEY_get_enc_flags.pod +DEPEND[man/man3/EC_KEY_get_enc_flags.3]=man3/EC_KEY_get_enc_flags.pod +GENERATE[man/man3/EC_KEY_get_enc_flags.3]=man3/EC_KEY_get_enc_flags.pod +DEPEND[html/man3/EC_KEY_new.html]=man3/EC_KEY_new.pod +GENERATE[html/man3/EC_KEY_new.html]=man3/EC_KEY_new.pod +DEPEND[man/man3/EC_KEY_new.3]=man3/EC_KEY_new.pod +GENERATE[man/man3/EC_KEY_new.3]=man3/EC_KEY_new.pod +DEPEND[html/man3/EC_POINT_add.html]=man3/EC_POINT_add.pod +GENERATE[html/man3/EC_POINT_add.html]=man3/EC_POINT_add.pod +DEPEND[man/man3/EC_POINT_add.3]=man3/EC_POINT_add.pod +GENERATE[man/man3/EC_POINT_add.3]=man3/EC_POINT_add.pod +DEPEND[html/man3/EC_POINT_new.html]=man3/EC_POINT_new.pod +GENERATE[html/man3/EC_POINT_new.html]=man3/EC_POINT_new.pod +DEPEND[man/man3/EC_POINT_new.3]=man3/EC_POINT_new.pod +GENERATE[man/man3/EC_POINT_new.3]=man3/EC_POINT_new.pod +DEPEND[html/man3/ENGINE_add.html]=man3/ENGINE_add.pod +GENERATE[html/man3/ENGINE_add.html]=man3/ENGINE_add.pod +DEPEND[man/man3/ENGINE_add.3]=man3/ENGINE_add.pod +GENERATE[man/man3/ENGINE_add.3]=man3/ENGINE_add.pod +DEPEND[html/man3/ERR_GET_LIB.html]=man3/ERR_GET_LIB.pod +GENERATE[html/man3/ERR_GET_LIB.html]=man3/ERR_GET_LIB.pod +DEPEND[man/man3/ERR_GET_LIB.3]=man3/ERR_GET_LIB.pod +GENERATE[man/man3/ERR_GET_LIB.3]=man3/ERR_GET_LIB.pod +DEPEND[html/man3/ERR_clear_error.html]=man3/ERR_clear_error.pod +GENERATE[html/man3/ERR_clear_error.html]=man3/ERR_clear_error.pod +DEPEND[man/man3/ERR_clear_error.3]=man3/ERR_clear_error.pod +GENERATE[man/man3/ERR_clear_error.3]=man3/ERR_clear_error.pod +DEPEND[html/man3/ERR_error_string.html]=man3/ERR_error_string.pod +GENERATE[html/man3/ERR_error_string.html]=man3/ERR_error_string.pod +DEPEND[man/man3/ERR_error_string.3]=man3/ERR_error_string.pod +GENERATE[man/man3/ERR_error_string.3]=man3/ERR_error_string.pod +DEPEND[html/man3/ERR_get_error.html]=man3/ERR_get_error.pod +GENERATE[html/man3/ERR_get_error.html]=man3/ERR_get_error.pod +DEPEND[man/man3/ERR_get_error.3]=man3/ERR_get_error.pod +GENERATE[man/man3/ERR_get_error.3]=man3/ERR_get_error.pod +DEPEND[html/man3/ERR_load_crypto_strings.html]=man3/ERR_load_crypto_strings.pod +GENERATE[html/man3/ERR_load_crypto_strings.html]=man3/ERR_load_crypto_strings.pod +DEPEND[man/man3/ERR_load_crypto_strings.3]=man3/ERR_load_crypto_strings.pod +GENERATE[man/man3/ERR_load_crypto_strings.3]=man3/ERR_load_crypto_strings.pod +DEPEND[html/man3/ERR_load_strings.html]=man3/ERR_load_strings.pod +GENERATE[html/man3/ERR_load_strings.html]=man3/ERR_load_strings.pod +DEPEND[man/man3/ERR_load_strings.3]=man3/ERR_load_strings.pod +GENERATE[man/man3/ERR_load_strings.3]=man3/ERR_load_strings.pod +DEPEND[html/man3/ERR_new.html]=man3/ERR_new.pod +GENERATE[html/man3/ERR_new.html]=man3/ERR_new.pod +DEPEND[man/man3/ERR_new.3]=man3/ERR_new.pod +GENERATE[man/man3/ERR_new.3]=man3/ERR_new.pod +DEPEND[html/man3/ERR_print_errors.html]=man3/ERR_print_errors.pod +GENERATE[html/man3/ERR_print_errors.html]=man3/ERR_print_errors.pod +DEPEND[man/man3/ERR_print_errors.3]=man3/ERR_print_errors.pod +GENERATE[man/man3/ERR_print_errors.3]=man3/ERR_print_errors.pod +DEPEND[html/man3/ERR_put_error.html]=man3/ERR_put_error.pod +GENERATE[html/man3/ERR_put_error.html]=man3/ERR_put_error.pod +DEPEND[man/man3/ERR_put_error.3]=man3/ERR_put_error.pod +GENERATE[man/man3/ERR_put_error.3]=man3/ERR_put_error.pod +DEPEND[html/man3/ERR_remove_state.html]=man3/ERR_remove_state.pod +GENERATE[html/man3/ERR_remove_state.html]=man3/ERR_remove_state.pod +DEPEND[man/man3/ERR_remove_state.3]=man3/ERR_remove_state.pod +GENERATE[man/man3/ERR_remove_state.3]=man3/ERR_remove_state.pod +DEPEND[html/man3/ERR_set_mark.html]=man3/ERR_set_mark.pod +GENERATE[html/man3/ERR_set_mark.html]=man3/ERR_set_mark.pod +DEPEND[man/man3/ERR_set_mark.3]=man3/ERR_set_mark.pod +GENERATE[man/man3/ERR_set_mark.3]=man3/ERR_set_mark.pod +DEPEND[html/man3/EVP_ASYM_CIPHER_free.html]=man3/EVP_ASYM_CIPHER_free.pod +GENERATE[html/man3/EVP_ASYM_CIPHER_free.html]=man3/EVP_ASYM_CIPHER_free.pod +DEPEND[man/man3/EVP_ASYM_CIPHER_free.3]=man3/EVP_ASYM_CIPHER_free.pod +GENERATE[man/man3/EVP_ASYM_CIPHER_free.3]=man3/EVP_ASYM_CIPHER_free.pod +DEPEND[html/man3/EVP_BytesToKey.html]=man3/EVP_BytesToKey.pod +GENERATE[html/man3/EVP_BytesToKey.html]=man3/EVP_BytesToKey.pod +DEPEND[man/man3/EVP_BytesToKey.3]=man3/EVP_BytesToKey.pod +GENERATE[man/man3/EVP_BytesToKey.3]=man3/EVP_BytesToKey.pod +DEPEND[html/man3/EVP_CIPHER_CTX_get_cipher_data.html]=man3/EVP_CIPHER_CTX_get_cipher_data.pod +GENERATE[html/man3/EVP_CIPHER_CTX_get_cipher_data.html]=man3/EVP_CIPHER_CTX_get_cipher_data.pod +DEPEND[man/man3/EVP_CIPHER_CTX_get_cipher_data.3]=man3/EVP_CIPHER_CTX_get_cipher_data.pod +GENERATE[man/man3/EVP_CIPHER_CTX_get_cipher_data.3]=man3/EVP_CIPHER_CTX_get_cipher_data.pod +DEPEND[html/man3/EVP_CIPHER_CTX_get_original_iv.html]=man3/EVP_CIPHER_CTX_get_original_iv.pod +GENERATE[html/man3/EVP_CIPHER_CTX_get_original_iv.html]=man3/EVP_CIPHER_CTX_get_original_iv.pod +DEPEND[man/man3/EVP_CIPHER_CTX_get_original_iv.3]=man3/EVP_CIPHER_CTX_get_original_iv.pod +GENERATE[man/man3/EVP_CIPHER_CTX_get_original_iv.3]=man3/EVP_CIPHER_CTX_get_original_iv.pod +DEPEND[html/man3/EVP_CIPHER_meth_new.html]=man3/EVP_CIPHER_meth_new.pod +GENERATE[html/man3/EVP_CIPHER_meth_new.html]=man3/EVP_CIPHER_meth_new.pod +DEPEND[man/man3/EVP_CIPHER_meth_new.3]=man3/EVP_CIPHER_meth_new.pod +GENERATE[man/man3/EVP_CIPHER_meth_new.3]=man3/EVP_CIPHER_meth_new.pod +DEPEND[html/man3/EVP_DigestInit.html]=man3/EVP_DigestInit.pod +GENERATE[html/man3/EVP_DigestInit.html]=man3/EVP_DigestInit.pod +DEPEND[man/man3/EVP_DigestInit.3]=man3/EVP_DigestInit.pod +GENERATE[man/man3/EVP_DigestInit.3]=man3/EVP_DigestInit.pod +DEPEND[html/man3/EVP_DigestSignInit.html]=man3/EVP_DigestSignInit.pod +GENERATE[html/man3/EVP_DigestSignInit.html]=man3/EVP_DigestSignInit.pod +DEPEND[man/man3/EVP_DigestSignInit.3]=man3/EVP_DigestSignInit.pod +GENERATE[man/man3/EVP_DigestSignInit.3]=man3/EVP_DigestSignInit.pod +DEPEND[html/man3/EVP_DigestVerifyInit.html]=man3/EVP_DigestVerifyInit.pod +GENERATE[html/man3/EVP_DigestVerifyInit.html]=man3/EVP_DigestVerifyInit.pod +DEPEND[man/man3/EVP_DigestVerifyInit.3]=man3/EVP_DigestVerifyInit.pod +GENERATE[man/man3/EVP_DigestVerifyInit.3]=man3/EVP_DigestVerifyInit.pod +DEPEND[html/man3/EVP_EncodeInit.html]=man3/EVP_EncodeInit.pod +GENERATE[html/man3/EVP_EncodeInit.html]=man3/EVP_EncodeInit.pod +DEPEND[man/man3/EVP_EncodeInit.3]=man3/EVP_EncodeInit.pod +GENERATE[man/man3/EVP_EncodeInit.3]=man3/EVP_EncodeInit.pod +DEPEND[html/man3/EVP_EncryptInit.html]=man3/EVP_EncryptInit.pod +GENERATE[html/man3/EVP_EncryptInit.html]=man3/EVP_EncryptInit.pod +DEPEND[man/man3/EVP_EncryptInit.3]=man3/EVP_EncryptInit.pod +GENERATE[man/man3/EVP_EncryptInit.3]=man3/EVP_EncryptInit.pod +DEPEND[html/man3/EVP_KDF.html]=man3/EVP_KDF.pod +GENERATE[html/man3/EVP_KDF.html]=man3/EVP_KDF.pod +DEPEND[man/man3/EVP_KDF.3]=man3/EVP_KDF.pod +GENERATE[man/man3/EVP_KDF.3]=man3/EVP_KDF.pod +DEPEND[html/man3/EVP_KEM_free.html]=man3/EVP_KEM_free.pod +GENERATE[html/man3/EVP_KEM_free.html]=man3/EVP_KEM_free.pod +DEPEND[man/man3/EVP_KEM_free.3]=man3/EVP_KEM_free.pod +GENERATE[man/man3/EVP_KEM_free.3]=man3/EVP_KEM_free.pod +DEPEND[html/man3/EVP_KEYEXCH_free.html]=man3/EVP_KEYEXCH_free.pod +GENERATE[html/man3/EVP_KEYEXCH_free.html]=man3/EVP_KEYEXCH_free.pod +DEPEND[man/man3/EVP_KEYEXCH_free.3]=man3/EVP_KEYEXCH_free.pod +GENERATE[man/man3/EVP_KEYEXCH_free.3]=man3/EVP_KEYEXCH_free.pod +DEPEND[html/man3/EVP_KEYMGMT.html]=man3/EVP_KEYMGMT.pod +GENERATE[html/man3/EVP_KEYMGMT.html]=man3/EVP_KEYMGMT.pod +DEPEND[man/man3/EVP_KEYMGMT.3]=man3/EVP_KEYMGMT.pod +GENERATE[man/man3/EVP_KEYMGMT.3]=man3/EVP_KEYMGMT.pod +DEPEND[html/man3/EVP_MAC.html]=man3/EVP_MAC.pod +GENERATE[html/man3/EVP_MAC.html]=man3/EVP_MAC.pod +DEPEND[man/man3/EVP_MAC.3]=man3/EVP_MAC.pod +GENERATE[man/man3/EVP_MAC.3]=man3/EVP_MAC.pod +DEPEND[html/man3/EVP_MD_meth_new.html]=man3/EVP_MD_meth_new.pod +GENERATE[html/man3/EVP_MD_meth_new.html]=man3/EVP_MD_meth_new.pod +DEPEND[man/man3/EVP_MD_meth_new.3]=man3/EVP_MD_meth_new.pod +GENERATE[man/man3/EVP_MD_meth_new.3]=man3/EVP_MD_meth_new.pod +DEPEND[html/man3/EVP_OpenInit.html]=man3/EVP_OpenInit.pod +GENERATE[html/man3/EVP_OpenInit.html]=man3/EVP_OpenInit.pod +DEPEND[man/man3/EVP_OpenInit.3]=man3/EVP_OpenInit.pod +GENERATE[man/man3/EVP_OpenInit.3]=man3/EVP_OpenInit.pod +DEPEND[html/man3/EVP_PBE_CipherInit.html]=man3/EVP_PBE_CipherInit.pod +GENERATE[html/man3/EVP_PBE_CipherInit.html]=man3/EVP_PBE_CipherInit.pod +DEPEND[man/man3/EVP_PBE_CipherInit.3]=man3/EVP_PBE_CipherInit.pod +GENERATE[man/man3/EVP_PBE_CipherInit.3]=man3/EVP_PBE_CipherInit.pod +DEPEND[html/man3/EVP_PKEY2PKCS8.html]=man3/EVP_PKEY2PKCS8.pod +GENERATE[html/man3/EVP_PKEY2PKCS8.html]=man3/EVP_PKEY2PKCS8.pod +DEPEND[man/man3/EVP_PKEY2PKCS8.3]=man3/EVP_PKEY2PKCS8.pod +GENERATE[man/man3/EVP_PKEY2PKCS8.3]=man3/EVP_PKEY2PKCS8.pod +DEPEND[html/man3/EVP_PKEY_ASN1_METHOD.html]=man3/EVP_PKEY_ASN1_METHOD.pod +GENERATE[html/man3/EVP_PKEY_ASN1_METHOD.html]=man3/EVP_PKEY_ASN1_METHOD.pod +DEPEND[man/man3/EVP_PKEY_ASN1_METHOD.3]=man3/EVP_PKEY_ASN1_METHOD.pod +GENERATE[man/man3/EVP_PKEY_ASN1_METHOD.3]=man3/EVP_PKEY_ASN1_METHOD.pod +DEPEND[html/man3/EVP_PKEY_CTX_ctrl.html]=man3/EVP_PKEY_CTX_ctrl.pod +GENERATE[html/man3/EVP_PKEY_CTX_ctrl.html]=man3/EVP_PKEY_CTX_ctrl.pod +DEPEND[man/man3/EVP_PKEY_CTX_ctrl.3]=man3/EVP_PKEY_CTX_ctrl.pod +GENERATE[man/man3/EVP_PKEY_CTX_ctrl.3]=man3/EVP_PKEY_CTX_ctrl.pod +DEPEND[html/man3/EVP_PKEY_CTX_get0_libctx.html]=man3/EVP_PKEY_CTX_get0_libctx.pod +GENERATE[html/man3/EVP_PKEY_CTX_get0_libctx.html]=man3/EVP_PKEY_CTX_get0_libctx.pod +DEPEND[man/man3/EVP_PKEY_CTX_get0_libctx.3]=man3/EVP_PKEY_CTX_get0_libctx.pod +GENERATE[man/man3/EVP_PKEY_CTX_get0_libctx.3]=man3/EVP_PKEY_CTX_get0_libctx.pod +DEPEND[html/man3/EVP_PKEY_CTX_get0_pkey.html]=man3/EVP_PKEY_CTX_get0_pkey.pod +GENERATE[html/man3/EVP_PKEY_CTX_get0_pkey.html]=man3/EVP_PKEY_CTX_get0_pkey.pod +DEPEND[man/man3/EVP_PKEY_CTX_get0_pkey.3]=man3/EVP_PKEY_CTX_get0_pkey.pod +GENERATE[man/man3/EVP_PKEY_CTX_get0_pkey.3]=man3/EVP_PKEY_CTX_get0_pkey.pod +DEPEND[html/man3/EVP_PKEY_CTX_new.html]=man3/EVP_PKEY_CTX_new.pod +GENERATE[html/man3/EVP_PKEY_CTX_new.html]=man3/EVP_PKEY_CTX_new.pod +DEPEND[man/man3/EVP_PKEY_CTX_new.3]=man3/EVP_PKEY_CTX_new.pod +GENERATE[man/man3/EVP_PKEY_CTX_new.3]=man3/EVP_PKEY_CTX_new.pod +DEPEND[html/man3/EVP_PKEY_CTX_set1_pbe_pass.html]=man3/EVP_PKEY_CTX_set1_pbe_pass.pod +GENERATE[html/man3/EVP_PKEY_CTX_set1_pbe_pass.html]=man3/EVP_PKEY_CTX_set1_pbe_pass.pod +DEPEND[man/man3/EVP_PKEY_CTX_set1_pbe_pass.3]=man3/EVP_PKEY_CTX_set1_pbe_pass.pod +GENERATE[man/man3/EVP_PKEY_CTX_set1_pbe_pass.3]=man3/EVP_PKEY_CTX_set1_pbe_pass.pod +DEPEND[html/man3/EVP_PKEY_CTX_set_hkdf_md.html]=man3/EVP_PKEY_CTX_set_hkdf_md.pod +GENERATE[html/man3/EVP_PKEY_CTX_set_hkdf_md.html]=man3/EVP_PKEY_CTX_set_hkdf_md.pod +DEPEND[man/man3/EVP_PKEY_CTX_set_hkdf_md.3]=man3/EVP_PKEY_CTX_set_hkdf_md.pod +GENERATE[man/man3/EVP_PKEY_CTX_set_hkdf_md.3]=man3/EVP_PKEY_CTX_set_hkdf_md.pod +DEPEND[html/man3/EVP_PKEY_CTX_set_params.html]=man3/EVP_PKEY_CTX_set_params.pod +GENERATE[html/man3/EVP_PKEY_CTX_set_params.html]=man3/EVP_PKEY_CTX_set_params.pod +DEPEND[man/man3/EVP_PKEY_CTX_set_params.3]=man3/EVP_PKEY_CTX_set_params.pod +GENERATE[man/man3/EVP_PKEY_CTX_set_params.3]=man3/EVP_PKEY_CTX_set_params.pod +DEPEND[html/man3/EVP_PKEY_CTX_set_rsa_pss_keygen_md.html]=man3/EVP_PKEY_CTX_set_rsa_pss_keygen_md.pod +GENERATE[html/man3/EVP_PKEY_CTX_set_rsa_pss_keygen_md.html]=man3/EVP_PKEY_CTX_set_rsa_pss_keygen_md.pod +DEPEND[man/man3/EVP_PKEY_CTX_set_rsa_pss_keygen_md.3]=man3/EVP_PKEY_CTX_set_rsa_pss_keygen_md.pod +GENERATE[man/man3/EVP_PKEY_CTX_set_rsa_pss_keygen_md.3]=man3/EVP_PKEY_CTX_set_rsa_pss_keygen_md.pod +DEPEND[html/man3/EVP_PKEY_CTX_set_scrypt_N.html]=man3/EVP_PKEY_CTX_set_scrypt_N.pod +GENERATE[html/man3/EVP_PKEY_CTX_set_scrypt_N.html]=man3/EVP_PKEY_CTX_set_scrypt_N.pod +DEPEND[man/man3/EVP_PKEY_CTX_set_scrypt_N.3]=man3/EVP_PKEY_CTX_set_scrypt_N.pod +GENERATE[man/man3/EVP_PKEY_CTX_set_scrypt_N.3]=man3/EVP_PKEY_CTX_set_scrypt_N.pod +DEPEND[html/man3/EVP_PKEY_CTX_set_tls1_prf_md.html]=man3/EVP_PKEY_CTX_set_tls1_prf_md.pod +GENERATE[html/man3/EVP_PKEY_CTX_set_tls1_prf_md.html]=man3/EVP_PKEY_CTX_set_tls1_prf_md.pod +DEPEND[man/man3/EVP_PKEY_CTX_set_tls1_prf_md.3]=man3/EVP_PKEY_CTX_set_tls1_prf_md.pod +GENERATE[man/man3/EVP_PKEY_CTX_set_tls1_prf_md.3]=man3/EVP_PKEY_CTX_set_tls1_prf_md.pod +DEPEND[html/man3/EVP_PKEY_asn1_get_count.html]=man3/EVP_PKEY_asn1_get_count.pod +GENERATE[html/man3/EVP_PKEY_asn1_get_count.html]=man3/EVP_PKEY_asn1_get_count.pod +DEPEND[man/man3/EVP_PKEY_asn1_get_count.3]=man3/EVP_PKEY_asn1_get_count.pod +GENERATE[man/man3/EVP_PKEY_asn1_get_count.3]=man3/EVP_PKEY_asn1_get_count.pod +DEPEND[html/man3/EVP_PKEY_check.html]=man3/EVP_PKEY_check.pod +GENERATE[html/man3/EVP_PKEY_check.html]=man3/EVP_PKEY_check.pod +DEPEND[man/man3/EVP_PKEY_check.3]=man3/EVP_PKEY_check.pod +GENERATE[man/man3/EVP_PKEY_check.3]=man3/EVP_PKEY_check.pod +DEPEND[html/man3/EVP_PKEY_copy_parameters.html]=man3/EVP_PKEY_copy_parameters.pod +GENERATE[html/man3/EVP_PKEY_copy_parameters.html]=man3/EVP_PKEY_copy_parameters.pod +DEPEND[man/man3/EVP_PKEY_copy_parameters.3]=man3/EVP_PKEY_copy_parameters.pod +GENERATE[man/man3/EVP_PKEY_copy_parameters.3]=man3/EVP_PKEY_copy_parameters.pod +DEPEND[html/man3/EVP_PKEY_decapsulate.html]=man3/EVP_PKEY_decapsulate.pod +GENERATE[html/man3/EVP_PKEY_decapsulate.html]=man3/EVP_PKEY_decapsulate.pod +DEPEND[man/man3/EVP_PKEY_decapsulate.3]=man3/EVP_PKEY_decapsulate.pod +GENERATE[man/man3/EVP_PKEY_decapsulate.3]=man3/EVP_PKEY_decapsulate.pod +DEPEND[html/man3/EVP_PKEY_decrypt.html]=man3/EVP_PKEY_decrypt.pod +GENERATE[html/man3/EVP_PKEY_decrypt.html]=man3/EVP_PKEY_decrypt.pod +DEPEND[man/man3/EVP_PKEY_decrypt.3]=man3/EVP_PKEY_decrypt.pod +GENERATE[man/man3/EVP_PKEY_decrypt.3]=man3/EVP_PKEY_decrypt.pod +DEPEND[html/man3/EVP_PKEY_derive.html]=man3/EVP_PKEY_derive.pod +GENERATE[html/man3/EVP_PKEY_derive.html]=man3/EVP_PKEY_derive.pod +DEPEND[man/man3/EVP_PKEY_derive.3]=man3/EVP_PKEY_derive.pod +GENERATE[man/man3/EVP_PKEY_derive.3]=man3/EVP_PKEY_derive.pod +DEPEND[html/man3/EVP_PKEY_digestsign_supports_digest.html]=man3/EVP_PKEY_digestsign_supports_digest.pod +GENERATE[html/man3/EVP_PKEY_digestsign_supports_digest.html]=man3/EVP_PKEY_digestsign_supports_digest.pod +DEPEND[man/man3/EVP_PKEY_digestsign_supports_digest.3]=man3/EVP_PKEY_digestsign_supports_digest.pod +GENERATE[man/man3/EVP_PKEY_digestsign_supports_digest.3]=man3/EVP_PKEY_digestsign_supports_digest.pod +DEPEND[html/man3/EVP_PKEY_encapsulate.html]=man3/EVP_PKEY_encapsulate.pod +GENERATE[html/man3/EVP_PKEY_encapsulate.html]=man3/EVP_PKEY_encapsulate.pod +DEPEND[man/man3/EVP_PKEY_encapsulate.3]=man3/EVP_PKEY_encapsulate.pod +GENERATE[man/man3/EVP_PKEY_encapsulate.3]=man3/EVP_PKEY_encapsulate.pod +DEPEND[html/man3/EVP_PKEY_encrypt.html]=man3/EVP_PKEY_encrypt.pod +GENERATE[html/man3/EVP_PKEY_encrypt.html]=man3/EVP_PKEY_encrypt.pod +DEPEND[man/man3/EVP_PKEY_encrypt.3]=man3/EVP_PKEY_encrypt.pod +GENERATE[man/man3/EVP_PKEY_encrypt.3]=man3/EVP_PKEY_encrypt.pod +DEPEND[html/man3/EVP_PKEY_fromdata.html]=man3/EVP_PKEY_fromdata.pod +GENERATE[html/man3/EVP_PKEY_fromdata.html]=man3/EVP_PKEY_fromdata.pod +DEPEND[man/man3/EVP_PKEY_fromdata.3]=man3/EVP_PKEY_fromdata.pod +GENERATE[man/man3/EVP_PKEY_fromdata.3]=man3/EVP_PKEY_fromdata.pod +DEPEND[html/man3/EVP_PKEY_get_attr.html]=man3/EVP_PKEY_get_attr.pod +GENERATE[html/man3/EVP_PKEY_get_attr.html]=man3/EVP_PKEY_get_attr.pod +DEPEND[man/man3/EVP_PKEY_get_attr.3]=man3/EVP_PKEY_get_attr.pod +GENERATE[man/man3/EVP_PKEY_get_attr.3]=man3/EVP_PKEY_get_attr.pod +DEPEND[html/man3/EVP_PKEY_get_default_digest_nid.html]=man3/EVP_PKEY_get_default_digest_nid.pod +GENERATE[html/man3/EVP_PKEY_get_default_digest_nid.html]=man3/EVP_PKEY_get_default_digest_nid.pod +DEPEND[man/man3/EVP_PKEY_get_default_digest_nid.3]=man3/EVP_PKEY_get_default_digest_nid.pod +GENERATE[man/man3/EVP_PKEY_get_default_digest_nid.3]=man3/EVP_PKEY_get_default_digest_nid.pod +DEPEND[html/man3/EVP_PKEY_get_field_type.html]=man3/EVP_PKEY_get_field_type.pod +GENERATE[html/man3/EVP_PKEY_get_field_type.html]=man3/EVP_PKEY_get_field_type.pod +DEPEND[man/man3/EVP_PKEY_get_field_type.3]=man3/EVP_PKEY_get_field_type.pod +GENERATE[man/man3/EVP_PKEY_get_field_type.3]=man3/EVP_PKEY_get_field_type.pod +DEPEND[html/man3/EVP_PKEY_get_group_name.html]=man3/EVP_PKEY_get_group_name.pod +GENERATE[html/man3/EVP_PKEY_get_group_name.html]=man3/EVP_PKEY_get_group_name.pod +DEPEND[man/man3/EVP_PKEY_get_group_name.3]=man3/EVP_PKEY_get_group_name.pod +GENERATE[man/man3/EVP_PKEY_get_group_name.3]=man3/EVP_PKEY_get_group_name.pod +DEPEND[html/man3/EVP_PKEY_get_size.html]=man3/EVP_PKEY_get_size.pod +GENERATE[html/man3/EVP_PKEY_get_size.html]=man3/EVP_PKEY_get_size.pod +DEPEND[man/man3/EVP_PKEY_get_size.3]=man3/EVP_PKEY_get_size.pod +GENERATE[man/man3/EVP_PKEY_get_size.3]=man3/EVP_PKEY_get_size.pod +DEPEND[html/man3/EVP_PKEY_gettable_params.html]=man3/EVP_PKEY_gettable_params.pod +GENERATE[html/man3/EVP_PKEY_gettable_params.html]=man3/EVP_PKEY_gettable_params.pod +DEPEND[man/man3/EVP_PKEY_gettable_params.3]=man3/EVP_PKEY_gettable_params.pod +GENERATE[man/man3/EVP_PKEY_gettable_params.3]=man3/EVP_PKEY_gettable_params.pod +DEPEND[html/man3/EVP_PKEY_is_a.html]=man3/EVP_PKEY_is_a.pod +GENERATE[html/man3/EVP_PKEY_is_a.html]=man3/EVP_PKEY_is_a.pod +DEPEND[man/man3/EVP_PKEY_is_a.3]=man3/EVP_PKEY_is_a.pod +GENERATE[man/man3/EVP_PKEY_is_a.3]=man3/EVP_PKEY_is_a.pod +DEPEND[html/man3/EVP_PKEY_keygen.html]=man3/EVP_PKEY_keygen.pod +GENERATE[html/man3/EVP_PKEY_keygen.html]=man3/EVP_PKEY_keygen.pod +DEPEND[man/man3/EVP_PKEY_keygen.3]=man3/EVP_PKEY_keygen.pod +GENERATE[man/man3/EVP_PKEY_keygen.3]=man3/EVP_PKEY_keygen.pod +DEPEND[html/man3/EVP_PKEY_meth_get_count.html]=man3/EVP_PKEY_meth_get_count.pod +GENERATE[html/man3/EVP_PKEY_meth_get_count.html]=man3/EVP_PKEY_meth_get_count.pod +DEPEND[man/man3/EVP_PKEY_meth_get_count.3]=man3/EVP_PKEY_meth_get_count.pod +GENERATE[man/man3/EVP_PKEY_meth_get_count.3]=man3/EVP_PKEY_meth_get_count.pod +DEPEND[html/man3/EVP_PKEY_meth_new.html]=man3/EVP_PKEY_meth_new.pod +GENERATE[html/man3/EVP_PKEY_meth_new.html]=man3/EVP_PKEY_meth_new.pod +DEPEND[man/man3/EVP_PKEY_meth_new.3]=man3/EVP_PKEY_meth_new.pod +GENERATE[man/man3/EVP_PKEY_meth_new.3]=man3/EVP_PKEY_meth_new.pod +DEPEND[html/man3/EVP_PKEY_new.html]=man3/EVP_PKEY_new.pod +GENERATE[html/man3/EVP_PKEY_new.html]=man3/EVP_PKEY_new.pod +DEPEND[man/man3/EVP_PKEY_new.3]=man3/EVP_PKEY_new.pod +GENERATE[man/man3/EVP_PKEY_new.3]=man3/EVP_PKEY_new.pod +DEPEND[html/man3/EVP_PKEY_print_private.html]=man3/EVP_PKEY_print_private.pod +GENERATE[html/man3/EVP_PKEY_print_private.html]=man3/EVP_PKEY_print_private.pod +DEPEND[man/man3/EVP_PKEY_print_private.3]=man3/EVP_PKEY_print_private.pod +GENERATE[man/man3/EVP_PKEY_print_private.3]=man3/EVP_PKEY_print_private.pod +DEPEND[html/man3/EVP_PKEY_set1_RSA.html]=man3/EVP_PKEY_set1_RSA.pod +GENERATE[html/man3/EVP_PKEY_set1_RSA.html]=man3/EVP_PKEY_set1_RSA.pod +DEPEND[man/man3/EVP_PKEY_set1_RSA.3]=man3/EVP_PKEY_set1_RSA.pod +GENERATE[man/man3/EVP_PKEY_set1_RSA.3]=man3/EVP_PKEY_set1_RSA.pod +DEPEND[html/man3/EVP_PKEY_set1_encoded_public_key.html]=man3/EVP_PKEY_set1_encoded_public_key.pod +GENERATE[html/man3/EVP_PKEY_set1_encoded_public_key.html]=man3/EVP_PKEY_set1_encoded_public_key.pod +DEPEND[man/man3/EVP_PKEY_set1_encoded_public_key.3]=man3/EVP_PKEY_set1_encoded_public_key.pod +GENERATE[man/man3/EVP_PKEY_set1_encoded_public_key.3]=man3/EVP_PKEY_set1_encoded_public_key.pod +DEPEND[html/man3/EVP_PKEY_set_type.html]=man3/EVP_PKEY_set_type.pod +GENERATE[html/man3/EVP_PKEY_set_type.html]=man3/EVP_PKEY_set_type.pod +DEPEND[man/man3/EVP_PKEY_set_type.3]=man3/EVP_PKEY_set_type.pod +GENERATE[man/man3/EVP_PKEY_set_type.3]=man3/EVP_PKEY_set_type.pod +DEPEND[html/man3/EVP_PKEY_settable_params.html]=man3/EVP_PKEY_settable_params.pod +GENERATE[html/man3/EVP_PKEY_settable_params.html]=man3/EVP_PKEY_settable_params.pod +DEPEND[man/man3/EVP_PKEY_settable_params.3]=man3/EVP_PKEY_settable_params.pod +GENERATE[man/man3/EVP_PKEY_settable_params.3]=man3/EVP_PKEY_settable_params.pod +DEPEND[html/man3/EVP_PKEY_sign.html]=man3/EVP_PKEY_sign.pod +GENERATE[html/man3/EVP_PKEY_sign.html]=man3/EVP_PKEY_sign.pod +DEPEND[man/man3/EVP_PKEY_sign.3]=man3/EVP_PKEY_sign.pod +GENERATE[man/man3/EVP_PKEY_sign.3]=man3/EVP_PKEY_sign.pod +DEPEND[html/man3/EVP_PKEY_todata.html]=man3/EVP_PKEY_todata.pod +GENERATE[html/man3/EVP_PKEY_todata.html]=man3/EVP_PKEY_todata.pod +DEPEND[man/man3/EVP_PKEY_todata.3]=man3/EVP_PKEY_todata.pod +GENERATE[man/man3/EVP_PKEY_todata.3]=man3/EVP_PKEY_todata.pod +DEPEND[html/man3/EVP_PKEY_verify.html]=man3/EVP_PKEY_verify.pod +GENERATE[html/man3/EVP_PKEY_verify.html]=man3/EVP_PKEY_verify.pod +DEPEND[man/man3/EVP_PKEY_verify.3]=man3/EVP_PKEY_verify.pod +GENERATE[man/man3/EVP_PKEY_verify.3]=man3/EVP_PKEY_verify.pod +DEPEND[html/man3/EVP_PKEY_verify_recover.html]=man3/EVP_PKEY_verify_recover.pod +GENERATE[html/man3/EVP_PKEY_verify_recover.html]=man3/EVP_PKEY_verify_recover.pod +DEPEND[man/man3/EVP_PKEY_verify_recover.3]=man3/EVP_PKEY_verify_recover.pod +GENERATE[man/man3/EVP_PKEY_verify_recover.3]=man3/EVP_PKEY_verify_recover.pod +DEPEND[html/man3/EVP_RAND.html]=man3/EVP_RAND.pod +GENERATE[html/man3/EVP_RAND.html]=man3/EVP_RAND.pod +DEPEND[man/man3/EVP_RAND.3]=man3/EVP_RAND.pod +GENERATE[man/man3/EVP_RAND.3]=man3/EVP_RAND.pod +DEPEND[html/man3/EVP_SIGNATURE.html]=man3/EVP_SIGNATURE.pod +GENERATE[html/man3/EVP_SIGNATURE.html]=man3/EVP_SIGNATURE.pod +DEPEND[man/man3/EVP_SIGNATURE.3]=man3/EVP_SIGNATURE.pod +GENERATE[man/man3/EVP_SIGNATURE.3]=man3/EVP_SIGNATURE.pod +DEPEND[html/man3/EVP_SealInit.html]=man3/EVP_SealInit.pod +GENERATE[html/man3/EVP_SealInit.html]=man3/EVP_SealInit.pod +DEPEND[man/man3/EVP_SealInit.3]=man3/EVP_SealInit.pod +GENERATE[man/man3/EVP_SealInit.3]=man3/EVP_SealInit.pod +DEPEND[html/man3/EVP_SignInit.html]=man3/EVP_SignInit.pod +GENERATE[html/man3/EVP_SignInit.html]=man3/EVP_SignInit.pod +DEPEND[man/man3/EVP_SignInit.3]=man3/EVP_SignInit.pod +GENERATE[man/man3/EVP_SignInit.3]=man3/EVP_SignInit.pod +DEPEND[html/man3/EVP_VerifyInit.html]=man3/EVP_VerifyInit.pod +GENERATE[html/man3/EVP_VerifyInit.html]=man3/EVP_VerifyInit.pod +DEPEND[man/man3/EVP_VerifyInit.3]=man3/EVP_VerifyInit.pod +GENERATE[man/man3/EVP_VerifyInit.3]=man3/EVP_VerifyInit.pod +DEPEND[html/man3/EVP_aes_128_gcm.html]=man3/EVP_aes_128_gcm.pod +GENERATE[html/man3/EVP_aes_128_gcm.html]=man3/EVP_aes_128_gcm.pod +DEPEND[man/man3/EVP_aes_128_gcm.3]=man3/EVP_aes_128_gcm.pod +GENERATE[man/man3/EVP_aes_128_gcm.3]=man3/EVP_aes_128_gcm.pod +DEPEND[html/man3/EVP_aria_128_gcm.html]=man3/EVP_aria_128_gcm.pod +GENERATE[html/man3/EVP_aria_128_gcm.html]=man3/EVP_aria_128_gcm.pod +DEPEND[man/man3/EVP_aria_128_gcm.3]=man3/EVP_aria_128_gcm.pod +GENERATE[man/man3/EVP_aria_128_gcm.3]=man3/EVP_aria_128_gcm.pod +DEPEND[html/man3/EVP_bf_cbc.html]=man3/EVP_bf_cbc.pod +GENERATE[html/man3/EVP_bf_cbc.html]=man3/EVP_bf_cbc.pod +DEPEND[man/man3/EVP_bf_cbc.3]=man3/EVP_bf_cbc.pod +GENERATE[man/man3/EVP_bf_cbc.3]=man3/EVP_bf_cbc.pod +DEPEND[html/man3/EVP_blake2b512.html]=man3/EVP_blake2b512.pod +GENERATE[html/man3/EVP_blake2b512.html]=man3/EVP_blake2b512.pod +DEPEND[man/man3/EVP_blake2b512.3]=man3/EVP_blake2b512.pod +GENERATE[man/man3/EVP_blake2b512.3]=man3/EVP_blake2b512.pod +DEPEND[html/man3/EVP_camellia_128_ecb.html]=man3/EVP_camellia_128_ecb.pod +GENERATE[html/man3/EVP_camellia_128_ecb.html]=man3/EVP_camellia_128_ecb.pod +DEPEND[man/man3/EVP_camellia_128_ecb.3]=man3/EVP_camellia_128_ecb.pod +GENERATE[man/man3/EVP_camellia_128_ecb.3]=man3/EVP_camellia_128_ecb.pod +DEPEND[html/man3/EVP_cast5_cbc.html]=man3/EVP_cast5_cbc.pod +GENERATE[html/man3/EVP_cast5_cbc.html]=man3/EVP_cast5_cbc.pod +DEPEND[man/man3/EVP_cast5_cbc.3]=man3/EVP_cast5_cbc.pod +GENERATE[man/man3/EVP_cast5_cbc.3]=man3/EVP_cast5_cbc.pod +DEPEND[html/man3/EVP_chacha20.html]=man3/EVP_chacha20.pod +GENERATE[html/man3/EVP_chacha20.html]=man3/EVP_chacha20.pod +DEPEND[man/man3/EVP_chacha20.3]=man3/EVP_chacha20.pod +GENERATE[man/man3/EVP_chacha20.3]=man3/EVP_chacha20.pod +DEPEND[html/man3/EVP_des_cbc.html]=man3/EVP_des_cbc.pod +GENERATE[html/man3/EVP_des_cbc.html]=man3/EVP_des_cbc.pod +DEPEND[man/man3/EVP_des_cbc.3]=man3/EVP_des_cbc.pod +GENERATE[man/man3/EVP_des_cbc.3]=man3/EVP_des_cbc.pod +DEPEND[html/man3/EVP_desx_cbc.html]=man3/EVP_desx_cbc.pod +GENERATE[html/man3/EVP_desx_cbc.html]=man3/EVP_desx_cbc.pod +DEPEND[man/man3/EVP_desx_cbc.3]=man3/EVP_desx_cbc.pod +GENERATE[man/man3/EVP_desx_cbc.3]=man3/EVP_desx_cbc.pod +DEPEND[html/man3/EVP_idea_cbc.html]=man3/EVP_idea_cbc.pod +GENERATE[html/man3/EVP_idea_cbc.html]=man3/EVP_idea_cbc.pod +DEPEND[man/man3/EVP_idea_cbc.3]=man3/EVP_idea_cbc.pod +GENERATE[man/man3/EVP_idea_cbc.3]=man3/EVP_idea_cbc.pod +DEPEND[html/man3/EVP_md2.html]=man3/EVP_md2.pod +GENERATE[html/man3/EVP_md2.html]=man3/EVP_md2.pod +DEPEND[man/man3/EVP_md2.3]=man3/EVP_md2.pod +GENERATE[man/man3/EVP_md2.3]=man3/EVP_md2.pod +DEPEND[html/man3/EVP_md4.html]=man3/EVP_md4.pod +GENERATE[html/man3/EVP_md4.html]=man3/EVP_md4.pod +DEPEND[man/man3/EVP_md4.3]=man3/EVP_md4.pod +GENERATE[man/man3/EVP_md4.3]=man3/EVP_md4.pod +DEPEND[html/man3/EVP_md5.html]=man3/EVP_md5.pod +GENERATE[html/man3/EVP_md5.html]=man3/EVP_md5.pod +DEPEND[man/man3/EVP_md5.3]=man3/EVP_md5.pod +GENERATE[man/man3/EVP_md5.3]=man3/EVP_md5.pod +DEPEND[html/man3/EVP_mdc2.html]=man3/EVP_mdc2.pod +GENERATE[html/man3/EVP_mdc2.html]=man3/EVP_mdc2.pod +DEPEND[man/man3/EVP_mdc2.3]=man3/EVP_mdc2.pod +GENERATE[man/man3/EVP_mdc2.3]=man3/EVP_mdc2.pod +DEPEND[html/man3/EVP_rc2_cbc.html]=man3/EVP_rc2_cbc.pod +GENERATE[html/man3/EVP_rc2_cbc.html]=man3/EVP_rc2_cbc.pod +DEPEND[man/man3/EVP_rc2_cbc.3]=man3/EVP_rc2_cbc.pod +GENERATE[man/man3/EVP_rc2_cbc.3]=man3/EVP_rc2_cbc.pod +DEPEND[html/man3/EVP_rc4.html]=man3/EVP_rc4.pod +GENERATE[html/man3/EVP_rc4.html]=man3/EVP_rc4.pod +DEPEND[man/man3/EVP_rc4.3]=man3/EVP_rc4.pod +GENERATE[man/man3/EVP_rc4.3]=man3/EVP_rc4.pod +DEPEND[html/man3/EVP_rc5_32_12_16_cbc.html]=man3/EVP_rc5_32_12_16_cbc.pod +GENERATE[html/man3/EVP_rc5_32_12_16_cbc.html]=man3/EVP_rc5_32_12_16_cbc.pod +DEPEND[man/man3/EVP_rc5_32_12_16_cbc.3]=man3/EVP_rc5_32_12_16_cbc.pod +GENERATE[man/man3/EVP_rc5_32_12_16_cbc.3]=man3/EVP_rc5_32_12_16_cbc.pod +DEPEND[html/man3/EVP_ripemd160.html]=man3/EVP_ripemd160.pod +GENERATE[html/man3/EVP_ripemd160.html]=man3/EVP_ripemd160.pod +DEPEND[man/man3/EVP_ripemd160.3]=man3/EVP_ripemd160.pod +GENERATE[man/man3/EVP_ripemd160.3]=man3/EVP_ripemd160.pod +DEPEND[html/man3/EVP_seed_cbc.html]=man3/EVP_seed_cbc.pod +GENERATE[html/man3/EVP_seed_cbc.html]=man3/EVP_seed_cbc.pod +DEPEND[man/man3/EVP_seed_cbc.3]=man3/EVP_seed_cbc.pod +GENERATE[man/man3/EVP_seed_cbc.3]=man3/EVP_seed_cbc.pod +DEPEND[html/man3/EVP_set_default_properties.html]=man3/EVP_set_default_properties.pod +GENERATE[html/man3/EVP_set_default_properties.html]=man3/EVP_set_default_properties.pod +DEPEND[man/man3/EVP_set_default_properties.3]=man3/EVP_set_default_properties.pod +GENERATE[man/man3/EVP_set_default_properties.3]=man3/EVP_set_default_properties.pod +DEPEND[html/man3/EVP_sha1.html]=man3/EVP_sha1.pod +GENERATE[html/man3/EVP_sha1.html]=man3/EVP_sha1.pod +DEPEND[man/man3/EVP_sha1.3]=man3/EVP_sha1.pod +GENERATE[man/man3/EVP_sha1.3]=man3/EVP_sha1.pod +DEPEND[html/man3/EVP_sha224.html]=man3/EVP_sha224.pod +GENERATE[html/man3/EVP_sha224.html]=man3/EVP_sha224.pod +DEPEND[man/man3/EVP_sha224.3]=man3/EVP_sha224.pod +GENERATE[man/man3/EVP_sha224.3]=man3/EVP_sha224.pod +DEPEND[html/man3/EVP_sha3_224.html]=man3/EVP_sha3_224.pod +GENERATE[html/man3/EVP_sha3_224.html]=man3/EVP_sha3_224.pod +DEPEND[man/man3/EVP_sha3_224.3]=man3/EVP_sha3_224.pod +GENERATE[man/man3/EVP_sha3_224.3]=man3/EVP_sha3_224.pod +DEPEND[html/man3/EVP_sm3.html]=man3/EVP_sm3.pod +GENERATE[html/man3/EVP_sm3.html]=man3/EVP_sm3.pod +DEPEND[man/man3/EVP_sm3.3]=man3/EVP_sm3.pod +GENERATE[man/man3/EVP_sm3.3]=man3/EVP_sm3.pod +DEPEND[html/man3/EVP_sm4_cbc.html]=man3/EVP_sm4_cbc.pod +GENERATE[html/man3/EVP_sm4_cbc.html]=man3/EVP_sm4_cbc.pod +DEPEND[man/man3/EVP_sm4_cbc.3]=man3/EVP_sm4_cbc.pod +GENERATE[man/man3/EVP_sm4_cbc.3]=man3/EVP_sm4_cbc.pod +DEPEND[html/man3/EVP_whirlpool.html]=man3/EVP_whirlpool.pod +GENERATE[html/man3/EVP_whirlpool.html]=man3/EVP_whirlpool.pod +DEPEND[man/man3/EVP_whirlpool.3]=man3/EVP_whirlpool.pod +GENERATE[man/man3/EVP_whirlpool.3]=man3/EVP_whirlpool.pod +DEPEND[html/man3/HMAC.html]=man3/HMAC.pod +GENERATE[html/man3/HMAC.html]=man3/HMAC.pod +DEPEND[man/man3/HMAC.3]=man3/HMAC.pod +GENERATE[man/man3/HMAC.3]=man3/HMAC.pod +DEPEND[html/man3/MD5.html]=man3/MD5.pod +GENERATE[html/man3/MD5.html]=man3/MD5.pod +DEPEND[man/man3/MD5.3]=man3/MD5.pod +GENERATE[man/man3/MD5.3]=man3/MD5.pod +DEPEND[html/man3/MDC2_Init.html]=man3/MDC2_Init.pod +GENERATE[html/man3/MDC2_Init.html]=man3/MDC2_Init.pod +DEPEND[man/man3/MDC2_Init.3]=man3/MDC2_Init.pod +GENERATE[man/man3/MDC2_Init.3]=man3/MDC2_Init.pod +DEPEND[html/man3/NCONF_new_ex.html]=man3/NCONF_new_ex.pod +GENERATE[html/man3/NCONF_new_ex.html]=man3/NCONF_new_ex.pod +DEPEND[man/man3/NCONF_new_ex.3]=man3/NCONF_new_ex.pod +GENERATE[man/man3/NCONF_new_ex.3]=man3/NCONF_new_ex.pod +DEPEND[html/man3/OBJ_nid2obj.html]=man3/OBJ_nid2obj.pod +GENERATE[html/man3/OBJ_nid2obj.html]=man3/OBJ_nid2obj.pod +DEPEND[man/man3/OBJ_nid2obj.3]=man3/OBJ_nid2obj.pod +GENERATE[man/man3/OBJ_nid2obj.3]=man3/OBJ_nid2obj.pod +DEPEND[html/man3/OCSP_REQUEST_new.html]=man3/OCSP_REQUEST_new.pod +GENERATE[html/man3/OCSP_REQUEST_new.html]=man3/OCSP_REQUEST_new.pod +DEPEND[man/man3/OCSP_REQUEST_new.3]=man3/OCSP_REQUEST_new.pod +GENERATE[man/man3/OCSP_REQUEST_new.3]=man3/OCSP_REQUEST_new.pod +DEPEND[html/man3/OCSP_cert_to_id.html]=man3/OCSP_cert_to_id.pod +GENERATE[html/man3/OCSP_cert_to_id.html]=man3/OCSP_cert_to_id.pod +DEPEND[man/man3/OCSP_cert_to_id.3]=man3/OCSP_cert_to_id.pod +GENERATE[man/man3/OCSP_cert_to_id.3]=man3/OCSP_cert_to_id.pod +DEPEND[html/man3/OCSP_request_add1_nonce.html]=man3/OCSP_request_add1_nonce.pod +GENERATE[html/man3/OCSP_request_add1_nonce.html]=man3/OCSP_request_add1_nonce.pod +DEPEND[man/man3/OCSP_request_add1_nonce.3]=man3/OCSP_request_add1_nonce.pod +GENERATE[man/man3/OCSP_request_add1_nonce.3]=man3/OCSP_request_add1_nonce.pod +DEPEND[html/man3/OCSP_resp_find_status.html]=man3/OCSP_resp_find_status.pod +GENERATE[html/man3/OCSP_resp_find_status.html]=man3/OCSP_resp_find_status.pod +DEPEND[man/man3/OCSP_resp_find_status.3]=man3/OCSP_resp_find_status.pod +GENERATE[man/man3/OCSP_resp_find_status.3]=man3/OCSP_resp_find_status.pod +DEPEND[html/man3/OCSP_response_status.html]=man3/OCSP_response_status.pod +GENERATE[html/man3/OCSP_response_status.html]=man3/OCSP_response_status.pod +DEPEND[man/man3/OCSP_response_status.3]=man3/OCSP_response_status.pod +GENERATE[man/man3/OCSP_response_status.3]=man3/OCSP_response_status.pod +DEPEND[html/man3/OCSP_sendreq_new.html]=man3/OCSP_sendreq_new.pod +GENERATE[html/man3/OCSP_sendreq_new.html]=man3/OCSP_sendreq_new.pod +DEPEND[man/man3/OCSP_sendreq_new.3]=man3/OCSP_sendreq_new.pod +GENERATE[man/man3/OCSP_sendreq_new.3]=man3/OCSP_sendreq_new.pod +DEPEND[html/man3/OPENSSL_Applink.html]=man3/OPENSSL_Applink.pod +GENERATE[html/man3/OPENSSL_Applink.html]=man3/OPENSSL_Applink.pod +DEPEND[man/man3/OPENSSL_Applink.3]=man3/OPENSSL_Applink.pod +GENERATE[man/man3/OPENSSL_Applink.3]=man3/OPENSSL_Applink.pod +DEPEND[html/man3/OPENSSL_FILE.html]=man3/OPENSSL_FILE.pod +GENERATE[html/man3/OPENSSL_FILE.html]=man3/OPENSSL_FILE.pod +DEPEND[man/man3/OPENSSL_FILE.3]=man3/OPENSSL_FILE.pod +GENERATE[man/man3/OPENSSL_FILE.3]=man3/OPENSSL_FILE.pod +DEPEND[html/man3/OPENSSL_LH_COMPFUNC.html]=man3/OPENSSL_LH_COMPFUNC.pod +GENERATE[html/man3/OPENSSL_LH_COMPFUNC.html]=man3/OPENSSL_LH_COMPFUNC.pod +DEPEND[man/man3/OPENSSL_LH_COMPFUNC.3]=man3/OPENSSL_LH_COMPFUNC.pod +GENERATE[man/man3/OPENSSL_LH_COMPFUNC.3]=man3/OPENSSL_LH_COMPFUNC.pod +DEPEND[html/man3/OPENSSL_LH_stats.html]=man3/OPENSSL_LH_stats.pod +GENERATE[html/man3/OPENSSL_LH_stats.html]=man3/OPENSSL_LH_stats.pod +DEPEND[man/man3/OPENSSL_LH_stats.3]=man3/OPENSSL_LH_stats.pod +GENERATE[man/man3/OPENSSL_LH_stats.3]=man3/OPENSSL_LH_stats.pod +DEPEND[html/man3/OPENSSL_config.html]=man3/OPENSSL_config.pod +GENERATE[html/man3/OPENSSL_config.html]=man3/OPENSSL_config.pod +DEPEND[man/man3/OPENSSL_config.3]=man3/OPENSSL_config.pod +GENERATE[man/man3/OPENSSL_config.3]=man3/OPENSSL_config.pod +DEPEND[html/man3/OPENSSL_fork_prepare.html]=man3/OPENSSL_fork_prepare.pod +GENERATE[html/man3/OPENSSL_fork_prepare.html]=man3/OPENSSL_fork_prepare.pod +DEPEND[man/man3/OPENSSL_fork_prepare.3]=man3/OPENSSL_fork_prepare.pod +GENERATE[man/man3/OPENSSL_fork_prepare.3]=man3/OPENSSL_fork_prepare.pod +DEPEND[html/man3/OPENSSL_gmtime.html]=man3/OPENSSL_gmtime.pod +GENERATE[html/man3/OPENSSL_gmtime.html]=man3/OPENSSL_gmtime.pod +DEPEND[man/man3/OPENSSL_gmtime.3]=man3/OPENSSL_gmtime.pod +GENERATE[man/man3/OPENSSL_gmtime.3]=man3/OPENSSL_gmtime.pod +DEPEND[html/man3/OPENSSL_hexchar2int.html]=man3/OPENSSL_hexchar2int.pod +GENERATE[html/man3/OPENSSL_hexchar2int.html]=man3/OPENSSL_hexchar2int.pod +DEPEND[man/man3/OPENSSL_hexchar2int.3]=man3/OPENSSL_hexchar2int.pod +GENERATE[man/man3/OPENSSL_hexchar2int.3]=man3/OPENSSL_hexchar2int.pod +DEPEND[html/man3/OPENSSL_ia32cap.html]=man3/OPENSSL_ia32cap.pod +GENERATE[html/man3/OPENSSL_ia32cap.html]=man3/OPENSSL_ia32cap.pod +DEPEND[man/man3/OPENSSL_ia32cap.3]=man3/OPENSSL_ia32cap.pod +GENERATE[man/man3/OPENSSL_ia32cap.3]=man3/OPENSSL_ia32cap.pod +DEPEND[html/man3/OPENSSL_init_crypto.html]=man3/OPENSSL_init_crypto.pod +GENERATE[html/man3/OPENSSL_init_crypto.html]=man3/OPENSSL_init_crypto.pod +DEPEND[man/man3/OPENSSL_init_crypto.3]=man3/OPENSSL_init_crypto.pod +GENERATE[man/man3/OPENSSL_init_crypto.3]=man3/OPENSSL_init_crypto.pod +DEPEND[html/man3/OPENSSL_init_ssl.html]=man3/OPENSSL_init_ssl.pod +GENERATE[html/man3/OPENSSL_init_ssl.html]=man3/OPENSSL_init_ssl.pod +DEPEND[man/man3/OPENSSL_init_ssl.3]=man3/OPENSSL_init_ssl.pod +GENERATE[man/man3/OPENSSL_init_ssl.3]=man3/OPENSSL_init_ssl.pod +DEPEND[html/man3/OPENSSL_instrument_bus.html]=man3/OPENSSL_instrument_bus.pod +GENERATE[html/man3/OPENSSL_instrument_bus.html]=man3/OPENSSL_instrument_bus.pod +DEPEND[man/man3/OPENSSL_instrument_bus.3]=man3/OPENSSL_instrument_bus.pod +GENERATE[man/man3/OPENSSL_instrument_bus.3]=man3/OPENSSL_instrument_bus.pod +DEPEND[html/man3/OPENSSL_load_builtin_modules.html]=man3/OPENSSL_load_builtin_modules.pod +GENERATE[html/man3/OPENSSL_load_builtin_modules.html]=man3/OPENSSL_load_builtin_modules.pod +DEPEND[man/man3/OPENSSL_load_builtin_modules.3]=man3/OPENSSL_load_builtin_modules.pod +GENERATE[man/man3/OPENSSL_load_builtin_modules.3]=man3/OPENSSL_load_builtin_modules.pod +DEPEND[html/man3/OPENSSL_malloc.html]=man3/OPENSSL_malloc.pod +GENERATE[html/man3/OPENSSL_malloc.html]=man3/OPENSSL_malloc.pod +DEPEND[man/man3/OPENSSL_malloc.3]=man3/OPENSSL_malloc.pod +GENERATE[man/man3/OPENSSL_malloc.3]=man3/OPENSSL_malloc.pod +DEPEND[html/man3/OPENSSL_s390xcap.html]=man3/OPENSSL_s390xcap.pod +GENERATE[html/man3/OPENSSL_s390xcap.html]=man3/OPENSSL_s390xcap.pod +DEPEND[man/man3/OPENSSL_s390xcap.3]=man3/OPENSSL_s390xcap.pod +GENERATE[man/man3/OPENSSL_s390xcap.3]=man3/OPENSSL_s390xcap.pod +DEPEND[html/man3/OPENSSL_secure_malloc.html]=man3/OPENSSL_secure_malloc.pod +GENERATE[html/man3/OPENSSL_secure_malloc.html]=man3/OPENSSL_secure_malloc.pod +DEPEND[man/man3/OPENSSL_secure_malloc.3]=man3/OPENSSL_secure_malloc.pod +GENERATE[man/man3/OPENSSL_secure_malloc.3]=man3/OPENSSL_secure_malloc.pod +DEPEND[html/man3/OPENSSL_strcasecmp.html]=man3/OPENSSL_strcasecmp.pod +GENERATE[html/man3/OPENSSL_strcasecmp.html]=man3/OPENSSL_strcasecmp.pod +DEPEND[man/man3/OPENSSL_strcasecmp.3]=man3/OPENSSL_strcasecmp.pod +GENERATE[man/man3/OPENSSL_strcasecmp.3]=man3/OPENSSL_strcasecmp.pod +DEPEND[html/man3/OSSL_ALGORITHM.html]=man3/OSSL_ALGORITHM.pod +GENERATE[html/man3/OSSL_ALGORITHM.html]=man3/OSSL_ALGORITHM.pod +DEPEND[man/man3/OSSL_ALGORITHM.3]=man3/OSSL_ALGORITHM.pod +GENERATE[man/man3/OSSL_ALGORITHM.3]=man3/OSSL_ALGORITHM.pod +DEPEND[html/man3/OSSL_CALLBACK.html]=man3/OSSL_CALLBACK.pod +GENERATE[html/man3/OSSL_CALLBACK.html]=man3/OSSL_CALLBACK.pod +DEPEND[man/man3/OSSL_CALLBACK.3]=man3/OSSL_CALLBACK.pod +GENERATE[man/man3/OSSL_CALLBACK.3]=man3/OSSL_CALLBACK.pod +DEPEND[html/man3/OSSL_CMP_CTX_new.html]=man3/OSSL_CMP_CTX_new.pod +GENERATE[html/man3/OSSL_CMP_CTX_new.html]=man3/OSSL_CMP_CTX_new.pod +DEPEND[man/man3/OSSL_CMP_CTX_new.3]=man3/OSSL_CMP_CTX_new.pod +GENERATE[man/man3/OSSL_CMP_CTX_new.3]=man3/OSSL_CMP_CTX_new.pod +DEPEND[html/man3/OSSL_CMP_HDR_get0_transactionID.html]=man3/OSSL_CMP_HDR_get0_transactionID.pod +GENERATE[html/man3/OSSL_CMP_HDR_get0_transactionID.html]=man3/OSSL_CMP_HDR_get0_transactionID.pod +DEPEND[man/man3/OSSL_CMP_HDR_get0_transactionID.3]=man3/OSSL_CMP_HDR_get0_transactionID.pod +GENERATE[man/man3/OSSL_CMP_HDR_get0_transactionID.3]=man3/OSSL_CMP_HDR_get0_transactionID.pod +DEPEND[html/man3/OSSL_CMP_ITAV_set0.html]=man3/OSSL_CMP_ITAV_set0.pod +GENERATE[html/man3/OSSL_CMP_ITAV_set0.html]=man3/OSSL_CMP_ITAV_set0.pod +DEPEND[man/man3/OSSL_CMP_ITAV_set0.3]=man3/OSSL_CMP_ITAV_set0.pod +GENERATE[man/man3/OSSL_CMP_ITAV_set0.3]=man3/OSSL_CMP_ITAV_set0.pod +DEPEND[html/man3/OSSL_CMP_MSG_get0_header.html]=man3/OSSL_CMP_MSG_get0_header.pod +GENERATE[html/man3/OSSL_CMP_MSG_get0_header.html]=man3/OSSL_CMP_MSG_get0_header.pod +DEPEND[man/man3/OSSL_CMP_MSG_get0_header.3]=man3/OSSL_CMP_MSG_get0_header.pod +GENERATE[man/man3/OSSL_CMP_MSG_get0_header.3]=man3/OSSL_CMP_MSG_get0_header.pod +DEPEND[html/man3/OSSL_CMP_MSG_http_perform.html]=man3/OSSL_CMP_MSG_http_perform.pod +GENERATE[html/man3/OSSL_CMP_MSG_http_perform.html]=man3/OSSL_CMP_MSG_http_perform.pod +DEPEND[man/man3/OSSL_CMP_MSG_http_perform.3]=man3/OSSL_CMP_MSG_http_perform.pod +GENERATE[man/man3/OSSL_CMP_MSG_http_perform.3]=man3/OSSL_CMP_MSG_http_perform.pod +DEPEND[html/man3/OSSL_CMP_SRV_CTX_new.html]=man3/OSSL_CMP_SRV_CTX_new.pod +GENERATE[html/man3/OSSL_CMP_SRV_CTX_new.html]=man3/OSSL_CMP_SRV_CTX_new.pod +DEPEND[man/man3/OSSL_CMP_SRV_CTX_new.3]=man3/OSSL_CMP_SRV_CTX_new.pod +GENERATE[man/man3/OSSL_CMP_SRV_CTX_new.3]=man3/OSSL_CMP_SRV_CTX_new.pod +DEPEND[html/man3/OSSL_CMP_STATUSINFO_new.html]=man3/OSSL_CMP_STATUSINFO_new.pod +GENERATE[html/man3/OSSL_CMP_STATUSINFO_new.html]=man3/OSSL_CMP_STATUSINFO_new.pod +DEPEND[man/man3/OSSL_CMP_STATUSINFO_new.3]=man3/OSSL_CMP_STATUSINFO_new.pod +GENERATE[man/man3/OSSL_CMP_STATUSINFO_new.3]=man3/OSSL_CMP_STATUSINFO_new.pod +DEPEND[html/man3/OSSL_CMP_exec_certreq.html]=man3/OSSL_CMP_exec_certreq.pod +GENERATE[html/man3/OSSL_CMP_exec_certreq.html]=man3/OSSL_CMP_exec_certreq.pod +DEPEND[man/man3/OSSL_CMP_exec_certreq.3]=man3/OSSL_CMP_exec_certreq.pod +GENERATE[man/man3/OSSL_CMP_exec_certreq.3]=man3/OSSL_CMP_exec_certreq.pod +DEPEND[html/man3/OSSL_CMP_log_open.html]=man3/OSSL_CMP_log_open.pod +GENERATE[html/man3/OSSL_CMP_log_open.html]=man3/OSSL_CMP_log_open.pod +DEPEND[man/man3/OSSL_CMP_log_open.3]=man3/OSSL_CMP_log_open.pod +GENERATE[man/man3/OSSL_CMP_log_open.3]=man3/OSSL_CMP_log_open.pod +DEPEND[html/man3/OSSL_CMP_validate_msg.html]=man3/OSSL_CMP_validate_msg.pod +GENERATE[html/man3/OSSL_CMP_validate_msg.html]=man3/OSSL_CMP_validate_msg.pod +DEPEND[man/man3/OSSL_CMP_validate_msg.3]=man3/OSSL_CMP_validate_msg.pod +GENERATE[man/man3/OSSL_CMP_validate_msg.3]=man3/OSSL_CMP_validate_msg.pod +DEPEND[html/man3/OSSL_CORE_MAKE_FUNC.html]=man3/OSSL_CORE_MAKE_FUNC.pod +GENERATE[html/man3/OSSL_CORE_MAKE_FUNC.html]=man3/OSSL_CORE_MAKE_FUNC.pod +DEPEND[man/man3/OSSL_CORE_MAKE_FUNC.3]=man3/OSSL_CORE_MAKE_FUNC.pod +GENERATE[man/man3/OSSL_CORE_MAKE_FUNC.3]=man3/OSSL_CORE_MAKE_FUNC.pod +DEPEND[html/man3/OSSL_CRMF_MSG_get0_tmpl.html]=man3/OSSL_CRMF_MSG_get0_tmpl.pod +GENERATE[html/man3/OSSL_CRMF_MSG_get0_tmpl.html]=man3/OSSL_CRMF_MSG_get0_tmpl.pod +DEPEND[man/man3/OSSL_CRMF_MSG_get0_tmpl.3]=man3/OSSL_CRMF_MSG_get0_tmpl.pod +GENERATE[man/man3/OSSL_CRMF_MSG_get0_tmpl.3]=man3/OSSL_CRMF_MSG_get0_tmpl.pod +DEPEND[html/man3/OSSL_CRMF_MSG_set0_validity.html]=man3/OSSL_CRMF_MSG_set0_validity.pod +GENERATE[html/man3/OSSL_CRMF_MSG_set0_validity.html]=man3/OSSL_CRMF_MSG_set0_validity.pod +DEPEND[man/man3/OSSL_CRMF_MSG_set0_validity.3]=man3/OSSL_CRMF_MSG_set0_validity.pod +GENERATE[man/man3/OSSL_CRMF_MSG_set0_validity.3]=man3/OSSL_CRMF_MSG_set0_validity.pod +DEPEND[html/man3/OSSL_CRMF_MSG_set1_regCtrl_regToken.html]=man3/OSSL_CRMF_MSG_set1_regCtrl_regToken.pod +GENERATE[html/man3/OSSL_CRMF_MSG_set1_regCtrl_regToken.html]=man3/OSSL_CRMF_MSG_set1_regCtrl_regToken.pod +DEPEND[man/man3/OSSL_CRMF_MSG_set1_regCtrl_regToken.3]=man3/OSSL_CRMF_MSG_set1_regCtrl_regToken.pod +GENERATE[man/man3/OSSL_CRMF_MSG_set1_regCtrl_regToken.3]=man3/OSSL_CRMF_MSG_set1_regCtrl_regToken.pod +DEPEND[html/man3/OSSL_CRMF_MSG_set1_regInfo_certReq.html]=man3/OSSL_CRMF_MSG_set1_regInfo_certReq.pod +GENERATE[html/man3/OSSL_CRMF_MSG_set1_regInfo_certReq.html]=man3/OSSL_CRMF_MSG_set1_regInfo_certReq.pod +DEPEND[man/man3/OSSL_CRMF_MSG_set1_regInfo_certReq.3]=man3/OSSL_CRMF_MSG_set1_regInfo_certReq.pod +GENERATE[man/man3/OSSL_CRMF_MSG_set1_regInfo_certReq.3]=man3/OSSL_CRMF_MSG_set1_regInfo_certReq.pod +DEPEND[html/man3/OSSL_CRMF_pbmp_new.html]=man3/OSSL_CRMF_pbmp_new.pod +GENERATE[html/man3/OSSL_CRMF_pbmp_new.html]=man3/OSSL_CRMF_pbmp_new.pod +DEPEND[man/man3/OSSL_CRMF_pbmp_new.3]=man3/OSSL_CRMF_pbmp_new.pod +GENERATE[man/man3/OSSL_CRMF_pbmp_new.3]=man3/OSSL_CRMF_pbmp_new.pod +DEPEND[html/man3/OSSL_DECODER.html]=man3/OSSL_DECODER.pod +GENERATE[html/man3/OSSL_DECODER.html]=man3/OSSL_DECODER.pod +DEPEND[man/man3/OSSL_DECODER.3]=man3/OSSL_DECODER.pod +GENERATE[man/man3/OSSL_DECODER.3]=man3/OSSL_DECODER.pod +DEPEND[html/man3/OSSL_DECODER_CTX.html]=man3/OSSL_DECODER_CTX.pod +GENERATE[html/man3/OSSL_DECODER_CTX.html]=man3/OSSL_DECODER_CTX.pod +DEPEND[man/man3/OSSL_DECODER_CTX.3]=man3/OSSL_DECODER_CTX.pod +GENERATE[man/man3/OSSL_DECODER_CTX.3]=man3/OSSL_DECODER_CTX.pod +DEPEND[html/man3/OSSL_DECODER_CTX_new_for_pkey.html]=man3/OSSL_DECODER_CTX_new_for_pkey.pod +GENERATE[html/man3/OSSL_DECODER_CTX_new_for_pkey.html]=man3/OSSL_DECODER_CTX_new_for_pkey.pod +DEPEND[man/man3/OSSL_DECODER_CTX_new_for_pkey.3]=man3/OSSL_DECODER_CTX_new_for_pkey.pod +GENERATE[man/man3/OSSL_DECODER_CTX_new_for_pkey.3]=man3/OSSL_DECODER_CTX_new_for_pkey.pod +DEPEND[html/man3/OSSL_DECODER_from_bio.html]=man3/OSSL_DECODER_from_bio.pod +GENERATE[html/man3/OSSL_DECODER_from_bio.html]=man3/OSSL_DECODER_from_bio.pod +DEPEND[man/man3/OSSL_DECODER_from_bio.3]=man3/OSSL_DECODER_from_bio.pod +GENERATE[man/man3/OSSL_DECODER_from_bio.3]=man3/OSSL_DECODER_from_bio.pod +DEPEND[html/man3/OSSL_DISPATCH.html]=man3/OSSL_DISPATCH.pod +GENERATE[html/man3/OSSL_DISPATCH.html]=man3/OSSL_DISPATCH.pod +DEPEND[man/man3/OSSL_DISPATCH.3]=man3/OSSL_DISPATCH.pod +GENERATE[man/man3/OSSL_DISPATCH.3]=man3/OSSL_DISPATCH.pod +DEPEND[html/man3/OSSL_ENCODER.html]=man3/OSSL_ENCODER.pod +GENERATE[html/man3/OSSL_ENCODER.html]=man3/OSSL_ENCODER.pod +DEPEND[man/man3/OSSL_ENCODER.3]=man3/OSSL_ENCODER.pod +GENERATE[man/man3/OSSL_ENCODER.3]=man3/OSSL_ENCODER.pod +DEPEND[html/man3/OSSL_ENCODER_CTX.html]=man3/OSSL_ENCODER_CTX.pod +GENERATE[html/man3/OSSL_ENCODER_CTX.html]=man3/OSSL_ENCODER_CTX.pod +DEPEND[man/man3/OSSL_ENCODER_CTX.3]=man3/OSSL_ENCODER_CTX.pod +GENERATE[man/man3/OSSL_ENCODER_CTX.3]=man3/OSSL_ENCODER_CTX.pod +DEPEND[html/man3/OSSL_ENCODER_CTX_new_for_pkey.html]=man3/OSSL_ENCODER_CTX_new_for_pkey.pod +GENERATE[html/man3/OSSL_ENCODER_CTX_new_for_pkey.html]=man3/OSSL_ENCODER_CTX_new_for_pkey.pod +DEPEND[man/man3/OSSL_ENCODER_CTX_new_for_pkey.3]=man3/OSSL_ENCODER_CTX_new_for_pkey.pod +GENERATE[man/man3/OSSL_ENCODER_CTX_new_for_pkey.3]=man3/OSSL_ENCODER_CTX_new_for_pkey.pod +DEPEND[html/man3/OSSL_ENCODER_to_bio.html]=man3/OSSL_ENCODER_to_bio.pod +GENERATE[html/man3/OSSL_ENCODER_to_bio.html]=man3/OSSL_ENCODER_to_bio.pod +DEPEND[man/man3/OSSL_ENCODER_to_bio.3]=man3/OSSL_ENCODER_to_bio.pod +GENERATE[man/man3/OSSL_ENCODER_to_bio.3]=man3/OSSL_ENCODER_to_bio.pod +DEPEND[html/man3/OSSL_ESS_check_signing_certs.html]=man3/OSSL_ESS_check_signing_certs.pod +GENERATE[html/man3/OSSL_ESS_check_signing_certs.html]=man3/OSSL_ESS_check_signing_certs.pod +DEPEND[man/man3/OSSL_ESS_check_signing_certs.3]=man3/OSSL_ESS_check_signing_certs.pod +GENERATE[man/man3/OSSL_ESS_check_signing_certs.3]=man3/OSSL_ESS_check_signing_certs.pod +DEPEND[html/man3/OSSL_HTTP_REQ_CTX.html]=man3/OSSL_HTTP_REQ_CTX.pod +GENERATE[html/man3/OSSL_HTTP_REQ_CTX.html]=man3/OSSL_HTTP_REQ_CTX.pod +DEPEND[man/man3/OSSL_HTTP_REQ_CTX.3]=man3/OSSL_HTTP_REQ_CTX.pod +GENERATE[man/man3/OSSL_HTTP_REQ_CTX.3]=man3/OSSL_HTTP_REQ_CTX.pod +DEPEND[html/man3/OSSL_HTTP_parse_url.html]=man3/OSSL_HTTP_parse_url.pod +GENERATE[html/man3/OSSL_HTTP_parse_url.html]=man3/OSSL_HTTP_parse_url.pod +DEPEND[man/man3/OSSL_HTTP_parse_url.3]=man3/OSSL_HTTP_parse_url.pod +GENERATE[man/man3/OSSL_HTTP_parse_url.3]=man3/OSSL_HTTP_parse_url.pod +DEPEND[html/man3/OSSL_HTTP_transfer.html]=man3/OSSL_HTTP_transfer.pod +GENERATE[html/man3/OSSL_HTTP_transfer.html]=man3/OSSL_HTTP_transfer.pod +DEPEND[man/man3/OSSL_HTTP_transfer.3]=man3/OSSL_HTTP_transfer.pod +GENERATE[man/man3/OSSL_HTTP_transfer.3]=man3/OSSL_HTTP_transfer.pod +DEPEND[html/man3/OSSL_ITEM.html]=man3/OSSL_ITEM.pod +GENERATE[html/man3/OSSL_ITEM.html]=man3/OSSL_ITEM.pod +DEPEND[man/man3/OSSL_ITEM.3]=man3/OSSL_ITEM.pod +GENERATE[man/man3/OSSL_ITEM.3]=man3/OSSL_ITEM.pod +DEPEND[html/man3/OSSL_LIB_CTX.html]=man3/OSSL_LIB_CTX.pod +GENERATE[html/man3/OSSL_LIB_CTX.html]=man3/OSSL_LIB_CTX.pod +DEPEND[man/man3/OSSL_LIB_CTX.3]=man3/OSSL_LIB_CTX.pod +GENERATE[man/man3/OSSL_LIB_CTX.3]=man3/OSSL_LIB_CTX.pod +DEPEND[html/man3/OSSL_PARAM.html]=man3/OSSL_PARAM.pod +GENERATE[html/man3/OSSL_PARAM.html]=man3/OSSL_PARAM.pod +DEPEND[man/man3/OSSL_PARAM.3]=man3/OSSL_PARAM.pod +GENERATE[man/man3/OSSL_PARAM.3]=man3/OSSL_PARAM.pod +DEPEND[html/man3/OSSL_PARAM_BLD.html]=man3/OSSL_PARAM_BLD.pod +GENERATE[html/man3/OSSL_PARAM_BLD.html]=man3/OSSL_PARAM_BLD.pod +DEPEND[man/man3/OSSL_PARAM_BLD.3]=man3/OSSL_PARAM_BLD.pod +GENERATE[man/man3/OSSL_PARAM_BLD.3]=man3/OSSL_PARAM_BLD.pod +DEPEND[html/man3/OSSL_PARAM_allocate_from_text.html]=man3/OSSL_PARAM_allocate_from_text.pod +GENERATE[html/man3/OSSL_PARAM_allocate_from_text.html]=man3/OSSL_PARAM_allocate_from_text.pod +DEPEND[man/man3/OSSL_PARAM_allocate_from_text.3]=man3/OSSL_PARAM_allocate_from_text.pod +GENERATE[man/man3/OSSL_PARAM_allocate_from_text.3]=man3/OSSL_PARAM_allocate_from_text.pod +DEPEND[html/man3/OSSL_PARAM_dup.html]=man3/OSSL_PARAM_dup.pod +GENERATE[html/man3/OSSL_PARAM_dup.html]=man3/OSSL_PARAM_dup.pod +DEPEND[man/man3/OSSL_PARAM_dup.3]=man3/OSSL_PARAM_dup.pod +GENERATE[man/man3/OSSL_PARAM_dup.3]=man3/OSSL_PARAM_dup.pod +DEPEND[html/man3/OSSL_PARAM_int.html]=man3/OSSL_PARAM_int.pod +GENERATE[html/man3/OSSL_PARAM_int.html]=man3/OSSL_PARAM_int.pod +DEPEND[man/man3/OSSL_PARAM_int.3]=man3/OSSL_PARAM_int.pod +GENERATE[man/man3/OSSL_PARAM_int.3]=man3/OSSL_PARAM_int.pod +DEPEND[html/man3/OSSL_PROVIDER.html]=man3/OSSL_PROVIDER.pod +GENERATE[html/man3/OSSL_PROVIDER.html]=man3/OSSL_PROVIDER.pod +DEPEND[man/man3/OSSL_PROVIDER.3]=man3/OSSL_PROVIDER.pod +GENERATE[man/man3/OSSL_PROVIDER.3]=man3/OSSL_PROVIDER.pod +DEPEND[html/man3/OSSL_SELF_TEST_new.html]=man3/OSSL_SELF_TEST_new.pod +GENERATE[html/man3/OSSL_SELF_TEST_new.html]=man3/OSSL_SELF_TEST_new.pod +DEPEND[man/man3/OSSL_SELF_TEST_new.3]=man3/OSSL_SELF_TEST_new.pod +GENERATE[man/man3/OSSL_SELF_TEST_new.3]=man3/OSSL_SELF_TEST_new.pod +DEPEND[html/man3/OSSL_SELF_TEST_set_callback.html]=man3/OSSL_SELF_TEST_set_callback.pod +GENERATE[html/man3/OSSL_SELF_TEST_set_callback.html]=man3/OSSL_SELF_TEST_set_callback.pod +DEPEND[man/man3/OSSL_SELF_TEST_set_callback.3]=man3/OSSL_SELF_TEST_set_callback.pod +GENERATE[man/man3/OSSL_SELF_TEST_set_callback.3]=man3/OSSL_SELF_TEST_set_callback.pod +DEPEND[html/man3/OSSL_STORE_INFO.html]=man3/OSSL_STORE_INFO.pod +GENERATE[html/man3/OSSL_STORE_INFO.html]=man3/OSSL_STORE_INFO.pod +DEPEND[man/man3/OSSL_STORE_INFO.3]=man3/OSSL_STORE_INFO.pod +GENERATE[man/man3/OSSL_STORE_INFO.3]=man3/OSSL_STORE_INFO.pod +DEPEND[html/man3/OSSL_STORE_LOADER.html]=man3/OSSL_STORE_LOADER.pod +GENERATE[html/man3/OSSL_STORE_LOADER.html]=man3/OSSL_STORE_LOADER.pod +DEPEND[man/man3/OSSL_STORE_LOADER.3]=man3/OSSL_STORE_LOADER.pod +GENERATE[man/man3/OSSL_STORE_LOADER.3]=man3/OSSL_STORE_LOADER.pod +DEPEND[html/man3/OSSL_STORE_SEARCH.html]=man3/OSSL_STORE_SEARCH.pod +GENERATE[html/man3/OSSL_STORE_SEARCH.html]=man3/OSSL_STORE_SEARCH.pod +DEPEND[man/man3/OSSL_STORE_SEARCH.3]=man3/OSSL_STORE_SEARCH.pod +GENERATE[man/man3/OSSL_STORE_SEARCH.3]=man3/OSSL_STORE_SEARCH.pod +DEPEND[html/man3/OSSL_STORE_attach.html]=man3/OSSL_STORE_attach.pod +GENERATE[html/man3/OSSL_STORE_attach.html]=man3/OSSL_STORE_attach.pod +DEPEND[man/man3/OSSL_STORE_attach.3]=man3/OSSL_STORE_attach.pod +GENERATE[man/man3/OSSL_STORE_attach.3]=man3/OSSL_STORE_attach.pod +DEPEND[html/man3/OSSL_STORE_expect.html]=man3/OSSL_STORE_expect.pod +GENERATE[html/man3/OSSL_STORE_expect.html]=man3/OSSL_STORE_expect.pod +DEPEND[man/man3/OSSL_STORE_expect.3]=man3/OSSL_STORE_expect.pod +GENERATE[man/man3/OSSL_STORE_expect.3]=man3/OSSL_STORE_expect.pod +DEPEND[html/man3/OSSL_STORE_open.html]=man3/OSSL_STORE_open.pod +GENERATE[html/man3/OSSL_STORE_open.html]=man3/OSSL_STORE_open.pod +DEPEND[man/man3/OSSL_STORE_open.3]=man3/OSSL_STORE_open.pod +GENERATE[man/man3/OSSL_STORE_open.3]=man3/OSSL_STORE_open.pod +DEPEND[html/man3/OSSL_trace_enabled.html]=man3/OSSL_trace_enabled.pod +GENERATE[html/man3/OSSL_trace_enabled.html]=man3/OSSL_trace_enabled.pod +DEPEND[man/man3/OSSL_trace_enabled.3]=man3/OSSL_trace_enabled.pod +GENERATE[man/man3/OSSL_trace_enabled.3]=man3/OSSL_trace_enabled.pod +DEPEND[html/man3/OSSL_trace_get_category_num.html]=man3/OSSL_trace_get_category_num.pod +GENERATE[html/man3/OSSL_trace_get_category_num.html]=man3/OSSL_trace_get_category_num.pod +DEPEND[man/man3/OSSL_trace_get_category_num.3]=man3/OSSL_trace_get_category_num.pod +GENERATE[man/man3/OSSL_trace_get_category_num.3]=man3/OSSL_trace_get_category_num.pod +DEPEND[html/man3/OSSL_trace_set_channel.html]=man3/OSSL_trace_set_channel.pod +GENERATE[html/man3/OSSL_trace_set_channel.html]=man3/OSSL_trace_set_channel.pod +DEPEND[man/man3/OSSL_trace_set_channel.3]=man3/OSSL_trace_set_channel.pod +GENERATE[man/man3/OSSL_trace_set_channel.3]=man3/OSSL_trace_set_channel.pod +DEPEND[html/man3/OpenSSL_add_all_algorithms.html]=man3/OpenSSL_add_all_algorithms.pod +GENERATE[html/man3/OpenSSL_add_all_algorithms.html]=man3/OpenSSL_add_all_algorithms.pod +DEPEND[man/man3/OpenSSL_add_all_algorithms.3]=man3/OpenSSL_add_all_algorithms.pod +GENERATE[man/man3/OpenSSL_add_all_algorithms.3]=man3/OpenSSL_add_all_algorithms.pod +DEPEND[html/man3/OpenSSL_version.html]=man3/OpenSSL_version.pod +GENERATE[html/man3/OpenSSL_version.html]=man3/OpenSSL_version.pod +DEPEND[man/man3/OpenSSL_version.3]=man3/OpenSSL_version.pod +GENERATE[man/man3/OpenSSL_version.3]=man3/OpenSSL_version.pod +DEPEND[html/man3/PEM_X509_INFO_read_bio_ex.html]=man3/PEM_X509_INFO_read_bio_ex.pod +GENERATE[html/man3/PEM_X509_INFO_read_bio_ex.html]=man3/PEM_X509_INFO_read_bio_ex.pod +DEPEND[man/man3/PEM_X509_INFO_read_bio_ex.3]=man3/PEM_X509_INFO_read_bio_ex.pod +GENERATE[man/man3/PEM_X509_INFO_read_bio_ex.3]=man3/PEM_X509_INFO_read_bio_ex.pod +DEPEND[html/man3/PEM_bytes_read_bio.html]=man3/PEM_bytes_read_bio.pod +GENERATE[html/man3/PEM_bytes_read_bio.html]=man3/PEM_bytes_read_bio.pod +DEPEND[man/man3/PEM_bytes_read_bio.3]=man3/PEM_bytes_read_bio.pod +GENERATE[man/man3/PEM_bytes_read_bio.3]=man3/PEM_bytes_read_bio.pod +DEPEND[html/man3/PEM_read.html]=man3/PEM_read.pod +GENERATE[html/man3/PEM_read.html]=man3/PEM_read.pod +DEPEND[man/man3/PEM_read.3]=man3/PEM_read.pod +GENERATE[man/man3/PEM_read.3]=man3/PEM_read.pod +DEPEND[html/man3/PEM_read_CMS.html]=man3/PEM_read_CMS.pod +GENERATE[html/man3/PEM_read_CMS.html]=man3/PEM_read_CMS.pod +DEPEND[man/man3/PEM_read_CMS.3]=man3/PEM_read_CMS.pod +GENERATE[man/man3/PEM_read_CMS.3]=man3/PEM_read_CMS.pod +DEPEND[html/man3/PEM_read_bio_PrivateKey.html]=man3/PEM_read_bio_PrivateKey.pod +GENERATE[html/man3/PEM_read_bio_PrivateKey.html]=man3/PEM_read_bio_PrivateKey.pod +DEPEND[man/man3/PEM_read_bio_PrivateKey.3]=man3/PEM_read_bio_PrivateKey.pod +GENERATE[man/man3/PEM_read_bio_PrivateKey.3]=man3/PEM_read_bio_PrivateKey.pod +DEPEND[html/man3/PEM_read_bio_ex.html]=man3/PEM_read_bio_ex.pod +GENERATE[html/man3/PEM_read_bio_ex.html]=man3/PEM_read_bio_ex.pod +DEPEND[man/man3/PEM_read_bio_ex.3]=man3/PEM_read_bio_ex.pod +GENERATE[man/man3/PEM_read_bio_ex.3]=man3/PEM_read_bio_ex.pod +DEPEND[html/man3/PEM_write_bio_CMS_stream.html]=man3/PEM_write_bio_CMS_stream.pod +GENERATE[html/man3/PEM_write_bio_CMS_stream.html]=man3/PEM_write_bio_CMS_stream.pod +DEPEND[man/man3/PEM_write_bio_CMS_stream.3]=man3/PEM_write_bio_CMS_stream.pod +GENERATE[man/man3/PEM_write_bio_CMS_stream.3]=man3/PEM_write_bio_CMS_stream.pod +DEPEND[html/man3/PEM_write_bio_PKCS7_stream.html]=man3/PEM_write_bio_PKCS7_stream.pod +GENERATE[html/man3/PEM_write_bio_PKCS7_stream.html]=man3/PEM_write_bio_PKCS7_stream.pod +DEPEND[man/man3/PEM_write_bio_PKCS7_stream.3]=man3/PEM_write_bio_PKCS7_stream.pod +GENERATE[man/man3/PEM_write_bio_PKCS7_stream.3]=man3/PEM_write_bio_PKCS7_stream.pod +DEPEND[html/man3/PKCS12_PBE_keyivgen.html]=man3/PKCS12_PBE_keyivgen.pod +GENERATE[html/man3/PKCS12_PBE_keyivgen.html]=man3/PKCS12_PBE_keyivgen.pod +DEPEND[man/man3/PKCS12_PBE_keyivgen.3]=man3/PKCS12_PBE_keyivgen.pod +GENERATE[man/man3/PKCS12_PBE_keyivgen.3]=man3/PKCS12_PBE_keyivgen.pod +DEPEND[html/man3/PKCS12_SAFEBAG_create_cert.html]=man3/PKCS12_SAFEBAG_create_cert.pod +GENERATE[html/man3/PKCS12_SAFEBAG_create_cert.html]=man3/PKCS12_SAFEBAG_create_cert.pod +DEPEND[man/man3/PKCS12_SAFEBAG_create_cert.3]=man3/PKCS12_SAFEBAG_create_cert.pod +GENERATE[man/man3/PKCS12_SAFEBAG_create_cert.3]=man3/PKCS12_SAFEBAG_create_cert.pod +DEPEND[html/man3/PKCS12_SAFEBAG_get0_attrs.html]=man3/PKCS12_SAFEBAG_get0_attrs.pod +GENERATE[html/man3/PKCS12_SAFEBAG_get0_attrs.html]=man3/PKCS12_SAFEBAG_get0_attrs.pod +DEPEND[man/man3/PKCS12_SAFEBAG_get0_attrs.3]=man3/PKCS12_SAFEBAG_get0_attrs.pod +GENERATE[man/man3/PKCS12_SAFEBAG_get0_attrs.3]=man3/PKCS12_SAFEBAG_get0_attrs.pod +DEPEND[html/man3/PKCS12_SAFEBAG_get1_cert.html]=man3/PKCS12_SAFEBAG_get1_cert.pod +GENERATE[html/man3/PKCS12_SAFEBAG_get1_cert.html]=man3/PKCS12_SAFEBAG_get1_cert.pod +DEPEND[man/man3/PKCS12_SAFEBAG_get1_cert.3]=man3/PKCS12_SAFEBAG_get1_cert.pod +GENERATE[man/man3/PKCS12_SAFEBAG_get1_cert.3]=man3/PKCS12_SAFEBAG_get1_cert.pod +DEPEND[html/man3/PKCS12_add1_attr_by_NID.html]=man3/PKCS12_add1_attr_by_NID.pod +GENERATE[html/man3/PKCS12_add1_attr_by_NID.html]=man3/PKCS12_add1_attr_by_NID.pod +DEPEND[man/man3/PKCS12_add1_attr_by_NID.3]=man3/PKCS12_add1_attr_by_NID.pod +GENERATE[man/man3/PKCS12_add1_attr_by_NID.3]=man3/PKCS12_add1_attr_by_NID.pod +DEPEND[html/man3/PKCS12_add_CSPName_asc.html]=man3/PKCS12_add_CSPName_asc.pod +GENERATE[html/man3/PKCS12_add_CSPName_asc.html]=man3/PKCS12_add_CSPName_asc.pod +DEPEND[man/man3/PKCS12_add_CSPName_asc.3]=man3/PKCS12_add_CSPName_asc.pod +GENERATE[man/man3/PKCS12_add_CSPName_asc.3]=man3/PKCS12_add_CSPName_asc.pod +DEPEND[html/man3/PKCS12_add_cert.html]=man3/PKCS12_add_cert.pod +GENERATE[html/man3/PKCS12_add_cert.html]=man3/PKCS12_add_cert.pod +DEPEND[man/man3/PKCS12_add_cert.3]=man3/PKCS12_add_cert.pod +GENERATE[man/man3/PKCS12_add_cert.3]=man3/PKCS12_add_cert.pod +DEPEND[html/man3/PKCS12_add_friendlyname_asc.html]=man3/PKCS12_add_friendlyname_asc.pod +GENERATE[html/man3/PKCS12_add_friendlyname_asc.html]=man3/PKCS12_add_friendlyname_asc.pod +DEPEND[man/man3/PKCS12_add_friendlyname_asc.3]=man3/PKCS12_add_friendlyname_asc.pod +GENERATE[man/man3/PKCS12_add_friendlyname_asc.3]=man3/PKCS12_add_friendlyname_asc.pod +DEPEND[html/man3/PKCS12_add_localkeyid.html]=man3/PKCS12_add_localkeyid.pod +GENERATE[html/man3/PKCS12_add_localkeyid.html]=man3/PKCS12_add_localkeyid.pod +DEPEND[man/man3/PKCS12_add_localkeyid.3]=man3/PKCS12_add_localkeyid.pod +GENERATE[man/man3/PKCS12_add_localkeyid.3]=man3/PKCS12_add_localkeyid.pod +DEPEND[html/man3/PKCS12_add_safe.html]=man3/PKCS12_add_safe.pod +GENERATE[html/man3/PKCS12_add_safe.html]=man3/PKCS12_add_safe.pod +DEPEND[man/man3/PKCS12_add_safe.3]=man3/PKCS12_add_safe.pod +GENERATE[man/man3/PKCS12_add_safe.3]=man3/PKCS12_add_safe.pod +DEPEND[html/man3/PKCS12_create.html]=man3/PKCS12_create.pod +GENERATE[html/man3/PKCS12_create.html]=man3/PKCS12_create.pod +DEPEND[man/man3/PKCS12_create.3]=man3/PKCS12_create.pod +GENERATE[man/man3/PKCS12_create.3]=man3/PKCS12_create.pod +DEPEND[html/man3/PKCS12_decrypt_skey.html]=man3/PKCS12_decrypt_skey.pod +GENERATE[html/man3/PKCS12_decrypt_skey.html]=man3/PKCS12_decrypt_skey.pod +DEPEND[man/man3/PKCS12_decrypt_skey.3]=man3/PKCS12_decrypt_skey.pod +GENERATE[man/man3/PKCS12_decrypt_skey.3]=man3/PKCS12_decrypt_skey.pod +DEPEND[html/man3/PKCS12_gen_mac.html]=man3/PKCS12_gen_mac.pod +GENERATE[html/man3/PKCS12_gen_mac.html]=man3/PKCS12_gen_mac.pod +DEPEND[man/man3/PKCS12_gen_mac.3]=man3/PKCS12_gen_mac.pod +GENERATE[man/man3/PKCS12_gen_mac.3]=man3/PKCS12_gen_mac.pod +DEPEND[html/man3/PKCS12_get_friendlyname.html]=man3/PKCS12_get_friendlyname.pod +GENERATE[html/man3/PKCS12_get_friendlyname.html]=man3/PKCS12_get_friendlyname.pod +DEPEND[man/man3/PKCS12_get_friendlyname.3]=man3/PKCS12_get_friendlyname.pod +GENERATE[man/man3/PKCS12_get_friendlyname.3]=man3/PKCS12_get_friendlyname.pod +DEPEND[html/man3/PKCS12_init.html]=man3/PKCS12_init.pod +GENERATE[html/man3/PKCS12_init.html]=man3/PKCS12_init.pod +DEPEND[man/man3/PKCS12_init.3]=man3/PKCS12_init.pod +GENERATE[man/man3/PKCS12_init.3]=man3/PKCS12_init.pod +DEPEND[html/man3/PKCS12_item_decrypt_d2i.html]=man3/PKCS12_item_decrypt_d2i.pod +GENERATE[html/man3/PKCS12_item_decrypt_d2i.html]=man3/PKCS12_item_decrypt_d2i.pod +DEPEND[man/man3/PKCS12_item_decrypt_d2i.3]=man3/PKCS12_item_decrypt_d2i.pod +GENERATE[man/man3/PKCS12_item_decrypt_d2i.3]=man3/PKCS12_item_decrypt_d2i.pod +DEPEND[html/man3/PKCS12_key_gen_utf8_ex.html]=man3/PKCS12_key_gen_utf8_ex.pod +GENERATE[html/man3/PKCS12_key_gen_utf8_ex.html]=man3/PKCS12_key_gen_utf8_ex.pod +DEPEND[man/man3/PKCS12_key_gen_utf8_ex.3]=man3/PKCS12_key_gen_utf8_ex.pod +GENERATE[man/man3/PKCS12_key_gen_utf8_ex.3]=man3/PKCS12_key_gen_utf8_ex.pod +DEPEND[html/man3/PKCS12_newpass.html]=man3/PKCS12_newpass.pod +GENERATE[html/man3/PKCS12_newpass.html]=man3/PKCS12_newpass.pod +DEPEND[man/man3/PKCS12_newpass.3]=man3/PKCS12_newpass.pod +GENERATE[man/man3/PKCS12_newpass.3]=man3/PKCS12_newpass.pod +DEPEND[html/man3/PKCS12_pack_p7encdata.html]=man3/PKCS12_pack_p7encdata.pod +GENERATE[html/man3/PKCS12_pack_p7encdata.html]=man3/PKCS12_pack_p7encdata.pod +DEPEND[man/man3/PKCS12_pack_p7encdata.3]=man3/PKCS12_pack_p7encdata.pod +GENERATE[man/man3/PKCS12_pack_p7encdata.3]=man3/PKCS12_pack_p7encdata.pod +DEPEND[html/man3/PKCS12_parse.html]=man3/PKCS12_parse.pod +GENERATE[html/man3/PKCS12_parse.html]=man3/PKCS12_parse.pod +DEPEND[man/man3/PKCS12_parse.3]=man3/PKCS12_parse.pod +GENERATE[man/man3/PKCS12_parse.3]=man3/PKCS12_parse.pod +DEPEND[html/man3/PKCS5_PBE_keyivgen.html]=man3/PKCS5_PBE_keyivgen.pod +GENERATE[html/man3/PKCS5_PBE_keyivgen.html]=man3/PKCS5_PBE_keyivgen.pod +DEPEND[man/man3/PKCS5_PBE_keyivgen.3]=man3/PKCS5_PBE_keyivgen.pod +GENERATE[man/man3/PKCS5_PBE_keyivgen.3]=man3/PKCS5_PBE_keyivgen.pod +DEPEND[html/man3/PKCS5_PBKDF2_HMAC.html]=man3/PKCS5_PBKDF2_HMAC.pod +GENERATE[html/man3/PKCS5_PBKDF2_HMAC.html]=man3/PKCS5_PBKDF2_HMAC.pod +DEPEND[man/man3/PKCS5_PBKDF2_HMAC.3]=man3/PKCS5_PBKDF2_HMAC.pod +GENERATE[man/man3/PKCS5_PBKDF2_HMAC.3]=man3/PKCS5_PBKDF2_HMAC.pod +DEPEND[html/man3/PKCS7_decrypt.html]=man3/PKCS7_decrypt.pod +GENERATE[html/man3/PKCS7_decrypt.html]=man3/PKCS7_decrypt.pod +DEPEND[man/man3/PKCS7_decrypt.3]=man3/PKCS7_decrypt.pod +GENERATE[man/man3/PKCS7_decrypt.3]=man3/PKCS7_decrypt.pod +DEPEND[html/man3/PKCS7_encrypt.html]=man3/PKCS7_encrypt.pod +GENERATE[html/man3/PKCS7_encrypt.html]=man3/PKCS7_encrypt.pod +DEPEND[man/man3/PKCS7_encrypt.3]=man3/PKCS7_encrypt.pod +GENERATE[man/man3/PKCS7_encrypt.3]=man3/PKCS7_encrypt.pod +DEPEND[html/man3/PKCS7_get_octet_string.html]=man3/PKCS7_get_octet_string.pod +GENERATE[html/man3/PKCS7_get_octet_string.html]=man3/PKCS7_get_octet_string.pod +DEPEND[man/man3/PKCS7_get_octet_string.3]=man3/PKCS7_get_octet_string.pod +GENERATE[man/man3/PKCS7_get_octet_string.3]=man3/PKCS7_get_octet_string.pod +DEPEND[html/man3/PKCS7_sign.html]=man3/PKCS7_sign.pod +GENERATE[html/man3/PKCS7_sign.html]=man3/PKCS7_sign.pod +DEPEND[man/man3/PKCS7_sign.3]=man3/PKCS7_sign.pod +GENERATE[man/man3/PKCS7_sign.3]=man3/PKCS7_sign.pod +DEPEND[html/man3/PKCS7_sign_add_signer.html]=man3/PKCS7_sign_add_signer.pod +GENERATE[html/man3/PKCS7_sign_add_signer.html]=man3/PKCS7_sign_add_signer.pod +DEPEND[man/man3/PKCS7_sign_add_signer.3]=man3/PKCS7_sign_add_signer.pod +GENERATE[man/man3/PKCS7_sign_add_signer.3]=man3/PKCS7_sign_add_signer.pod +DEPEND[html/man3/PKCS7_type_is_other.html]=man3/PKCS7_type_is_other.pod +GENERATE[html/man3/PKCS7_type_is_other.html]=man3/PKCS7_type_is_other.pod +DEPEND[man/man3/PKCS7_type_is_other.3]=man3/PKCS7_type_is_other.pod +GENERATE[man/man3/PKCS7_type_is_other.3]=man3/PKCS7_type_is_other.pod +DEPEND[html/man3/PKCS7_verify.html]=man3/PKCS7_verify.pod +GENERATE[html/man3/PKCS7_verify.html]=man3/PKCS7_verify.pod +DEPEND[man/man3/PKCS7_verify.3]=man3/PKCS7_verify.pod +GENERATE[man/man3/PKCS7_verify.3]=man3/PKCS7_verify.pod +DEPEND[html/man3/PKCS8_encrypt.html]=man3/PKCS8_encrypt.pod +GENERATE[html/man3/PKCS8_encrypt.html]=man3/PKCS8_encrypt.pod +DEPEND[man/man3/PKCS8_encrypt.3]=man3/PKCS8_encrypt.pod +GENERATE[man/man3/PKCS8_encrypt.3]=man3/PKCS8_encrypt.pod +DEPEND[html/man3/PKCS8_pkey_add1_attr.html]=man3/PKCS8_pkey_add1_attr.pod +GENERATE[html/man3/PKCS8_pkey_add1_attr.html]=man3/PKCS8_pkey_add1_attr.pod +DEPEND[man/man3/PKCS8_pkey_add1_attr.3]=man3/PKCS8_pkey_add1_attr.pod +GENERATE[man/man3/PKCS8_pkey_add1_attr.3]=man3/PKCS8_pkey_add1_attr.pod +DEPEND[html/man3/RAND_add.html]=man3/RAND_add.pod +GENERATE[html/man3/RAND_add.html]=man3/RAND_add.pod +DEPEND[man/man3/RAND_add.3]=man3/RAND_add.pod +GENERATE[man/man3/RAND_add.3]=man3/RAND_add.pod +DEPEND[html/man3/RAND_bytes.html]=man3/RAND_bytes.pod +GENERATE[html/man3/RAND_bytes.html]=man3/RAND_bytes.pod +DEPEND[man/man3/RAND_bytes.3]=man3/RAND_bytes.pod +GENERATE[man/man3/RAND_bytes.3]=man3/RAND_bytes.pod +DEPEND[html/man3/RAND_cleanup.html]=man3/RAND_cleanup.pod +GENERATE[html/man3/RAND_cleanup.html]=man3/RAND_cleanup.pod +DEPEND[man/man3/RAND_cleanup.3]=man3/RAND_cleanup.pod +GENERATE[man/man3/RAND_cleanup.3]=man3/RAND_cleanup.pod +DEPEND[html/man3/RAND_egd.html]=man3/RAND_egd.pod +GENERATE[html/man3/RAND_egd.html]=man3/RAND_egd.pod +DEPEND[man/man3/RAND_egd.3]=man3/RAND_egd.pod +GENERATE[man/man3/RAND_egd.3]=man3/RAND_egd.pod +DEPEND[html/man3/RAND_get0_primary.html]=man3/RAND_get0_primary.pod +GENERATE[html/man3/RAND_get0_primary.html]=man3/RAND_get0_primary.pod +DEPEND[man/man3/RAND_get0_primary.3]=man3/RAND_get0_primary.pod +GENERATE[man/man3/RAND_get0_primary.3]=man3/RAND_get0_primary.pod +DEPEND[html/man3/RAND_load_file.html]=man3/RAND_load_file.pod +GENERATE[html/man3/RAND_load_file.html]=man3/RAND_load_file.pod +DEPEND[man/man3/RAND_load_file.3]=man3/RAND_load_file.pod +GENERATE[man/man3/RAND_load_file.3]=man3/RAND_load_file.pod +DEPEND[html/man3/RAND_set_DRBG_type.html]=man3/RAND_set_DRBG_type.pod +GENERATE[html/man3/RAND_set_DRBG_type.html]=man3/RAND_set_DRBG_type.pod +DEPEND[man/man3/RAND_set_DRBG_type.3]=man3/RAND_set_DRBG_type.pod +GENERATE[man/man3/RAND_set_DRBG_type.3]=man3/RAND_set_DRBG_type.pod +DEPEND[html/man3/RAND_set_rand_method.html]=man3/RAND_set_rand_method.pod +GENERATE[html/man3/RAND_set_rand_method.html]=man3/RAND_set_rand_method.pod +DEPEND[man/man3/RAND_set_rand_method.3]=man3/RAND_set_rand_method.pod +GENERATE[man/man3/RAND_set_rand_method.3]=man3/RAND_set_rand_method.pod +DEPEND[html/man3/RC4_set_key.html]=man3/RC4_set_key.pod +GENERATE[html/man3/RC4_set_key.html]=man3/RC4_set_key.pod +DEPEND[man/man3/RC4_set_key.3]=man3/RC4_set_key.pod +GENERATE[man/man3/RC4_set_key.3]=man3/RC4_set_key.pod +DEPEND[html/man3/RIPEMD160_Init.html]=man3/RIPEMD160_Init.pod +GENERATE[html/man3/RIPEMD160_Init.html]=man3/RIPEMD160_Init.pod +DEPEND[man/man3/RIPEMD160_Init.3]=man3/RIPEMD160_Init.pod +GENERATE[man/man3/RIPEMD160_Init.3]=man3/RIPEMD160_Init.pod +DEPEND[html/man3/RSA_blinding_on.html]=man3/RSA_blinding_on.pod +GENERATE[html/man3/RSA_blinding_on.html]=man3/RSA_blinding_on.pod +DEPEND[man/man3/RSA_blinding_on.3]=man3/RSA_blinding_on.pod +GENERATE[man/man3/RSA_blinding_on.3]=man3/RSA_blinding_on.pod +DEPEND[html/man3/RSA_check_key.html]=man3/RSA_check_key.pod +GENERATE[html/man3/RSA_check_key.html]=man3/RSA_check_key.pod +DEPEND[man/man3/RSA_check_key.3]=man3/RSA_check_key.pod +GENERATE[man/man3/RSA_check_key.3]=man3/RSA_check_key.pod +DEPEND[html/man3/RSA_generate_key.html]=man3/RSA_generate_key.pod +GENERATE[html/man3/RSA_generate_key.html]=man3/RSA_generate_key.pod +DEPEND[man/man3/RSA_generate_key.3]=man3/RSA_generate_key.pod +GENERATE[man/man3/RSA_generate_key.3]=man3/RSA_generate_key.pod +DEPEND[html/man3/RSA_get0_key.html]=man3/RSA_get0_key.pod +GENERATE[html/man3/RSA_get0_key.html]=man3/RSA_get0_key.pod +DEPEND[man/man3/RSA_get0_key.3]=man3/RSA_get0_key.pod +GENERATE[man/man3/RSA_get0_key.3]=man3/RSA_get0_key.pod +DEPEND[html/man3/RSA_meth_new.html]=man3/RSA_meth_new.pod +GENERATE[html/man3/RSA_meth_new.html]=man3/RSA_meth_new.pod +DEPEND[man/man3/RSA_meth_new.3]=man3/RSA_meth_new.pod +GENERATE[man/man3/RSA_meth_new.3]=man3/RSA_meth_new.pod +DEPEND[html/man3/RSA_new.html]=man3/RSA_new.pod +GENERATE[html/man3/RSA_new.html]=man3/RSA_new.pod +DEPEND[man/man3/RSA_new.3]=man3/RSA_new.pod +GENERATE[man/man3/RSA_new.3]=man3/RSA_new.pod +DEPEND[html/man3/RSA_padding_add_PKCS1_type_1.html]=man3/RSA_padding_add_PKCS1_type_1.pod +GENERATE[html/man3/RSA_padding_add_PKCS1_type_1.html]=man3/RSA_padding_add_PKCS1_type_1.pod +DEPEND[man/man3/RSA_padding_add_PKCS1_type_1.3]=man3/RSA_padding_add_PKCS1_type_1.pod +GENERATE[man/man3/RSA_padding_add_PKCS1_type_1.3]=man3/RSA_padding_add_PKCS1_type_1.pod +DEPEND[html/man3/RSA_print.html]=man3/RSA_print.pod +GENERATE[html/man3/RSA_print.html]=man3/RSA_print.pod +DEPEND[man/man3/RSA_print.3]=man3/RSA_print.pod +GENERATE[man/man3/RSA_print.3]=man3/RSA_print.pod +DEPEND[html/man3/RSA_private_encrypt.html]=man3/RSA_private_encrypt.pod +GENERATE[html/man3/RSA_private_encrypt.html]=man3/RSA_private_encrypt.pod +DEPEND[man/man3/RSA_private_encrypt.3]=man3/RSA_private_encrypt.pod +GENERATE[man/man3/RSA_private_encrypt.3]=man3/RSA_private_encrypt.pod +DEPEND[html/man3/RSA_public_encrypt.html]=man3/RSA_public_encrypt.pod +GENERATE[html/man3/RSA_public_encrypt.html]=man3/RSA_public_encrypt.pod +DEPEND[man/man3/RSA_public_encrypt.3]=man3/RSA_public_encrypt.pod +GENERATE[man/man3/RSA_public_encrypt.3]=man3/RSA_public_encrypt.pod +DEPEND[html/man3/RSA_set_method.html]=man3/RSA_set_method.pod +GENERATE[html/man3/RSA_set_method.html]=man3/RSA_set_method.pod +DEPEND[man/man3/RSA_set_method.3]=man3/RSA_set_method.pod +GENERATE[man/man3/RSA_set_method.3]=man3/RSA_set_method.pod +DEPEND[html/man3/RSA_sign.html]=man3/RSA_sign.pod +GENERATE[html/man3/RSA_sign.html]=man3/RSA_sign.pod +DEPEND[man/man3/RSA_sign.3]=man3/RSA_sign.pod +GENERATE[man/man3/RSA_sign.3]=man3/RSA_sign.pod +DEPEND[html/man3/RSA_sign_ASN1_OCTET_STRING.html]=man3/RSA_sign_ASN1_OCTET_STRING.pod +GENERATE[html/man3/RSA_sign_ASN1_OCTET_STRING.html]=man3/RSA_sign_ASN1_OCTET_STRING.pod +DEPEND[man/man3/RSA_sign_ASN1_OCTET_STRING.3]=man3/RSA_sign_ASN1_OCTET_STRING.pod +GENERATE[man/man3/RSA_sign_ASN1_OCTET_STRING.3]=man3/RSA_sign_ASN1_OCTET_STRING.pod +DEPEND[html/man3/RSA_size.html]=man3/RSA_size.pod +GENERATE[html/man3/RSA_size.html]=man3/RSA_size.pod +DEPEND[man/man3/RSA_size.3]=man3/RSA_size.pod +GENERATE[man/man3/RSA_size.3]=man3/RSA_size.pod +DEPEND[html/man3/SCT_new.html]=man3/SCT_new.pod +GENERATE[html/man3/SCT_new.html]=man3/SCT_new.pod +DEPEND[man/man3/SCT_new.3]=man3/SCT_new.pod +GENERATE[man/man3/SCT_new.3]=man3/SCT_new.pod +DEPEND[html/man3/SCT_print.html]=man3/SCT_print.pod +GENERATE[html/man3/SCT_print.html]=man3/SCT_print.pod +DEPEND[man/man3/SCT_print.3]=man3/SCT_print.pod +GENERATE[man/man3/SCT_print.3]=man3/SCT_print.pod +DEPEND[html/man3/SCT_validate.html]=man3/SCT_validate.pod +GENERATE[html/man3/SCT_validate.html]=man3/SCT_validate.pod +DEPEND[man/man3/SCT_validate.3]=man3/SCT_validate.pod +GENERATE[man/man3/SCT_validate.3]=man3/SCT_validate.pod +DEPEND[html/man3/SHA256_Init.html]=man3/SHA256_Init.pod +GENERATE[html/man3/SHA256_Init.html]=man3/SHA256_Init.pod +DEPEND[man/man3/SHA256_Init.3]=man3/SHA256_Init.pod +GENERATE[man/man3/SHA256_Init.3]=man3/SHA256_Init.pod +DEPEND[html/man3/SMIME_read_ASN1.html]=man3/SMIME_read_ASN1.pod +GENERATE[html/man3/SMIME_read_ASN1.html]=man3/SMIME_read_ASN1.pod +DEPEND[man/man3/SMIME_read_ASN1.3]=man3/SMIME_read_ASN1.pod +GENERATE[man/man3/SMIME_read_ASN1.3]=man3/SMIME_read_ASN1.pod +DEPEND[html/man3/SMIME_read_CMS.html]=man3/SMIME_read_CMS.pod +GENERATE[html/man3/SMIME_read_CMS.html]=man3/SMIME_read_CMS.pod +DEPEND[man/man3/SMIME_read_CMS.3]=man3/SMIME_read_CMS.pod +GENERATE[man/man3/SMIME_read_CMS.3]=man3/SMIME_read_CMS.pod +DEPEND[html/man3/SMIME_read_PKCS7.html]=man3/SMIME_read_PKCS7.pod +GENERATE[html/man3/SMIME_read_PKCS7.html]=man3/SMIME_read_PKCS7.pod +DEPEND[man/man3/SMIME_read_PKCS7.3]=man3/SMIME_read_PKCS7.pod +GENERATE[man/man3/SMIME_read_PKCS7.3]=man3/SMIME_read_PKCS7.pod +DEPEND[html/man3/SMIME_write_ASN1.html]=man3/SMIME_write_ASN1.pod +GENERATE[html/man3/SMIME_write_ASN1.html]=man3/SMIME_write_ASN1.pod +DEPEND[man/man3/SMIME_write_ASN1.3]=man3/SMIME_write_ASN1.pod +GENERATE[man/man3/SMIME_write_ASN1.3]=man3/SMIME_write_ASN1.pod +DEPEND[html/man3/SMIME_write_CMS.html]=man3/SMIME_write_CMS.pod +GENERATE[html/man3/SMIME_write_CMS.html]=man3/SMIME_write_CMS.pod +DEPEND[man/man3/SMIME_write_CMS.3]=man3/SMIME_write_CMS.pod +GENERATE[man/man3/SMIME_write_CMS.3]=man3/SMIME_write_CMS.pod +DEPEND[html/man3/SMIME_write_PKCS7.html]=man3/SMIME_write_PKCS7.pod +GENERATE[html/man3/SMIME_write_PKCS7.html]=man3/SMIME_write_PKCS7.pod +DEPEND[man/man3/SMIME_write_PKCS7.3]=man3/SMIME_write_PKCS7.pod +GENERATE[man/man3/SMIME_write_PKCS7.3]=man3/SMIME_write_PKCS7.pod +DEPEND[html/man3/SRP_Calc_B.html]=man3/SRP_Calc_B.pod +GENERATE[html/man3/SRP_Calc_B.html]=man3/SRP_Calc_B.pod +DEPEND[man/man3/SRP_Calc_B.3]=man3/SRP_Calc_B.pod +GENERATE[man/man3/SRP_Calc_B.3]=man3/SRP_Calc_B.pod +DEPEND[html/man3/SRP_VBASE_new.html]=man3/SRP_VBASE_new.pod +GENERATE[html/man3/SRP_VBASE_new.html]=man3/SRP_VBASE_new.pod +DEPEND[man/man3/SRP_VBASE_new.3]=man3/SRP_VBASE_new.pod +GENERATE[man/man3/SRP_VBASE_new.3]=man3/SRP_VBASE_new.pod +DEPEND[html/man3/SRP_create_verifier.html]=man3/SRP_create_verifier.pod +GENERATE[html/man3/SRP_create_verifier.html]=man3/SRP_create_verifier.pod +DEPEND[man/man3/SRP_create_verifier.3]=man3/SRP_create_verifier.pod +GENERATE[man/man3/SRP_create_verifier.3]=man3/SRP_create_verifier.pod +DEPEND[html/man3/SRP_user_pwd_new.html]=man3/SRP_user_pwd_new.pod +GENERATE[html/man3/SRP_user_pwd_new.html]=man3/SRP_user_pwd_new.pod +DEPEND[man/man3/SRP_user_pwd_new.3]=man3/SRP_user_pwd_new.pod +GENERATE[man/man3/SRP_user_pwd_new.3]=man3/SRP_user_pwd_new.pod +DEPEND[html/man3/SSL_CIPHER_get_name.html]=man3/SSL_CIPHER_get_name.pod +GENERATE[html/man3/SSL_CIPHER_get_name.html]=man3/SSL_CIPHER_get_name.pod +DEPEND[man/man3/SSL_CIPHER_get_name.3]=man3/SSL_CIPHER_get_name.pod +GENERATE[man/man3/SSL_CIPHER_get_name.3]=man3/SSL_CIPHER_get_name.pod +DEPEND[html/man3/SSL_COMP_add_compression_method.html]=man3/SSL_COMP_add_compression_method.pod +GENERATE[html/man3/SSL_COMP_add_compression_method.html]=man3/SSL_COMP_add_compression_method.pod +DEPEND[man/man3/SSL_COMP_add_compression_method.3]=man3/SSL_COMP_add_compression_method.pod +GENERATE[man/man3/SSL_COMP_add_compression_method.3]=man3/SSL_COMP_add_compression_method.pod +DEPEND[html/man3/SSL_CONF_CTX_new.html]=man3/SSL_CONF_CTX_new.pod +GENERATE[html/man3/SSL_CONF_CTX_new.html]=man3/SSL_CONF_CTX_new.pod +DEPEND[man/man3/SSL_CONF_CTX_new.3]=man3/SSL_CONF_CTX_new.pod +GENERATE[man/man3/SSL_CONF_CTX_new.3]=man3/SSL_CONF_CTX_new.pod +DEPEND[html/man3/SSL_CONF_CTX_set1_prefix.html]=man3/SSL_CONF_CTX_set1_prefix.pod +GENERATE[html/man3/SSL_CONF_CTX_set1_prefix.html]=man3/SSL_CONF_CTX_set1_prefix.pod +DEPEND[man/man3/SSL_CONF_CTX_set1_prefix.3]=man3/SSL_CONF_CTX_set1_prefix.pod +GENERATE[man/man3/SSL_CONF_CTX_set1_prefix.3]=man3/SSL_CONF_CTX_set1_prefix.pod +DEPEND[html/man3/SSL_CONF_CTX_set_flags.html]=man3/SSL_CONF_CTX_set_flags.pod +GENERATE[html/man3/SSL_CONF_CTX_set_flags.html]=man3/SSL_CONF_CTX_set_flags.pod +DEPEND[man/man3/SSL_CONF_CTX_set_flags.3]=man3/SSL_CONF_CTX_set_flags.pod +GENERATE[man/man3/SSL_CONF_CTX_set_flags.3]=man3/SSL_CONF_CTX_set_flags.pod +DEPEND[html/man3/SSL_CONF_CTX_set_ssl_ctx.html]=man3/SSL_CONF_CTX_set_ssl_ctx.pod +GENERATE[html/man3/SSL_CONF_CTX_set_ssl_ctx.html]=man3/SSL_CONF_CTX_set_ssl_ctx.pod +DEPEND[man/man3/SSL_CONF_CTX_set_ssl_ctx.3]=man3/SSL_CONF_CTX_set_ssl_ctx.pod +GENERATE[man/man3/SSL_CONF_CTX_set_ssl_ctx.3]=man3/SSL_CONF_CTX_set_ssl_ctx.pod +DEPEND[html/man3/SSL_CONF_cmd.html]=man3/SSL_CONF_cmd.pod +GENERATE[html/man3/SSL_CONF_cmd.html]=man3/SSL_CONF_cmd.pod +DEPEND[man/man3/SSL_CONF_cmd.3]=man3/SSL_CONF_cmd.pod +GENERATE[man/man3/SSL_CONF_cmd.3]=man3/SSL_CONF_cmd.pod +DEPEND[html/man3/SSL_CONF_cmd_argv.html]=man3/SSL_CONF_cmd_argv.pod +GENERATE[html/man3/SSL_CONF_cmd_argv.html]=man3/SSL_CONF_cmd_argv.pod +DEPEND[man/man3/SSL_CONF_cmd_argv.3]=man3/SSL_CONF_cmd_argv.pod +GENERATE[man/man3/SSL_CONF_cmd_argv.3]=man3/SSL_CONF_cmd_argv.pod +DEPEND[html/man3/SSL_CTX_add1_chain_cert.html]=man3/SSL_CTX_add1_chain_cert.pod +GENERATE[html/man3/SSL_CTX_add1_chain_cert.html]=man3/SSL_CTX_add1_chain_cert.pod +DEPEND[man/man3/SSL_CTX_add1_chain_cert.3]=man3/SSL_CTX_add1_chain_cert.pod +GENERATE[man/man3/SSL_CTX_add1_chain_cert.3]=man3/SSL_CTX_add1_chain_cert.pod +DEPEND[html/man3/SSL_CTX_add_extra_chain_cert.html]=man3/SSL_CTX_add_extra_chain_cert.pod +GENERATE[html/man3/SSL_CTX_add_extra_chain_cert.html]=man3/SSL_CTX_add_extra_chain_cert.pod +DEPEND[man/man3/SSL_CTX_add_extra_chain_cert.3]=man3/SSL_CTX_add_extra_chain_cert.pod +GENERATE[man/man3/SSL_CTX_add_extra_chain_cert.3]=man3/SSL_CTX_add_extra_chain_cert.pod +DEPEND[html/man3/SSL_CTX_add_session.html]=man3/SSL_CTX_add_session.pod +GENERATE[html/man3/SSL_CTX_add_session.html]=man3/SSL_CTX_add_session.pod +DEPEND[man/man3/SSL_CTX_add_session.3]=man3/SSL_CTX_add_session.pod +GENERATE[man/man3/SSL_CTX_add_session.3]=man3/SSL_CTX_add_session.pod +DEPEND[html/man3/SSL_CTX_config.html]=man3/SSL_CTX_config.pod +GENERATE[html/man3/SSL_CTX_config.html]=man3/SSL_CTX_config.pod +DEPEND[man/man3/SSL_CTX_config.3]=man3/SSL_CTX_config.pod +GENERATE[man/man3/SSL_CTX_config.3]=man3/SSL_CTX_config.pod +DEPEND[html/man3/SSL_CTX_ctrl.html]=man3/SSL_CTX_ctrl.pod +GENERATE[html/man3/SSL_CTX_ctrl.html]=man3/SSL_CTX_ctrl.pod +DEPEND[man/man3/SSL_CTX_ctrl.3]=man3/SSL_CTX_ctrl.pod +GENERATE[man/man3/SSL_CTX_ctrl.3]=man3/SSL_CTX_ctrl.pod +DEPEND[html/man3/SSL_CTX_dane_enable.html]=man3/SSL_CTX_dane_enable.pod +GENERATE[html/man3/SSL_CTX_dane_enable.html]=man3/SSL_CTX_dane_enable.pod +DEPEND[man/man3/SSL_CTX_dane_enable.3]=man3/SSL_CTX_dane_enable.pod +GENERATE[man/man3/SSL_CTX_dane_enable.3]=man3/SSL_CTX_dane_enable.pod +DEPEND[html/man3/SSL_CTX_flush_sessions.html]=man3/SSL_CTX_flush_sessions.pod +GENERATE[html/man3/SSL_CTX_flush_sessions.html]=man3/SSL_CTX_flush_sessions.pod +DEPEND[man/man3/SSL_CTX_flush_sessions.3]=man3/SSL_CTX_flush_sessions.pod +GENERATE[man/man3/SSL_CTX_flush_sessions.3]=man3/SSL_CTX_flush_sessions.pod +DEPEND[html/man3/SSL_CTX_free.html]=man3/SSL_CTX_free.pod +GENERATE[html/man3/SSL_CTX_free.html]=man3/SSL_CTX_free.pod +DEPEND[man/man3/SSL_CTX_free.3]=man3/SSL_CTX_free.pod +GENERATE[man/man3/SSL_CTX_free.3]=man3/SSL_CTX_free.pod +DEPEND[html/man3/SSL_CTX_get0_param.html]=man3/SSL_CTX_get0_param.pod +GENERATE[html/man3/SSL_CTX_get0_param.html]=man3/SSL_CTX_get0_param.pod +DEPEND[man/man3/SSL_CTX_get0_param.3]=man3/SSL_CTX_get0_param.pod +GENERATE[man/man3/SSL_CTX_get0_param.3]=man3/SSL_CTX_get0_param.pod +DEPEND[html/man3/SSL_CTX_get_verify_mode.html]=man3/SSL_CTX_get_verify_mode.pod +GENERATE[html/man3/SSL_CTX_get_verify_mode.html]=man3/SSL_CTX_get_verify_mode.pod +DEPEND[man/man3/SSL_CTX_get_verify_mode.3]=man3/SSL_CTX_get_verify_mode.pod +GENERATE[man/man3/SSL_CTX_get_verify_mode.3]=man3/SSL_CTX_get_verify_mode.pod +DEPEND[html/man3/SSL_CTX_has_client_custom_ext.html]=man3/SSL_CTX_has_client_custom_ext.pod +GENERATE[html/man3/SSL_CTX_has_client_custom_ext.html]=man3/SSL_CTX_has_client_custom_ext.pod +DEPEND[man/man3/SSL_CTX_has_client_custom_ext.3]=man3/SSL_CTX_has_client_custom_ext.pod +GENERATE[man/man3/SSL_CTX_has_client_custom_ext.3]=man3/SSL_CTX_has_client_custom_ext.pod +DEPEND[html/man3/SSL_CTX_load_verify_locations.html]=man3/SSL_CTX_load_verify_locations.pod +GENERATE[html/man3/SSL_CTX_load_verify_locations.html]=man3/SSL_CTX_load_verify_locations.pod +DEPEND[man/man3/SSL_CTX_load_verify_locations.3]=man3/SSL_CTX_load_verify_locations.pod +GENERATE[man/man3/SSL_CTX_load_verify_locations.3]=man3/SSL_CTX_load_verify_locations.pod +DEPEND[html/man3/SSL_CTX_new.html]=man3/SSL_CTX_new.pod +GENERATE[html/man3/SSL_CTX_new.html]=man3/SSL_CTX_new.pod +DEPEND[man/man3/SSL_CTX_new.3]=man3/SSL_CTX_new.pod +GENERATE[man/man3/SSL_CTX_new.3]=man3/SSL_CTX_new.pod +DEPEND[html/man3/SSL_CTX_sess_number.html]=man3/SSL_CTX_sess_number.pod +GENERATE[html/man3/SSL_CTX_sess_number.html]=man3/SSL_CTX_sess_number.pod +DEPEND[man/man3/SSL_CTX_sess_number.3]=man3/SSL_CTX_sess_number.pod +GENERATE[man/man3/SSL_CTX_sess_number.3]=man3/SSL_CTX_sess_number.pod +DEPEND[html/man3/SSL_CTX_sess_set_cache_size.html]=man3/SSL_CTX_sess_set_cache_size.pod +GENERATE[html/man3/SSL_CTX_sess_set_cache_size.html]=man3/SSL_CTX_sess_set_cache_size.pod +DEPEND[man/man3/SSL_CTX_sess_set_cache_size.3]=man3/SSL_CTX_sess_set_cache_size.pod +GENERATE[man/man3/SSL_CTX_sess_set_cache_size.3]=man3/SSL_CTX_sess_set_cache_size.pod +DEPEND[html/man3/SSL_CTX_sess_set_get_cb.html]=man3/SSL_CTX_sess_set_get_cb.pod +GENERATE[html/man3/SSL_CTX_sess_set_get_cb.html]=man3/SSL_CTX_sess_set_get_cb.pod +DEPEND[man/man3/SSL_CTX_sess_set_get_cb.3]=man3/SSL_CTX_sess_set_get_cb.pod +GENERATE[man/man3/SSL_CTX_sess_set_get_cb.3]=man3/SSL_CTX_sess_set_get_cb.pod +DEPEND[html/man3/SSL_CTX_sessions.html]=man3/SSL_CTX_sessions.pod +GENERATE[html/man3/SSL_CTX_sessions.html]=man3/SSL_CTX_sessions.pod +DEPEND[man/man3/SSL_CTX_sessions.3]=man3/SSL_CTX_sessions.pod +GENERATE[man/man3/SSL_CTX_sessions.3]=man3/SSL_CTX_sessions.pod +DEPEND[html/man3/SSL_CTX_set0_CA_list.html]=man3/SSL_CTX_set0_CA_list.pod +GENERATE[html/man3/SSL_CTX_set0_CA_list.html]=man3/SSL_CTX_set0_CA_list.pod +DEPEND[man/man3/SSL_CTX_set0_CA_list.3]=man3/SSL_CTX_set0_CA_list.pod +GENERATE[man/man3/SSL_CTX_set0_CA_list.3]=man3/SSL_CTX_set0_CA_list.pod +DEPEND[html/man3/SSL_CTX_set1_curves.html]=man3/SSL_CTX_set1_curves.pod +GENERATE[html/man3/SSL_CTX_set1_curves.html]=man3/SSL_CTX_set1_curves.pod +DEPEND[man/man3/SSL_CTX_set1_curves.3]=man3/SSL_CTX_set1_curves.pod +GENERATE[man/man3/SSL_CTX_set1_curves.3]=man3/SSL_CTX_set1_curves.pod +DEPEND[html/man3/SSL_CTX_set1_sigalgs.html]=man3/SSL_CTX_set1_sigalgs.pod +GENERATE[html/man3/SSL_CTX_set1_sigalgs.html]=man3/SSL_CTX_set1_sigalgs.pod +DEPEND[man/man3/SSL_CTX_set1_sigalgs.3]=man3/SSL_CTX_set1_sigalgs.pod +GENERATE[man/man3/SSL_CTX_set1_sigalgs.3]=man3/SSL_CTX_set1_sigalgs.pod +DEPEND[html/man3/SSL_CTX_set1_verify_cert_store.html]=man3/SSL_CTX_set1_verify_cert_store.pod +GENERATE[html/man3/SSL_CTX_set1_verify_cert_store.html]=man3/SSL_CTX_set1_verify_cert_store.pod +DEPEND[man/man3/SSL_CTX_set1_verify_cert_store.3]=man3/SSL_CTX_set1_verify_cert_store.pod +GENERATE[man/man3/SSL_CTX_set1_verify_cert_store.3]=man3/SSL_CTX_set1_verify_cert_store.pod +DEPEND[html/man3/SSL_CTX_set_alpn_select_cb.html]=man3/SSL_CTX_set_alpn_select_cb.pod +GENERATE[html/man3/SSL_CTX_set_alpn_select_cb.html]=man3/SSL_CTX_set_alpn_select_cb.pod +DEPEND[man/man3/SSL_CTX_set_alpn_select_cb.3]=man3/SSL_CTX_set_alpn_select_cb.pod +GENERATE[man/man3/SSL_CTX_set_alpn_select_cb.3]=man3/SSL_CTX_set_alpn_select_cb.pod +DEPEND[html/man3/SSL_CTX_set_cert_cb.html]=man3/SSL_CTX_set_cert_cb.pod +GENERATE[html/man3/SSL_CTX_set_cert_cb.html]=man3/SSL_CTX_set_cert_cb.pod +DEPEND[man/man3/SSL_CTX_set_cert_cb.3]=man3/SSL_CTX_set_cert_cb.pod +GENERATE[man/man3/SSL_CTX_set_cert_cb.3]=man3/SSL_CTX_set_cert_cb.pod +DEPEND[html/man3/SSL_CTX_set_cert_store.html]=man3/SSL_CTX_set_cert_store.pod +GENERATE[html/man3/SSL_CTX_set_cert_store.html]=man3/SSL_CTX_set_cert_store.pod +DEPEND[man/man3/SSL_CTX_set_cert_store.3]=man3/SSL_CTX_set_cert_store.pod +GENERATE[man/man3/SSL_CTX_set_cert_store.3]=man3/SSL_CTX_set_cert_store.pod +DEPEND[html/man3/SSL_CTX_set_cert_verify_callback.html]=man3/SSL_CTX_set_cert_verify_callback.pod +GENERATE[html/man3/SSL_CTX_set_cert_verify_callback.html]=man3/SSL_CTX_set_cert_verify_callback.pod +DEPEND[man/man3/SSL_CTX_set_cert_verify_callback.3]=man3/SSL_CTX_set_cert_verify_callback.pod +GENERATE[man/man3/SSL_CTX_set_cert_verify_callback.3]=man3/SSL_CTX_set_cert_verify_callback.pod +DEPEND[html/man3/SSL_CTX_set_cipher_list.html]=man3/SSL_CTX_set_cipher_list.pod +GENERATE[html/man3/SSL_CTX_set_cipher_list.html]=man3/SSL_CTX_set_cipher_list.pod +DEPEND[man/man3/SSL_CTX_set_cipher_list.3]=man3/SSL_CTX_set_cipher_list.pod +GENERATE[man/man3/SSL_CTX_set_cipher_list.3]=man3/SSL_CTX_set_cipher_list.pod +DEPEND[html/man3/SSL_CTX_set_client_cert_cb.html]=man3/SSL_CTX_set_client_cert_cb.pod +GENERATE[html/man3/SSL_CTX_set_client_cert_cb.html]=man3/SSL_CTX_set_client_cert_cb.pod +DEPEND[man/man3/SSL_CTX_set_client_cert_cb.3]=man3/SSL_CTX_set_client_cert_cb.pod +GENERATE[man/man3/SSL_CTX_set_client_cert_cb.3]=man3/SSL_CTX_set_client_cert_cb.pod +DEPEND[html/man3/SSL_CTX_set_client_hello_cb.html]=man3/SSL_CTX_set_client_hello_cb.pod +GENERATE[html/man3/SSL_CTX_set_client_hello_cb.html]=man3/SSL_CTX_set_client_hello_cb.pod +DEPEND[man/man3/SSL_CTX_set_client_hello_cb.3]=man3/SSL_CTX_set_client_hello_cb.pod +GENERATE[man/man3/SSL_CTX_set_client_hello_cb.3]=man3/SSL_CTX_set_client_hello_cb.pod +DEPEND[html/man3/SSL_CTX_set_ct_validation_callback.html]=man3/SSL_CTX_set_ct_validation_callback.pod +GENERATE[html/man3/SSL_CTX_set_ct_validation_callback.html]=man3/SSL_CTX_set_ct_validation_callback.pod +DEPEND[man/man3/SSL_CTX_set_ct_validation_callback.3]=man3/SSL_CTX_set_ct_validation_callback.pod +GENERATE[man/man3/SSL_CTX_set_ct_validation_callback.3]=man3/SSL_CTX_set_ct_validation_callback.pod +DEPEND[html/man3/SSL_CTX_set_ctlog_list_file.html]=man3/SSL_CTX_set_ctlog_list_file.pod +GENERATE[html/man3/SSL_CTX_set_ctlog_list_file.html]=man3/SSL_CTX_set_ctlog_list_file.pod +DEPEND[man/man3/SSL_CTX_set_ctlog_list_file.3]=man3/SSL_CTX_set_ctlog_list_file.pod +GENERATE[man/man3/SSL_CTX_set_ctlog_list_file.3]=man3/SSL_CTX_set_ctlog_list_file.pod +DEPEND[html/man3/SSL_CTX_set_default_passwd_cb.html]=man3/SSL_CTX_set_default_passwd_cb.pod +GENERATE[html/man3/SSL_CTX_set_default_passwd_cb.html]=man3/SSL_CTX_set_default_passwd_cb.pod +DEPEND[man/man3/SSL_CTX_set_default_passwd_cb.3]=man3/SSL_CTX_set_default_passwd_cb.pod +GENERATE[man/man3/SSL_CTX_set_default_passwd_cb.3]=man3/SSL_CTX_set_default_passwd_cb.pod +DEPEND[html/man3/SSL_CTX_set_generate_session_id.html]=man3/SSL_CTX_set_generate_session_id.pod +GENERATE[html/man3/SSL_CTX_set_generate_session_id.html]=man3/SSL_CTX_set_generate_session_id.pod +DEPEND[man/man3/SSL_CTX_set_generate_session_id.3]=man3/SSL_CTX_set_generate_session_id.pod +GENERATE[man/man3/SSL_CTX_set_generate_session_id.3]=man3/SSL_CTX_set_generate_session_id.pod +DEPEND[html/man3/SSL_CTX_set_info_callback.html]=man3/SSL_CTX_set_info_callback.pod +GENERATE[html/man3/SSL_CTX_set_info_callback.html]=man3/SSL_CTX_set_info_callback.pod +DEPEND[man/man3/SSL_CTX_set_info_callback.3]=man3/SSL_CTX_set_info_callback.pod +GENERATE[man/man3/SSL_CTX_set_info_callback.3]=man3/SSL_CTX_set_info_callback.pod +DEPEND[html/man3/SSL_CTX_set_keylog_callback.html]=man3/SSL_CTX_set_keylog_callback.pod +GENERATE[html/man3/SSL_CTX_set_keylog_callback.html]=man3/SSL_CTX_set_keylog_callback.pod +DEPEND[man/man3/SSL_CTX_set_keylog_callback.3]=man3/SSL_CTX_set_keylog_callback.pod +GENERATE[man/man3/SSL_CTX_set_keylog_callback.3]=man3/SSL_CTX_set_keylog_callback.pod +DEPEND[html/man3/SSL_CTX_set_max_cert_list.html]=man3/SSL_CTX_set_max_cert_list.pod +GENERATE[html/man3/SSL_CTX_set_max_cert_list.html]=man3/SSL_CTX_set_max_cert_list.pod +DEPEND[man/man3/SSL_CTX_set_max_cert_list.3]=man3/SSL_CTX_set_max_cert_list.pod +GENERATE[man/man3/SSL_CTX_set_max_cert_list.3]=man3/SSL_CTX_set_max_cert_list.pod +DEPEND[html/man3/SSL_CTX_set_min_proto_version.html]=man3/SSL_CTX_set_min_proto_version.pod +GENERATE[html/man3/SSL_CTX_set_min_proto_version.html]=man3/SSL_CTX_set_min_proto_version.pod +DEPEND[man/man3/SSL_CTX_set_min_proto_version.3]=man3/SSL_CTX_set_min_proto_version.pod +GENERATE[man/man3/SSL_CTX_set_min_proto_version.3]=man3/SSL_CTX_set_min_proto_version.pod +DEPEND[html/man3/SSL_CTX_set_mode.html]=man3/SSL_CTX_set_mode.pod +GENERATE[html/man3/SSL_CTX_set_mode.html]=man3/SSL_CTX_set_mode.pod +DEPEND[man/man3/SSL_CTX_set_mode.3]=man3/SSL_CTX_set_mode.pod +GENERATE[man/man3/SSL_CTX_set_mode.3]=man3/SSL_CTX_set_mode.pod +DEPEND[html/man3/SSL_CTX_set_msg_callback.html]=man3/SSL_CTX_set_msg_callback.pod +GENERATE[html/man3/SSL_CTX_set_msg_callback.html]=man3/SSL_CTX_set_msg_callback.pod +DEPEND[man/man3/SSL_CTX_set_msg_callback.3]=man3/SSL_CTX_set_msg_callback.pod +GENERATE[man/man3/SSL_CTX_set_msg_callback.3]=man3/SSL_CTX_set_msg_callback.pod +DEPEND[html/man3/SSL_CTX_set_num_tickets.html]=man3/SSL_CTX_set_num_tickets.pod +GENERATE[html/man3/SSL_CTX_set_num_tickets.html]=man3/SSL_CTX_set_num_tickets.pod +DEPEND[man/man3/SSL_CTX_set_num_tickets.3]=man3/SSL_CTX_set_num_tickets.pod +GENERATE[man/man3/SSL_CTX_set_num_tickets.3]=man3/SSL_CTX_set_num_tickets.pod +DEPEND[html/man3/SSL_CTX_set_options.html]=man3/SSL_CTX_set_options.pod +GENERATE[html/man3/SSL_CTX_set_options.html]=man3/SSL_CTX_set_options.pod +DEPEND[man/man3/SSL_CTX_set_options.3]=man3/SSL_CTX_set_options.pod +GENERATE[man/man3/SSL_CTX_set_options.3]=man3/SSL_CTX_set_options.pod +DEPEND[html/man3/SSL_CTX_set_psk_client_callback.html]=man3/SSL_CTX_set_psk_client_callback.pod +GENERATE[html/man3/SSL_CTX_set_psk_client_callback.html]=man3/SSL_CTX_set_psk_client_callback.pod +DEPEND[man/man3/SSL_CTX_set_psk_client_callback.3]=man3/SSL_CTX_set_psk_client_callback.pod +GENERATE[man/man3/SSL_CTX_set_psk_client_callback.3]=man3/SSL_CTX_set_psk_client_callback.pod +DEPEND[html/man3/SSL_CTX_set_quiet_shutdown.html]=man3/SSL_CTX_set_quiet_shutdown.pod +GENERATE[html/man3/SSL_CTX_set_quiet_shutdown.html]=man3/SSL_CTX_set_quiet_shutdown.pod +DEPEND[man/man3/SSL_CTX_set_quiet_shutdown.3]=man3/SSL_CTX_set_quiet_shutdown.pod +GENERATE[man/man3/SSL_CTX_set_quiet_shutdown.3]=man3/SSL_CTX_set_quiet_shutdown.pod +DEPEND[html/man3/SSL_CTX_set_read_ahead.html]=man3/SSL_CTX_set_read_ahead.pod +GENERATE[html/man3/SSL_CTX_set_read_ahead.html]=man3/SSL_CTX_set_read_ahead.pod +DEPEND[man/man3/SSL_CTX_set_read_ahead.3]=man3/SSL_CTX_set_read_ahead.pod +GENERATE[man/man3/SSL_CTX_set_read_ahead.3]=man3/SSL_CTX_set_read_ahead.pod +DEPEND[html/man3/SSL_CTX_set_record_padding_callback.html]=man3/SSL_CTX_set_record_padding_callback.pod +GENERATE[html/man3/SSL_CTX_set_record_padding_callback.html]=man3/SSL_CTX_set_record_padding_callback.pod +DEPEND[man/man3/SSL_CTX_set_record_padding_callback.3]=man3/SSL_CTX_set_record_padding_callback.pod +GENERATE[man/man3/SSL_CTX_set_record_padding_callback.3]=man3/SSL_CTX_set_record_padding_callback.pod +DEPEND[html/man3/SSL_CTX_set_security_level.html]=man3/SSL_CTX_set_security_level.pod +GENERATE[html/man3/SSL_CTX_set_security_level.html]=man3/SSL_CTX_set_security_level.pod +DEPEND[man/man3/SSL_CTX_set_security_level.3]=man3/SSL_CTX_set_security_level.pod +GENERATE[man/man3/SSL_CTX_set_security_level.3]=man3/SSL_CTX_set_security_level.pod +DEPEND[html/man3/SSL_CTX_set_session_cache_mode.html]=man3/SSL_CTX_set_session_cache_mode.pod +GENERATE[html/man3/SSL_CTX_set_session_cache_mode.html]=man3/SSL_CTX_set_session_cache_mode.pod +DEPEND[man/man3/SSL_CTX_set_session_cache_mode.3]=man3/SSL_CTX_set_session_cache_mode.pod +GENERATE[man/man3/SSL_CTX_set_session_cache_mode.3]=man3/SSL_CTX_set_session_cache_mode.pod +DEPEND[html/man3/SSL_CTX_set_session_id_context.html]=man3/SSL_CTX_set_session_id_context.pod +GENERATE[html/man3/SSL_CTX_set_session_id_context.html]=man3/SSL_CTX_set_session_id_context.pod +DEPEND[man/man3/SSL_CTX_set_session_id_context.3]=man3/SSL_CTX_set_session_id_context.pod +GENERATE[man/man3/SSL_CTX_set_session_id_context.3]=man3/SSL_CTX_set_session_id_context.pod +DEPEND[html/man3/SSL_CTX_set_session_ticket_cb.html]=man3/SSL_CTX_set_session_ticket_cb.pod +GENERATE[html/man3/SSL_CTX_set_session_ticket_cb.html]=man3/SSL_CTX_set_session_ticket_cb.pod +DEPEND[man/man3/SSL_CTX_set_session_ticket_cb.3]=man3/SSL_CTX_set_session_ticket_cb.pod +GENERATE[man/man3/SSL_CTX_set_session_ticket_cb.3]=man3/SSL_CTX_set_session_ticket_cb.pod +DEPEND[html/man3/SSL_CTX_set_split_send_fragment.html]=man3/SSL_CTX_set_split_send_fragment.pod +GENERATE[html/man3/SSL_CTX_set_split_send_fragment.html]=man3/SSL_CTX_set_split_send_fragment.pod +DEPEND[man/man3/SSL_CTX_set_split_send_fragment.3]=man3/SSL_CTX_set_split_send_fragment.pod +GENERATE[man/man3/SSL_CTX_set_split_send_fragment.3]=man3/SSL_CTX_set_split_send_fragment.pod +DEPEND[html/man3/SSL_CTX_set_srp_password.html]=man3/SSL_CTX_set_srp_password.pod +GENERATE[html/man3/SSL_CTX_set_srp_password.html]=man3/SSL_CTX_set_srp_password.pod +DEPEND[man/man3/SSL_CTX_set_srp_password.3]=man3/SSL_CTX_set_srp_password.pod +GENERATE[man/man3/SSL_CTX_set_srp_password.3]=man3/SSL_CTX_set_srp_password.pod +DEPEND[html/man3/SSL_CTX_set_ssl_version.html]=man3/SSL_CTX_set_ssl_version.pod +GENERATE[html/man3/SSL_CTX_set_ssl_version.html]=man3/SSL_CTX_set_ssl_version.pod +DEPEND[man/man3/SSL_CTX_set_ssl_version.3]=man3/SSL_CTX_set_ssl_version.pod +GENERATE[man/man3/SSL_CTX_set_ssl_version.3]=man3/SSL_CTX_set_ssl_version.pod +DEPEND[html/man3/SSL_CTX_set_stateless_cookie_generate_cb.html]=man3/SSL_CTX_set_stateless_cookie_generate_cb.pod +GENERATE[html/man3/SSL_CTX_set_stateless_cookie_generate_cb.html]=man3/SSL_CTX_set_stateless_cookie_generate_cb.pod +DEPEND[man/man3/SSL_CTX_set_stateless_cookie_generate_cb.3]=man3/SSL_CTX_set_stateless_cookie_generate_cb.pod +GENERATE[man/man3/SSL_CTX_set_stateless_cookie_generate_cb.3]=man3/SSL_CTX_set_stateless_cookie_generate_cb.pod +DEPEND[html/man3/SSL_CTX_set_timeout.html]=man3/SSL_CTX_set_timeout.pod +GENERATE[html/man3/SSL_CTX_set_timeout.html]=man3/SSL_CTX_set_timeout.pod +DEPEND[man/man3/SSL_CTX_set_timeout.3]=man3/SSL_CTX_set_timeout.pod +GENERATE[man/man3/SSL_CTX_set_timeout.3]=man3/SSL_CTX_set_timeout.pod +DEPEND[html/man3/SSL_CTX_set_tlsext_servername_callback.html]=man3/SSL_CTX_set_tlsext_servername_callback.pod +GENERATE[html/man3/SSL_CTX_set_tlsext_servername_callback.html]=man3/SSL_CTX_set_tlsext_servername_callback.pod +DEPEND[man/man3/SSL_CTX_set_tlsext_servername_callback.3]=man3/SSL_CTX_set_tlsext_servername_callback.pod +GENERATE[man/man3/SSL_CTX_set_tlsext_servername_callback.3]=man3/SSL_CTX_set_tlsext_servername_callback.pod +DEPEND[html/man3/SSL_CTX_set_tlsext_status_cb.html]=man3/SSL_CTX_set_tlsext_status_cb.pod +GENERATE[html/man3/SSL_CTX_set_tlsext_status_cb.html]=man3/SSL_CTX_set_tlsext_status_cb.pod +DEPEND[man/man3/SSL_CTX_set_tlsext_status_cb.3]=man3/SSL_CTX_set_tlsext_status_cb.pod +GENERATE[man/man3/SSL_CTX_set_tlsext_status_cb.3]=man3/SSL_CTX_set_tlsext_status_cb.pod +DEPEND[html/man3/SSL_CTX_set_tlsext_ticket_key_cb.html]=man3/SSL_CTX_set_tlsext_ticket_key_cb.pod +GENERATE[html/man3/SSL_CTX_set_tlsext_ticket_key_cb.html]=man3/SSL_CTX_set_tlsext_ticket_key_cb.pod +DEPEND[man/man3/SSL_CTX_set_tlsext_ticket_key_cb.3]=man3/SSL_CTX_set_tlsext_ticket_key_cb.pod +GENERATE[man/man3/SSL_CTX_set_tlsext_ticket_key_cb.3]=man3/SSL_CTX_set_tlsext_ticket_key_cb.pod +DEPEND[html/man3/SSL_CTX_set_tlsext_use_srtp.html]=man3/SSL_CTX_set_tlsext_use_srtp.pod +GENERATE[html/man3/SSL_CTX_set_tlsext_use_srtp.html]=man3/SSL_CTX_set_tlsext_use_srtp.pod +DEPEND[man/man3/SSL_CTX_set_tlsext_use_srtp.3]=man3/SSL_CTX_set_tlsext_use_srtp.pod +GENERATE[man/man3/SSL_CTX_set_tlsext_use_srtp.3]=man3/SSL_CTX_set_tlsext_use_srtp.pod +DEPEND[html/man3/SSL_CTX_set_tmp_dh_callback.html]=man3/SSL_CTX_set_tmp_dh_callback.pod +GENERATE[html/man3/SSL_CTX_set_tmp_dh_callback.html]=man3/SSL_CTX_set_tmp_dh_callback.pod +DEPEND[man/man3/SSL_CTX_set_tmp_dh_callback.3]=man3/SSL_CTX_set_tmp_dh_callback.pod +GENERATE[man/man3/SSL_CTX_set_tmp_dh_callback.3]=man3/SSL_CTX_set_tmp_dh_callback.pod +DEPEND[html/man3/SSL_CTX_set_tmp_ecdh.html]=man3/SSL_CTX_set_tmp_ecdh.pod +GENERATE[html/man3/SSL_CTX_set_tmp_ecdh.html]=man3/SSL_CTX_set_tmp_ecdh.pod +DEPEND[man/man3/SSL_CTX_set_tmp_ecdh.3]=man3/SSL_CTX_set_tmp_ecdh.pod +GENERATE[man/man3/SSL_CTX_set_tmp_ecdh.3]=man3/SSL_CTX_set_tmp_ecdh.pod +DEPEND[html/man3/SSL_CTX_set_verify.html]=man3/SSL_CTX_set_verify.pod +GENERATE[html/man3/SSL_CTX_set_verify.html]=man3/SSL_CTX_set_verify.pod +DEPEND[man/man3/SSL_CTX_set_verify.3]=man3/SSL_CTX_set_verify.pod +GENERATE[man/man3/SSL_CTX_set_verify.3]=man3/SSL_CTX_set_verify.pod +DEPEND[html/man3/SSL_CTX_use_certificate.html]=man3/SSL_CTX_use_certificate.pod +GENERATE[html/man3/SSL_CTX_use_certificate.html]=man3/SSL_CTX_use_certificate.pod +DEPEND[man/man3/SSL_CTX_use_certificate.3]=man3/SSL_CTX_use_certificate.pod +GENERATE[man/man3/SSL_CTX_use_certificate.3]=man3/SSL_CTX_use_certificate.pod +DEPEND[html/man3/SSL_CTX_use_psk_identity_hint.html]=man3/SSL_CTX_use_psk_identity_hint.pod +GENERATE[html/man3/SSL_CTX_use_psk_identity_hint.html]=man3/SSL_CTX_use_psk_identity_hint.pod +DEPEND[man/man3/SSL_CTX_use_psk_identity_hint.3]=man3/SSL_CTX_use_psk_identity_hint.pod +GENERATE[man/man3/SSL_CTX_use_psk_identity_hint.3]=man3/SSL_CTX_use_psk_identity_hint.pod +DEPEND[html/man3/SSL_CTX_use_serverinfo.html]=man3/SSL_CTX_use_serverinfo.pod +GENERATE[html/man3/SSL_CTX_use_serverinfo.html]=man3/SSL_CTX_use_serverinfo.pod +DEPEND[man/man3/SSL_CTX_use_serverinfo.3]=man3/SSL_CTX_use_serverinfo.pod +GENERATE[man/man3/SSL_CTX_use_serverinfo.3]=man3/SSL_CTX_use_serverinfo.pod +DEPEND[html/man3/SSL_SESSION_free.html]=man3/SSL_SESSION_free.pod +GENERATE[html/man3/SSL_SESSION_free.html]=man3/SSL_SESSION_free.pod +DEPEND[man/man3/SSL_SESSION_free.3]=man3/SSL_SESSION_free.pod +GENERATE[man/man3/SSL_SESSION_free.3]=man3/SSL_SESSION_free.pod +DEPEND[html/man3/SSL_SESSION_get0_cipher.html]=man3/SSL_SESSION_get0_cipher.pod +GENERATE[html/man3/SSL_SESSION_get0_cipher.html]=man3/SSL_SESSION_get0_cipher.pod +DEPEND[man/man3/SSL_SESSION_get0_cipher.3]=man3/SSL_SESSION_get0_cipher.pod +GENERATE[man/man3/SSL_SESSION_get0_cipher.3]=man3/SSL_SESSION_get0_cipher.pod +DEPEND[html/man3/SSL_SESSION_get0_hostname.html]=man3/SSL_SESSION_get0_hostname.pod +GENERATE[html/man3/SSL_SESSION_get0_hostname.html]=man3/SSL_SESSION_get0_hostname.pod +DEPEND[man/man3/SSL_SESSION_get0_hostname.3]=man3/SSL_SESSION_get0_hostname.pod +GENERATE[man/man3/SSL_SESSION_get0_hostname.3]=man3/SSL_SESSION_get0_hostname.pod +DEPEND[html/man3/SSL_SESSION_get0_id_context.html]=man3/SSL_SESSION_get0_id_context.pod +GENERATE[html/man3/SSL_SESSION_get0_id_context.html]=man3/SSL_SESSION_get0_id_context.pod +DEPEND[man/man3/SSL_SESSION_get0_id_context.3]=man3/SSL_SESSION_get0_id_context.pod +GENERATE[man/man3/SSL_SESSION_get0_id_context.3]=man3/SSL_SESSION_get0_id_context.pod +DEPEND[html/man3/SSL_SESSION_get0_peer.html]=man3/SSL_SESSION_get0_peer.pod +GENERATE[html/man3/SSL_SESSION_get0_peer.html]=man3/SSL_SESSION_get0_peer.pod +DEPEND[man/man3/SSL_SESSION_get0_peer.3]=man3/SSL_SESSION_get0_peer.pod +GENERATE[man/man3/SSL_SESSION_get0_peer.3]=man3/SSL_SESSION_get0_peer.pod +DEPEND[html/man3/SSL_SESSION_get_compress_id.html]=man3/SSL_SESSION_get_compress_id.pod +GENERATE[html/man3/SSL_SESSION_get_compress_id.html]=man3/SSL_SESSION_get_compress_id.pod +DEPEND[man/man3/SSL_SESSION_get_compress_id.3]=man3/SSL_SESSION_get_compress_id.pod +GENERATE[man/man3/SSL_SESSION_get_compress_id.3]=man3/SSL_SESSION_get_compress_id.pod +DEPEND[html/man3/SSL_SESSION_get_protocol_version.html]=man3/SSL_SESSION_get_protocol_version.pod +GENERATE[html/man3/SSL_SESSION_get_protocol_version.html]=man3/SSL_SESSION_get_protocol_version.pod +DEPEND[man/man3/SSL_SESSION_get_protocol_version.3]=man3/SSL_SESSION_get_protocol_version.pod +GENERATE[man/man3/SSL_SESSION_get_protocol_version.3]=man3/SSL_SESSION_get_protocol_version.pod +DEPEND[html/man3/SSL_SESSION_get_time.html]=man3/SSL_SESSION_get_time.pod +GENERATE[html/man3/SSL_SESSION_get_time.html]=man3/SSL_SESSION_get_time.pod +DEPEND[man/man3/SSL_SESSION_get_time.3]=man3/SSL_SESSION_get_time.pod +GENERATE[man/man3/SSL_SESSION_get_time.3]=man3/SSL_SESSION_get_time.pod +DEPEND[html/man3/SSL_SESSION_has_ticket.html]=man3/SSL_SESSION_has_ticket.pod +GENERATE[html/man3/SSL_SESSION_has_ticket.html]=man3/SSL_SESSION_has_ticket.pod +DEPEND[man/man3/SSL_SESSION_has_ticket.3]=man3/SSL_SESSION_has_ticket.pod +GENERATE[man/man3/SSL_SESSION_has_ticket.3]=man3/SSL_SESSION_has_ticket.pod +DEPEND[html/man3/SSL_SESSION_is_resumable.html]=man3/SSL_SESSION_is_resumable.pod +GENERATE[html/man3/SSL_SESSION_is_resumable.html]=man3/SSL_SESSION_is_resumable.pod +DEPEND[man/man3/SSL_SESSION_is_resumable.3]=man3/SSL_SESSION_is_resumable.pod +GENERATE[man/man3/SSL_SESSION_is_resumable.3]=man3/SSL_SESSION_is_resumable.pod +DEPEND[html/man3/SSL_SESSION_print.html]=man3/SSL_SESSION_print.pod +GENERATE[html/man3/SSL_SESSION_print.html]=man3/SSL_SESSION_print.pod +DEPEND[man/man3/SSL_SESSION_print.3]=man3/SSL_SESSION_print.pod +GENERATE[man/man3/SSL_SESSION_print.3]=man3/SSL_SESSION_print.pod +DEPEND[html/man3/SSL_SESSION_set1_id.html]=man3/SSL_SESSION_set1_id.pod +GENERATE[html/man3/SSL_SESSION_set1_id.html]=man3/SSL_SESSION_set1_id.pod +DEPEND[man/man3/SSL_SESSION_set1_id.3]=man3/SSL_SESSION_set1_id.pod +GENERATE[man/man3/SSL_SESSION_set1_id.3]=man3/SSL_SESSION_set1_id.pod +DEPEND[html/man3/SSL_accept.html]=man3/SSL_accept.pod +GENERATE[html/man3/SSL_accept.html]=man3/SSL_accept.pod +DEPEND[man/man3/SSL_accept.3]=man3/SSL_accept.pod +GENERATE[man/man3/SSL_accept.3]=man3/SSL_accept.pod +DEPEND[html/man3/SSL_alert_type_string.html]=man3/SSL_alert_type_string.pod +GENERATE[html/man3/SSL_alert_type_string.html]=man3/SSL_alert_type_string.pod +DEPEND[man/man3/SSL_alert_type_string.3]=man3/SSL_alert_type_string.pod +GENERATE[man/man3/SSL_alert_type_string.3]=man3/SSL_alert_type_string.pod +DEPEND[html/man3/SSL_alloc_buffers.html]=man3/SSL_alloc_buffers.pod +GENERATE[html/man3/SSL_alloc_buffers.html]=man3/SSL_alloc_buffers.pod +DEPEND[man/man3/SSL_alloc_buffers.3]=man3/SSL_alloc_buffers.pod +GENERATE[man/man3/SSL_alloc_buffers.3]=man3/SSL_alloc_buffers.pod +DEPEND[html/man3/SSL_check_chain.html]=man3/SSL_check_chain.pod +GENERATE[html/man3/SSL_check_chain.html]=man3/SSL_check_chain.pod +DEPEND[man/man3/SSL_check_chain.3]=man3/SSL_check_chain.pod +GENERATE[man/man3/SSL_check_chain.3]=man3/SSL_check_chain.pod +DEPEND[html/man3/SSL_clear.html]=man3/SSL_clear.pod +GENERATE[html/man3/SSL_clear.html]=man3/SSL_clear.pod +DEPEND[man/man3/SSL_clear.3]=man3/SSL_clear.pod +GENERATE[man/man3/SSL_clear.3]=man3/SSL_clear.pod +DEPEND[html/man3/SSL_connect.html]=man3/SSL_connect.pod +GENERATE[html/man3/SSL_connect.html]=man3/SSL_connect.pod +DEPEND[man/man3/SSL_connect.3]=man3/SSL_connect.pod +GENERATE[man/man3/SSL_connect.3]=man3/SSL_connect.pod +DEPEND[html/man3/SSL_do_handshake.html]=man3/SSL_do_handshake.pod +GENERATE[html/man3/SSL_do_handshake.html]=man3/SSL_do_handshake.pod +DEPEND[man/man3/SSL_do_handshake.3]=man3/SSL_do_handshake.pod +GENERATE[man/man3/SSL_do_handshake.3]=man3/SSL_do_handshake.pod +DEPEND[html/man3/SSL_export_keying_material.html]=man3/SSL_export_keying_material.pod +GENERATE[html/man3/SSL_export_keying_material.html]=man3/SSL_export_keying_material.pod +DEPEND[man/man3/SSL_export_keying_material.3]=man3/SSL_export_keying_material.pod +GENERATE[man/man3/SSL_export_keying_material.3]=man3/SSL_export_keying_material.pod +DEPEND[html/man3/SSL_extension_supported.html]=man3/SSL_extension_supported.pod +GENERATE[html/man3/SSL_extension_supported.html]=man3/SSL_extension_supported.pod +DEPEND[man/man3/SSL_extension_supported.3]=man3/SSL_extension_supported.pod +GENERATE[man/man3/SSL_extension_supported.3]=man3/SSL_extension_supported.pod +DEPEND[html/man3/SSL_free.html]=man3/SSL_free.pod +GENERATE[html/man3/SSL_free.html]=man3/SSL_free.pod +DEPEND[man/man3/SSL_free.3]=man3/SSL_free.pod +GENERATE[man/man3/SSL_free.3]=man3/SSL_free.pod +DEPEND[html/man3/SSL_get0_peer_scts.html]=man3/SSL_get0_peer_scts.pod +GENERATE[html/man3/SSL_get0_peer_scts.html]=man3/SSL_get0_peer_scts.pod +DEPEND[man/man3/SSL_get0_peer_scts.3]=man3/SSL_get0_peer_scts.pod +GENERATE[man/man3/SSL_get0_peer_scts.3]=man3/SSL_get0_peer_scts.pod +DEPEND[html/man3/SSL_get_SSL_CTX.html]=man3/SSL_get_SSL_CTX.pod +GENERATE[html/man3/SSL_get_SSL_CTX.html]=man3/SSL_get_SSL_CTX.pod +DEPEND[man/man3/SSL_get_SSL_CTX.3]=man3/SSL_get_SSL_CTX.pod +GENERATE[man/man3/SSL_get_SSL_CTX.3]=man3/SSL_get_SSL_CTX.pod +DEPEND[html/man3/SSL_get_all_async_fds.html]=man3/SSL_get_all_async_fds.pod +GENERATE[html/man3/SSL_get_all_async_fds.html]=man3/SSL_get_all_async_fds.pod +DEPEND[man/man3/SSL_get_all_async_fds.3]=man3/SSL_get_all_async_fds.pod +GENERATE[man/man3/SSL_get_all_async_fds.3]=man3/SSL_get_all_async_fds.pod +DEPEND[html/man3/SSL_get_certificate.html]=man3/SSL_get_certificate.pod +GENERATE[html/man3/SSL_get_certificate.html]=man3/SSL_get_certificate.pod +DEPEND[man/man3/SSL_get_certificate.3]=man3/SSL_get_certificate.pod +GENERATE[man/man3/SSL_get_certificate.3]=man3/SSL_get_certificate.pod +DEPEND[html/man3/SSL_get_ciphers.html]=man3/SSL_get_ciphers.pod +GENERATE[html/man3/SSL_get_ciphers.html]=man3/SSL_get_ciphers.pod +DEPEND[man/man3/SSL_get_ciphers.3]=man3/SSL_get_ciphers.pod +GENERATE[man/man3/SSL_get_ciphers.3]=man3/SSL_get_ciphers.pod +DEPEND[html/man3/SSL_get_client_random.html]=man3/SSL_get_client_random.pod +GENERATE[html/man3/SSL_get_client_random.html]=man3/SSL_get_client_random.pod +DEPEND[man/man3/SSL_get_client_random.3]=man3/SSL_get_client_random.pod +GENERATE[man/man3/SSL_get_client_random.3]=man3/SSL_get_client_random.pod +DEPEND[html/man3/SSL_get_current_cipher.html]=man3/SSL_get_current_cipher.pod +GENERATE[html/man3/SSL_get_current_cipher.html]=man3/SSL_get_current_cipher.pod +DEPEND[man/man3/SSL_get_current_cipher.3]=man3/SSL_get_current_cipher.pod +GENERATE[man/man3/SSL_get_current_cipher.3]=man3/SSL_get_current_cipher.pod +DEPEND[html/man3/SSL_get_default_timeout.html]=man3/SSL_get_default_timeout.pod +GENERATE[html/man3/SSL_get_default_timeout.html]=man3/SSL_get_default_timeout.pod +DEPEND[man/man3/SSL_get_default_timeout.3]=man3/SSL_get_default_timeout.pod +GENERATE[man/man3/SSL_get_default_timeout.3]=man3/SSL_get_default_timeout.pod +DEPEND[html/man3/SSL_get_error.html]=man3/SSL_get_error.pod +GENERATE[html/man3/SSL_get_error.html]=man3/SSL_get_error.pod +DEPEND[man/man3/SSL_get_error.3]=man3/SSL_get_error.pod +GENERATE[man/man3/SSL_get_error.3]=man3/SSL_get_error.pod +DEPEND[html/man3/SSL_get_extms_support.html]=man3/SSL_get_extms_support.pod +GENERATE[html/man3/SSL_get_extms_support.html]=man3/SSL_get_extms_support.pod +DEPEND[man/man3/SSL_get_extms_support.3]=man3/SSL_get_extms_support.pod +GENERATE[man/man3/SSL_get_extms_support.3]=man3/SSL_get_extms_support.pod +DEPEND[html/man3/SSL_get_fd.html]=man3/SSL_get_fd.pod +GENERATE[html/man3/SSL_get_fd.html]=man3/SSL_get_fd.pod +DEPEND[man/man3/SSL_get_fd.3]=man3/SSL_get_fd.pod +GENERATE[man/man3/SSL_get_fd.3]=man3/SSL_get_fd.pod +DEPEND[html/man3/SSL_get_peer_cert_chain.html]=man3/SSL_get_peer_cert_chain.pod +GENERATE[html/man3/SSL_get_peer_cert_chain.html]=man3/SSL_get_peer_cert_chain.pod +DEPEND[man/man3/SSL_get_peer_cert_chain.3]=man3/SSL_get_peer_cert_chain.pod +GENERATE[man/man3/SSL_get_peer_cert_chain.3]=man3/SSL_get_peer_cert_chain.pod +DEPEND[html/man3/SSL_get_peer_certificate.html]=man3/SSL_get_peer_certificate.pod +GENERATE[html/man3/SSL_get_peer_certificate.html]=man3/SSL_get_peer_certificate.pod +DEPEND[man/man3/SSL_get_peer_certificate.3]=man3/SSL_get_peer_certificate.pod +GENERATE[man/man3/SSL_get_peer_certificate.3]=man3/SSL_get_peer_certificate.pod +DEPEND[html/man3/SSL_get_peer_signature_nid.html]=man3/SSL_get_peer_signature_nid.pod +GENERATE[html/man3/SSL_get_peer_signature_nid.html]=man3/SSL_get_peer_signature_nid.pod +DEPEND[man/man3/SSL_get_peer_signature_nid.3]=man3/SSL_get_peer_signature_nid.pod +GENERATE[man/man3/SSL_get_peer_signature_nid.3]=man3/SSL_get_peer_signature_nid.pod +DEPEND[html/man3/SSL_get_peer_tmp_key.html]=man3/SSL_get_peer_tmp_key.pod +GENERATE[html/man3/SSL_get_peer_tmp_key.html]=man3/SSL_get_peer_tmp_key.pod +DEPEND[man/man3/SSL_get_peer_tmp_key.3]=man3/SSL_get_peer_tmp_key.pod +GENERATE[man/man3/SSL_get_peer_tmp_key.3]=man3/SSL_get_peer_tmp_key.pod +DEPEND[html/man3/SSL_get_psk_identity.html]=man3/SSL_get_psk_identity.pod +GENERATE[html/man3/SSL_get_psk_identity.html]=man3/SSL_get_psk_identity.pod +DEPEND[man/man3/SSL_get_psk_identity.3]=man3/SSL_get_psk_identity.pod +GENERATE[man/man3/SSL_get_psk_identity.3]=man3/SSL_get_psk_identity.pod +DEPEND[html/man3/SSL_get_rbio.html]=man3/SSL_get_rbio.pod +GENERATE[html/man3/SSL_get_rbio.html]=man3/SSL_get_rbio.pod +DEPEND[man/man3/SSL_get_rbio.3]=man3/SSL_get_rbio.pod +GENERATE[man/man3/SSL_get_rbio.3]=man3/SSL_get_rbio.pod +DEPEND[html/man3/SSL_get_session.html]=man3/SSL_get_session.pod +GENERATE[html/man3/SSL_get_session.html]=man3/SSL_get_session.pod +DEPEND[man/man3/SSL_get_session.3]=man3/SSL_get_session.pod +GENERATE[man/man3/SSL_get_session.3]=man3/SSL_get_session.pod +DEPEND[html/man3/SSL_get_shared_sigalgs.html]=man3/SSL_get_shared_sigalgs.pod +GENERATE[html/man3/SSL_get_shared_sigalgs.html]=man3/SSL_get_shared_sigalgs.pod +DEPEND[man/man3/SSL_get_shared_sigalgs.3]=man3/SSL_get_shared_sigalgs.pod +GENERATE[man/man3/SSL_get_shared_sigalgs.3]=man3/SSL_get_shared_sigalgs.pod +DEPEND[html/man3/SSL_get_verify_result.html]=man3/SSL_get_verify_result.pod +GENERATE[html/man3/SSL_get_verify_result.html]=man3/SSL_get_verify_result.pod +DEPEND[man/man3/SSL_get_verify_result.3]=man3/SSL_get_verify_result.pod +GENERATE[man/man3/SSL_get_verify_result.3]=man3/SSL_get_verify_result.pod +DEPEND[html/man3/SSL_get_version.html]=man3/SSL_get_version.pod +GENERATE[html/man3/SSL_get_version.html]=man3/SSL_get_version.pod +DEPEND[man/man3/SSL_get_version.3]=man3/SSL_get_version.pod +GENERATE[man/man3/SSL_get_version.3]=man3/SSL_get_version.pod +DEPEND[html/man3/SSL_group_to_name.html]=man3/SSL_group_to_name.pod +GENERATE[html/man3/SSL_group_to_name.html]=man3/SSL_group_to_name.pod +DEPEND[man/man3/SSL_group_to_name.3]=man3/SSL_group_to_name.pod +GENERATE[man/man3/SSL_group_to_name.3]=man3/SSL_group_to_name.pod +DEPEND[html/man3/SSL_in_init.html]=man3/SSL_in_init.pod +GENERATE[html/man3/SSL_in_init.html]=man3/SSL_in_init.pod +DEPEND[man/man3/SSL_in_init.3]=man3/SSL_in_init.pod +GENERATE[man/man3/SSL_in_init.3]=man3/SSL_in_init.pod +DEPEND[html/man3/SSL_key_update.html]=man3/SSL_key_update.pod +GENERATE[html/man3/SSL_key_update.html]=man3/SSL_key_update.pod +DEPEND[man/man3/SSL_key_update.3]=man3/SSL_key_update.pod +GENERATE[man/man3/SSL_key_update.3]=man3/SSL_key_update.pod +DEPEND[html/man3/SSL_library_init.html]=man3/SSL_library_init.pod +GENERATE[html/man3/SSL_library_init.html]=man3/SSL_library_init.pod +DEPEND[man/man3/SSL_library_init.3]=man3/SSL_library_init.pod +GENERATE[man/man3/SSL_library_init.3]=man3/SSL_library_init.pod +DEPEND[html/man3/SSL_load_client_CA_file.html]=man3/SSL_load_client_CA_file.pod +GENERATE[html/man3/SSL_load_client_CA_file.html]=man3/SSL_load_client_CA_file.pod +DEPEND[man/man3/SSL_load_client_CA_file.3]=man3/SSL_load_client_CA_file.pod +GENERATE[man/man3/SSL_load_client_CA_file.3]=man3/SSL_load_client_CA_file.pod +DEPEND[html/man3/SSL_new.html]=man3/SSL_new.pod +GENERATE[html/man3/SSL_new.html]=man3/SSL_new.pod +DEPEND[man/man3/SSL_new.3]=man3/SSL_new.pod +GENERATE[man/man3/SSL_new.3]=man3/SSL_new.pod +DEPEND[html/man3/SSL_pending.html]=man3/SSL_pending.pod +GENERATE[html/man3/SSL_pending.html]=man3/SSL_pending.pod +DEPEND[man/man3/SSL_pending.3]=man3/SSL_pending.pod +GENERATE[man/man3/SSL_pending.3]=man3/SSL_pending.pod +DEPEND[html/man3/SSL_read.html]=man3/SSL_read.pod +GENERATE[html/man3/SSL_read.html]=man3/SSL_read.pod +DEPEND[man/man3/SSL_read.3]=man3/SSL_read.pod +GENERATE[man/man3/SSL_read.3]=man3/SSL_read.pod +DEPEND[html/man3/SSL_read_early_data.html]=man3/SSL_read_early_data.pod +GENERATE[html/man3/SSL_read_early_data.html]=man3/SSL_read_early_data.pod +DEPEND[man/man3/SSL_read_early_data.3]=man3/SSL_read_early_data.pod +GENERATE[man/man3/SSL_read_early_data.3]=man3/SSL_read_early_data.pod +DEPEND[html/man3/SSL_rstate_string.html]=man3/SSL_rstate_string.pod +GENERATE[html/man3/SSL_rstate_string.html]=man3/SSL_rstate_string.pod +DEPEND[man/man3/SSL_rstate_string.3]=man3/SSL_rstate_string.pod +GENERATE[man/man3/SSL_rstate_string.3]=man3/SSL_rstate_string.pod +DEPEND[html/man3/SSL_session_reused.html]=man3/SSL_session_reused.pod +GENERATE[html/man3/SSL_session_reused.html]=man3/SSL_session_reused.pod +DEPEND[man/man3/SSL_session_reused.3]=man3/SSL_session_reused.pod +GENERATE[man/man3/SSL_session_reused.3]=man3/SSL_session_reused.pod +DEPEND[html/man3/SSL_set1_host.html]=man3/SSL_set1_host.pod +GENERATE[html/man3/SSL_set1_host.html]=man3/SSL_set1_host.pod +DEPEND[man/man3/SSL_set1_host.3]=man3/SSL_set1_host.pod +GENERATE[man/man3/SSL_set1_host.3]=man3/SSL_set1_host.pod +DEPEND[html/man3/SSL_set_async_callback.html]=man3/SSL_set_async_callback.pod +GENERATE[html/man3/SSL_set_async_callback.html]=man3/SSL_set_async_callback.pod +DEPEND[man/man3/SSL_set_async_callback.3]=man3/SSL_set_async_callback.pod +GENERATE[man/man3/SSL_set_async_callback.3]=man3/SSL_set_async_callback.pod +DEPEND[html/man3/SSL_set_bio.html]=man3/SSL_set_bio.pod +GENERATE[html/man3/SSL_set_bio.html]=man3/SSL_set_bio.pod +DEPEND[man/man3/SSL_set_bio.3]=man3/SSL_set_bio.pod +GENERATE[man/man3/SSL_set_bio.3]=man3/SSL_set_bio.pod +DEPEND[html/man3/SSL_set_connect_state.html]=man3/SSL_set_connect_state.pod +GENERATE[html/man3/SSL_set_connect_state.html]=man3/SSL_set_connect_state.pod +DEPEND[man/man3/SSL_set_connect_state.3]=man3/SSL_set_connect_state.pod +GENERATE[man/man3/SSL_set_connect_state.3]=man3/SSL_set_connect_state.pod +DEPEND[html/man3/SSL_set_fd.html]=man3/SSL_set_fd.pod +GENERATE[html/man3/SSL_set_fd.html]=man3/SSL_set_fd.pod +DEPEND[man/man3/SSL_set_fd.3]=man3/SSL_set_fd.pod +GENERATE[man/man3/SSL_set_fd.3]=man3/SSL_set_fd.pod +DEPEND[html/man3/SSL_set_retry_verify.html]=man3/SSL_set_retry_verify.pod +GENERATE[html/man3/SSL_set_retry_verify.html]=man3/SSL_set_retry_verify.pod +DEPEND[man/man3/SSL_set_retry_verify.3]=man3/SSL_set_retry_verify.pod +GENERATE[man/man3/SSL_set_retry_verify.3]=man3/SSL_set_retry_verify.pod +DEPEND[html/man3/SSL_set_session.html]=man3/SSL_set_session.pod +GENERATE[html/man3/SSL_set_session.html]=man3/SSL_set_session.pod +DEPEND[man/man3/SSL_set_session.3]=man3/SSL_set_session.pod +GENERATE[man/man3/SSL_set_session.3]=man3/SSL_set_session.pod +DEPEND[html/man3/SSL_set_shutdown.html]=man3/SSL_set_shutdown.pod +GENERATE[html/man3/SSL_set_shutdown.html]=man3/SSL_set_shutdown.pod +DEPEND[man/man3/SSL_set_shutdown.3]=man3/SSL_set_shutdown.pod +GENERATE[man/man3/SSL_set_shutdown.3]=man3/SSL_set_shutdown.pod +DEPEND[html/man3/SSL_set_verify_result.html]=man3/SSL_set_verify_result.pod +GENERATE[html/man3/SSL_set_verify_result.html]=man3/SSL_set_verify_result.pod +DEPEND[man/man3/SSL_set_verify_result.3]=man3/SSL_set_verify_result.pod +GENERATE[man/man3/SSL_set_verify_result.3]=man3/SSL_set_verify_result.pod +DEPEND[html/man3/SSL_shutdown.html]=man3/SSL_shutdown.pod +GENERATE[html/man3/SSL_shutdown.html]=man3/SSL_shutdown.pod +DEPEND[man/man3/SSL_shutdown.3]=man3/SSL_shutdown.pod +GENERATE[man/man3/SSL_shutdown.3]=man3/SSL_shutdown.pod +DEPEND[html/man3/SSL_state_string.html]=man3/SSL_state_string.pod +GENERATE[html/man3/SSL_state_string.html]=man3/SSL_state_string.pod +DEPEND[man/man3/SSL_state_string.3]=man3/SSL_state_string.pod +GENERATE[man/man3/SSL_state_string.3]=man3/SSL_state_string.pod +DEPEND[html/man3/SSL_want.html]=man3/SSL_want.pod +GENERATE[html/man3/SSL_want.html]=man3/SSL_want.pod +DEPEND[man/man3/SSL_want.3]=man3/SSL_want.pod +GENERATE[man/man3/SSL_want.3]=man3/SSL_want.pod +DEPEND[html/man3/SSL_write.html]=man3/SSL_write.pod +GENERATE[html/man3/SSL_write.html]=man3/SSL_write.pod +DEPEND[man/man3/SSL_write.3]=man3/SSL_write.pod +GENERATE[man/man3/SSL_write.3]=man3/SSL_write.pod +DEPEND[html/man3/TS_RESP_CTX_new.html]=man3/TS_RESP_CTX_new.pod +GENERATE[html/man3/TS_RESP_CTX_new.html]=man3/TS_RESP_CTX_new.pod +DEPEND[man/man3/TS_RESP_CTX_new.3]=man3/TS_RESP_CTX_new.pod +GENERATE[man/man3/TS_RESP_CTX_new.3]=man3/TS_RESP_CTX_new.pod +DEPEND[html/man3/TS_VERIFY_CTX_set_certs.html]=man3/TS_VERIFY_CTX_set_certs.pod +GENERATE[html/man3/TS_VERIFY_CTX_set_certs.html]=man3/TS_VERIFY_CTX_set_certs.pod +DEPEND[man/man3/TS_VERIFY_CTX_set_certs.3]=man3/TS_VERIFY_CTX_set_certs.pod +GENERATE[man/man3/TS_VERIFY_CTX_set_certs.3]=man3/TS_VERIFY_CTX_set_certs.pod +DEPEND[html/man3/UI_STRING.html]=man3/UI_STRING.pod +GENERATE[html/man3/UI_STRING.html]=man3/UI_STRING.pod +DEPEND[man/man3/UI_STRING.3]=man3/UI_STRING.pod +GENERATE[man/man3/UI_STRING.3]=man3/UI_STRING.pod +DEPEND[html/man3/UI_UTIL_read_pw.html]=man3/UI_UTIL_read_pw.pod +GENERATE[html/man3/UI_UTIL_read_pw.html]=man3/UI_UTIL_read_pw.pod +DEPEND[man/man3/UI_UTIL_read_pw.3]=man3/UI_UTIL_read_pw.pod +GENERATE[man/man3/UI_UTIL_read_pw.3]=man3/UI_UTIL_read_pw.pod +DEPEND[html/man3/UI_create_method.html]=man3/UI_create_method.pod +GENERATE[html/man3/UI_create_method.html]=man3/UI_create_method.pod +DEPEND[man/man3/UI_create_method.3]=man3/UI_create_method.pod +GENERATE[man/man3/UI_create_method.3]=man3/UI_create_method.pod +DEPEND[html/man3/UI_new.html]=man3/UI_new.pod +GENERATE[html/man3/UI_new.html]=man3/UI_new.pod +DEPEND[man/man3/UI_new.3]=man3/UI_new.pod +GENERATE[man/man3/UI_new.3]=man3/UI_new.pod +DEPEND[html/man3/X509V3_get_d2i.html]=man3/X509V3_get_d2i.pod +GENERATE[html/man3/X509V3_get_d2i.html]=man3/X509V3_get_d2i.pod +DEPEND[man/man3/X509V3_get_d2i.3]=man3/X509V3_get_d2i.pod +GENERATE[man/man3/X509V3_get_d2i.3]=man3/X509V3_get_d2i.pod +DEPEND[html/man3/X509V3_set_ctx.html]=man3/X509V3_set_ctx.pod +GENERATE[html/man3/X509V3_set_ctx.html]=man3/X509V3_set_ctx.pod +DEPEND[man/man3/X509V3_set_ctx.3]=man3/X509V3_set_ctx.pod +GENERATE[man/man3/X509V3_set_ctx.3]=man3/X509V3_set_ctx.pod +DEPEND[html/man3/X509_ALGOR_dup.html]=man3/X509_ALGOR_dup.pod +GENERATE[html/man3/X509_ALGOR_dup.html]=man3/X509_ALGOR_dup.pod +DEPEND[man/man3/X509_ALGOR_dup.3]=man3/X509_ALGOR_dup.pod +GENERATE[man/man3/X509_ALGOR_dup.3]=man3/X509_ALGOR_dup.pod +DEPEND[html/man3/X509_ATTRIBUTE.html]=man3/X509_ATTRIBUTE.pod +GENERATE[html/man3/X509_ATTRIBUTE.html]=man3/X509_ATTRIBUTE.pod +DEPEND[man/man3/X509_ATTRIBUTE.3]=man3/X509_ATTRIBUTE.pod +GENERATE[man/man3/X509_ATTRIBUTE.3]=man3/X509_ATTRIBUTE.pod +DEPEND[html/man3/X509_CRL_get0_by_serial.html]=man3/X509_CRL_get0_by_serial.pod +GENERATE[html/man3/X509_CRL_get0_by_serial.html]=man3/X509_CRL_get0_by_serial.pod +DEPEND[man/man3/X509_CRL_get0_by_serial.3]=man3/X509_CRL_get0_by_serial.pod +GENERATE[man/man3/X509_CRL_get0_by_serial.3]=man3/X509_CRL_get0_by_serial.pod +DEPEND[html/man3/X509_EXTENSION_set_object.html]=man3/X509_EXTENSION_set_object.pod +GENERATE[html/man3/X509_EXTENSION_set_object.html]=man3/X509_EXTENSION_set_object.pod +DEPEND[man/man3/X509_EXTENSION_set_object.3]=man3/X509_EXTENSION_set_object.pod +GENERATE[man/man3/X509_EXTENSION_set_object.3]=man3/X509_EXTENSION_set_object.pod +DEPEND[html/man3/X509_LOOKUP.html]=man3/X509_LOOKUP.pod +GENERATE[html/man3/X509_LOOKUP.html]=man3/X509_LOOKUP.pod +DEPEND[man/man3/X509_LOOKUP.3]=man3/X509_LOOKUP.pod +GENERATE[man/man3/X509_LOOKUP.3]=man3/X509_LOOKUP.pod +DEPEND[html/man3/X509_LOOKUP_hash_dir.html]=man3/X509_LOOKUP_hash_dir.pod +GENERATE[html/man3/X509_LOOKUP_hash_dir.html]=man3/X509_LOOKUP_hash_dir.pod +DEPEND[man/man3/X509_LOOKUP_hash_dir.3]=man3/X509_LOOKUP_hash_dir.pod +GENERATE[man/man3/X509_LOOKUP_hash_dir.3]=man3/X509_LOOKUP_hash_dir.pod +DEPEND[html/man3/X509_LOOKUP_meth_new.html]=man3/X509_LOOKUP_meth_new.pod +GENERATE[html/man3/X509_LOOKUP_meth_new.html]=man3/X509_LOOKUP_meth_new.pod +DEPEND[man/man3/X509_LOOKUP_meth_new.3]=man3/X509_LOOKUP_meth_new.pod +GENERATE[man/man3/X509_LOOKUP_meth_new.3]=man3/X509_LOOKUP_meth_new.pod +DEPEND[html/man3/X509_NAME_ENTRY_get_object.html]=man3/X509_NAME_ENTRY_get_object.pod +GENERATE[html/man3/X509_NAME_ENTRY_get_object.html]=man3/X509_NAME_ENTRY_get_object.pod +DEPEND[man/man3/X509_NAME_ENTRY_get_object.3]=man3/X509_NAME_ENTRY_get_object.pod +GENERATE[man/man3/X509_NAME_ENTRY_get_object.3]=man3/X509_NAME_ENTRY_get_object.pod +DEPEND[html/man3/X509_NAME_add_entry_by_txt.html]=man3/X509_NAME_add_entry_by_txt.pod +GENERATE[html/man3/X509_NAME_add_entry_by_txt.html]=man3/X509_NAME_add_entry_by_txt.pod +DEPEND[man/man3/X509_NAME_add_entry_by_txt.3]=man3/X509_NAME_add_entry_by_txt.pod +GENERATE[man/man3/X509_NAME_add_entry_by_txt.3]=man3/X509_NAME_add_entry_by_txt.pod +DEPEND[html/man3/X509_NAME_get0_der.html]=man3/X509_NAME_get0_der.pod +GENERATE[html/man3/X509_NAME_get0_der.html]=man3/X509_NAME_get0_der.pod +DEPEND[man/man3/X509_NAME_get0_der.3]=man3/X509_NAME_get0_der.pod +GENERATE[man/man3/X509_NAME_get0_der.3]=man3/X509_NAME_get0_der.pod +DEPEND[html/man3/X509_NAME_get_index_by_NID.html]=man3/X509_NAME_get_index_by_NID.pod +GENERATE[html/man3/X509_NAME_get_index_by_NID.html]=man3/X509_NAME_get_index_by_NID.pod +DEPEND[man/man3/X509_NAME_get_index_by_NID.3]=man3/X509_NAME_get_index_by_NID.pod +GENERATE[man/man3/X509_NAME_get_index_by_NID.3]=man3/X509_NAME_get_index_by_NID.pod +DEPEND[html/man3/X509_NAME_print_ex.html]=man3/X509_NAME_print_ex.pod +GENERATE[html/man3/X509_NAME_print_ex.html]=man3/X509_NAME_print_ex.pod +DEPEND[man/man3/X509_NAME_print_ex.3]=man3/X509_NAME_print_ex.pod +GENERATE[man/man3/X509_NAME_print_ex.3]=man3/X509_NAME_print_ex.pod +DEPEND[html/man3/X509_PUBKEY_new.html]=man3/X509_PUBKEY_new.pod +GENERATE[html/man3/X509_PUBKEY_new.html]=man3/X509_PUBKEY_new.pod +DEPEND[man/man3/X509_PUBKEY_new.3]=man3/X509_PUBKEY_new.pod +GENERATE[man/man3/X509_PUBKEY_new.3]=man3/X509_PUBKEY_new.pod +DEPEND[html/man3/X509_REQ_get_attr.html]=man3/X509_REQ_get_attr.pod +GENERATE[html/man3/X509_REQ_get_attr.html]=man3/X509_REQ_get_attr.pod +DEPEND[man/man3/X509_REQ_get_attr.3]=man3/X509_REQ_get_attr.pod +GENERATE[man/man3/X509_REQ_get_attr.3]=man3/X509_REQ_get_attr.pod +DEPEND[html/man3/X509_REQ_get_extensions.html]=man3/X509_REQ_get_extensions.pod +GENERATE[html/man3/X509_REQ_get_extensions.html]=man3/X509_REQ_get_extensions.pod +DEPEND[man/man3/X509_REQ_get_extensions.3]=man3/X509_REQ_get_extensions.pod +GENERATE[man/man3/X509_REQ_get_extensions.3]=man3/X509_REQ_get_extensions.pod +DEPEND[html/man3/X509_SIG_get0.html]=man3/X509_SIG_get0.pod +GENERATE[html/man3/X509_SIG_get0.html]=man3/X509_SIG_get0.pod +DEPEND[man/man3/X509_SIG_get0.3]=man3/X509_SIG_get0.pod +GENERATE[man/man3/X509_SIG_get0.3]=man3/X509_SIG_get0.pod +DEPEND[html/man3/X509_STORE_CTX_get_error.html]=man3/X509_STORE_CTX_get_error.pod +GENERATE[html/man3/X509_STORE_CTX_get_error.html]=man3/X509_STORE_CTX_get_error.pod +DEPEND[man/man3/X509_STORE_CTX_get_error.3]=man3/X509_STORE_CTX_get_error.pod +GENERATE[man/man3/X509_STORE_CTX_get_error.3]=man3/X509_STORE_CTX_get_error.pod +DEPEND[html/man3/X509_STORE_CTX_new.html]=man3/X509_STORE_CTX_new.pod +GENERATE[html/man3/X509_STORE_CTX_new.html]=man3/X509_STORE_CTX_new.pod +DEPEND[man/man3/X509_STORE_CTX_new.3]=man3/X509_STORE_CTX_new.pod +GENERATE[man/man3/X509_STORE_CTX_new.3]=man3/X509_STORE_CTX_new.pod +DEPEND[html/man3/X509_STORE_CTX_set_verify_cb.html]=man3/X509_STORE_CTX_set_verify_cb.pod +GENERATE[html/man3/X509_STORE_CTX_set_verify_cb.html]=man3/X509_STORE_CTX_set_verify_cb.pod +DEPEND[man/man3/X509_STORE_CTX_set_verify_cb.3]=man3/X509_STORE_CTX_set_verify_cb.pod +GENERATE[man/man3/X509_STORE_CTX_set_verify_cb.3]=man3/X509_STORE_CTX_set_verify_cb.pod +DEPEND[html/man3/X509_STORE_add_cert.html]=man3/X509_STORE_add_cert.pod +GENERATE[html/man3/X509_STORE_add_cert.html]=man3/X509_STORE_add_cert.pod +DEPEND[man/man3/X509_STORE_add_cert.3]=man3/X509_STORE_add_cert.pod +GENERATE[man/man3/X509_STORE_add_cert.3]=man3/X509_STORE_add_cert.pod +DEPEND[html/man3/X509_STORE_get0_param.html]=man3/X509_STORE_get0_param.pod +GENERATE[html/man3/X509_STORE_get0_param.html]=man3/X509_STORE_get0_param.pod +DEPEND[man/man3/X509_STORE_get0_param.3]=man3/X509_STORE_get0_param.pod +GENERATE[man/man3/X509_STORE_get0_param.3]=man3/X509_STORE_get0_param.pod +DEPEND[html/man3/X509_STORE_new.html]=man3/X509_STORE_new.pod +GENERATE[html/man3/X509_STORE_new.html]=man3/X509_STORE_new.pod +DEPEND[man/man3/X509_STORE_new.3]=man3/X509_STORE_new.pod +GENERATE[man/man3/X509_STORE_new.3]=man3/X509_STORE_new.pod +DEPEND[html/man3/X509_STORE_set_verify_cb_func.html]=man3/X509_STORE_set_verify_cb_func.pod +GENERATE[html/man3/X509_STORE_set_verify_cb_func.html]=man3/X509_STORE_set_verify_cb_func.pod +DEPEND[man/man3/X509_STORE_set_verify_cb_func.3]=man3/X509_STORE_set_verify_cb_func.pod +GENERATE[man/man3/X509_STORE_set_verify_cb_func.3]=man3/X509_STORE_set_verify_cb_func.pod +DEPEND[html/man3/X509_VERIFY_PARAM_set_flags.html]=man3/X509_VERIFY_PARAM_set_flags.pod +GENERATE[html/man3/X509_VERIFY_PARAM_set_flags.html]=man3/X509_VERIFY_PARAM_set_flags.pod +DEPEND[man/man3/X509_VERIFY_PARAM_set_flags.3]=man3/X509_VERIFY_PARAM_set_flags.pod +GENERATE[man/man3/X509_VERIFY_PARAM_set_flags.3]=man3/X509_VERIFY_PARAM_set_flags.pod +DEPEND[html/man3/X509_add_cert.html]=man3/X509_add_cert.pod +GENERATE[html/man3/X509_add_cert.html]=man3/X509_add_cert.pod +DEPEND[man/man3/X509_add_cert.3]=man3/X509_add_cert.pod +GENERATE[man/man3/X509_add_cert.3]=man3/X509_add_cert.pod +DEPEND[html/man3/X509_check_ca.html]=man3/X509_check_ca.pod +GENERATE[html/man3/X509_check_ca.html]=man3/X509_check_ca.pod +DEPEND[man/man3/X509_check_ca.3]=man3/X509_check_ca.pod +GENERATE[man/man3/X509_check_ca.3]=man3/X509_check_ca.pod +DEPEND[html/man3/X509_check_host.html]=man3/X509_check_host.pod +GENERATE[html/man3/X509_check_host.html]=man3/X509_check_host.pod +DEPEND[man/man3/X509_check_host.3]=man3/X509_check_host.pod +GENERATE[man/man3/X509_check_host.3]=man3/X509_check_host.pod +DEPEND[html/man3/X509_check_issued.html]=man3/X509_check_issued.pod +GENERATE[html/man3/X509_check_issued.html]=man3/X509_check_issued.pod +DEPEND[man/man3/X509_check_issued.3]=man3/X509_check_issued.pod +GENERATE[man/man3/X509_check_issued.3]=man3/X509_check_issued.pod +DEPEND[html/man3/X509_check_private_key.html]=man3/X509_check_private_key.pod +GENERATE[html/man3/X509_check_private_key.html]=man3/X509_check_private_key.pod +DEPEND[man/man3/X509_check_private_key.3]=man3/X509_check_private_key.pod +GENERATE[man/man3/X509_check_private_key.3]=man3/X509_check_private_key.pod +DEPEND[html/man3/X509_check_purpose.html]=man3/X509_check_purpose.pod +GENERATE[html/man3/X509_check_purpose.html]=man3/X509_check_purpose.pod +DEPEND[man/man3/X509_check_purpose.3]=man3/X509_check_purpose.pod +GENERATE[man/man3/X509_check_purpose.3]=man3/X509_check_purpose.pod +DEPEND[html/man3/X509_cmp.html]=man3/X509_cmp.pod +GENERATE[html/man3/X509_cmp.html]=man3/X509_cmp.pod +DEPEND[man/man3/X509_cmp.3]=man3/X509_cmp.pod +GENERATE[man/man3/X509_cmp.3]=man3/X509_cmp.pod +DEPEND[html/man3/X509_cmp_time.html]=man3/X509_cmp_time.pod +GENERATE[html/man3/X509_cmp_time.html]=man3/X509_cmp_time.pod +DEPEND[man/man3/X509_cmp_time.3]=man3/X509_cmp_time.pod +GENERATE[man/man3/X509_cmp_time.3]=man3/X509_cmp_time.pod +DEPEND[html/man3/X509_digest.html]=man3/X509_digest.pod +GENERATE[html/man3/X509_digest.html]=man3/X509_digest.pod +DEPEND[man/man3/X509_digest.3]=man3/X509_digest.pod +GENERATE[man/man3/X509_digest.3]=man3/X509_digest.pod +DEPEND[html/man3/X509_dup.html]=man3/X509_dup.pod +GENERATE[html/man3/X509_dup.html]=man3/X509_dup.pod +DEPEND[man/man3/X509_dup.3]=man3/X509_dup.pod +GENERATE[man/man3/X509_dup.3]=man3/X509_dup.pod +DEPEND[html/man3/X509_get0_distinguishing_id.html]=man3/X509_get0_distinguishing_id.pod +GENERATE[html/man3/X509_get0_distinguishing_id.html]=man3/X509_get0_distinguishing_id.pod +DEPEND[man/man3/X509_get0_distinguishing_id.3]=man3/X509_get0_distinguishing_id.pod +GENERATE[man/man3/X509_get0_distinguishing_id.3]=man3/X509_get0_distinguishing_id.pod +DEPEND[html/man3/X509_get0_notBefore.html]=man3/X509_get0_notBefore.pod +GENERATE[html/man3/X509_get0_notBefore.html]=man3/X509_get0_notBefore.pod +DEPEND[man/man3/X509_get0_notBefore.3]=man3/X509_get0_notBefore.pod +GENERATE[man/man3/X509_get0_notBefore.3]=man3/X509_get0_notBefore.pod +DEPEND[html/man3/X509_get0_signature.html]=man3/X509_get0_signature.pod +GENERATE[html/man3/X509_get0_signature.html]=man3/X509_get0_signature.pod +DEPEND[man/man3/X509_get0_signature.3]=man3/X509_get0_signature.pod +GENERATE[man/man3/X509_get0_signature.3]=man3/X509_get0_signature.pod +DEPEND[html/man3/X509_get0_uids.html]=man3/X509_get0_uids.pod +GENERATE[html/man3/X509_get0_uids.html]=man3/X509_get0_uids.pod +DEPEND[man/man3/X509_get0_uids.3]=man3/X509_get0_uids.pod +GENERATE[man/man3/X509_get0_uids.3]=man3/X509_get0_uids.pod +DEPEND[html/man3/X509_get_extension_flags.html]=man3/X509_get_extension_flags.pod +GENERATE[html/man3/X509_get_extension_flags.html]=man3/X509_get_extension_flags.pod +DEPEND[man/man3/X509_get_extension_flags.3]=man3/X509_get_extension_flags.pod +GENERATE[man/man3/X509_get_extension_flags.3]=man3/X509_get_extension_flags.pod +DEPEND[html/man3/X509_get_pubkey.html]=man3/X509_get_pubkey.pod +GENERATE[html/man3/X509_get_pubkey.html]=man3/X509_get_pubkey.pod +DEPEND[man/man3/X509_get_pubkey.3]=man3/X509_get_pubkey.pod +GENERATE[man/man3/X509_get_pubkey.3]=man3/X509_get_pubkey.pod +DEPEND[html/man3/X509_get_serialNumber.html]=man3/X509_get_serialNumber.pod +GENERATE[html/man3/X509_get_serialNumber.html]=man3/X509_get_serialNumber.pod +DEPEND[man/man3/X509_get_serialNumber.3]=man3/X509_get_serialNumber.pod +GENERATE[man/man3/X509_get_serialNumber.3]=man3/X509_get_serialNumber.pod +DEPEND[html/man3/X509_get_subject_name.html]=man3/X509_get_subject_name.pod +GENERATE[html/man3/X509_get_subject_name.html]=man3/X509_get_subject_name.pod +DEPEND[man/man3/X509_get_subject_name.3]=man3/X509_get_subject_name.pod +GENERATE[man/man3/X509_get_subject_name.3]=man3/X509_get_subject_name.pod +DEPEND[html/man3/X509_get_version.html]=man3/X509_get_version.pod +GENERATE[html/man3/X509_get_version.html]=man3/X509_get_version.pod +DEPEND[man/man3/X509_get_version.3]=man3/X509_get_version.pod +GENERATE[man/man3/X509_get_version.3]=man3/X509_get_version.pod +DEPEND[html/man3/X509_load_http.html]=man3/X509_load_http.pod +GENERATE[html/man3/X509_load_http.html]=man3/X509_load_http.pod +DEPEND[man/man3/X509_load_http.3]=man3/X509_load_http.pod +GENERATE[man/man3/X509_load_http.3]=man3/X509_load_http.pod +DEPEND[html/man3/X509_new.html]=man3/X509_new.pod +GENERATE[html/man3/X509_new.html]=man3/X509_new.pod +DEPEND[man/man3/X509_new.3]=man3/X509_new.pod +GENERATE[man/man3/X509_new.3]=man3/X509_new.pod +DEPEND[html/man3/X509_sign.html]=man3/X509_sign.pod +GENERATE[html/man3/X509_sign.html]=man3/X509_sign.pod +DEPEND[man/man3/X509_sign.3]=man3/X509_sign.pod +GENERATE[man/man3/X509_sign.3]=man3/X509_sign.pod +DEPEND[html/man3/X509_verify.html]=man3/X509_verify.pod +GENERATE[html/man3/X509_verify.html]=man3/X509_verify.pod +DEPEND[man/man3/X509_verify.3]=man3/X509_verify.pod +GENERATE[man/man3/X509_verify.3]=man3/X509_verify.pod +DEPEND[html/man3/X509_verify_cert.html]=man3/X509_verify_cert.pod +GENERATE[html/man3/X509_verify_cert.html]=man3/X509_verify_cert.pod +DEPEND[man/man3/X509_verify_cert.3]=man3/X509_verify_cert.pod +GENERATE[man/man3/X509_verify_cert.3]=man3/X509_verify_cert.pod +DEPEND[html/man3/X509v3_get_ext_by_NID.html]=man3/X509v3_get_ext_by_NID.pod +GENERATE[html/man3/X509v3_get_ext_by_NID.html]=man3/X509v3_get_ext_by_NID.pod +DEPEND[man/man3/X509v3_get_ext_by_NID.3]=man3/X509v3_get_ext_by_NID.pod +GENERATE[man/man3/X509v3_get_ext_by_NID.3]=man3/X509v3_get_ext_by_NID.pod +DEPEND[html/man3/b2i_PVK_bio_ex.html]=man3/b2i_PVK_bio_ex.pod +GENERATE[html/man3/b2i_PVK_bio_ex.html]=man3/b2i_PVK_bio_ex.pod +DEPEND[man/man3/b2i_PVK_bio_ex.3]=man3/b2i_PVK_bio_ex.pod +GENERATE[man/man3/b2i_PVK_bio_ex.3]=man3/b2i_PVK_bio_ex.pod +DEPEND[html/man3/d2i_PKCS8PrivateKey_bio.html]=man3/d2i_PKCS8PrivateKey_bio.pod +GENERATE[html/man3/d2i_PKCS8PrivateKey_bio.html]=man3/d2i_PKCS8PrivateKey_bio.pod +DEPEND[man/man3/d2i_PKCS8PrivateKey_bio.3]=man3/d2i_PKCS8PrivateKey_bio.pod +GENERATE[man/man3/d2i_PKCS8PrivateKey_bio.3]=man3/d2i_PKCS8PrivateKey_bio.pod +DEPEND[html/man3/d2i_PrivateKey.html]=man3/d2i_PrivateKey.pod +GENERATE[html/man3/d2i_PrivateKey.html]=man3/d2i_PrivateKey.pod +DEPEND[man/man3/d2i_PrivateKey.3]=man3/d2i_PrivateKey.pod +GENERATE[man/man3/d2i_PrivateKey.3]=man3/d2i_PrivateKey.pod +DEPEND[html/man3/d2i_RSAPrivateKey.html]=man3/d2i_RSAPrivateKey.pod +GENERATE[html/man3/d2i_RSAPrivateKey.html]=man3/d2i_RSAPrivateKey.pod +DEPEND[man/man3/d2i_RSAPrivateKey.3]=man3/d2i_RSAPrivateKey.pod +GENERATE[man/man3/d2i_RSAPrivateKey.3]=man3/d2i_RSAPrivateKey.pod +DEPEND[html/man3/d2i_SSL_SESSION.html]=man3/d2i_SSL_SESSION.pod +GENERATE[html/man3/d2i_SSL_SESSION.html]=man3/d2i_SSL_SESSION.pod +DEPEND[man/man3/d2i_SSL_SESSION.3]=man3/d2i_SSL_SESSION.pod +GENERATE[man/man3/d2i_SSL_SESSION.3]=man3/d2i_SSL_SESSION.pod +DEPEND[html/man3/d2i_X509.html]=man3/d2i_X509.pod +GENERATE[html/man3/d2i_X509.html]=man3/d2i_X509.pod +DEPEND[man/man3/d2i_X509.3]=man3/d2i_X509.pod +GENERATE[man/man3/d2i_X509.3]=man3/d2i_X509.pod +DEPEND[html/man3/i2d_CMS_bio_stream.html]=man3/i2d_CMS_bio_stream.pod +GENERATE[html/man3/i2d_CMS_bio_stream.html]=man3/i2d_CMS_bio_stream.pod +DEPEND[man/man3/i2d_CMS_bio_stream.3]=man3/i2d_CMS_bio_stream.pod +GENERATE[man/man3/i2d_CMS_bio_stream.3]=man3/i2d_CMS_bio_stream.pod +DEPEND[html/man3/i2d_PKCS7_bio_stream.html]=man3/i2d_PKCS7_bio_stream.pod +GENERATE[html/man3/i2d_PKCS7_bio_stream.html]=man3/i2d_PKCS7_bio_stream.pod +DEPEND[man/man3/i2d_PKCS7_bio_stream.3]=man3/i2d_PKCS7_bio_stream.pod +GENERATE[man/man3/i2d_PKCS7_bio_stream.3]=man3/i2d_PKCS7_bio_stream.pod +DEPEND[html/man3/i2d_re_X509_tbs.html]=man3/i2d_re_X509_tbs.pod +GENERATE[html/man3/i2d_re_X509_tbs.html]=man3/i2d_re_X509_tbs.pod +DEPEND[man/man3/i2d_re_X509_tbs.3]=man3/i2d_re_X509_tbs.pod +GENERATE[man/man3/i2d_re_X509_tbs.3]=man3/i2d_re_X509_tbs.pod +DEPEND[html/man3/o2i_SCT_LIST.html]=man3/o2i_SCT_LIST.pod +GENERATE[html/man3/o2i_SCT_LIST.html]=man3/o2i_SCT_LIST.pod +DEPEND[man/man3/o2i_SCT_LIST.3]=man3/o2i_SCT_LIST.pod +GENERATE[man/man3/o2i_SCT_LIST.3]=man3/o2i_SCT_LIST.pod +DEPEND[html/man3/s2i_ASN1_IA5STRING.html]=man3/s2i_ASN1_IA5STRING.pod +GENERATE[html/man3/s2i_ASN1_IA5STRING.html]=man3/s2i_ASN1_IA5STRING.pod +DEPEND[man/man3/s2i_ASN1_IA5STRING.3]=man3/s2i_ASN1_IA5STRING.pod +GENERATE[man/man3/s2i_ASN1_IA5STRING.3]=man3/s2i_ASN1_IA5STRING.pod +IMAGEDOCS[man3]= +HTMLDOCS[man3]=html/man3/ADMISSIONS.html \ +html/man3/ASN1_EXTERN_FUNCS.html \ +html/man3/ASN1_INTEGER_get_int64.html \ +html/man3/ASN1_INTEGER_new.html \ +html/man3/ASN1_ITEM_lookup.html \ +html/man3/ASN1_OBJECT_new.html \ +html/man3/ASN1_STRING_TABLE_add.html \ +html/man3/ASN1_STRING_length.html \ +html/man3/ASN1_STRING_new.html \ +html/man3/ASN1_STRING_print_ex.html \ +html/man3/ASN1_TIME_set.html \ +html/man3/ASN1_TYPE_get.html \ +html/man3/ASN1_aux_cb.html \ +html/man3/ASN1_generate_nconf.html \ +html/man3/ASN1_item_d2i_bio.html \ +html/man3/ASN1_item_new.html \ +html/man3/ASN1_item_sign.html \ +html/man3/ASYNC_WAIT_CTX_new.html \ +html/man3/ASYNC_start_job.html \ +html/man3/BF_encrypt.html \ +html/man3/BIO_ADDR.html \ +html/man3/BIO_ADDRINFO.html \ +html/man3/BIO_connect.html \ +html/man3/BIO_ctrl.html \ +html/man3/BIO_f_base64.html \ +html/man3/BIO_f_buffer.html \ +html/man3/BIO_f_cipher.html \ +html/man3/BIO_f_md.html \ +html/man3/BIO_f_null.html \ +html/man3/BIO_f_prefix.html \ +html/man3/BIO_f_readbuffer.html \ +html/man3/BIO_f_ssl.html \ +html/man3/BIO_find_type.html \ +html/man3/BIO_get_data.html \ +html/man3/BIO_get_ex_new_index.html \ +html/man3/BIO_meth_new.html \ +html/man3/BIO_new.html \ +html/man3/BIO_new_CMS.html \ +html/man3/BIO_parse_hostserv.html \ +html/man3/BIO_printf.html \ +html/man3/BIO_push.html \ +html/man3/BIO_read.html \ +html/man3/BIO_s_accept.html \ +html/man3/BIO_s_bio.html \ +html/man3/BIO_s_connect.html \ +html/man3/BIO_s_core.html \ +html/man3/BIO_s_datagram.html \ +html/man3/BIO_s_fd.html \ +html/man3/BIO_s_file.html \ +html/man3/BIO_s_mem.html \ +html/man3/BIO_s_null.html \ +html/man3/BIO_s_socket.html \ +html/man3/BIO_set_callback.html \ +html/man3/BIO_should_retry.html \ +html/man3/BIO_socket_wait.html \ +html/man3/BN_BLINDING_new.html \ +html/man3/BN_CTX_new.html \ +html/man3/BN_CTX_start.html \ +html/man3/BN_add.html \ +html/man3/BN_add_word.html \ +html/man3/BN_bn2bin.html \ +html/man3/BN_cmp.html \ +html/man3/BN_copy.html \ +html/man3/BN_generate_prime.html \ +html/man3/BN_mod_exp_mont.html \ +html/man3/BN_mod_inverse.html \ +html/man3/BN_mod_mul_montgomery.html \ +html/man3/BN_mod_mul_reciprocal.html \ +html/man3/BN_new.html \ +html/man3/BN_num_bytes.html \ +html/man3/BN_rand.html \ +html/man3/BN_security_bits.html \ +html/man3/BN_set_bit.html \ +html/man3/BN_swap.html \ +html/man3/BN_zero.html \ +html/man3/BUF_MEM_new.html \ +html/man3/CMS_EncryptedData_decrypt.html \ +html/man3/CMS_EncryptedData_encrypt.html \ +html/man3/CMS_EnvelopedData_create.html \ +html/man3/CMS_add0_cert.html \ +html/man3/CMS_add1_recipient_cert.html \ +html/man3/CMS_add1_signer.html \ +html/man3/CMS_compress.html \ +html/man3/CMS_data_create.html \ +html/man3/CMS_decrypt.html \ +html/man3/CMS_digest_create.html \ +html/man3/CMS_encrypt.html \ +html/man3/CMS_final.html \ +html/man3/CMS_get0_RecipientInfos.html \ +html/man3/CMS_get0_SignerInfos.html \ +html/man3/CMS_get0_type.html \ +html/man3/CMS_get1_ReceiptRequest.html \ +html/man3/CMS_sign.html \ +html/man3/CMS_sign_receipt.html \ +html/man3/CMS_signed_get_attr.html \ +html/man3/CMS_uncompress.html \ +html/man3/CMS_verify.html \ +html/man3/CMS_verify_receipt.html \ +html/man3/CONF_modules_free.html \ +html/man3/CONF_modules_load_file.html \ +html/man3/CRYPTO_THREAD_run_once.html \ +html/man3/CRYPTO_get_ex_new_index.html \ +html/man3/CRYPTO_memcmp.html \ +html/man3/CTLOG_STORE_get0_log_by_id.html \ +html/man3/CTLOG_STORE_new.html \ +html/man3/CTLOG_new.html \ +html/man3/CT_POLICY_EVAL_CTX_new.html \ +html/man3/DEFINE_STACK_OF.html \ +html/man3/DES_random_key.html \ +html/man3/DH_generate_key.html \ +html/man3/DH_generate_parameters.html \ +html/man3/DH_get0_pqg.html \ +html/man3/DH_get_1024_160.html \ +html/man3/DH_meth_new.html \ +html/man3/DH_new.html \ +html/man3/DH_new_by_nid.html \ +html/man3/DH_set_method.html \ +html/man3/DH_size.html \ +html/man3/DSA_SIG_new.html \ +html/man3/DSA_do_sign.html \ +html/man3/DSA_dup_DH.html \ +html/man3/DSA_generate_key.html \ +html/man3/DSA_generate_parameters.html \ +html/man3/DSA_get0_pqg.html \ +html/man3/DSA_meth_new.html \ +html/man3/DSA_new.html \ +html/man3/DSA_set_method.html \ +html/man3/DSA_sign.html \ +html/man3/DSA_size.html \ +html/man3/DTLS_get_data_mtu.html \ +html/man3/DTLS_set_timer_cb.html \ +html/man3/DTLSv1_listen.html \ +html/man3/ECDSA_SIG_new.html \ +html/man3/ECDSA_sign.html \ +html/man3/ECPKParameters_print.html \ +html/man3/EC_GFp_simple_method.html \ +html/man3/EC_GROUP_copy.html \ +html/man3/EC_GROUP_new.html \ +html/man3/EC_KEY_get_enc_flags.html \ +html/man3/EC_KEY_new.html \ +html/man3/EC_POINT_add.html \ +html/man3/EC_POINT_new.html \ +html/man3/ENGINE_add.html \ +html/man3/ERR_GET_LIB.html \ +html/man3/ERR_clear_error.html \ +html/man3/ERR_error_string.html \ +html/man3/ERR_get_error.html \ +html/man3/ERR_load_crypto_strings.html \ +html/man3/ERR_load_strings.html \ +html/man3/ERR_new.html \ +html/man3/ERR_print_errors.html \ +html/man3/ERR_put_error.html \ +html/man3/ERR_remove_state.html \ +html/man3/ERR_set_mark.html \ +html/man3/EVP_ASYM_CIPHER_free.html \ +html/man3/EVP_BytesToKey.html \ +html/man3/EVP_CIPHER_CTX_get_cipher_data.html \ +html/man3/EVP_CIPHER_CTX_get_original_iv.html \ +html/man3/EVP_CIPHER_meth_new.html \ +html/man3/EVP_DigestInit.html \ +html/man3/EVP_DigestSignInit.html \ +html/man3/EVP_DigestVerifyInit.html \ +html/man3/EVP_EncodeInit.html \ +html/man3/EVP_EncryptInit.html \ +html/man3/EVP_KDF.html \ +html/man3/EVP_KEM_free.html \ +html/man3/EVP_KEYEXCH_free.html \ +html/man3/EVP_KEYMGMT.html \ +html/man3/EVP_MAC.html \ +html/man3/EVP_MD_meth_new.html \ +html/man3/EVP_OpenInit.html \ +html/man3/EVP_PBE_CipherInit.html \ +html/man3/EVP_PKEY2PKCS8.html \ +html/man3/EVP_PKEY_ASN1_METHOD.html \ +html/man3/EVP_PKEY_CTX_ctrl.html \ +html/man3/EVP_PKEY_CTX_get0_libctx.html \ +html/man3/EVP_PKEY_CTX_get0_pkey.html \ +html/man3/EVP_PKEY_CTX_new.html \ +html/man3/EVP_PKEY_CTX_set1_pbe_pass.html \ +html/man3/EVP_PKEY_CTX_set_hkdf_md.html \ +html/man3/EVP_PKEY_CTX_set_params.html \ +html/man3/EVP_PKEY_CTX_set_rsa_pss_keygen_md.html \ +html/man3/EVP_PKEY_CTX_set_scrypt_N.html \ +html/man3/EVP_PKEY_CTX_set_tls1_prf_md.html \ +html/man3/EVP_PKEY_asn1_get_count.html \ +html/man3/EVP_PKEY_check.html \ +html/man3/EVP_PKEY_copy_parameters.html \ +html/man3/EVP_PKEY_decapsulate.html \ +html/man3/EVP_PKEY_decrypt.html \ +html/man3/EVP_PKEY_derive.html \ +html/man3/EVP_PKEY_digestsign_supports_digest.html \ +html/man3/EVP_PKEY_encapsulate.html \ +html/man3/EVP_PKEY_encrypt.html \ +html/man3/EVP_PKEY_fromdata.html \ +html/man3/EVP_PKEY_get_attr.html \ +html/man3/EVP_PKEY_get_default_digest_nid.html \ +html/man3/EVP_PKEY_get_field_type.html \ +html/man3/EVP_PKEY_get_group_name.html \ +html/man3/EVP_PKEY_get_size.html \ +html/man3/EVP_PKEY_gettable_params.html \ +html/man3/EVP_PKEY_is_a.html \ +html/man3/EVP_PKEY_keygen.html \ +html/man3/EVP_PKEY_meth_get_count.html \ +html/man3/EVP_PKEY_meth_new.html \ +html/man3/EVP_PKEY_new.html \ +html/man3/EVP_PKEY_print_private.html \ +html/man3/EVP_PKEY_set1_RSA.html \ +html/man3/EVP_PKEY_set1_encoded_public_key.html \ +html/man3/EVP_PKEY_set_type.html \ +html/man3/EVP_PKEY_settable_params.html \ +html/man3/EVP_PKEY_sign.html \ +html/man3/EVP_PKEY_todata.html \ +html/man3/EVP_PKEY_verify.html \ +html/man3/EVP_PKEY_verify_recover.html \ +html/man3/EVP_RAND.html \ +html/man3/EVP_SIGNATURE.html \ +html/man3/EVP_SealInit.html \ +html/man3/EVP_SignInit.html \ +html/man3/EVP_VerifyInit.html \ +html/man3/EVP_aes_128_gcm.html \ +html/man3/EVP_aria_128_gcm.html \ +html/man3/EVP_bf_cbc.html \ +html/man3/EVP_blake2b512.html \ +html/man3/EVP_camellia_128_ecb.html \ +html/man3/EVP_cast5_cbc.html \ +html/man3/EVP_chacha20.html \ +html/man3/EVP_des_cbc.html \ +html/man3/EVP_desx_cbc.html \ +html/man3/EVP_idea_cbc.html \ +html/man3/EVP_md2.html \ +html/man3/EVP_md4.html \ +html/man3/EVP_md5.html \ +html/man3/EVP_mdc2.html \ +html/man3/EVP_rc2_cbc.html \ +html/man3/EVP_rc4.html \ +html/man3/EVP_rc5_32_12_16_cbc.html \ +html/man3/EVP_ripemd160.html \ +html/man3/EVP_seed_cbc.html \ +html/man3/EVP_set_default_properties.html \ +html/man3/EVP_sha1.html \ +html/man3/EVP_sha224.html \ +html/man3/EVP_sha3_224.html \ +html/man3/EVP_sm3.html \ +html/man3/EVP_sm4_cbc.html \ +html/man3/EVP_whirlpool.html \ +html/man3/HMAC.html \ +html/man3/MD5.html \ +html/man3/MDC2_Init.html \ +html/man3/NCONF_new_ex.html \ +html/man3/OBJ_nid2obj.html \ +html/man3/OCSP_REQUEST_new.html \ +html/man3/OCSP_cert_to_id.html \ +html/man3/OCSP_request_add1_nonce.html \ +html/man3/OCSP_resp_find_status.html \ +html/man3/OCSP_response_status.html \ +html/man3/OCSP_sendreq_new.html \ +html/man3/OPENSSL_Applink.html \ +html/man3/OPENSSL_FILE.html \ +html/man3/OPENSSL_LH_COMPFUNC.html \ +html/man3/OPENSSL_LH_stats.html \ +html/man3/OPENSSL_config.html \ +html/man3/OPENSSL_fork_prepare.html \ +html/man3/OPENSSL_gmtime.html \ +html/man3/OPENSSL_hexchar2int.html \ +html/man3/OPENSSL_ia32cap.html \ +html/man3/OPENSSL_init_crypto.html \ +html/man3/OPENSSL_init_ssl.html \ +html/man3/OPENSSL_instrument_bus.html \ +html/man3/OPENSSL_load_builtin_modules.html \ +html/man3/OPENSSL_malloc.html \ +html/man3/OPENSSL_s390xcap.html \ +html/man3/OPENSSL_secure_malloc.html \ +html/man3/OPENSSL_strcasecmp.html \ +html/man3/OSSL_ALGORITHM.html \ +html/man3/OSSL_CALLBACK.html \ +html/man3/OSSL_CMP_CTX_new.html \ +html/man3/OSSL_CMP_HDR_get0_transactionID.html \ +html/man3/OSSL_CMP_ITAV_set0.html \ +html/man3/OSSL_CMP_MSG_get0_header.html \ +html/man3/OSSL_CMP_MSG_http_perform.html \ +html/man3/OSSL_CMP_SRV_CTX_new.html \ +html/man3/OSSL_CMP_STATUSINFO_new.html \ +html/man3/OSSL_CMP_exec_certreq.html \ +html/man3/OSSL_CMP_log_open.html \ +html/man3/OSSL_CMP_validate_msg.html \ +html/man3/OSSL_CORE_MAKE_FUNC.html \ +html/man3/OSSL_CRMF_MSG_get0_tmpl.html \ +html/man3/OSSL_CRMF_MSG_set0_validity.html \ +html/man3/OSSL_CRMF_MSG_set1_regCtrl_regToken.html \ +html/man3/OSSL_CRMF_MSG_set1_regInfo_certReq.html \ +html/man3/OSSL_CRMF_pbmp_new.html \ +html/man3/OSSL_DECODER.html \ +html/man3/OSSL_DECODER_CTX.html \ +html/man3/OSSL_DECODER_CTX_new_for_pkey.html \ +html/man3/OSSL_DECODER_from_bio.html \ +html/man3/OSSL_DISPATCH.html \ +html/man3/OSSL_ENCODER.html \ +html/man3/OSSL_ENCODER_CTX.html \ +html/man3/OSSL_ENCODER_CTX_new_for_pkey.html \ +html/man3/OSSL_ENCODER_to_bio.html \ +html/man3/OSSL_ESS_check_signing_certs.html \ +html/man3/OSSL_HTTP_REQ_CTX.html \ +html/man3/OSSL_HTTP_parse_url.html \ +html/man3/OSSL_HTTP_transfer.html \ +html/man3/OSSL_ITEM.html \ +html/man3/OSSL_LIB_CTX.html \ +html/man3/OSSL_PARAM.html \ +html/man3/OSSL_PARAM_BLD.html \ +html/man3/OSSL_PARAM_allocate_from_text.html \ +html/man3/OSSL_PARAM_dup.html \ +html/man3/OSSL_PARAM_int.html \ +html/man3/OSSL_PROVIDER.html \ +html/man3/OSSL_SELF_TEST_new.html \ +html/man3/OSSL_SELF_TEST_set_callback.html \ +html/man3/OSSL_STORE_INFO.html \ +html/man3/OSSL_STORE_LOADER.html \ +html/man3/OSSL_STORE_SEARCH.html \ +html/man3/OSSL_STORE_attach.html \ +html/man3/OSSL_STORE_expect.html \ +html/man3/OSSL_STORE_open.html \ +html/man3/OSSL_trace_enabled.html \ +html/man3/OSSL_trace_get_category_num.html \ +html/man3/OSSL_trace_set_channel.html \ +html/man3/OpenSSL_add_all_algorithms.html \ +html/man3/OpenSSL_version.html \ +html/man3/PEM_X509_INFO_read_bio_ex.html \ +html/man3/PEM_bytes_read_bio.html \ +html/man3/PEM_read.html \ +html/man3/PEM_read_CMS.html \ +html/man3/PEM_read_bio_PrivateKey.html \ +html/man3/PEM_read_bio_ex.html \ +html/man3/PEM_write_bio_CMS_stream.html \ +html/man3/PEM_write_bio_PKCS7_stream.html \ +html/man3/PKCS12_PBE_keyivgen.html \ +html/man3/PKCS12_SAFEBAG_create_cert.html \ +html/man3/PKCS12_SAFEBAG_get0_attrs.html \ +html/man3/PKCS12_SAFEBAG_get1_cert.html \ +html/man3/PKCS12_add1_attr_by_NID.html \ +html/man3/PKCS12_add_CSPName_asc.html \ +html/man3/PKCS12_add_cert.html \ +html/man3/PKCS12_add_friendlyname_asc.html \ +html/man3/PKCS12_add_localkeyid.html \ +html/man3/PKCS12_add_safe.html \ +html/man3/PKCS12_create.html \ +html/man3/PKCS12_decrypt_skey.html \ +html/man3/PKCS12_gen_mac.html \ +html/man3/PKCS12_get_friendlyname.html \ +html/man3/PKCS12_init.html \ +html/man3/PKCS12_item_decrypt_d2i.html \ +html/man3/PKCS12_key_gen_utf8_ex.html \ +html/man3/PKCS12_newpass.html \ +html/man3/PKCS12_pack_p7encdata.html \ +html/man3/PKCS12_parse.html \ +html/man3/PKCS5_PBE_keyivgen.html \ +html/man3/PKCS5_PBKDF2_HMAC.html \ +html/man3/PKCS7_decrypt.html \ +html/man3/PKCS7_encrypt.html \ +html/man3/PKCS7_get_octet_string.html \ +html/man3/PKCS7_sign.html \ +html/man3/PKCS7_sign_add_signer.html \ +html/man3/PKCS7_type_is_other.html \ +html/man3/PKCS7_verify.html \ +html/man3/PKCS8_encrypt.html \ +html/man3/PKCS8_pkey_add1_attr.html \ +html/man3/RAND_add.html \ +html/man3/RAND_bytes.html \ +html/man3/RAND_cleanup.html \ +html/man3/RAND_egd.html \ +html/man3/RAND_get0_primary.html \ +html/man3/RAND_load_file.html \ +html/man3/RAND_set_DRBG_type.html \ +html/man3/RAND_set_rand_method.html \ +html/man3/RC4_set_key.html \ +html/man3/RIPEMD160_Init.html \ +html/man3/RSA_blinding_on.html \ +html/man3/RSA_check_key.html \ +html/man3/RSA_generate_key.html \ +html/man3/RSA_get0_key.html \ +html/man3/RSA_meth_new.html \ +html/man3/RSA_new.html \ +html/man3/RSA_padding_add_PKCS1_type_1.html \ +html/man3/RSA_print.html \ +html/man3/RSA_private_encrypt.html \ +html/man3/RSA_public_encrypt.html \ +html/man3/RSA_set_method.html \ +html/man3/RSA_sign.html \ +html/man3/RSA_sign_ASN1_OCTET_STRING.html \ +html/man3/RSA_size.html \ +html/man3/SCT_new.html \ +html/man3/SCT_print.html \ +html/man3/SCT_validate.html \ +html/man3/SHA256_Init.html \ +html/man3/SMIME_read_ASN1.html \ +html/man3/SMIME_read_CMS.html \ +html/man3/SMIME_read_PKCS7.html \ +html/man3/SMIME_write_ASN1.html \ +html/man3/SMIME_write_CMS.html \ +html/man3/SMIME_write_PKCS7.html \ +html/man3/SRP_Calc_B.html \ +html/man3/SRP_VBASE_new.html \ +html/man3/SRP_create_verifier.html \ +html/man3/SRP_user_pwd_new.html \ +html/man3/SSL_CIPHER_get_name.html \ +html/man3/SSL_COMP_add_compression_method.html \ +html/man3/SSL_CONF_CTX_new.html \ +html/man3/SSL_CONF_CTX_set1_prefix.html \ +html/man3/SSL_CONF_CTX_set_flags.html \ +html/man3/SSL_CONF_CTX_set_ssl_ctx.html \ +html/man3/SSL_CONF_cmd.html \ +html/man3/SSL_CONF_cmd_argv.html \ +html/man3/SSL_CTX_add1_chain_cert.html \ +html/man3/SSL_CTX_add_extra_chain_cert.html \ +html/man3/SSL_CTX_add_session.html \ +html/man3/SSL_CTX_config.html \ +html/man3/SSL_CTX_ctrl.html \ +html/man3/SSL_CTX_dane_enable.html \ +html/man3/SSL_CTX_flush_sessions.html \ +html/man3/SSL_CTX_free.html \ +html/man3/SSL_CTX_get0_param.html \ +html/man3/SSL_CTX_get_verify_mode.html \ +html/man3/SSL_CTX_has_client_custom_ext.html \ +html/man3/SSL_CTX_load_verify_locations.html \ +html/man3/SSL_CTX_new.html \ +html/man3/SSL_CTX_sess_number.html \ +html/man3/SSL_CTX_sess_set_cache_size.html \ +html/man3/SSL_CTX_sess_set_get_cb.html \ +html/man3/SSL_CTX_sessions.html \ +html/man3/SSL_CTX_set0_CA_list.html \ +html/man3/SSL_CTX_set1_curves.html \ +html/man3/SSL_CTX_set1_sigalgs.html \ +html/man3/SSL_CTX_set1_verify_cert_store.html \ +html/man3/SSL_CTX_set_alpn_select_cb.html \ +html/man3/SSL_CTX_set_cert_cb.html \ +html/man3/SSL_CTX_set_cert_store.html \ +html/man3/SSL_CTX_set_cert_verify_callback.html \ +html/man3/SSL_CTX_set_cipher_list.html \ +html/man3/SSL_CTX_set_client_cert_cb.html \ +html/man3/SSL_CTX_set_client_hello_cb.html \ +html/man3/SSL_CTX_set_ct_validation_callback.html \ +html/man3/SSL_CTX_set_ctlog_list_file.html \ +html/man3/SSL_CTX_set_default_passwd_cb.html \ +html/man3/SSL_CTX_set_generate_session_id.html \ +html/man3/SSL_CTX_set_info_callback.html \ +html/man3/SSL_CTX_set_keylog_callback.html \ +html/man3/SSL_CTX_set_max_cert_list.html \ +html/man3/SSL_CTX_set_min_proto_version.html \ +html/man3/SSL_CTX_set_mode.html \ +html/man3/SSL_CTX_set_msg_callback.html \ +html/man3/SSL_CTX_set_num_tickets.html \ +html/man3/SSL_CTX_set_options.html \ +html/man3/SSL_CTX_set_psk_client_callback.html \ +html/man3/SSL_CTX_set_quiet_shutdown.html \ +html/man3/SSL_CTX_set_read_ahead.html \ +html/man3/SSL_CTX_set_record_padding_callback.html \ +html/man3/SSL_CTX_set_security_level.html \ +html/man3/SSL_CTX_set_session_cache_mode.html \ +html/man3/SSL_CTX_set_session_id_context.html \ +html/man3/SSL_CTX_set_session_ticket_cb.html \ +html/man3/SSL_CTX_set_split_send_fragment.html \ +html/man3/SSL_CTX_set_srp_password.html \ +html/man3/SSL_CTX_set_ssl_version.html \ +html/man3/SSL_CTX_set_stateless_cookie_generate_cb.html \ +html/man3/SSL_CTX_set_timeout.html \ +html/man3/SSL_CTX_set_tlsext_servername_callback.html \ +html/man3/SSL_CTX_set_tlsext_status_cb.html \ +html/man3/SSL_CTX_set_tlsext_ticket_key_cb.html \ +html/man3/SSL_CTX_set_tlsext_use_srtp.html \ +html/man3/SSL_CTX_set_tmp_dh_callback.html \ +html/man3/SSL_CTX_set_tmp_ecdh.html \ +html/man3/SSL_CTX_set_verify.html \ +html/man3/SSL_CTX_use_certificate.html \ +html/man3/SSL_CTX_use_psk_identity_hint.html \ +html/man3/SSL_CTX_use_serverinfo.html \ +html/man3/SSL_SESSION_free.html \ +html/man3/SSL_SESSION_get0_cipher.html \ +html/man3/SSL_SESSION_get0_hostname.html \ +html/man3/SSL_SESSION_get0_id_context.html \ +html/man3/SSL_SESSION_get0_peer.html \ +html/man3/SSL_SESSION_get_compress_id.html \ +html/man3/SSL_SESSION_get_protocol_version.html \ +html/man3/SSL_SESSION_get_time.html \ +html/man3/SSL_SESSION_has_ticket.html \ +html/man3/SSL_SESSION_is_resumable.html \ +html/man3/SSL_SESSION_print.html \ +html/man3/SSL_SESSION_set1_id.html \ +html/man3/SSL_accept.html \ +html/man3/SSL_alert_type_string.html \ +html/man3/SSL_alloc_buffers.html \ +html/man3/SSL_check_chain.html \ +html/man3/SSL_clear.html \ +html/man3/SSL_connect.html \ +html/man3/SSL_do_handshake.html \ +html/man3/SSL_export_keying_material.html \ +html/man3/SSL_extension_supported.html \ +html/man3/SSL_free.html \ +html/man3/SSL_get0_peer_scts.html \ +html/man3/SSL_get_SSL_CTX.html \ +html/man3/SSL_get_all_async_fds.html \ +html/man3/SSL_get_certificate.html \ +html/man3/SSL_get_ciphers.html \ +html/man3/SSL_get_client_random.html \ +html/man3/SSL_get_current_cipher.html \ +html/man3/SSL_get_default_timeout.html \ +html/man3/SSL_get_error.html \ +html/man3/SSL_get_extms_support.html \ +html/man3/SSL_get_fd.html \ +html/man3/SSL_get_peer_cert_chain.html \ +html/man3/SSL_get_peer_certificate.html \ +html/man3/SSL_get_peer_signature_nid.html \ +html/man3/SSL_get_peer_tmp_key.html \ +html/man3/SSL_get_psk_identity.html \ +html/man3/SSL_get_rbio.html \ +html/man3/SSL_get_session.html \ +html/man3/SSL_get_shared_sigalgs.html \ +html/man3/SSL_get_verify_result.html \ +html/man3/SSL_get_version.html \ +html/man3/SSL_group_to_name.html \ +html/man3/SSL_in_init.html \ +html/man3/SSL_key_update.html \ +html/man3/SSL_library_init.html \ +html/man3/SSL_load_client_CA_file.html \ +html/man3/SSL_new.html \ +html/man3/SSL_pending.html \ +html/man3/SSL_read.html \ +html/man3/SSL_read_early_data.html \ +html/man3/SSL_rstate_string.html \ +html/man3/SSL_session_reused.html \ +html/man3/SSL_set1_host.html \ +html/man3/SSL_set_async_callback.html \ +html/man3/SSL_set_bio.html \ +html/man3/SSL_set_connect_state.html \ +html/man3/SSL_set_fd.html \ +html/man3/SSL_set_retry_verify.html \ +html/man3/SSL_set_session.html \ +html/man3/SSL_set_shutdown.html \ +html/man3/SSL_set_verify_result.html \ +html/man3/SSL_shutdown.html \ +html/man3/SSL_state_string.html \ +html/man3/SSL_want.html \ +html/man3/SSL_write.html \ +html/man3/TS_RESP_CTX_new.html \ +html/man3/TS_VERIFY_CTX_set_certs.html \ +html/man3/UI_STRING.html \ +html/man3/UI_UTIL_read_pw.html \ +html/man3/UI_create_method.html \ +html/man3/UI_new.html \ +html/man3/X509V3_get_d2i.html \ +html/man3/X509V3_set_ctx.html \ +html/man3/X509_ALGOR_dup.html \ +html/man3/X509_ATTRIBUTE.html \ +html/man3/X509_CRL_get0_by_serial.html \ +html/man3/X509_EXTENSION_set_object.html \ +html/man3/X509_LOOKUP.html \ +html/man3/X509_LOOKUP_hash_dir.html \ +html/man3/X509_LOOKUP_meth_new.html \ +html/man3/X509_NAME_ENTRY_get_object.html \ +html/man3/X509_NAME_add_entry_by_txt.html \ +html/man3/X509_NAME_get0_der.html \ +html/man3/X509_NAME_get_index_by_NID.html \ +html/man3/X509_NAME_print_ex.html \ +html/man3/X509_PUBKEY_new.html \ +html/man3/X509_REQ_get_attr.html \ +html/man3/X509_REQ_get_extensions.html \ +html/man3/X509_SIG_get0.html \ +html/man3/X509_STORE_CTX_get_error.html \ +html/man3/X509_STORE_CTX_new.html \ +html/man3/X509_STORE_CTX_set_verify_cb.html \ +html/man3/X509_STORE_add_cert.html \ +html/man3/X509_STORE_get0_param.html \ +html/man3/X509_STORE_new.html \ +html/man3/X509_STORE_set_verify_cb_func.html \ +html/man3/X509_VERIFY_PARAM_set_flags.html \ +html/man3/X509_add_cert.html \ +html/man3/X509_check_ca.html \ +html/man3/X509_check_host.html \ +html/man3/X509_check_issued.html \ +html/man3/X509_check_private_key.html \ +html/man3/X509_check_purpose.html \ +html/man3/X509_cmp.html \ +html/man3/X509_cmp_time.html \ +html/man3/X509_digest.html \ +html/man3/X509_dup.html \ +html/man3/X509_get0_distinguishing_id.html \ +html/man3/X509_get0_notBefore.html \ +html/man3/X509_get0_signature.html \ +html/man3/X509_get0_uids.html \ +html/man3/X509_get_extension_flags.html \ +html/man3/X509_get_pubkey.html \ +html/man3/X509_get_serialNumber.html \ +html/man3/X509_get_subject_name.html \ +html/man3/X509_get_version.html \ +html/man3/X509_load_http.html \ +html/man3/X509_new.html \ +html/man3/X509_sign.html \ +html/man3/X509_verify.html \ +html/man3/X509_verify_cert.html \ +html/man3/X509v3_get_ext_by_NID.html \ +html/man3/b2i_PVK_bio_ex.html \ +html/man3/d2i_PKCS8PrivateKey_bio.html \ +html/man3/d2i_PrivateKey.html \ +html/man3/d2i_RSAPrivateKey.html \ +html/man3/d2i_SSL_SESSION.html \ +html/man3/d2i_X509.html \ +html/man3/i2d_CMS_bio_stream.html \ +html/man3/i2d_PKCS7_bio_stream.html \ +html/man3/i2d_re_X509_tbs.html \ +html/man3/o2i_SCT_LIST.html \ +html/man3/s2i_ASN1_IA5STRING.html +MANDOCS[man3]=man/man3/ADMISSIONS.3 \ +man/man3/ASN1_EXTERN_FUNCS.3 \ +man/man3/ASN1_INTEGER_get_int64.3 \ +man/man3/ASN1_INTEGER_new.3 \ +man/man3/ASN1_ITEM_lookup.3 \ +man/man3/ASN1_OBJECT_new.3 \ +man/man3/ASN1_STRING_TABLE_add.3 \ +man/man3/ASN1_STRING_length.3 \ +man/man3/ASN1_STRING_new.3 \ +man/man3/ASN1_STRING_print_ex.3 \ +man/man3/ASN1_TIME_set.3 \ +man/man3/ASN1_TYPE_get.3 \ +man/man3/ASN1_aux_cb.3 \ +man/man3/ASN1_generate_nconf.3 \ +man/man3/ASN1_item_d2i_bio.3 \ +man/man3/ASN1_item_new.3 \ +man/man3/ASN1_item_sign.3 \ +man/man3/ASYNC_WAIT_CTX_new.3 \ +man/man3/ASYNC_start_job.3 \ +man/man3/BF_encrypt.3 \ +man/man3/BIO_ADDR.3 \ +man/man3/BIO_ADDRINFO.3 \ +man/man3/BIO_connect.3 \ +man/man3/BIO_ctrl.3 \ +man/man3/BIO_f_base64.3 \ +man/man3/BIO_f_buffer.3 \ +man/man3/BIO_f_cipher.3 \ +man/man3/BIO_f_md.3 \ +man/man3/BIO_f_null.3 \ +man/man3/BIO_f_prefix.3 \ +man/man3/BIO_f_readbuffer.3 \ +man/man3/BIO_f_ssl.3 \ +man/man3/BIO_find_type.3 \ +man/man3/BIO_get_data.3 \ +man/man3/BIO_get_ex_new_index.3 \ +man/man3/BIO_meth_new.3 \ +man/man3/BIO_new.3 \ +man/man3/BIO_new_CMS.3 \ +man/man3/BIO_parse_hostserv.3 \ +man/man3/BIO_printf.3 \ +man/man3/BIO_push.3 \ +man/man3/BIO_read.3 \ +man/man3/BIO_s_accept.3 \ +man/man3/BIO_s_bio.3 \ +man/man3/BIO_s_connect.3 \ +man/man3/BIO_s_core.3 \ +man/man3/BIO_s_datagram.3 \ +man/man3/BIO_s_fd.3 \ +man/man3/BIO_s_file.3 \ +man/man3/BIO_s_mem.3 \ +man/man3/BIO_s_null.3 \ +man/man3/BIO_s_socket.3 \ +man/man3/BIO_set_callback.3 \ +man/man3/BIO_should_retry.3 \ +man/man3/BIO_socket_wait.3 \ +man/man3/BN_BLINDING_new.3 \ +man/man3/BN_CTX_new.3 \ +man/man3/BN_CTX_start.3 \ +man/man3/BN_add.3 \ +man/man3/BN_add_word.3 \ +man/man3/BN_bn2bin.3 \ +man/man3/BN_cmp.3 \ +man/man3/BN_copy.3 \ +man/man3/BN_generate_prime.3 \ +man/man3/BN_mod_exp_mont.3 \ +man/man3/BN_mod_inverse.3 \ +man/man3/BN_mod_mul_montgomery.3 \ +man/man3/BN_mod_mul_reciprocal.3 \ +man/man3/BN_new.3 \ +man/man3/BN_num_bytes.3 \ +man/man3/BN_rand.3 \ +man/man3/BN_security_bits.3 \ +man/man3/BN_set_bit.3 \ +man/man3/BN_swap.3 \ +man/man3/BN_zero.3 \ +man/man3/BUF_MEM_new.3 \ +man/man3/CMS_EncryptedData_decrypt.3 \ +man/man3/CMS_EncryptedData_encrypt.3 \ +man/man3/CMS_EnvelopedData_create.3 \ +man/man3/CMS_add0_cert.3 \ +man/man3/CMS_add1_recipient_cert.3 \ +man/man3/CMS_add1_signer.3 \ +man/man3/CMS_compress.3 \ +man/man3/CMS_data_create.3 \ +man/man3/CMS_decrypt.3 \ +man/man3/CMS_digest_create.3 \ +man/man3/CMS_encrypt.3 \ +man/man3/CMS_final.3 \ +man/man3/CMS_get0_RecipientInfos.3 \ +man/man3/CMS_get0_SignerInfos.3 \ +man/man3/CMS_get0_type.3 \ +man/man3/CMS_get1_ReceiptRequest.3 \ +man/man3/CMS_sign.3 \ +man/man3/CMS_sign_receipt.3 \ +man/man3/CMS_signed_get_attr.3 \ +man/man3/CMS_uncompress.3 \ +man/man3/CMS_verify.3 \ +man/man3/CMS_verify_receipt.3 \ +man/man3/CONF_modules_free.3 \ +man/man3/CONF_modules_load_file.3 \ +man/man3/CRYPTO_THREAD_run_once.3 \ +man/man3/CRYPTO_get_ex_new_index.3 \ +man/man3/CRYPTO_memcmp.3 \ +man/man3/CTLOG_STORE_get0_log_by_id.3 \ +man/man3/CTLOG_STORE_new.3 \ +man/man3/CTLOG_new.3 \ +man/man3/CT_POLICY_EVAL_CTX_new.3 \ +man/man3/DEFINE_STACK_OF.3 \ +man/man3/DES_random_key.3 \ +man/man3/DH_generate_key.3 \ +man/man3/DH_generate_parameters.3 \ +man/man3/DH_get0_pqg.3 \ +man/man3/DH_get_1024_160.3 \ +man/man3/DH_meth_new.3 \ +man/man3/DH_new.3 \ +man/man3/DH_new_by_nid.3 \ +man/man3/DH_set_method.3 \ +man/man3/DH_size.3 \ +man/man3/DSA_SIG_new.3 \ +man/man3/DSA_do_sign.3 \ +man/man3/DSA_dup_DH.3 \ +man/man3/DSA_generate_key.3 \ +man/man3/DSA_generate_parameters.3 \ +man/man3/DSA_get0_pqg.3 \ +man/man3/DSA_meth_new.3 \ +man/man3/DSA_new.3 \ +man/man3/DSA_set_method.3 \ +man/man3/DSA_sign.3 \ +man/man3/DSA_size.3 \ +man/man3/DTLS_get_data_mtu.3 \ +man/man3/DTLS_set_timer_cb.3 \ +man/man3/DTLSv1_listen.3 \ +man/man3/ECDSA_SIG_new.3 \ +man/man3/ECDSA_sign.3 \ +man/man3/ECPKParameters_print.3 \ +man/man3/EC_GFp_simple_method.3 \ +man/man3/EC_GROUP_copy.3 \ +man/man3/EC_GROUP_new.3 \ +man/man3/EC_KEY_get_enc_flags.3 \ +man/man3/EC_KEY_new.3 \ +man/man3/EC_POINT_add.3 \ +man/man3/EC_POINT_new.3 \ +man/man3/ENGINE_add.3 \ +man/man3/ERR_GET_LIB.3 \ +man/man3/ERR_clear_error.3 \ +man/man3/ERR_error_string.3 \ +man/man3/ERR_get_error.3 \ +man/man3/ERR_load_crypto_strings.3 \ +man/man3/ERR_load_strings.3 \ +man/man3/ERR_new.3 \ +man/man3/ERR_print_errors.3 \ +man/man3/ERR_put_error.3 \ +man/man3/ERR_remove_state.3 \ +man/man3/ERR_set_mark.3 \ +man/man3/EVP_ASYM_CIPHER_free.3 \ +man/man3/EVP_BytesToKey.3 \ +man/man3/EVP_CIPHER_CTX_get_cipher_data.3 \ +man/man3/EVP_CIPHER_CTX_get_original_iv.3 \ +man/man3/EVP_CIPHER_meth_new.3 \ +man/man3/EVP_DigestInit.3 \ +man/man3/EVP_DigestSignInit.3 \ +man/man3/EVP_DigestVerifyInit.3 \ +man/man3/EVP_EncodeInit.3 \ +man/man3/EVP_EncryptInit.3 \ +man/man3/EVP_KDF.3 \ +man/man3/EVP_KEM_free.3 \ +man/man3/EVP_KEYEXCH_free.3 \ +man/man3/EVP_KEYMGMT.3 \ +man/man3/EVP_MAC.3 \ +man/man3/EVP_MD_meth_new.3 \ +man/man3/EVP_OpenInit.3 \ +man/man3/EVP_PBE_CipherInit.3 \ +man/man3/EVP_PKEY2PKCS8.3 \ +man/man3/EVP_PKEY_ASN1_METHOD.3 \ +man/man3/EVP_PKEY_CTX_ctrl.3 \ +man/man3/EVP_PKEY_CTX_get0_libctx.3 \ +man/man3/EVP_PKEY_CTX_get0_pkey.3 \ +man/man3/EVP_PKEY_CTX_new.3 \ +man/man3/EVP_PKEY_CTX_set1_pbe_pass.3 \ +man/man3/EVP_PKEY_CTX_set_hkdf_md.3 \ +man/man3/EVP_PKEY_CTX_set_params.3 \ +man/man3/EVP_PKEY_CTX_set_rsa_pss_keygen_md.3 \ +man/man3/EVP_PKEY_CTX_set_scrypt_N.3 \ +man/man3/EVP_PKEY_CTX_set_tls1_prf_md.3 \ +man/man3/EVP_PKEY_asn1_get_count.3 \ +man/man3/EVP_PKEY_check.3 \ +man/man3/EVP_PKEY_copy_parameters.3 \ +man/man3/EVP_PKEY_decapsulate.3 \ +man/man3/EVP_PKEY_decrypt.3 \ +man/man3/EVP_PKEY_derive.3 \ +man/man3/EVP_PKEY_digestsign_supports_digest.3 \ +man/man3/EVP_PKEY_encapsulate.3 \ +man/man3/EVP_PKEY_encrypt.3 \ +man/man3/EVP_PKEY_fromdata.3 \ +man/man3/EVP_PKEY_get_attr.3 \ +man/man3/EVP_PKEY_get_default_digest_nid.3 \ +man/man3/EVP_PKEY_get_field_type.3 \ +man/man3/EVP_PKEY_get_group_name.3 \ +man/man3/EVP_PKEY_get_size.3 \ +man/man3/EVP_PKEY_gettable_params.3 \ +man/man3/EVP_PKEY_is_a.3 \ +man/man3/EVP_PKEY_keygen.3 \ +man/man3/EVP_PKEY_meth_get_count.3 \ +man/man3/EVP_PKEY_meth_new.3 \ +man/man3/EVP_PKEY_new.3 \ +man/man3/EVP_PKEY_print_private.3 \ +man/man3/EVP_PKEY_set1_RSA.3 \ +man/man3/EVP_PKEY_set1_encoded_public_key.3 \ +man/man3/EVP_PKEY_set_type.3 \ +man/man3/EVP_PKEY_settable_params.3 \ +man/man3/EVP_PKEY_sign.3 \ +man/man3/EVP_PKEY_todata.3 \ +man/man3/EVP_PKEY_verify.3 \ +man/man3/EVP_PKEY_verify_recover.3 \ +man/man3/EVP_RAND.3 \ +man/man3/EVP_SIGNATURE.3 \ +man/man3/EVP_SealInit.3 \ +man/man3/EVP_SignInit.3 \ +man/man3/EVP_VerifyInit.3 \ +man/man3/EVP_aes_128_gcm.3 \ +man/man3/EVP_aria_128_gcm.3 \ +man/man3/EVP_bf_cbc.3 \ +man/man3/EVP_blake2b512.3 \ +man/man3/EVP_camellia_128_ecb.3 \ +man/man3/EVP_cast5_cbc.3 \ +man/man3/EVP_chacha20.3 \ +man/man3/EVP_des_cbc.3 \ +man/man3/EVP_desx_cbc.3 \ +man/man3/EVP_idea_cbc.3 \ +man/man3/EVP_md2.3 \ +man/man3/EVP_md4.3 \ +man/man3/EVP_md5.3 \ +man/man3/EVP_mdc2.3 \ +man/man3/EVP_rc2_cbc.3 \ +man/man3/EVP_rc4.3 \ +man/man3/EVP_rc5_32_12_16_cbc.3 \ +man/man3/EVP_ripemd160.3 \ +man/man3/EVP_seed_cbc.3 \ +man/man3/EVP_set_default_properties.3 \ +man/man3/EVP_sha1.3 \ +man/man3/EVP_sha224.3 \ +man/man3/EVP_sha3_224.3 \ +man/man3/EVP_sm3.3 \ +man/man3/EVP_sm4_cbc.3 \ +man/man3/EVP_whirlpool.3 \ +man/man3/HMAC.3 \ +man/man3/MD5.3 \ +man/man3/MDC2_Init.3 \ +man/man3/NCONF_new_ex.3 \ +man/man3/OBJ_nid2obj.3 \ +man/man3/OCSP_REQUEST_new.3 \ +man/man3/OCSP_cert_to_id.3 \ +man/man3/OCSP_request_add1_nonce.3 \ +man/man3/OCSP_resp_find_status.3 \ +man/man3/OCSP_response_status.3 \ +man/man3/OCSP_sendreq_new.3 \ +man/man3/OPENSSL_Applink.3 \ +man/man3/OPENSSL_FILE.3 \ +man/man3/OPENSSL_LH_COMPFUNC.3 \ +man/man3/OPENSSL_LH_stats.3 \ +man/man3/OPENSSL_config.3 \ +man/man3/OPENSSL_fork_prepare.3 \ +man/man3/OPENSSL_gmtime.3 \ +man/man3/OPENSSL_hexchar2int.3 \ +man/man3/OPENSSL_ia32cap.3 \ +man/man3/OPENSSL_init_crypto.3 \ +man/man3/OPENSSL_init_ssl.3 \ +man/man3/OPENSSL_instrument_bus.3 \ +man/man3/OPENSSL_load_builtin_modules.3 \ +man/man3/OPENSSL_malloc.3 \ +man/man3/OPENSSL_s390xcap.3 \ +man/man3/OPENSSL_secure_malloc.3 \ +man/man3/OPENSSL_strcasecmp.3 \ +man/man3/OSSL_ALGORITHM.3 \ +man/man3/OSSL_CALLBACK.3 \ +man/man3/OSSL_CMP_CTX_new.3 \ +man/man3/OSSL_CMP_HDR_get0_transactionID.3 \ +man/man3/OSSL_CMP_ITAV_set0.3 \ +man/man3/OSSL_CMP_MSG_get0_header.3 \ +man/man3/OSSL_CMP_MSG_http_perform.3 \ +man/man3/OSSL_CMP_SRV_CTX_new.3 \ +man/man3/OSSL_CMP_STATUSINFO_new.3 \ +man/man3/OSSL_CMP_exec_certreq.3 \ +man/man3/OSSL_CMP_log_open.3 \ +man/man3/OSSL_CMP_validate_msg.3 \ +man/man3/OSSL_CORE_MAKE_FUNC.3 \ +man/man3/OSSL_CRMF_MSG_get0_tmpl.3 \ +man/man3/OSSL_CRMF_MSG_set0_validity.3 \ +man/man3/OSSL_CRMF_MSG_set1_regCtrl_regToken.3 \ +man/man3/OSSL_CRMF_MSG_set1_regInfo_certReq.3 \ +man/man3/OSSL_CRMF_pbmp_new.3 \ +man/man3/OSSL_DECODER.3 \ +man/man3/OSSL_DECODER_CTX.3 \ +man/man3/OSSL_DECODER_CTX_new_for_pkey.3 \ +man/man3/OSSL_DECODER_from_bio.3 \ +man/man3/OSSL_DISPATCH.3 \ +man/man3/OSSL_ENCODER.3 \ +man/man3/OSSL_ENCODER_CTX.3 \ +man/man3/OSSL_ENCODER_CTX_new_for_pkey.3 \ +man/man3/OSSL_ENCODER_to_bio.3 \ +man/man3/OSSL_ESS_check_signing_certs.3 \ +man/man3/OSSL_HTTP_REQ_CTX.3 \ +man/man3/OSSL_HTTP_parse_url.3 \ +man/man3/OSSL_HTTP_transfer.3 \ +man/man3/OSSL_ITEM.3 \ +man/man3/OSSL_LIB_CTX.3 \ +man/man3/OSSL_PARAM.3 \ +man/man3/OSSL_PARAM_BLD.3 \ +man/man3/OSSL_PARAM_allocate_from_text.3 \ +man/man3/OSSL_PARAM_dup.3 \ +man/man3/OSSL_PARAM_int.3 \ +man/man3/OSSL_PROVIDER.3 \ +man/man3/OSSL_SELF_TEST_new.3 \ +man/man3/OSSL_SELF_TEST_set_callback.3 \ +man/man3/OSSL_STORE_INFO.3 \ +man/man3/OSSL_STORE_LOADER.3 \ +man/man3/OSSL_STORE_SEARCH.3 \ +man/man3/OSSL_STORE_attach.3 \ +man/man3/OSSL_STORE_expect.3 \ +man/man3/OSSL_STORE_open.3 \ +man/man3/OSSL_trace_enabled.3 \ +man/man3/OSSL_trace_get_category_num.3 \ +man/man3/OSSL_trace_set_channel.3 \ +man/man3/OpenSSL_add_all_algorithms.3 \ +man/man3/OpenSSL_version.3 \ +man/man3/PEM_X509_INFO_read_bio_ex.3 \ +man/man3/PEM_bytes_read_bio.3 \ +man/man3/PEM_read.3 \ +man/man3/PEM_read_CMS.3 \ +man/man3/PEM_read_bio_PrivateKey.3 \ +man/man3/PEM_read_bio_ex.3 \ +man/man3/PEM_write_bio_CMS_stream.3 \ +man/man3/PEM_write_bio_PKCS7_stream.3 \ +man/man3/PKCS12_PBE_keyivgen.3 \ +man/man3/PKCS12_SAFEBAG_create_cert.3 \ +man/man3/PKCS12_SAFEBAG_get0_attrs.3 \ +man/man3/PKCS12_SAFEBAG_get1_cert.3 \ +man/man3/PKCS12_add1_attr_by_NID.3 \ +man/man3/PKCS12_add_CSPName_asc.3 \ +man/man3/PKCS12_add_cert.3 \ +man/man3/PKCS12_add_friendlyname_asc.3 \ +man/man3/PKCS12_add_localkeyid.3 \ +man/man3/PKCS12_add_safe.3 \ +man/man3/PKCS12_create.3 \ +man/man3/PKCS12_decrypt_skey.3 \ +man/man3/PKCS12_gen_mac.3 \ +man/man3/PKCS12_get_friendlyname.3 \ +man/man3/PKCS12_init.3 \ +man/man3/PKCS12_item_decrypt_d2i.3 \ +man/man3/PKCS12_key_gen_utf8_ex.3 \ +man/man3/PKCS12_newpass.3 \ +man/man3/PKCS12_pack_p7encdata.3 \ +man/man3/PKCS12_parse.3 \ +man/man3/PKCS5_PBE_keyivgen.3 \ +man/man3/PKCS5_PBKDF2_HMAC.3 \ +man/man3/PKCS7_decrypt.3 \ +man/man3/PKCS7_encrypt.3 \ +man/man3/PKCS7_get_octet_string.3 \ +man/man3/PKCS7_sign.3 \ +man/man3/PKCS7_sign_add_signer.3 \ +man/man3/PKCS7_type_is_other.3 \ +man/man3/PKCS7_verify.3 \ +man/man3/PKCS8_encrypt.3 \ +man/man3/PKCS8_pkey_add1_attr.3 \ +man/man3/RAND_add.3 \ +man/man3/RAND_bytes.3 \ +man/man3/RAND_cleanup.3 \ +man/man3/RAND_egd.3 \ +man/man3/RAND_get0_primary.3 \ +man/man3/RAND_load_file.3 \ +man/man3/RAND_set_DRBG_type.3 \ +man/man3/RAND_set_rand_method.3 \ +man/man3/RC4_set_key.3 \ +man/man3/RIPEMD160_Init.3 \ +man/man3/RSA_blinding_on.3 \ +man/man3/RSA_check_key.3 \ +man/man3/RSA_generate_key.3 \ +man/man3/RSA_get0_key.3 \ +man/man3/RSA_meth_new.3 \ +man/man3/RSA_new.3 \ +man/man3/RSA_padding_add_PKCS1_type_1.3 \ +man/man3/RSA_print.3 \ +man/man3/RSA_private_encrypt.3 \ +man/man3/RSA_public_encrypt.3 \ +man/man3/RSA_set_method.3 \ +man/man3/RSA_sign.3 \ +man/man3/RSA_sign_ASN1_OCTET_STRING.3 \ +man/man3/RSA_size.3 \ +man/man3/SCT_new.3 \ +man/man3/SCT_print.3 \ +man/man3/SCT_validate.3 \ +man/man3/SHA256_Init.3 \ +man/man3/SMIME_read_ASN1.3 \ +man/man3/SMIME_read_CMS.3 \ +man/man3/SMIME_read_PKCS7.3 \ +man/man3/SMIME_write_ASN1.3 \ +man/man3/SMIME_write_CMS.3 \ +man/man3/SMIME_write_PKCS7.3 \ +man/man3/SRP_Calc_B.3 \ +man/man3/SRP_VBASE_new.3 \ +man/man3/SRP_create_verifier.3 \ +man/man3/SRP_user_pwd_new.3 \ +man/man3/SSL_CIPHER_get_name.3 \ +man/man3/SSL_COMP_add_compression_method.3 \ +man/man3/SSL_CONF_CTX_new.3 \ +man/man3/SSL_CONF_CTX_set1_prefix.3 \ +man/man3/SSL_CONF_CTX_set_flags.3 \ +man/man3/SSL_CONF_CTX_set_ssl_ctx.3 \ +man/man3/SSL_CONF_cmd.3 \ +man/man3/SSL_CONF_cmd_argv.3 \ +man/man3/SSL_CTX_add1_chain_cert.3 \ +man/man3/SSL_CTX_add_extra_chain_cert.3 \ +man/man3/SSL_CTX_add_session.3 \ +man/man3/SSL_CTX_config.3 \ +man/man3/SSL_CTX_ctrl.3 \ +man/man3/SSL_CTX_dane_enable.3 \ +man/man3/SSL_CTX_flush_sessions.3 \ +man/man3/SSL_CTX_free.3 \ +man/man3/SSL_CTX_get0_param.3 \ +man/man3/SSL_CTX_get_verify_mode.3 \ +man/man3/SSL_CTX_has_client_custom_ext.3 \ +man/man3/SSL_CTX_load_verify_locations.3 \ +man/man3/SSL_CTX_new.3 \ +man/man3/SSL_CTX_sess_number.3 \ +man/man3/SSL_CTX_sess_set_cache_size.3 \ +man/man3/SSL_CTX_sess_set_get_cb.3 \ +man/man3/SSL_CTX_sessions.3 \ +man/man3/SSL_CTX_set0_CA_list.3 \ +man/man3/SSL_CTX_set1_curves.3 \ +man/man3/SSL_CTX_set1_sigalgs.3 \ +man/man3/SSL_CTX_set1_verify_cert_store.3 \ +man/man3/SSL_CTX_set_alpn_select_cb.3 \ +man/man3/SSL_CTX_set_cert_cb.3 \ +man/man3/SSL_CTX_set_cert_store.3 \ +man/man3/SSL_CTX_set_cert_verify_callback.3 \ +man/man3/SSL_CTX_set_cipher_list.3 \ +man/man3/SSL_CTX_set_client_cert_cb.3 \ +man/man3/SSL_CTX_set_client_hello_cb.3 \ +man/man3/SSL_CTX_set_ct_validation_callback.3 \ +man/man3/SSL_CTX_set_ctlog_list_file.3 \ +man/man3/SSL_CTX_set_default_passwd_cb.3 \ +man/man3/SSL_CTX_set_generate_session_id.3 \ +man/man3/SSL_CTX_set_info_callback.3 \ +man/man3/SSL_CTX_set_keylog_callback.3 \ +man/man3/SSL_CTX_set_max_cert_list.3 \ +man/man3/SSL_CTX_set_min_proto_version.3 \ +man/man3/SSL_CTX_set_mode.3 \ +man/man3/SSL_CTX_set_msg_callback.3 \ +man/man3/SSL_CTX_set_num_tickets.3 \ +man/man3/SSL_CTX_set_options.3 \ +man/man3/SSL_CTX_set_psk_client_callback.3 \ +man/man3/SSL_CTX_set_quiet_shutdown.3 \ +man/man3/SSL_CTX_set_read_ahead.3 \ +man/man3/SSL_CTX_set_record_padding_callback.3 \ +man/man3/SSL_CTX_set_security_level.3 \ +man/man3/SSL_CTX_set_session_cache_mode.3 \ +man/man3/SSL_CTX_set_session_id_context.3 \ +man/man3/SSL_CTX_set_session_ticket_cb.3 \ +man/man3/SSL_CTX_set_split_send_fragment.3 \ +man/man3/SSL_CTX_set_srp_password.3 \ +man/man3/SSL_CTX_set_ssl_version.3 \ +man/man3/SSL_CTX_set_stateless_cookie_generate_cb.3 \ +man/man3/SSL_CTX_set_timeout.3 \ +man/man3/SSL_CTX_set_tlsext_servername_callback.3 \ +man/man3/SSL_CTX_set_tlsext_status_cb.3 \ +man/man3/SSL_CTX_set_tlsext_ticket_key_cb.3 \ +man/man3/SSL_CTX_set_tlsext_use_srtp.3 \ +man/man3/SSL_CTX_set_tmp_dh_callback.3 \ +man/man3/SSL_CTX_set_tmp_ecdh.3 \ +man/man3/SSL_CTX_set_verify.3 \ +man/man3/SSL_CTX_use_certificate.3 \ +man/man3/SSL_CTX_use_psk_identity_hint.3 \ +man/man3/SSL_CTX_use_serverinfo.3 \ +man/man3/SSL_SESSION_free.3 \ +man/man3/SSL_SESSION_get0_cipher.3 \ +man/man3/SSL_SESSION_get0_hostname.3 \ +man/man3/SSL_SESSION_get0_id_context.3 \ +man/man3/SSL_SESSION_get0_peer.3 \ +man/man3/SSL_SESSION_get_compress_id.3 \ +man/man3/SSL_SESSION_get_protocol_version.3 \ +man/man3/SSL_SESSION_get_time.3 \ +man/man3/SSL_SESSION_has_ticket.3 \ +man/man3/SSL_SESSION_is_resumable.3 \ +man/man3/SSL_SESSION_print.3 \ +man/man3/SSL_SESSION_set1_id.3 \ +man/man3/SSL_accept.3 \ +man/man3/SSL_alert_type_string.3 \ +man/man3/SSL_alloc_buffers.3 \ +man/man3/SSL_check_chain.3 \ +man/man3/SSL_clear.3 \ +man/man3/SSL_connect.3 \ +man/man3/SSL_do_handshake.3 \ +man/man3/SSL_export_keying_material.3 \ +man/man3/SSL_extension_supported.3 \ +man/man3/SSL_free.3 \ +man/man3/SSL_get0_peer_scts.3 \ +man/man3/SSL_get_SSL_CTX.3 \ +man/man3/SSL_get_all_async_fds.3 \ +man/man3/SSL_get_certificate.3 \ +man/man3/SSL_get_ciphers.3 \ +man/man3/SSL_get_client_random.3 \ +man/man3/SSL_get_current_cipher.3 \ +man/man3/SSL_get_default_timeout.3 \ +man/man3/SSL_get_error.3 \ +man/man3/SSL_get_extms_support.3 \ +man/man3/SSL_get_fd.3 \ +man/man3/SSL_get_peer_cert_chain.3 \ +man/man3/SSL_get_peer_certificate.3 \ +man/man3/SSL_get_peer_signature_nid.3 \ +man/man3/SSL_get_peer_tmp_key.3 \ +man/man3/SSL_get_psk_identity.3 \ +man/man3/SSL_get_rbio.3 \ +man/man3/SSL_get_session.3 \ +man/man3/SSL_get_shared_sigalgs.3 \ +man/man3/SSL_get_verify_result.3 \ +man/man3/SSL_get_version.3 \ +man/man3/SSL_group_to_name.3 \ +man/man3/SSL_in_init.3 \ +man/man3/SSL_key_update.3 \ +man/man3/SSL_library_init.3 \ +man/man3/SSL_load_client_CA_file.3 \ +man/man3/SSL_new.3 \ +man/man3/SSL_pending.3 \ +man/man3/SSL_read.3 \ +man/man3/SSL_read_early_data.3 \ +man/man3/SSL_rstate_string.3 \ +man/man3/SSL_session_reused.3 \ +man/man3/SSL_set1_host.3 \ +man/man3/SSL_set_async_callback.3 \ +man/man3/SSL_set_bio.3 \ +man/man3/SSL_set_connect_state.3 \ +man/man3/SSL_set_fd.3 \ +man/man3/SSL_set_retry_verify.3 \ +man/man3/SSL_set_session.3 \ +man/man3/SSL_set_shutdown.3 \ +man/man3/SSL_set_verify_result.3 \ +man/man3/SSL_shutdown.3 \ +man/man3/SSL_state_string.3 \ +man/man3/SSL_want.3 \ +man/man3/SSL_write.3 \ +man/man3/TS_RESP_CTX_new.3 \ +man/man3/TS_VERIFY_CTX_set_certs.3 \ +man/man3/UI_STRING.3 \ +man/man3/UI_UTIL_read_pw.3 \ +man/man3/UI_create_method.3 \ +man/man3/UI_new.3 \ +man/man3/X509V3_get_d2i.3 \ +man/man3/X509V3_set_ctx.3 \ +man/man3/X509_ALGOR_dup.3 \ +man/man3/X509_ATTRIBUTE.3 \ +man/man3/X509_CRL_get0_by_serial.3 \ +man/man3/X509_EXTENSION_set_object.3 \ +man/man3/X509_LOOKUP.3 \ +man/man3/X509_LOOKUP_hash_dir.3 \ +man/man3/X509_LOOKUP_meth_new.3 \ +man/man3/X509_NAME_ENTRY_get_object.3 \ +man/man3/X509_NAME_add_entry_by_txt.3 \ +man/man3/X509_NAME_get0_der.3 \ +man/man3/X509_NAME_get_index_by_NID.3 \ +man/man3/X509_NAME_print_ex.3 \ +man/man3/X509_PUBKEY_new.3 \ +man/man3/X509_REQ_get_attr.3 \ +man/man3/X509_REQ_get_extensions.3 \ +man/man3/X509_SIG_get0.3 \ +man/man3/X509_STORE_CTX_get_error.3 \ +man/man3/X509_STORE_CTX_new.3 \ +man/man3/X509_STORE_CTX_set_verify_cb.3 \ +man/man3/X509_STORE_add_cert.3 \ +man/man3/X509_STORE_get0_param.3 \ +man/man3/X509_STORE_new.3 \ +man/man3/X509_STORE_set_verify_cb_func.3 \ +man/man3/X509_VERIFY_PARAM_set_flags.3 \ +man/man3/X509_add_cert.3 \ +man/man3/X509_check_ca.3 \ +man/man3/X509_check_host.3 \ +man/man3/X509_check_issued.3 \ +man/man3/X509_check_private_key.3 \ +man/man3/X509_check_purpose.3 \ +man/man3/X509_cmp.3 \ +man/man3/X509_cmp_time.3 \ +man/man3/X509_digest.3 \ +man/man3/X509_dup.3 \ +man/man3/X509_get0_distinguishing_id.3 \ +man/man3/X509_get0_notBefore.3 \ +man/man3/X509_get0_signature.3 \ +man/man3/X509_get0_uids.3 \ +man/man3/X509_get_extension_flags.3 \ +man/man3/X509_get_pubkey.3 \ +man/man3/X509_get_serialNumber.3 \ +man/man3/X509_get_subject_name.3 \ +man/man3/X509_get_version.3 \ +man/man3/X509_load_http.3 \ +man/man3/X509_new.3 \ +man/man3/X509_sign.3 \ +man/man3/X509_verify.3 \ +man/man3/X509_verify_cert.3 \ +man/man3/X509v3_get_ext_by_NID.3 \ +man/man3/b2i_PVK_bio_ex.3 \ +man/man3/d2i_PKCS8PrivateKey_bio.3 \ +man/man3/d2i_PrivateKey.3 \ +man/man3/d2i_RSAPrivateKey.3 \ +man/man3/d2i_SSL_SESSION.3 \ +man/man3/d2i_X509.3 \ +man/man3/i2d_CMS_bio_stream.3 \ +man/man3/i2d_PKCS7_bio_stream.3 \ +man/man3/i2d_re_X509_tbs.3 \ +man/man3/o2i_SCT_LIST.3 \ +man/man3/s2i_ASN1_IA5STRING.3 +DEPEND[html/man5/config.html]=man5/config.pod +GENERATE[html/man5/config.html]=man5/config.pod +DEPEND[man/man5/config.5]=man5/config.pod +GENERATE[man/man5/config.5]=man5/config.pod +DEPEND[html/man5/fips_config.html]=man5/fips_config.pod +GENERATE[html/man5/fips_config.html]=man5/fips_config.pod +DEPEND[man/man5/fips_config.5]=man5/fips_config.pod +GENERATE[man/man5/fips_config.5]=man5/fips_config.pod +DEPEND[html/man5/x509v3_config.html]=man5/x509v3_config.pod +GENERATE[html/man5/x509v3_config.html]=man5/x509v3_config.pod +DEPEND[man/man5/x509v3_config.5]=man5/x509v3_config.pod +GENERATE[man/man5/x509v3_config.5]=man5/x509v3_config.pod +IMAGEDOCS[man5]= +HTMLDOCS[man5]=html/man5/config.html \ +html/man5/fips_config.html \ +html/man5/x509v3_config.html +MANDOCS[man5]=man/man5/config.5 \ +man/man5/fips_config.5 \ +man/man5/x509v3_config.5 +DEPEND[html/man7/EVP_ASYM_CIPHER-RSA.html]=man7/EVP_ASYM_CIPHER-RSA.pod +GENERATE[html/man7/EVP_ASYM_CIPHER-RSA.html]=man7/EVP_ASYM_CIPHER-RSA.pod +DEPEND[man/man7/EVP_ASYM_CIPHER-RSA.7]=man7/EVP_ASYM_CIPHER-RSA.pod +GENERATE[man/man7/EVP_ASYM_CIPHER-RSA.7]=man7/EVP_ASYM_CIPHER-RSA.pod +DEPEND[html/man7/EVP_ASYM_CIPHER-SM2.html]=man7/EVP_ASYM_CIPHER-SM2.pod +GENERATE[html/man7/EVP_ASYM_CIPHER-SM2.html]=man7/EVP_ASYM_CIPHER-SM2.pod +DEPEND[man/man7/EVP_ASYM_CIPHER-SM2.7]=man7/EVP_ASYM_CIPHER-SM2.pod +GENERATE[man/man7/EVP_ASYM_CIPHER-SM2.7]=man7/EVP_ASYM_CIPHER-SM2.pod +DEPEND[html/man7/EVP_CIPHER-AES.html]=man7/EVP_CIPHER-AES.pod +GENERATE[html/man7/EVP_CIPHER-AES.html]=man7/EVP_CIPHER-AES.pod +DEPEND[man/man7/EVP_CIPHER-AES.7]=man7/EVP_CIPHER-AES.pod +GENERATE[man/man7/EVP_CIPHER-AES.7]=man7/EVP_CIPHER-AES.pod +DEPEND[html/man7/EVP_CIPHER-ARIA.html]=man7/EVP_CIPHER-ARIA.pod +GENERATE[html/man7/EVP_CIPHER-ARIA.html]=man7/EVP_CIPHER-ARIA.pod +DEPEND[man/man7/EVP_CIPHER-ARIA.7]=man7/EVP_CIPHER-ARIA.pod +GENERATE[man/man7/EVP_CIPHER-ARIA.7]=man7/EVP_CIPHER-ARIA.pod +DEPEND[html/man7/EVP_CIPHER-BLOWFISH.html]=man7/EVP_CIPHER-BLOWFISH.pod +GENERATE[html/man7/EVP_CIPHER-BLOWFISH.html]=man7/EVP_CIPHER-BLOWFISH.pod +DEPEND[man/man7/EVP_CIPHER-BLOWFISH.7]=man7/EVP_CIPHER-BLOWFISH.pod +GENERATE[man/man7/EVP_CIPHER-BLOWFISH.7]=man7/EVP_CIPHER-BLOWFISH.pod +DEPEND[html/man7/EVP_CIPHER-CAMELLIA.html]=man7/EVP_CIPHER-CAMELLIA.pod +GENERATE[html/man7/EVP_CIPHER-CAMELLIA.html]=man7/EVP_CIPHER-CAMELLIA.pod +DEPEND[man/man7/EVP_CIPHER-CAMELLIA.7]=man7/EVP_CIPHER-CAMELLIA.pod +GENERATE[man/man7/EVP_CIPHER-CAMELLIA.7]=man7/EVP_CIPHER-CAMELLIA.pod +DEPEND[html/man7/EVP_CIPHER-CAST.html]=man7/EVP_CIPHER-CAST.pod +GENERATE[html/man7/EVP_CIPHER-CAST.html]=man7/EVP_CIPHER-CAST.pod +DEPEND[man/man7/EVP_CIPHER-CAST.7]=man7/EVP_CIPHER-CAST.pod +GENERATE[man/man7/EVP_CIPHER-CAST.7]=man7/EVP_CIPHER-CAST.pod +DEPEND[html/man7/EVP_CIPHER-CHACHA.html]=man7/EVP_CIPHER-CHACHA.pod +GENERATE[html/man7/EVP_CIPHER-CHACHA.html]=man7/EVP_CIPHER-CHACHA.pod +DEPEND[man/man7/EVP_CIPHER-CHACHA.7]=man7/EVP_CIPHER-CHACHA.pod +GENERATE[man/man7/EVP_CIPHER-CHACHA.7]=man7/EVP_CIPHER-CHACHA.pod +DEPEND[html/man7/EVP_CIPHER-DES.html]=man7/EVP_CIPHER-DES.pod +GENERATE[html/man7/EVP_CIPHER-DES.html]=man7/EVP_CIPHER-DES.pod +DEPEND[man/man7/EVP_CIPHER-DES.7]=man7/EVP_CIPHER-DES.pod +GENERATE[man/man7/EVP_CIPHER-DES.7]=man7/EVP_CIPHER-DES.pod +DEPEND[html/man7/EVP_CIPHER-IDEA.html]=man7/EVP_CIPHER-IDEA.pod +GENERATE[html/man7/EVP_CIPHER-IDEA.html]=man7/EVP_CIPHER-IDEA.pod +DEPEND[man/man7/EVP_CIPHER-IDEA.7]=man7/EVP_CIPHER-IDEA.pod +GENERATE[man/man7/EVP_CIPHER-IDEA.7]=man7/EVP_CIPHER-IDEA.pod +DEPEND[html/man7/EVP_CIPHER-NULL.html]=man7/EVP_CIPHER-NULL.pod +GENERATE[html/man7/EVP_CIPHER-NULL.html]=man7/EVP_CIPHER-NULL.pod +DEPEND[man/man7/EVP_CIPHER-NULL.7]=man7/EVP_CIPHER-NULL.pod +GENERATE[man/man7/EVP_CIPHER-NULL.7]=man7/EVP_CIPHER-NULL.pod +DEPEND[html/man7/EVP_CIPHER-RC2.html]=man7/EVP_CIPHER-RC2.pod +GENERATE[html/man7/EVP_CIPHER-RC2.html]=man7/EVP_CIPHER-RC2.pod +DEPEND[man/man7/EVP_CIPHER-RC2.7]=man7/EVP_CIPHER-RC2.pod +GENERATE[man/man7/EVP_CIPHER-RC2.7]=man7/EVP_CIPHER-RC2.pod +DEPEND[html/man7/EVP_CIPHER-RC4.html]=man7/EVP_CIPHER-RC4.pod +GENERATE[html/man7/EVP_CIPHER-RC4.html]=man7/EVP_CIPHER-RC4.pod +DEPEND[man/man7/EVP_CIPHER-RC4.7]=man7/EVP_CIPHER-RC4.pod +GENERATE[man/man7/EVP_CIPHER-RC4.7]=man7/EVP_CIPHER-RC4.pod +DEPEND[html/man7/EVP_CIPHER-RC5.html]=man7/EVP_CIPHER-RC5.pod +GENERATE[html/man7/EVP_CIPHER-RC5.html]=man7/EVP_CIPHER-RC5.pod +DEPEND[man/man7/EVP_CIPHER-RC5.7]=man7/EVP_CIPHER-RC5.pod +GENERATE[man/man7/EVP_CIPHER-RC5.7]=man7/EVP_CIPHER-RC5.pod +DEPEND[html/man7/EVP_CIPHER-SEED.html]=man7/EVP_CIPHER-SEED.pod +GENERATE[html/man7/EVP_CIPHER-SEED.html]=man7/EVP_CIPHER-SEED.pod +DEPEND[man/man7/EVP_CIPHER-SEED.7]=man7/EVP_CIPHER-SEED.pod +GENERATE[man/man7/EVP_CIPHER-SEED.7]=man7/EVP_CIPHER-SEED.pod +DEPEND[html/man7/EVP_CIPHER-SM4.html]=man7/EVP_CIPHER-SM4.pod +GENERATE[html/man7/EVP_CIPHER-SM4.html]=man7/EVP_CIPHER-SM4.pod +DEPEND[man/man7/EVP_CIPHER-SM4.7]=man7/EVP_CIPHER-SM4.pod +GENERATE[man/man7/EVP_CIPHER-SM4.7]=man7/EVP_CIPHER-SM4.pod +DEPEND[html/man7/EVP_KDF-HKDF.html]=man7/EVP_KDF-HKDF.pod +GENERATE[html/man7/EVP_KDF-HKDF.html]=man7/EVP_KDF-HKDF.pod +DEPEND[man/man7/EVP_KDF-HKDF.7]=man7/EVP_KDF-HKDF.pod +GENERATE[man/man7/EVP_KDF-HKDF.7]=man7/EVP_KDF-HKDF.pod +DEPEND[html/man7/EVP_KDF-KB.html]=man7/EVP_KDF-KB.pod +GENERATE[html/man7/EVP_KDF-KB.html]=man7/EVP_KDF-KB.pod +DEPEND[man/man7/EVP_KDF-KB.7]=man7/EVP_KDF-KB.pod +GENERATE[man/man7/EVP_KDF-KB.7]=man7/EVP_KDF-KB.pod +DEPEND[html/man7/EVP_KDF-KRB5KDF.html]=man7/EVP_KDF-KRB5KDF.pod +GENERATE[html/man7/EVP_KDF-KRB5KDF.html]=man7/EVP_KDF-KRB5KDF.pod +DEPEND[man/man7/EVP_KDF-KRB5KDF.7]=man7/EVP_KDF-KRB5KDF.pod +GENERATE[man/man7/EVP_KDF-KRB5KDF.7]=man7/EVP_KDF-KRB5KDF.pod +DEPEND[html/man7/EVP_KDF-PBKDF1.html]=man7/EVP_KDF-PBKDF1.pod +GENERATE[html/man7/EVP_KDF-PBKDF1.html]=man7/EVP_KDF-PBKDF1.pod +DEPEND[man/man7/EVP_KDF-PBKDF1.7]=man7/EVP_KDF-PBKDF1.pod +GENERATE[man/man7/EVP_KDF-PBKDF1.7]=man7/EVP_KDF-PBKDF1.pod +DEPEND[html/man7/EVP_KDF-PBKDF2.html]=man7/EVP_KDF-PBKDF2.pod +GENERATE[html/man7/EVP_KDF-PBKDF2.html]=man7/EVP_KDF-PBKDF2.pod +DEPEND[man/man7/EVP_KDF-PBKDF2.7]=man7/EVP_KDF-PBKDF2.pod +GENERATE[man/man7/EVP_KDF-PBKDF2.7]=man7/EVP_KDF-PBKDF2.pod +DEPEND[html/man7/EVP_KDF-PKCS12KDF.html]=man7/EVP_KDF-PKCS12KDF.pod +GENERATE[html/man7/EVP_KDF-PKCS12KDF.html]=man7/EVP_KDF-PKCS12KDF.pod +DEPEND[man/man7/EVP_KDF-PKCS12KDF.7]=man7/EVP_KDF-PKCS12KDF.pod +GENERATE[man/man7/EVP_KDF-PKCS12KDF.7]=man7/EVP_KDF-PKCS12KDF.pod +DEPEND[html/man7/EVP_KDF-SCRYPT.html]=man7/EVP_KDF-SCRYPT.pod +GENERATE[html/man7/EVP_KDF-SCRYPT.html]=man7/EVP_KDF-SCRYPT.pod +DEPEND[man/man7/EVP_KDF-SCRYPT.7]=man7/EVP_KDF-SCRYPT.pod +GENERATE[man/man7/EVP_KDF-SCRYPT.7]=man7/EVP_KDF-SCRYPT.pod +DEPEND[html/man7/EVP_KDF-SS.html]=man7/EVP_KDF-SS.pod +GENERATE[html/man7/EVP_KDF-SS.html]=man7/EVP_KDF-SS.pod +DEPEND[man/man7/EVP_KDF-SS.7]=man7/EVP_KDF-SS.pod +GENERATE[man/man7/EVP_KDF-SS.7]=man7/EVP_KDF-SS.pod +DEPEND[html/man7/EVP_KDF-SSHKDF.html]=man7/EVP_KDF-SSHKDF.pod +GENERATE[html/man7/EVP_KDF-SSHKDF.html]=man7/EVP_KDF-SSHKDF.pod +DEPEND[man/man7/EVP_KDF-SSHKDF.7]=man7/EVP_KDF-SSHKDF.pod +GENERATE[man/man7/EVP_KDF-SSHKDF.7]=man7/EVP_KDF-SSHKDF.pod +DEPEND[html/man7/EVP_KDF-TLS13_KDF.html]=man7/EVP_KDF-TLS13_KDF.pod +GENERATE[html/man7/EVP_KDF-TLS13_KDF.html]=man7/EVP_KDF-TLS13_KDF.pod +DEPEND[man/man7/EVP_KDF-TLS13_KDF.7]=man7/EVP_KDF-TLS13_KDF.pod +GENERATE[man/man7/EVP_KDF-TLS13_KDF.7]=man7/EVP_KDF-TLS13_KDF.pod +DEPEND[html/man7/EVP_KDF-TLS1_PRF.html]=man7/EVP_KDF-TLS1_PRF.pod +GENERATE[html/man7/EVP_KDF-TLS1_PRF.html]=man7/EVP_KDF-TLS1_PRF.pod +DEPEND[man/man7/EVP_KDF-TLS1_PRF.7]=man7/EVP_KDF-TLS1_PRF.pod +GENERATE[man/man7/EVP_KDF-TLS1_PRF.7]=man7/EVP_KDF-TLS1_PRF.pod +DEPEND[html/man7/EVP_KDF-X942-ASN1.html]=man7/EVP_KDF-X942-ASN1.pod +GENERATE[html/man7/EVP_KDF-X942-ASN1.html]=man7/EVP_KDF-X942-ASN1.pod +DEPEND[man/man7/EVP_KDF-X942-ASN1.7]=man7/EVP_KDF-X942-ASN1.pod +GENERATE[man/man7/EVP_KDF-X942-ASN1.7]=man7/EVP_KDF-X942-ASN1.pod +DEPEND[html/man7/EVP_KDF-X942-CONCAT.html]=man7/EVP_KDF-X942-CONCAT.pod +GENERATE[html/man7/EVP_KDF-X942-CONCAT.html]=man7/EVP_KDF-X942-CONCAT.pod +DEPEND[man/man7/EVP_KDF-X942-CONCAT.7]=man7/EVP_KDF-X942-CONCAT.pod +GENERATE[man/man7/EVP_KDF-X942-CONCAT.7]=man7/EVP_KDF-X942-CONCAT.pod +DEPEND[html/man7/EVP_KDF-X963.html]=man7/EVP_KDF-X963.pod +GENERATE[html/man7/EVP_KDF-X963.html]=man7/EVP_KDF-X963.pod +DEPEND[man/man7/EVP_KDF-X963.7]=man7/EVP_KDF-X963.pod +GENERATE[man/man7/EVP_KDF-X963.7]=man7/EVP_KDF-X963.pod +DEPEND[html/man7/EVP_KEM-RSA.html]=man7/EVP_KEM-RSA.pod +GENERATE[html/man7/EVP_KEM-RSA.html]=man7/EVP_KEM-RSA.pod +DEPEND[man/man7/EVP_KEM-RSA.7]=man7/EVP_KEM-RSA.pod +GENERATE[man/man7/EVP_KEM-RSA.7]=man7/EVP_KEM-RSA.pod +DEPEND[html/man7/EVP_KEYEXCH-DH.html]=man7/EVP_KEYEXCH-DH.pod +GENERATE[html/man7/EVP_KEYEXCH-DH.html]=man7/EVP_KEYEXCH-DH.pod +DEPEND[man/man7/EVP_KEYEXCH-DH.7]=man7/EVP_KEYEXCH-DH.pod +GENERATE[man/man7/EVP_KEYEXCH-DH.7]=man7/EVP_KEYEXCH-DH.pod +DEPEND[html/man7/EVP_KEYEXCH-ECDH.html]=man7/EVP_KEYEXCH-ECDH.pod +GENERATE[html/man7/EVP_KEYEXCH-ECDH.html]=man7/EVP_KEYEXCH-ECDH.pod +DEPEND[man/man7/EVP_KEYEXCH-ECDH.7]=man7/EVP_KEYEXCH-ECDH.pod +GENERATE[man/man7/EVP_KEYEXCH-ECDH.7]=man7/EVP_KEYEXCH-ECDH.pod +DEPEND[html/man7/EVP_KEYEXCH-X25519.html]=man7/EVP_KEYEXCH-X25519.pod +GENERATE[html/man7/EVP_KEYEXCH-X25519.html]=man7/EVP_KEYEXCH-X25519.pod +DEPEND[man/man7/EVP_KEYEXCH-X25519.7]=man7/EVP_KEYEXCH-X25519.pod +GENERATE[man/man7/EVP_KEYEXCH-X25519.7]=man7/EVP_KEYEXCH-X25519.pod +DEPEND[html/man7/EVP_MAC-BLAKE2.html]=man7/EVP_MAC-BLAKE2.pod +GENERATE[html/man7/EVP_MAC-BLAKE2.html]=man7/EVP_MAC-BLAKE2.pod +DEPEND[man/man7/EVP_MAC-BLAKE2.7]=man7/EVP_MAC-BLAKE2.pod +GENERATE[man/man7/EVP_MAC-BLAKE2.7]=man7/EVP_MAC-BLAKE2.pod +DEPEND[html/man7/EVP_MAC-CMAC.html]=man7/EVP_MAC-CMAC.pod +GENERATE[html/man7/EVP_MAC-CMAC.html]=man7/EVP_MAC-CMAC.pod +DEPEND[man/man7/EVP_MAC-CMAC.7]=man7/EVP_MAC-CMAC.pod +GENERATE[man/man7/EVP_MAC-CMAC.7]=man7/EVP_MAC-CMAC.pod +DEPEND[html/man7/EVP_MAC-GMAC.html]=man7/EVP_MAC-GMAC.pod +GENERATE[html/man7/EVP_MAC-GMAC.html]=man7/EVP_MAC-GMAC.pod +DEPEND[man/man7/EVP_MAC-GMAC.7]=man7/EVP_MAC-GMAC.pod +GENERATE[man/man7/EVP_MAC-GMAC.7]=man7/EVP_MAC-GMAC.pod +DEPEND[html/man7/EVP_MAC-HMAC.html]=man7/EVP_MAC-HMAC.pod +GENERATE[html/man7/EVP_MAC-HMAC.html]=man7/EVP_MAC-HMAC.pod +DEPEND[man/man7/EVP_MAC-HMAC.7]=man7/EVP_MAC-HMAC.pod +GENERATE[man/man7/EVP_MAC-HMAC.7]=man7/EVP_MAC-HMAC.pod +DEPEND[html/man7/EVP_MAC-KMAC.html]=man7/EVP_MAC-KMAC.pod +GENERATE[html/man7/EVP_MAC-KMAC.html]=man7/EVP_MAC-KMAC.pod +DEPEND[man/man7/EVP_MAC-KMAC.7]=man7/EVP_MAC-KMAC.pod +GENERATE[man/man7/EVP_MAC-KMAC.7]=man7/EVP_MAC-KMAC.pod +DEPEND[html/man7/EVP_MAC-Poly1305.html]=man7/EVP_MAC-Poly1305.pod +GENERATE[html/man7/EVP_MAC-Poly1305.html]=man7/EVP_MAC-Poly1305.pod +DEPEND[man/man7/EVP_MAC-Poly1305.7]=man7/EVP_MAC-Poly1305.pod +GENERATE[man/man7/EVP_MAC-Poly1305.7]=man7/EVP_MAC-Poly1305.pod +DEPEND[html/man7/EVP_MAC-Siphash.html]=man7/EVP_MAC-Siphash.pod +GENERATE[html/man7/EVP_MAC-Siphash.html]=man7/EVP_MAC-Siphash.pod +DEPEND[man/man7/EVP_MAC-Siphash.7]=man7/EVP_MAC-Siphash.pod +GENERATE[man/man7/EVP_MAC-Siphash.7]=man7/EVP_MAC-Siphash.pod +DEPEND[html/man7/EVP_MD-BLAKE2.html]=man7/EVP_MD-BLAKE2.pod +GENERATE[html/man7/EVP_MD-BLAKE2.html]=man7/EVP_MD-BLAKE2.pod +DEPEND[man/man7/EVP_MD-BLAKE2.7]=man7/EVP_MD-BLAKE2.pod +GENERATE[man/man7/EVP_MD-BLAKE2.7]=man7/EVP_MD-BLAKE2.pod +DEPEND[html/man7/EVP_MD-MD2.html]=man7/EVP_MD-MD2.pod +GENERATE[html/man7/EVP_MD-MD2.html]=man7/EVP_MD-MD2.pod +DEPEND[man/man7/EVP_MD-MD2.7]=man7/EVP_MD-MD2.pod +GENERATE[man/man7/EVP_MD-MD2.7]=man7/EVP_MD-MD2.pod +DEPEND[html/man7/EVP_MD-MD4.html]=man7/EVP_MD-MD4.pod +GENERATE[html/man7/EVP_MD-MD4.html]=man7/EVP_MD-MD4.pod +DEPEND[man/man7/EVP_MD-MD4.7]=man7/EVP_MD-MD4.pod +GENERATE[man/man7/EVP_MD-MD4.7]=man7/EVP_MD-MD4.pod +DEPEND[html/man7/EVP_MD-MD5-SHA1.html]=man7/EVP_MD-MD5-SHA1.pod +GENERATE[html/man7/EVP_MD-MD5-SHA1.html]=man7/EVP_MD-MD5-SHA1.pod +DEPEND[man/man7/EVP_MD-MD5-SHA1.7]=man7/EVP_MD-MD5-SHA1.pod +GENERATE[man/man7/EVP_MD-MD5-SHA1.7]=man7/EVP_MD-MD5-SHA1.pod +DEPEND[html/man7/EVP_MD-MD5.html]=man7/EVP_MD-MD5.pod +GENERATE[html/man7/EVP_MD-MD5.html]=man7/EVP_MD-MD5.pod +DEPEND[man/man7/EVP_MD-MD5.7]=man7/EVP_MD-MD5.pod +GENERATE[man/man7/EVP_MD-MD5.7]=man7/EVP_MD-MD5.pod +DEPEND[html/man7/EVP_MD-MDC2.html]=man7/EVP_MD-MDC2.pod +GENERATE[html/man7/EVP_MD-MDC2.html]=man7/EVP_MD-MDC2.pod +DEPEND[man/man7/EVP_MD-MDC2.7]=man7/EVP_MD-MDC2.pod +GENERATE[man/man7/EVP_MD-MDC2.7]=man7/EVP_MD-MDC2.pod +DEPEND[html/man7/EVP_MD-NULL.html]=man7/EVP_MD-NULL.pod +GENERATE[html/man7/EVP_MD-NULL.html]=man7/EVP_MD-NULL.pod +DEPEND[man/man7/EVP_MD-NULL.7]=man7/EVP_MD-NULL.pod +GENERATE[man/man7/EVP_MD-NULL.7]=man7/EVP_MD-NULL.pod +DEPEND[html/man7/EVP_MD-RIPEMD160.html]=man7/EVP_MD-RIPEMD160.pod +GENERATE[html/man7/EVP_MD-RIPEMD160.html]=man7/EVP_MD-RIPEMD160.pod +DEPEND[man/man7/EVP_MD-RIPEMD160.7]=man7/EVP_MD-RIPEMD160.pod +GENERATE[man/man7/EVP_MD-RIPEMD160.7]=man7/EVP_MD-RIPEMD160.pod +DEPEND[html/man7/EVP_MD-SHA1.html]=man7/EVP_MD-SHA1.pod +GENERATE[html/man7/EVP_MD-SHA1.html]=man7/EVP_MD-SHA1.pod +DEPEND[man/man7/EVP_MD-SHA1.7]=man7/EVP_MD-SHA1.pod +GENERATE[man/man7/EVP_MD-SHA1.7]=man7/EVP_MD-SHA1.pod +DEPEND[html/man7/EVP_MD-SHA2.html]=man7/EVP_MD-SHA2.pod +GENERATE[html/man7/EVP_MD-SHA2.html]=man7/EVP_MD-SHA2.pod +DEPEND[man/man7/EVP_MD-SHA2.7]=man7/EVP_MD-SHA2.pod +GENERATE[man/man7/EVP_MD-SHA2.7]=man7/EVP_MD-SHA2.pod +DEPEND[html/man7/EVP_MD-SHA3.html]=man7/EVP_MD-SHA3.pod +GENERATE[html/man7/EVP_MD-SHA3.html]=man7/EVP_MD-SHA3.pod +DEPEND[man/man7/EVP_MD-SHA3.7]=man7/EVP_MD-SHA3.pod +GENERATE[man/man7/EVP_MD-SHA3.7]=man7/EVP_MD-SHA3.pod +DEPEND[html/man7/EVP_MD-SHAKE.html]=man7/EVP_MD-SHAKE.pod +GENERATE[html/man7/EVP_MD-SHAKE.html]=man7/EVP_MD-SHAKE.pod +DEPEND[man/man7/EVP_MD-SHAKE.7]=man7/EVP_MD-SHAKE.pod +GENERATE[man/man7/EVP_MD-SHAKE.7]=man7/EVP_MD-SHAKE.pod +DEPEND[html/man7/EVP_MD-SM3.html]=man7/EVP_MD-SM3.pod +GENERATE[html/man7/EVP_MD-SM3.html]=man7/EVP_MD-SM3.pod +DEPEND[man/man7/EVP_MD-SM3.7]=man7/EVP_MD-SM3.pod +GENERATE[man/man7/EVP_MD-SM3.7]=man7/EVP_MD-SM3.pod +DEPEND[html/man7/EVP_MD-WHIRLPOOL.html]=man7/EVP_MD-WHIRLPOOL.pod +GENERATE[html/man7/EVP_MD-WHIRLPOOL.html]=man7/EVP_MD-WHIRLPOOL.pod +DEPEND[man/man7/EVP_MD-WHIRLPOOL.7]=man7/EVP_MD-WHIRLPOOL.pod +GENERATE[man/man7/EVP_MD-WHIRLPOOL.7]=man7/EVP_MD-WHIRLPOOL.pod +DEPEND[html/man7/EVP_MD-common.html]=man7/EVP_MD-common.pod +GENERATE[html/man7/EVP_MD-common.html]=man7/EVP_MD-common.pod +DEPEND[man/man7/EVP_MD-common.7]=man7/EVP_MD-common.pod +GENERATE[man/man7/EVP_MD-common.7]=man7/EVP_MD-common.pod +DEPEND[html/man7/EVP_PKEY-DH.html]=man7/EVP_PKEY-DH.pod +GENERATE[html/man7/EVP_PKEY-DH.html]=man7/EVP_PKEY-DH.pod +DEPEND[man/man7/EVP_PKEY-DH.7]=man7/EVP_PKEY-DH.pod +GENERATE[man/man7/EVP_PKEY-DH.7]=man7/EVP_PKEY-DH.pod +DEPEND[html/man7/EVP_PKEY-DSA.html]=man7/EVP_PKEY-DSA.pod +GENERATE[html/man7/EVP_PKEY-DSA.html]=man7/EVP_PKEY-DSA.pod +DEPEND[man/man7/EVP_PKEY-DSA.7]=man7/EVP_PKEY-DSA.pod +GENERATE[man/man7/EVP_PKEY-DSA.7]=man7/EVP_PKEY-DSA.pod +DEPEND[html/man7/EVP_PKEY-EC.html]=man7/EVP_PKEY-EC.pod +GENERATE[html/man7/EVP_PKEY-EC.html]=man7/EVP_PKEY-EC.pod +DEPEND[man/man7/EVP_PKEY-EC.7]=man7/EVP_PKEY-EC.pod +GENERATE[man/man7/EVP_PKEY-EC.7]=man7/EVP_PKEY-EC.pod +DEPEND[html/man7/EVP_PKEY-FFC.html]=man7/EVP_PKEY-FFC.pod +GENERATE[html/man7/EVP_PKEY-FFC.html]=man7/EVP_PKEY-FFC.pod +DEPEND[man/man7/EVP_PKEY-FFC.7]=man7/EVP_PKEY-FFC.pod +GENERATE[man/man7/EVP_PKEY-FFC.7]=man7/EVP_PKEY-FFC.pod +DEPEND[html/man7/EVP_PKEY-HMAC.html]=man7/EVP_PKEY-HMAC.pod +GENERATE[html/man7/EVP_PKEY-HMAC.html]=man7/EVP_PKEY-HMAC.pod +DEPEND[man/man7/EVP_PKEY-HMAC.7]=man7/EVP_PKEY-HMAC.pod +GENERATE[man/man7/EVP_PKEY-HMAC.7]=man7/EVP_PKEY-HMAC.pod +DEPEND[html/man7/EVP_PKEY-RSA.html]=man7/EVP_PKEY-RSA.pod +GENERATE[html/man7/EVP_PKEY-RSA.html]=man7/EVP_PKEY-RSA.pod +DEPEND[man/man7/EVP_PKEY-RSA.7]=man7/EVP_PKEY-RSA.pod +GENERATE[man/man7/EVP_PKEY-RSA.7]=man7/EVP_PKEY-RSA.pod +DEPEND[html/man7/EVP_PKEY-SM2.html]=man7/EVP_PKEY-SM2.pod +GENERATE[html/man7/EVP_PKEY-SM2.html]=man7/EVP_PKEY-SM2.pod +DEPEND[man/man7/EVP_PKEY-SM2.7]=man7/EVP_PKEY-SM2.pod +GENERATE[man/man7/EVP_PKEY-SM2.7]=man7/EVP_PKEY-SM2.pod +DEPEND[html/man7/EVP_PKEY-X25519.html]=man7/EVP_PKEY-X25519.pod +GENERATE[html/man7/EVP_PKEY-X25519.html]=man7/EVP_PKEY-X25519.pod +DEPEND[man/man7/EVP_PKEY-X25519.7]=man7/EVP_PKEY-X25519.pod +GENERATE[man/man7/EVP_PKEY-X25519.7]=man7/EVP_PKEY-X25519.pod +DEPEND[html/man7/EVP_RAND-CTR-DRBG.html]=man7/EVP_RAND-CTR-DRBG.pod +GENERATE[html/man7/EVP_RAND-CTR-DRBG.html]=man7/EVP_RAND-CTR-DRBG.pod +DEPEND[man/man7/EVP_RAND-CTR-DRBG.7]=man7/EVP_RAND-CTR-DRBG.pod +GENERATE[man/man7/EVP_RAND-CTR-DRBG.7]=man7/EVP_RAND-CTR-DRBG.pod +DEPEND[html/man7/EVP_RAND-HASH-DRBG.html]=man7/EVP_RAND-HASH-DRBG.pod +GENERATE[html/man7/EVP_RAND-HASH-DRBG.html]=man7/EVP_RAND-HASH-DRBG.pod +DEPEND[man/man7/EVP_RAND-HASH-DRBG.7]=man7/EVP_RAND-HASH-DRBG.pod +GENERATE[man/man7/EVP_RAND-HASH-DRBG.7]=man7/EVP_RAND-HASH-DRBG.pod +DEPEND[html/man7/EVP_RAND-HMAC-DRBG.html]=man7/EVP_RAND-HMAC-DRBG.pod +GENERATE[html/man7/EVP_RAND-HMAC-DRBG.html]=man7/EVP_RAND-HMAC-DRBG.pod +DEPEND[man/man7/EVP_RAND-HMAC-DRBG.7]=man7/EVP_RAND-HMAC-DRBG.pod +GENERATE[man/man7/EVP_RAND-HMAC-DRBG.7]=man7/EVP_RAND-HMAC-DRBG.pod +DEPEND[html/man7/EVP_RAND-SEED-SRC.html]=man7/EVP_RAND-SEED-SRC.pod +GENERATE[html/man7/EVP_RAND-SEED-SRC.html]=man7/EVP_RAND-SEED-SRC.pod +DEPEND[man/man7/EVP_RAND-SEED-SRC.7]=man7/EVP_RAND-SEED-SRC.pod +GENERATE[man/man7/EVP_RAND-SEED-SRC.7]=man7/EVP_RAND-SEED-SRC.pod +DEPEND[html/man7/EVP_RAND-TEST-RAND.html]=man7/EVP_RAND-TEST-RAND.pod +GENERATE[html/man7/EVP_RAND-TEST-RAND.html]=man7/EVP_RAND-TEST-RAND.pod +DEPEND[man/man7/EVP_RAND-TEST-RAND.7]=man7/EVP_RAND-TEST-RAND.pod +GENERATE[man/man7/EVP_RAND-TEST-RAND.7]=man7/EVP_RAND-TEST-RAND.pod +DEPEND[html/man7/EVP_RAND.html]=man7/EVP_RAND.pod +GENERATE[html/man7/EVP_RAND.html]=man7/EVP_RAND.pod +DEPEND[man/man7/EVP_RAND.7]=man7/EVP_RAND.pod +GENERATE[man/man7/EVP_RAND.7]=man7/EVP_RAND.pod +DEPEND[html/man7/EVP_SIGNATURE-DSA.html]=man7/EVP_SIGNATURE-DSA.pod +GENERATE[html/man7/EVP_SIGNATURE-DSA.html]=man7/EVP_SIGNATURE-DSA.pod +DEPEND[man/man7/EVP_SIGNATURE-DSA.7]=man7/EVP_SIGNATURE-DSA.pod +GENERATE[man/man7/EVP_SIGNATURE-DSA.7]=man7/EVP_SIGNATURE-DSA.pod +DEPEND[html/man7/EVP_SIGNATURE-ECDSA.html]=man7/EVP_SIGNATURE-ECDSA.pod +GENERATE[html/man7/EVP_SIGNATURE-ECDSA.html]=man7/EVP_SIGNATURE-ECDSA.pod +DEPEND[man/man7/EVP_SIGNATURE-ECDSA.7]=man7/EVP_SIGNATURE-ECDSA.pod +GENERATE[man/man7/EVP_SIGNATURE-ECDSA.7]=man7/EVP_SIGNATURE-ECDSA.pod +DEPEND[html/man7/EVP_SIGNATURE-ED25519.html]=man7/EVP_SIGNATURE-ED25519.pod +GENERATE[html/man7/EVP_SIGNATURE-ED25519.html]=man7/EVP_SIGNATURE-ED25519.pod +DEPEND[man/man7/EVP_SIGNATURE-ED25519.7]=man7/EVP_SIGNATURE-ED25519.pod +GENERATE[man/man7/EVP_SIGNATURE-ED25519.7]=man7/EVP_SIGNATURE-ED25519.pod +DEPEND[html/man7/EVP_SIGNATURE-HMAC.html]=man7/EVP_SIGNATURE-HMAC.pod +GENERATE[html/man7/EVP_SIGNATURE-HMAC.html]=man7/EVP_SIGNATURE-HMAC.pod +DEPEND[man/man7/EVP_SIGNATURE-HMAC.7]=man7/EVP_SIGNATURE-HMAC.pod +GENERATE[man/man7/EVP_SIGNATURE-HMAC.7]=man7/EVP_SIGNATURE-HMAC.pod +DEPEND[html/man7/EVP_SIGNATURE-RSA.html]=man7/EVP_SIGNATURE-RSA.pod +GENERATE[html/man7/EVP_SIGNATURE-RSA.html]=man7/EVP_SIGNATURE-RSA.pod +DEPEND[man/man7/EVP_SIGNATURE-RSA.7]=man7/EVP_SIGNATURE-RSA.pod +GENERATE[man/man7/EVP_SIGNATURE-RSA.7]=man7/EVP_SIGNATURE-RSA.pod +DEPEND[html/man7/OSSL_PROVIDER-FIPS.html]=man7/OSSL_PROVIDER-FIPS.pod +GENERATE[html/man7/OSSL_PROVIDER-FIPS.html]=man7/OSSL_PROVIDER-FIPS.pod +DEPEND[man/man7/OSSL_PROVIDER-FIPS.7]=man7/OSSL_PROVIDER-FIPS.pod +GENERATE[man/man7/OSSL_PROVIDER-FIPS.7]=man7/OSSL_PROVIDER-FIPS.pod +DEPEND[html/man7/OSSL_PROVIDER-base.html]=man7/OSSL_PROVIDER-base.pod +GENERATE[html/man7/OSSL_PROVIDER-base.html]=man7/OSSL_PROVIDER-base.pod +DEPEND[man/man7/OSSL_PROVIDER-base.7]=man7/OSSL_PROVIDER-base.pod +GENERATE[man/man7/OSSL_PROVIDER-base.7]=man7/OSSL_PROVIDER-base.pod +DEPEND[html/man7/OSSL_PROVIDER-default.html]=man7/OSSL_PROVIDER-default.pod +GENERATE[html/man7/OSSL_PROVIDER-default.html]=man7/OSSL_PROVIDER-default.pod +DEPEND[man/man7/OSSL_PROVIDER-default.7]=man7/OSSL_PROVIDER-default.pod +GENERATE[man/man7/OSSL_PROVIDER-default.7]=man7/OSSL_PROVIDER-default.pod +DEPEND[html/man7/OSSL_PROVIDER-legacy.html]=man7/OSSL_PROVIDER-legacy.pod +GENERATE[html/man7/OSSL_PROVIDER-legacy.html]=man7/OSSL_PROVIDER-legacy.pod +DEPEND[man/man7/OSSL_PROVIDER-legacy.7]=man7/OSSL_PROVIDER-legacy.pod +GENERATE[man/man7/OSSL_PROVIDER-legacy.7]=man7/OSSL_PROVIDER-legacy.pod +DEPEND[html/man7/OSSL_PROVIDER-null.html]=man7/OSSL_PROVIDER-null.pod +GENERATE[html/man7/OSSL_PROVIDER-null.html]=man7/OSSL_PROVIDER-null.pod +DEPEND[man/man7/OSSL_PROVIDER-null.7]=man7/OSSL_PROVIDER-null.pod +GENERATE[man/man7/OSSL_PROVIDER-null.7]=man7/OSSL_PROVIDER-null.pod +DEPEND[html/man7/RAND.html]=man7/RAND.pod +GENERATE[html/man7/RAND.html]=man7/RAND.pod +DEPEND[man/man7/RAND.7]=man7/RAND.pod +GENERATE[man/man7/RAND.7]=man7/RAND.pod +DEPEND[html/man7/RSA-PSS.html]=man7/RSA-PSS.pod +GENERATE[html/man7/RSA-PSS.html]=man7/RSA-PSS.pod +DEPEND[man/man7/RSA-PSS.7]=man7/RSA-PSS.pod +GENERATE[man/man7/RSA-PSS.7]=man7/RSA-PSS.pod +DEPEND[html/man7/X25519.html]=man7/X25519.pod +GENERATE[html/man7/X25519.html]=man7/X25519.pod +DEPEND[man/man7/X25519.7]=man7/X25519.pod +GENERATE[man/man7/X25519.7]=man7/X25519.pod +DEPEND[html/man7/bio.html]=man7/bio.pod +GENERATE[html/man7/bio.html]=man7/bio.pod +DEPEND[man/man7/bio.7]=man7/bio.pod +GENERATE[man/man7/bio.7]=man7/bio.pod +DEPEND[html/man7/crypto.html]=man7/crypto.pod +GENERATE[html/man7/crypto.html]=man7/crypto.pod +DEPEND[man/man7/crypto.7]=man7/crypto.pod +GENERATE[man/man7/crypto.7]=man7/crypto.pod +DEPEND[html/man7/ct.html]=man7/ct.pod +GENERATE[html/man7/ct.html]=man7/ct.pod +DEPEND[man/man7/ct.7]=man7/ct.pod +GENERATE[man/man7/ct.7]=man7/ct.pod +DEPEND[html/man7/des_modes.html]=man7/des_modes.pod +GENERATE[html/man7/des_modes.html]=man7/des_modes.pod +DEPEND[man/man7/des_modes.7]=man7/des_modes.pod +GENERATE[man/man7/des_modes.7]=man7/des_modes.pod +DEPEND[html/man7/evp.html]=man7/evp.pod +GENERATE[html/man7/evp.html]=man7/evp.pod +DEPEND[man/man7/evp.7]=man7/evp.pod +GENERATE[man/man7/evp.7]=man7/evp.pod +DEPEND[html/man7/fips_module.html]=man7/fips_module.pod +GENERATE[html/man7/fips_module.html]=man7/fips_module.pod +DEPEND[man/man7/fips_module.7]=man7/fips_module.pod +GENERATE[man/man7/fips_module.7]=man7/fips_module.pod +DEPEND[html/man7/life_cycle-cipher.html]=man7/life_cycle-cipher.pod +GENERATE[html/man7/life_cycle-cipher.html]=man7/life_cycle-cipher.pod +DEPEND[man/man7/life_cycle-cipher.7]=man7/life_cycle-cipher.pod +GENERATE[man/man7/life_cycle-cipher.7]=man7/life_cycle-cipher.pod +DEPEND[html/man7/life_cycle-digest.html]=man7/life_cycle-digest.pod +GENERATE[html/man7/life_cycle-digest.html]=man7/life_cycle-digest.pod +DEPEND[man/man7/life_cycle-digest.7]=man7/life_cycle-digest.pod +GENERATE[man/man7/life_cycle-digest.7]=man7/life_cycle-digest.pod +DEPEND[html/man7/life_cycle-kdf.html]=man7/life_cycle-kdf.pod +GENERATE[html/man7/life_cycle-kdf.html]=man7/life_cycle-kdf.pod +DEPEND[man/man7/life_cycle-kdf.7]=man7/life_cycle-kdf.pod +GENERATE[man/man7/life_cycle-kdf.7]=man7/life_cycle-kdf.pod +DEPEND[html/man7/life_cycle-mac.html]=man7/life_cycle-mac.pod +GENERATE[html/man7/life_cycle-mac.html]=man7/life_cycle-mac.pod +DEPEND[man/man7/life_cycle-mac.7]=man7/life_cycle-mac.pod +GENERATE[man/man7/life_cycle-mac.7]=man7/life_cycle-mac.pod +DEPEND[html/man7/life_cycle-pkey.html]=man7/life_cycle-pkey.pod +GENERATE[html/man7/life_cycle-pkey.html]=man7/life_cycle-pkey.pod +DEPEND[man/man7/life_cycle-pkey.7]=man7/life_cycle-pkey.pod +GENERATE[man/man7/life_cycle-pkey.7]=man7/life_cycle-pkey.pod +DEPEND[html/man7/life_cycle-rand.html]=man7/life_cycle-rand.pod +GENERATE[html/man7/life_cycle-rand.html]=man7/life_cycle-rand.pod +DEPEND[man/man7/life_cycle-rand.7]=man7/life_cycle-rand.pod +GENERATE[man/man7/life_cycle-rand.7]=man7/life_cycle-rand.pod +DEPEND[html/man7/migration_guide.html]=man7/migration_guide.pod +GENERATE[html/man7/migration_guide.html]=man7/migration_guide.pod +DEPEND[man/man7/migration_guide.7]=man7/migration_guide.pod +GENERATE[man/man7/migration_guide.7]=man7/migration_guide.pod +DEPEND[html/man7/openssl-core.h.html]=man7/openssl-core.h.pod +GENERATE[html/man7/openssl-core.h.html]=man7/openssl-core.h.pod +DEPEND[man/man7/openssl-core.h.7]=man7/openssl-core.h.pod +GENERATE[man/man7/openssl-core.h.7]=man7/openssl-core.h.pod +DEPEND[html/man7/openssl-core_dispatch.h.html]=man7/openssl-core_dispatch.h.pod +GENERATE[html/man7/openssl-core_dispatch.h.html]=man7/openssl-core_dispatch.h.pod +DEPEND[man/man7/openssl-core_dispatch.h.7]=man7/openssl-core_dispatch.h.pod +GENERATE[man/man7/openssl-core_dispatch.h.7]=man7/openssl-core_dispatch.h.pod +DEPEND[html/man7/openssl-core_names.h.html]=man7/openssl-core_names.h.pod +GENERATE[html/man7/openssl-core_names.h.html]=man7/openssl-core_names.h.pod +DEPEND[man/man7/openssl-core_names.h.7]=man7/openssl-core_names.h.pod +GENERATE[man/man7/openssl-core_names.h.7]=man7/openssl-core_names.h.pod +DEPEND[html/man7/openssl-env.html]=man7/openssl-env.pod +GENERATE[html/man7/openssl-env.html]=man7/openssl-env.pod +DEPEND[man/man7/openssl-env.7]=man7/openssl-env.pod +GENERATE[man/man7/openssl-env.7]=man7/openssl-env.pod +DEPEND[html/man7/openssl-glossary.html]=man7/openssl-glossary.pod +GENERATE[html/man7/openssl-glossary.html]=man7/openssl-glossary.pod +DEPEND[man/man7/openssl-glossary.7]=man7/openssl-glossary.pod +GENERATE[man/man7/openssl-glossary.7]=man7/openssl-glossary.pod +DEPEND[html/man7/openssl-threads.html]=man7/openssl-threads.pod +GENERATE[html/man7/openssl-threads.html]=man7/openssl-threads.pod +DEPEND[man/man7/openssl-threads.7]=man7/openssl-threads.pod +GENERATE[man/man7/openssl-threads.7]=man7/openssl-threads.pod +DEPEND[html/man7/openssl_user_macros.html]=man7/openssl_user_macros.pod +GENERATE[html/man7/openssl_user_macros.html]=man7/openssl_user_macros.pod +DEPEND[man/man7/openssl_user_macros.7]=man7/openssl_user_macros.pod +GENERATE[man/man7/openssl_user_macros.7]=man7/openssl_user_macros.pod +DEPEND[man7/openssl_user_macros.pod]{pod}=man7/openssl_user_macros.pod.in +GENERATE[man7/openssl_user_macros.pod]=man7/openssl_user_macros.pod.in +DEPEND[html/man7/ossl_store-file.html]=man7/ossl_store-file.pod +GENERATE[html/man7/ossl_store-file.html]=man7/ossl_store-file.pod +DEPEND[man/man7/ossl_store-file.7]=man7/ossl_store-file.pod +GENERATE[man/man7/ossl_store-file.7]=man7/ossl_store-file.pod +DEPEND[html/man7/ossl_store.html]=man7/ossl_store.pod +GENERATE[html/man7/ossl_store.html]=man7/ossl_store.pod +DEPEND[man/man7/ossl_store.7]=man7/ossl_store.pod +GENERATE[man/man7/ossl_store.7]=man7/ossl_store.pod +DEPEND[html/man7/passphrase-encoding.html]=man7/passphrase-encoding.pod +GENERATE[html/man7/passphrase-encoding.html]=man7/passphrase-encoding.pod +DEPEND[man/man7/passphrase-encoding.7]=man7/passphrase-encoding.pod +GENERATE[man/man7/passphrase-encoding.7]=man7/passphrase-encoding.pod +DEPEND[html/man7/property.html]=man7/property.pod +GENERATE[html/man7/property.html]=man7/property.pod +DEPEND[man/man7/property.7]=man7/property.pod +GENERATE[man/man7/property.7]=man7/property.pod +DEPEND[html/man7/provider-asym_cipher.html]=man7/provider-asym_cipher.pod +GENERATE[html/man7/provider-asym_cipher.html]=man7/provider-asym_cipher.pod +DEPEND[man/man7/provider-asym_cipher.7]=man7/provider-asym_cipher.pod +GENERATE[man/man7/provider-asym_cipher.7]=man7/provider-asym_cipher.pod +DEPEND[html/man7/provider-base.html]=man7/provider-base.pod +GENERATE[html/man7/provider-base.html]=man7/provider-base.pod +DEPEND[man/man7/provider-base.7]=man7/provider-base.pod +GENERATE[man/man7/provider-base.7]=man7/provider-base.pod +DEPEND[html/man7/provider-cipher.html]=man7/provider-cipher.pod +GENERATE[html/man7/provider-cipher.html]=man7/provider-cipher.pod +DEPEND[man/man7/provider-cipher.7]=man7/provider-cipher.pod +GENERATE[man/man7/provider-cipher.7]=man7/provider-cipher.pod +DEPEND[html/man7/provider-decoder.html]=man7/provider-decoder.pod +GENERATE[html/man7/provider-decoder.html]=man7/provider-decoder.pod +DEPEND[man/man7/provider-decoder.7]=man7/provider-decoder.pod +GENERATE[man/man7/provider-decoder.7]=man7/provider-decoder.pod +DEPEND[html/man7/provider-digest.html]=man7/provider-digest.pod +GENERATE[html/man7/provider-digest.html]=man7/provider-digest.pod +DEPEND[man/man7/provider-digest.7]=man7/provider-digest.pod +GENERATE[man/man7/provider-digest.7]=man7/provider-digest.pod +DEPEND[html/man7/provider-encoder.html]=man7/provider-encoder.pod +GENERATE[html/man7/provider-encoder.html]=man7/provider-encoder.pod +DEPEND[man/man7/provider-encoder.7]=man7/provider-encoder.pod +GENERATE[man/man7/provider-encoder.7]=man7/provider-encoder.pod +DEPEND[html/man7/provider-kdf.html]=man7/provider-kdf.pod +GENERATE[html/man7/provider-kdf.html]=man7/provider-kdf.pod +DEPEND[man/man7/provider-kdf.7]=man7/provider-kdf.pod +GENERATE[man/man7/provider-kdf.7]=man7/provider-kdf.pod +DEPEND[html/man7/provider-kem.html]=man7/provider-kem.pod +GENERATE[html/man7/provider-kem.html]=man7/provider-kem.pod +DEPEND[man/man7/provider-kem.7]=man7/provider-kem.pod +GENERATE[man/man7/provider-kem.7]=man7/provider-kem.pod +DEPEND[html/man7/provider-keyexch.html]=man7/provider-keyexch.pod +GENERATE[html/man7/provider-keyexch.html]=man7/provider-keyexch.pod +DEPEND[man/man7/provider-keyexch.7]=man7/provider-keyexch.pod +GENERATE[man/man7/provider-keyexch.7]=man7/provider-keyexch.pod +DEPEND[html/man7/provider-keymgmt.html]=man7/provider-keymgmt.pod +GENERATE[html/man7/provider-keymgmt.html]=man7/provider-keymgmt.pod +DEPEND[man/man7/provider-keymgmt.7]=man7/provider-keymgmt.pod +GENERATE[man/man7/provider-keymgmt.7]=man7/provider-keymgmt.pod +DEPEND[html/man7/provider-mac.html]=man7/provider-mac.pod +GENERATE[html/man7/provider-mac.html]=man7/provider-mac.pod +DEPEND[man/man7/provider-mac.7]=man7/provider-mac.pod +GENERATE[man/man7/provider-mac.7]=man7/provider-mac.pod +DEPEND[html/man7/provider-object.html]=man7/provider-object.pod +GENERATE[html/man7/provider-object.html]=man7/provider-object.pod +DEPEND[man/man7/provider-object.7]=man7/provider-object.pod +GENERATE[man/man7/provider-object.7]=man7/provider-object.pod +DEPEND[html/man7/provider-rand.html]=man7/provider-rand.pod +GENERATE[html/man7/provider-rand.html]=man7/provider-rand.pod +DEPEND[man/man7/provider-rand.7]=man7/provider-rand.pod +GENERATE[man/man7/provider-rand.7]=man7/provider-rand.pod +DEPEND[html/man7/provider-signature.html]=man7/provider-signature.pod +GENERATE[html/man7/provider-signature.html]=man7/provider-signature.pod +DEPEND[man/man7/provider-signature.7]=man7/provider-signature.pod +GENERATE[man/man7/provider-signature.7]=man7/provider-signature.pod +DEPEND[html/man7/provider-storemgmt.html]=man7/provider-storemgmt.pod +GENERATE[html/man7/provider-storemgmt.html]=man7/provider-storemgmt.pod +DEPEND[man/man7/provider-storemgmt.7]=man7/provider-storemgmt.pod +GENERATE[man/man7/provider-storemgmt.7]=man7/provider-storemgmt.pod +DEPEND[html/man7/provider.html]=man7/provider.pod +GENERATE[html/man7/provider.html]=man7/provider.pod +DEPEND[man/man7/provider.7]=man7/provider.pod +GENERATE[man/man7/provider.7]=man7/provider.pod +DEPEND[html/man7/proxy-certificates.html]=man7/proxy-certificates.pod +GENERATE[html/man7/proxy-certificates.html]=man7/proxy-certificates.pod +DEPEND[man/man7/proxy-certificates.7]=man7/proxy-certificates.pod +GENERATE[man/man7/proxy-certificates.7]=man7/proxy-certificates.pod +DEPEND[html/man7/ssl.html]=man7/ssl.pod +GENERATE[html/man7/ssl.html]=man7/ssl.pod +DEPEND[man/man7/ssl.7]=man7/ssl.pod +GENERATE[man/man7/ssl.7]=man7/ssl.pod +DEPEND[html/man7/x509.html]=man7/x509.pod +GENERATE[html/man7/x509.html]=man7/x509.pod +DEPEND[man/man7/x509.7]=man7/x509.pod +GENERATE[man/man7/x509.7]=man7/x509.pod +IMAGEDOCS[man7]=man7/img/cipher.png \ +man7/img/digest.png \ +man7/img/kdf.png \ +man7/img/mac.png \ +man7/img/pkey.png \ +man7/img/rand.png +HTMLDOCS[man7]=html/man7/EVP_ASYM_CIPHER-RSA.html \ +html/man7/EVP_ASYM_CIPHER-SM2.html \ +html/man7/EVP_CIPHER-AES.html \ +html/man7/EVP_CIPHER-ARIA.html \ +html/man7/EVP_CIPHER-BLOWFISH.html \ +html/man7/EVP_CIPHER-CAMELLIA.html \ +html/man7/EVP_CIPHER-CAST.html \ +html/man7/EVP_CIPHER-CHACHA.html \ +html/man7/EVP_CIPHER-DES.html \ +html/man7/EVP_CIPHER-IDEA.html \ +html/man7/EVP_CIPHER-NULL.html \ +html/man7/EVP_CIPHER-RC2.html \ +html/man7/EVP_CIPHER-RC4.html \ +html/man7/EVP_CIPHER-RC5.html \ +html/man7/EVP_CIPHER-SEED.html \ +html/man7/EVP_CIPHER-SM4.html \ +html/man7/EVP_KDF-HKDF.html \ +html/man7/EVP_KDF-KB.html \ +html/man7/EVP_KDF-KRB5KDF.html \ +html/man7/EVP_KDF-PBKDF1.html \ +html/man7/EVP_KDF-PBKDF2.html \ +html/man7/EVP_KDF-PKCS12KDF.html \ +html/man7/EVP_KDF-SCRYPT.html \ +html/man7/EVP_KDF-SS.html \ +html/man7/EVP_KDF-SSHKDF.html \ +html/man7/EVP_KDF-TLS13_KDF.html \ +html/man7/EVP_KDF-TLS1_PRF.html \ +html/man7/EVP_KDF-X942-ASN1.html \ +html/man7/EVP_KDF-X942-CONCAT.html \ +html/man7/EVP_KDF-X963.html \ +html/man7/EVP_KEM-RSA.html \ +html/man7/EVP_KEYEXCH-DH.html \ +html/man7/EVP_KEYEXCH-ECDH.html \ +html/man7/EVP_KEYEXCH-X25519.html \ +html/man7/EVP_MAC-BLAKE2.html \ +html/man7/EVP_MAC-CMAC.html \ +html/man7/EVP_MAC-GMAC.html \ +html/man7/EVP_MAC-HMAC.html \ +html/man7/EVP_MAC-KMAC.html \ +html/man7/EVP_MAC-Poly1305.html \ +html/man7/EVP_MAC-Siphash.html \ +html/man7/EVP_MD-BLAKE2.html \ +html/man7/EVP_MD-MD2.html \ +html/man7/EVP_MD-MD4.html \ +html/man7/EVP_MD-MD5-SHA1.html \ +html/man7/EVP_MD-MD5.html \ +html/man7/EVP_MD-MDC2.html \ +html/man7/EVP_MD-NULL.html \ +html/man7/EVP_MD-RIPEMD160.html \ +html/man7/EVP_MD-SHA1.html \ +html/man7/EVP_MD-SHA2.html \ +html/man7/EVP_MD-SHA3.html \ +html/man7/EVP_MD-SHAKE.html \ +html/man7/EVP_MD-SM3.html \ +html/man7/EVP_MD-WHIRLPOOL.html \ +html/man7/EVP_MD-common.html \ +html/man7/EVP_PKEY-DH.html \ +html/man7/EVP_PKEY-DSA.html \ +html/man7/EVP_PKEY-EC.html \ +html/man7/EVP_PKEY-FFC.html \ +html/man7/EVP_PKEY-HMAC.html \ +html/man7/EVP_PKEY-RSA.html \ +html/man7/EVP_PKEY-SM2.html \ +html/man7/EVP_PKEY-X25519.html \ +html/man7/EVP_RAND-CTR-DRBG.html \ +html/man7/EVP_RAND-HASH-DRBG.html \ +html/man7/EVP_RAND-HMAC-DRBG.html \ +html/man7/EVP_RAND-SEED-SRC.html \ +html/man7/EVP_RAND-TEST-RAND.html \ +html/man7/EVP_RAND.html \ +html/man7/EVP_SIGNATURE-DSA.html \ +html/man7/EVP_SIGNATURE-ECDSA.html \ +html/man7/EVP_SIGNATURE-ED25519.html \ +html/man7/EVP_SIGNATURE-HMAC.html \ +html/man7/EVP_SIGNATURE-RSA.html \ +html/man7/OSSL_PROVIDER-FIPS.html \ +html/man7/OSSL_PROVIDER-base.html \ +html/man7/OSSL_PROVIDER-default.html \ +html/man7/OSSL_PROVIDER-legacy.html \ +html/man7/OSSL_PROVIDER-null.html \ +html/man7/RAND.html \ +html/man7/RSA-PSS.html \ +html/man7/X25519.html \ +html/man7/bio.html \ +html/man7/crypto.html \ +html/man7/ct.html \ +html/man7/des_modes.html \ +html/man7/evp.html \ +html/man7/fips_module.html \ +html/man7/life_cycle-cipher.html \ +html/man7/life_cycle-digest.html \ +html/man7/life_cycle-kdf.html \ +html/man7/life_cycle-mac.html \ +html/man7/life_cycle-pkey.html \ +html/man7/life_cycle-rand.html \ +html/man7/migration_guide.html \ +html/man7/openssl-core.h.html \ +html/man7/openssl-core_dispatch.h.html \ +html/man7/openssl-core_names.h.html \ +html/man7/openssl-env.html \ +html/man7/openssl-glossary.html \ +html/man7/openssl-threads.html \ +html/man7/openssl_user_macros.html \ +html/man7/ossl_store-file.html \ +html/man7/ossl_store.html \ +html/man7/passphrase-encoding.html \ +html/man7/property.html \ +html/man7/provider-asym_cipher.html \ +html/man7/provider-base.html \ +html/man7/provider-cipher.html \ +html/man7/provider-decoder.html \ +html/man7/provider-digest.html \ +html/man7/provider-encoder.html \ +html/man7/provider-kdf.html \ +html/man7/provider-kem.html \ +html/man7/provider-keyexch.html \ +html/man7/provider-keymgmt.html \ +html/man7/provider-mac.html \ +html/man7/provider-object.html \ +html/man7/provider-rand.html \ +html/man7/provider-signature.html \ +html/man7/provider-storemgmt.html \ +html/man7/provider.html \ +html/man7/proxy-certificates.html \ +html/man7/ssl.html \ +html/man7/x509.html +MANDOCS[man7]=man/man7/EVP_ASYM_CIPHER-RSA.7 \ +man/man7/EVP_ASYM_CIPHER-SM2.7 \ +man/man7/EVP_CIPHER-AES.7 \ +man/man7/EVP_CIPHER-ARIA.7 \ +man/man7/EVP_CIPHER-BLOWFISH.7 \ +man/man7/EVP_CIPHER-CAMELLIA.7 \ +man/man7/EVP_CIPHER-CAST.7 \ +man/man7/EVP_CIPHER-CHACHA.7 \ +man/man7/EVP_CIPHER-DES.7 \ +man/man7/EVP_CIPHER-IDEA.7 \ +man/man7/EVP_CIPHER-NULL.7 \ +man/man7/EVP_CIPHER-RC2.7 \ +man/man7/EVP_CIPHER-RC4.7 \ +man/man7/EVP_CIPHER-RC5.7 \ +man/man7/EVP_CIPHER-SEED.7 \ +man/man7/EVP_CIPHER-SM4.7 \ +man/man7/EVP_KDF-HKDF.7 \ +man/man7/EVP_KDF-KB.7 \ +man/man7/EVP_KDF-KRB5KDF.7 \ +man/man7/EVP_KDF-PBKDF1.7 \ +man/man7/EVP_KDF-PBKDF2.7 \ +man/man7/EVP_KDF-PKCS12KDF.7 \ +man/man7/EVP_KDF-SCRYPT.7 \ +man/man7/EVP_KDF-SS.7 \ +man/man7/EVP_KDF-SSHKDF.7 \ +man/man7/EVP_KDF-TLS13_KDF.7 \ +man/man7/EVP_KDF-TLS1_PRF.7 \ +man/man7/EVP_KDF-X942-ASN1.7 \ +man/man7/EVP_KDF-X942-CONCAT.7 \ +man/man7/EVP_KDF-X963.7 \ +man/man7/EVP_KEM-RSA.7 \ +man/man7/EVP_KEYEXCH-DH.7 \ +man/man7/EVP_KEYEXCH-ECDH.7 \ +man/man7/EVP_KEYEXCH-X25519.7 \ +man/man7/EVP_MAC-BLAKE2.7 \ +man/man7/EVP_MAC-CMAC.7 \ +man/man7/EVP_MAC-GMAC.7 \ +man/man7/EVP_MAC-HMAC.7 \ +man/man7/EVP_MAC-KMAC.7 \ +man/man7/EVP_MAC-Poly1305.7 \ +man/man7/EVP_MAC-Siphash.7 \ +man/man7/EVP_MD-BLAKE2.7 \ +man/man7/EVP_MD-MD2.7 \ +man/man7/EVP_MD-MD4.7 \ +man/man7/EVP_MD-MD5-SHA1.7 \ +man/man7/EVP_MD-MD5.7 \ +man/man7/EVP_MD-MDC2.7 \ +man/man7/EVP_MD-NULL.7 \ +man/man7/EVP_MD-RIPEMD160.7 \ +man/man7/EVP_MD-SHA1.7 \ +man/man7/EVP_MD-SHA2.7 \ +man/man7/EVP_MD-SHA3.7 \ +man/man7/EVP_MD-SHAKE.7 \ +man/man7/EVP_MD-SM3.7 \ +man/man7/EVP_MD-WHIRLPOOL.7 \ +man/man7/EVP_MD-common.7 \ +man/man7/EVP_PKEY-DH.7 \ +man/man7/EVP_PKEY-DSA.7 \ +man/man7/EVP_PKEY-EC.7 \ +man/man7/EVP_PKEY-FFC.7 \ +man/man7/EVP_PKEY-HMAC.7 \ +man/man7/EVP_PKEY-RSA.7 \ +man/man7/EVP_PKEY-SM2.7 \ +man/man7/EVP_PKEY-X25519.7 \ +man/man7/EVP_RAND-CTR-DRBG.7 \ +man/man7/EVP_RAND-HASH-DRBG.7 \ +man/man7/EVP_RAND-HMAC-DRBG.7 \ +man/man7/EVP_RAND-SEED-SRC.7 \ +man/man7/EVP_RAND-TEST-RAND.7 \ +man/man7/EVP_RAND.7 \ +man/man7/EVP_SIGNATURE-DSA.7 \ +man/man7/EVP_SIGNATURE-ECDSA.7 \ +man/man7/EVP_SIGNATURE-ED25519.7 \ +man/man7/EVP_SIGNATURE-HMAC.7 \ +man/man7/EVP_SIGNATURE-RSA.7 \ +man/man7/OSSL_PROVIDER-FIPS.7 \ +man/man7/OSSL_PROVIDER-base.7 \ +man/man7/OSSL_PROVIDER-default.7 \ +man/man7/OSSL_PROVIDER-legacy.7 \ +man/man7/OSSL_PROVIDER-null.7 \ +man/man7/RAND.7 \ +man/man7/RSA-PSS.7 \ +man/man7/X25519.7 \ +man/man7/bio.7 \ +man/man7/crypto.7 \ +man/man7/ct.7 \ +man/man7/des_modes.7 \ +man/man7/evp.7 \ +man/man7/fips_module.7 \ +man/man7/life_cycle-cipher.7 \ +man/man7/life_cycle-digest.7 \ +man/man7/life_cycle-kdf.7 \ +man/man7/life_cycle-mac.7 \ +man/man7/life_cycle-pkey.7 \ +man/man7/life_cycle-rand.7 \ +man/man7/migration_guide.7 \ +man/man7/openssl-core.h.7 \ +man/man7/openssl-core_dispatch.h.7 \ +man/man7/openssl-core_names.h.7 \ +man/man7/openssl-env.7 \ +man/man7/openssl-glossary.7 \ +man/man7/openssl-threads.7 \ +man/man7/openssl_user_macros.7 \ +man/man7/ossl_store-file.7 \ +man/man7/ossl_store.7 \ +man/man7/passphrase-encoding.7 \ +man/man7/property.7 \ +man/man7/provider-asym_cipher.7 \ +man/man7/provider-base.7 \ +man/man7/provider-cipher.7 \ +man/man7/provider-decoder.7 \ +man/man7/provider-digest.7 \ +man/man7/provider-encoder.7 \ +man/man7/provider-kdf.7 \ +man/man7/provider-kem.7 \ +man/man7/provider-keyexch.7 \ +man/man7/provider-keymgmt.7 \ +man/man7/provider-mac.7 \ +man/man7/provider-object.7 \ +man/man7/provider-rand.7 \ +man/man7/provider-signature.7 \ +man/man7/provider-storemgmt.7 \ +man/man7/provider.7 \ +man/man7/proxy-certificates.7 \ +man/man7/ssl.7 \ +man/man7/x509.7 + diff --git a/deps/openssl/openssl/doc/build.info.in b/deps/openssl/openssl/doc/build.info.in new file mode 100644 index 00000000000000..e8dae7058a6eff --- /dev/null +++ b/deps/openssl/openssl/doc/build.info.in @@ -0,0 +1,80 @@ +SUBDIRS = man1 + +{- + use File::Spec::Functions qw(:DEFAULT abs2rel rel2abs); + use File::Basename; + + my $sourcedir = catdir($config{sourcedir}, 'doc'); + + foreach my $section ((1, 3, 5, 7)) { + my @imagefiles = (); + my @htmlfiles = (); + my @manfiles = (); + my %pngfiles = + map { $_ => 1 } glob catfile($sourcedir, "man$section", "img", "*.png"); + my %podfiles = + map { $_ => 1 } glob catfile($sourcedir, "man$section", "*.pod"); + my %podinfiles = + map { $_ => 1 } glob catfile($sourcedir, "man$section", "*.pod.in"); + + foreach (keys %podinfiles) { + (my $p = $_) =~ s|\.in$||i; + $podfiles{$p} = 1; + } + + foreach my $p (sort keys %podfiles) { + my $podfile = abs2rel($p, $sourcedir); + my $podname = basename($podfile, '.pod'); + my $podinfile = $podinfiles{"$p.in"} ? "$podfile.in" : undef; + + my $podname = basename($podfile, ".pod"); + + my $htmlfile = abs2rel(catfile($buildtop, "doc", "html", "man$section", + "$podname.html"), + catdir($buildtop, "doc")); + my $manfile = abs2rel(catfile($buildtop, "doc", "man", "man$section", + "$podname.$section"), + catdir($buildtop, "doc")); + + # The build.info format requires file specs to be in Unix format. + # Especially, since VMS file specs use [ and ], the build.info parser + # will otherwise get terribly confused. + if ($^O eq 'VMS') { + $htmlfile = VMS::Filespec::unixify($htmlfile); + $manfile = VMS::Filespec::unixify($manfile); + $podfile = VMS::Filespec::unixify($podfile); + $podinfile = VMS::Filespec::unixify($podinfile) + if defined $podinfile; + } elsif ($^O eq 'MSWin32') { + $htmlfile =~ s|\\|/|g; + $manfile =~ s|\\|/|g; + $podfile =~ s|\\|/|g; + $podinfile =~ s|\\|/|g + if defined $podinfile; + } + push @htmlfiles, $htmlfile; + push @manfiles, $manfile; + $OUT .= << "_____"; +DEPEND[$htmlfile]=$podfile +GENERATE[$htmlfile]=$podfile +DEPEND[$manfile]=$podfile +GENERATE[$manfile]=$podfile +_____ + $OUT .= << "_____" if $podinfile; +DEPEND[$podfile]{pod}=$podinfile +GENERATE[$podfile]=$podinfile +_____ + } + + foreach my $p (sort keys %pngfiles) { + my $relpath = abs2rel($p, $sourcedir); + my $imagefile = abs2rel(catfile($buildtop, "doc", "$relpath"), + catdir($buildtop, "doc")); + push @imagefiles, $imagefile; + } + + $OUT .= "IMAGEDOCS[man$section]=" . join(" \\\n", @imagefiles) . "\n"; + $OUT .= "HTMLDOCS[man$section]=" . join(" \\\n", @htmlfiles) . "\n"; + $OUT .= "MANDOCS[man$section]=" . join(" \\\n", @manfiles) . "\n"; + } + -} diff --git a/deps/openssl/openssl/doc/dir-locals.example.el b/deps/openssl/openssl/doc/dir-locals.example.el new file mode 100644 index 00000000000000..dc0d5548aa1a86 --- /dev/null +++ b/deps/openssl/openssl/doc/dir-locals.example.el @@ -0,0 +1,15 @@ +;;; This is an example of what a .dir-locals.el suitable for OpenSSL +;;; development could look like. +;;; +;;; Apart from setting the CC mode style to "OpenSSL-II", it also +;;; makes sure that tabs are never used for indentation in any file, +;;; and that the fill column is 78. +;;; +;;; For more information see (info "(emacs) Directory Variables") + +((nil + (indent-tabs-mode . nil) + (fill-column . 70) + ) + (c-mode + (c-file-style . "OpenSSL-II"))) diff --git a/deps/openssl/openssl/doc/fingerprints.txt b/deps/openssl/openssl/doc/fingerprints.txt new file mode 100644 index 00000000000000..bdcad1472309ee --- /dev/null +++ b/deps/openssl/openssl/doc/fingerprints.txt @@ -0,0 +1,28 @@ +Fingerprints for Signing Releases + +OpenSSL releases are signed with PGP/GnuPG keys. This file contains +the fingerprints of team members who are "authorized" to sign the +next release. + +The signature is a detached cleartxt signature, with the same name +as the release but with ".asc" appended. For example, release +1.0.1h can be found in openssl-1.0.1h.tar.gz with the signature +in the file named openssl-1.0.1h.tar.gz.asc. + +The following is the list of fingerprints for the keys that are +currently in use to sign OpenSSL distributions: + +OpenSSL: +BA54 73A2 B058 7B07 FB27 CF2D 2160 94DF D0CB 81EF + +Richard Levitte: +7953 AC1F BC3D C8B3 B292 393E D5E9 E43F 7DF9 EE8C + +Matt Caswell: +8657 ABB2 60F0 56B1 E519 0839 D9C4 D26D 0E60 4491 + +Paul Dale: +B7C1 C143 60F3 53A3 6862 E4D5 231C 84CD DCC6 9C45 + +Tomáš Mráz: +A21F AB74 B008 8AA3 6115 2586 B8EF 1A6B A9DA 2D5C diff --git a/deps/openssl/openssl/doc/images/openssl-square-nontransparent.png b/deps/openssl/openssl/doc/images/openssl-square-nontransparent.png new file mode 100644 index 00000000000000..5e6b747ce08799 Binary files /dev/null and b/deps/openssl/openssl/doc/images/openssl-square-nontransparent.png differ diff --git a/deps/openssl/openssl/doc/images/openssl-square.svg b/deps/openssl/openssl/doc/images/openssl-square.svg new file mode 100644 index 00000000000000..bb1ddc0490f300 --- /dev/null +++ b/deps/openssl/openssl/doc/images/openssl-square.svg @@ -0,0 +1,49 @@ + + + + + + + + + + + + + + + + + + + + + + diff --git a/deps/openssl/openssl/doc/images/openssl.svg b/deps/openssl/openssl/doc/images/openssl.svg new file mode 100644 index 00000000000000..988d3a0e91bedc --- /dev/null +++ b/deps/openssl/openssl/doc/images/openssl.svg @@ -0,0 +1,49 @@ + + + + + + + + + + + + + + + + + + + + diff --git a/deps/openssl/openssl/doc/internal/man3/OPENSSL_SA.pod b/deps/openssl/openssl/doc/internal/man3/OPENSSL_SA.pod new file mode 100644 index 00000000000000..8124003d77a62b --- /dev/null +++ b/deps/openssl/openssl/doc/internal/man3/OPENSSL_SA.pod @@ -0,0 +1,131 @@ +=pod + +=head1 NAME + +OPENSSL_SA, ossl_sa_TYPE_new, ossl_sa_TYPE_free, +ossl_sa_TYPE_free_leaves, ossl_sa_TYPE_num, ossl_sa_TYPE_doall, +ossl_sa_TYPE_doall_arg, ossl_sa_TYPE_get, ossl_sa_TYPE_set +- sparse array container + +=head1 SYNOPSIS + + #include "crypto/sparse_array.h" + + typedef struct sparse_array_st OPENSSL_SA; + + SPARSE_ARRAY_OF(TYPE) + DEFINE_SPARSE_ARRAY_OF(TYPE) + + SPARSE_ARRAY_OF(TYPE) *ossl_sa_TYPE_new(void); + void ossl_sa_TYPE_free(const SPARSE_ARRAY_OF(TYPE) *sa); + void ossl_sa_TYPE_free_leaves(const SPARSE_ARRAY_OF(TYPE) *sa); + size_t ossl_sa_TYPE_num(const SPARSE_ARRAY_OF(TYPE) *sa); + void ossl_sa_TYPE_doall(const OPENSSL_SA *sa, void (*leaf)(ossl_uintmax_t, + void *)); + void ossl_sa_TYPE_doall_arg(const OPENSSL_SA *sa, + void (*leaf)(ossl_uintmax_t, void *, void *), + void *arg); + TYPE *ossl_sa_TYPE_get(const SPARSE_ARRAY_OF(TYPE) *sa, ossl_uintmax_t idx); + int ossl_sa_TYPE_set(SPARSE_ARRAY_OF(TYPE) *sa, ossl_uintmax_t idx, + TYPE *value); + +=head1 DESCRIPTION + +=begin comment + +POD is pretty good at recognising function names and making them appropriately +bold... however, when part of the function name is variable, we have to help +the processor along + +=end comment + +SPARSE_ARRAY_OF() returns the name for a sparse array of the specified +B>. DEFINE_SPARSE_ARRAY_OF() creates set of functions for a sparse +array of B>. This will mean that a pointer to type B> +is stored in each element of a sparse array, the type is referenced by +B(B>) and each function name begins with +B_>. For example: + + TYPE *ossl_sa_TYPE_get(SPARSE_ARRAY_OF(TYPE) *sa, ossl_uintmax_t idx); + +B_num>() returns the number of elements in I or 0 if I +is NULL. + +B_get>() returns element I in I, where I starts +at zero. If I refers to a value that has not been set then NULL is +returned. + +B_set>() sets element I in I to I, where I +starts at zero. The sparse array will be resized as required. + +B_new>() allocates a new empty sparse array. + +B_free>() frees up the I structure. It does I free up any +elements of I. After this call I is no longer valid. + +B_free_leaves>() frees up the I structure and all of its +elements. After this call I is no longer valid. + +B_doall>() calls the function I for each element in I +in ascending index order. The index position, within the sparse array, +of each item is passed as the first argument to the leaf function and a +pointer to the associated value is passed as the second argument. + +B_doall_arg>() calls the function I for each element in +I in ascending index order. The index position, within the sparse +array, of each item is passed as the first argument to the leaf function, +a pointer to the associated value is passed as the second argument and +the third argument is the user supplied I. + + +=head1 NOTES + +Sparse arrays are an internal data structure and should B be used by user +applications. + +Care should be taken when accessing sparse arrays in multi-threaded +environments. The B_set>() operation can cause the internal +structure of the sparse array to change which causes race conditions if the +sparse array is accessed in a different thread. + +SPARSE_ARRAY_OF() and DEFINE_SPARSE_ARRAY_OF() are implemented as macros. + +The underlying utility B API should not be used directly. It +defines these functions: OPENSSL_SA_doall, OPENSSL_SA_doall_arg, +OPENSSL_SA_free, OPENSSL_SA_free_leaves, OPENSSL_SA_get, OPENSSL_SA_new, +OPENSSL_SA_num and OPENSSL_SA_set. + +=head1 RETURN VALUES + +B_num>() returns the number of elements in the sparse array or +B<0> if the passed sparse array is NULL. + +B_get>() returns a pointer to a sparse array element or NULL if +the element has not be set. + +B_set>() return B<1> on success and B<0> on error. In the latter +case, the elements of the sparse array remain unchanged, although the internal +structures might have. + +B_new>() returns an empty sparse array or NULL if an error +occurs. + +B_doall>(), B_doall_arg>(), +B_free>() and B_free_leaves>() +do not return values. + +=head1 HISTORY + +This functionality was added to OpenSSL 3.0. + +=head1 COPYRIGHT + +Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved. Copyright +(c) 2019, Oracle and/or its affiliates. All rights reserved. + +Licensed under the Apache License 2.0 (the "License"). You may not use this +file except in compliance with the License. You can obtain a copy in the file +LICENSE in the source distribution or at +L. + +=cut diff --git a/deps/openssl/openssl/doc/internal/man3/OPTIONS.pod b/deps/openssl/openssl/doc/internal/man3/OPTIONS.pod new file mode 100644 index 00000000000000..dbdd39a2ee645a --- /dev/null +++ b/deps/openssl/openssl/doc/internal/man3/OPTIONS.pod @@ -0,0 +1,343 @@ +=pod + +=head1 NAME + +OPTIONS, OPT_PAIR, OPT_COMMON, OPT_ERR, OPT_EOF, OPT_HELP, +opt_init, opt_progname, opt_appname, opt_getprog, opt_help, +opt_begin, opt_next, opt_flag, opt_arg, opt_unknown, opt_cipher, +opt_cipher_any, opt_cipher_silent, opt_md, +opt_int, opt_int_arg, opt_long, opt_ulong, opt_intmax, opt_uintmax, +opt_format, opt_isdir, opt_string, opt_pair, +opt_num_rest, opt_rest, opt_legacy_okay +- Option parsing for commands and tests + +=head1 SYNOPSIS + + #include "opt.h" + + typedef struct { ... } OPTIONS; + typedef struct { ... } OPT_PAIR; + #define OPT_COMMON + #define OPT_ERR + #define OPT_EOF + #define OPT_HELP + + char *opt_init(int argc, char **argv, const OPTIONS *o); + char *opt_progname(const char *argv0); + char *opt_appname(const char *argv0); + char *opt_getprog(void); + void opt_help(const OPTIONS *list); + + void opt_begin(void); + int opt_next(void); + char *opt_flag(void); + char *opt_arg(void); + char *opt_unknown(void); + int opt_cipher(const char *name, EVP_CIPHER **cipherp); + int opt_cipher_any(const char *name, EVP_CIPHER **cipherp); + int opt_cipher_silent(const char *name, EVP_CIPHER **cipherp); + int opt_md(const char *name, EVP_MD **mdp); + + int opt_int(const char *value, int *result); + int opt_int_arg(void); + int opt_long(const char *value, long *result); + int opt_ulong(const char *value, unsigned long *result); + int opt_intmax(const char *value, intmax_t *result); + int opt_uintmax(const char *value, uintmax_t *result); + + int opt_format(const char *s, unsigned long flags, int *result); + int opt_isdir(const char *name); + int opt_string(const char *name, const char **options); + int opt_pair(const char *name, const OPT_PAIR* pairs, int *result); + + int opt_num_rest(void); + char **opt_rest(void); + + int opt_legacy_okay(void); + +=head1 DESCRIPTION + +The functions on this page provide a common set of option-parsing for +the OpenSSL command and the internal test programs. +It is intended to be used like the standard getopt(3) routine, except +that multi-character flag names are supported, and a variety of parsing +and other utility functions are also provided. + +Programs that use this should make sure to set the appropriate C<-I> +flag. + +These routines expect a global B named B to point to +the equivalent of B. This is already done in the OpenSSL +application. + +=head2 Data Types + +Each program should define, near the main() routine, an enumeration +that is the set of options the program accepts. For example: + + typedef enum OPTION_choice { + OPT_COMMON, + OPT_YES, OPT_NAME, OPT_COUNT, OPT_OFILE, + ... + } OPTION_CHOICE; + +The first two lines must appear exactly as shown. +OPT_COMMON is a macro that expands to C. +In addition to defining symbolic names for the constants that opt_next() +returns, it also helps guarantee that every command has a C<-help> option. +The third line is a sample +set of flags, and the closing C name is used for error-checking +as discussed below. +By declaring the variable as an C, with the right warning +flags, the compiler could check that all specified options are handled. + +The B C specifies an option: what type of argument +it takes (if any), and an optional "help" string. It is a C +containing these fields: + + const char *name; + int retval; + int valtype; + const char *helpstr; + +The B is the name of the option that the user would type. Options +are words prefaced with a minus sign. If the user uses two minus signs, +this is also accepted for compatibility with other GNU software. Some +names are special, and are described below. + +The B is the value to return if the option is found. It should be +one of the choices in the enumeration above. + +The B defines what the option's parameter must be. It should +be chosen from the following set: + + \0 No value + '-' No value + 's' A text string + '/' A directory + '<' Name of file to open for input + '>' Name of file to open for output + 'n' A signed number that fits in the C type + 'p' A positive number that fits in the C type + 'N' A nonnegative number that fits in the C type + 'M' A signed number that fits in the C type + 'U' An unsigned number that fits in the C type + 'l' A signed number that fits in the C type + 'u' An unsigned number that fits in the C type + 'c' File in PEM, DER, or S/MIME format + 'F' A file in PEM or DER format + 'E' Like 'F' but also allows ENGINE + 'f' Any file format + +The B is what to display when the user uses the help option, +which should be C<"help">. + +A program should declare its options right after the enumeration, +and should follow the ordering of the enumeration as this helps +readability and maintainability: + + static OPTIONS my_options[] = { + {"help", OPT_HELP, '-', "Display this summary"}, + {"yes", OPT_YES, '-', "Print an affirmative reply"}, + {"count", OPT_COUNT, 'p', "Repeat count"}, + {"output" OPT_OFILE, '>', "Output file; default is stdout"}, + {NULL} + }; + +Note that the B option is explicitly listed, and the list ends with +an entry of all-null's. The other two special options, B and B +should not appear in the array. + +If the help string is too long to fit into one line, it may be continued +on multiple lines; each entry should use B, like this: + + {"output" OPT_OFILE, '>', "Output file; default is stdout"}, + {OPT_MORE_STR, 0, 0, + "This flag is not really needed on Unix systems"}, + {OPT_MORE_STR, 0, 0, + "(Unix and descendents for the win!)"} + +Each subsequent line will be indented the correct amount. + +By default, the help display will include a standard prolog: + + Usage: PROGRAM [options] + Valid options are: + ...detailed list of options... + +Sometimes there are parameters that should appear in the synopsis. +Use B as the first entry in your array: + + {OPT_HELP_STR, 1, '-', Usage: %s [options] [text...]\n"} + +The B and B are ignored, and the B should +follow the general construction as shown. The C<%s> will get the program +name. + +If a command has a large set of options, it can be useful to break them +into sections. Use the macro B or B +to indicate this. The two lines below are equivalent: + + OPT_SECTION("Validation"), + {OPT_SECTION_STR, 1, '-', "Validation options:\n"}, + +In addition to providing help about options, you can provide a description +of the parameters a command takes. These should appear at the end of +the options and are indicated by using B or the +B macro: + + OPT_PARAMETERS() + {OPT_PARAM_STR, 1, '-', "Parameters:\n"} + +Every "option" after after this should contain the parameter and +the help string: + + {"text", 0, 0, "Words to display (optional)"}, + +=head2 Functions + +The opt_init() function takes the I and I arguments given to main() +and a pointer I to the list of options. It returns the simple program +name, as defined by opt_progname(). + +The opt_progname() function takes the full pathname C in its I +parameter and returns +the simple short name of the executable, to be used for error messages and +the like. + +The opt_appname() function takes in its I parameter +the "application" name (such +as the specific command from L and appends it to the program +name. This function should only be called once. + +The opt_getprog() function returns the value set by opt_appname(). + +The opt_help() function takes a list of option definitions and prints a +nicely-formatted output. + +The opt_begin() function, which is called automatically by opt_init(), +can be used to reset the option parsing loop. + +The opt_next() function is called, once opt_init() has been called, +in a loop to fetch each option in turn. It returns -1, or B when the +end of arguments has been reached. This is typically done like this: + + prog = opt_init(argc, argv, my_options); + while ((o = opt_next()) != OPT_EOF) { + switch (o) { + case OPT_EOF: + case OPT_ERR: + opthelp: + fprintf(stderr, "%s: Use -help for summary\n", prog); + exit(1); + case OPT_HELP: + opt_help(my_options); + exit(0); + ...other options... + } + } + +Within the option parsing loop, the following functions may be called. + +The opt_flag() function returns the most recent option name +including the preceding C<->. + +The opt_arg() function returns the option's argument value, if there is one. + +The opt_unknown() function returns the unknown option. +In an option list, there can be at most one option with the empty string. +This is a "wildcard" or "unknown" option. For example, it allows an +option to be be taken as digest algorithm, like C<-sha1>. The function +opt_md() takes the specified I and fills in the digest into I. +The functions opt_cipher(), opt_cipher_any() and opt_cipher_silent() +each takes the specified I and fills in the cipher into I. +The function opt_cipher() only accepts ciphers which are not +AEAD and are not using XTS mode. The functions opt_cipher_any() and +opt_cipher_silent() accept any cipher, the latter not emitting an error +if the cipher is not located. + +There are a several useful functions for parsing numbers. These are +opt_int(), opt_long(), opt_ulong(), opt_intmax(), and opt_uintmax(). They all +take C<0x> to mean hexadecimal and C<0> to mean octal, and will do the +necessary range-checking. They return 1 if successful and fill in the +C pointer with the value, or 0 on error. Note that opt_next() +will also do range-check on the argument if the appropriate B +field is specified for the option. This means that error-checking inside +the C C can often be elided. + +The opt_int_arg() function is a convenience abbreviation to opt_int(). +It parses and returns an integer, assuming its range has been checked before. + +The opt_format() function takes a string value, +such as used with the B<-informat> or similar option, and fills +the value from the constants in F file. + +The opt_isdir() function returns 1 if the specified I is +a directory, or 0 if not. + +The opt_string() function checks that I appears in the +NULL-terminated array of strings. It returns 1 if found, +or prints a diagnostic and returns 0 if not. + +The opt_pair() function takes a list of I, each of which +has a text name and an integer. The specified I is +found on the list, it puts the index in I<*result>, and returns +1. If not found, it returns 0. + +The following functions can be used after processing all the options. + +The opt_num_rest() function returns what is left. + +The opt_rest() function returns a pointer to the first non-option. +If there were no parameters, it will point to the NULL that is +at the end of the standard I array. + +The opt_legacy_okay() function returns true if no options have been +specified that would preclude using legacy code paths. Currently, +the various provider options preclude legacy operation. This means, +for example, that specifying both B<-provider> and B<-engine> in the +same command line will not work as expected. + +=head2 Common Options + +There are a few groups of options that are common to many OpenSSL programs. +These are handled with sets of macros that define common option names +and common code to handle them. The categories are identified by a +letter: + + V Validation + X Extended certificate + S TLS/SSL + R Random state + +The B macro is used to define the numeration values, where B +is one of the letters above. The B macro is used to +list the set of common options, and the B is used in +the C statement. + +The common options are used throughout the sources for the OpenSSL commands. +They are also used with common descriptions when generating the +manpages, in the file F, which follow a similar naming +convention. + +=head1 RETURN VALUES + +Detailed above. + +=head1 EXAMPLES + +The best examples can be found in sources for the commands in the F +directory of the source tree. +A notable exception is F which uses this API, but does +things very differently. + +=head1 COPYRIGHT + +Copyright 2021-2024 The OpenSSL Project Authors. All Rights Reserved. + +Licensed under the Apache License 2.0 (the "License"). You may not use this +file except in compliance with the License. You can obtain a copy in the file +LICENSE in the source distribution or at +L. + +=cut diff --git a/deps/openssl/openssl/doc/internal/man3/OSSL_DEPRECATED.pod b/deps/openssl/openssl/doc/internal/man3/OSSL_DEPRECATED.pod new file mode 100644 index 00000000000000..8370d60f18fbc8 --- /dev/null +++ b/deps/openssl/openssl/doc/internal/man3/OSSL_DEPRECATED.pod @@ -0,0 +1,54 @@ +=pod + +=head1 NAME + +OSSL_DEPRECATED, OSSL_DEPRECATED_FOR - General deprecation macros + +=head1 SYNOPSIS + + #include + + #define OSSL_DEPRECATED(since) + #define OSSL_DEPRECATED_FOR(since, msg) + +=head1 DESCRIPTION + +OSSL_DEPRECATED() implements the deprecated attribute if the compiler +supports it, otherwise it expands to nothing. It takes one argument +I that should be set to the OpenSSL version where the symbol was +deprecated, and will be displayed with the deprecation warning message, +for compilers that support user specified deprecation messages. + +OSSL_DEPRECATED_FOR() does the same as OSSL_DEPRECATED(), but also takes a +second argument I, which is an additional text messages to be displayed +with the deprecation warning along with the OpenSSL version number, for +compilers that support user specified deprecation messages. + +These macros are used to define the version specific deprecation macros +described in L. + +=begin comment + +[RETURN VALUES isn't relevant for these macros, but find-doc-nits demands +the presence of this section] + +=head1 RETURN VALUES + +[podchecker doesn't like empty sections] + +=end comment + +=head1 SEE ALSO + +L + +=head1 COPYRIGHT + +Copyright 2020 The OpenSSL Project Authors. All Rights Reserved. + +Licensed under the Apache License 2.0 (the "License"). You may not use +this file except in compliance with the License. You can obtain a copy +in the file LICENSE in the source distribution or at +L. + +=cut diff --git a/deps/openssl/openssl/doc/internal/man3/OSSL_METHOD_STORE.pod b/deps/openssl/openssl/doc/internal/man3/OSSL_METHOD_STORE.pod new file mode 100644 index 00000000000000..70f6eb520ff311 --- /dev/null +++ b/deps/openssl/openssl/doc/internal/man3/OSSL_METHOD_STORE.pod @@ -0,0 +1,144 @@ +=pod + +=head1 NAME + +OSSL_METHOD_STORE, ossl_method_store_new, ossl_method_store_free, +ossl_method_store_init, ossl_method_store_cleanup, +ossl_method_store_add, ossl_method_store_fetch, +ossl_method_store_remove, ossl_method_store_remove_all_provided, +ossl_method_store_cache_get, ossl_method_store_cache_set, +ossl_method_store_cache_flush_all +- implementation method store and query + +=head1 SYNOPSIS + + #include "internal/property.h" + + typedef struct ossl_method_store_st OSSL_METHOD_STORE; + + OSSL_METHOD_STORE *ossl_method_store_new(OSSL_LIB_CTX *ctx); + void ossl_method_store_free(OSSL_METHOD_STORE *store); + int ossl_method_store_init(OSSL_LIB_CTX *ctx); + void ossl_method_store_cleanup(OSSL_LIB_CTX *ctx); + int ossl_method_store_add(OSSL_METHOD_STORE *store, const OSSL_PROVIDER *prov, + int nid, const char *properties, void *method, + int (*method_up_ref)(void *), + void (*method_destruct)(void *)); + int ossl_method_store_remove(OSSL_METHOD_STORE *store, + int nid, const void *method); + int ossl_method_store_fetch(OSSL_METHOD_STORE *store, + int nid, const char *properties, + void **method, const OSSL_PROVIDER **prov_rw); + int ossl_method_store_remove_all_provided(OSSL_METHOD_STORE *store, + const OSSL_PROVIDER *prov); + + int ossl_method_store_cache_get(OSSL_METHOD_STORE *store, OSSL_PROVIDER *prov, + int nid, const char *prop_query, void **method); + int ossl_method_store_cache_set(OSSL_METHOD_STORE *store, OSSL_PROVIDER *prov, + int nid, const char *prop_query, void *method, + int (*method_up_ref)(void *), + void (*method_destruct)(void *)); + void ossl_method_store_cache_flush_all(OSSL_METHOD_STORE *store); + +=head1 DESCRIPTION + +OSSL_METHOD_STORE stores methods that can be queried using properties and a +numeric identity (nid). + +Methods are expected to be library internal structures. +It's left to the caller to define the exact contents. + +Numeric identities are expected to be an algorithm identity for the methods. +It's left to the caller to define exactly what an algorithm is, and to allocate +these numeric identities accordingly. + +The B also holds an internal query cache, which is accessed +separately (see L below). + +=head2 Store Functions + +ossl_method_store_init() initialises the method store subsystem in the scope of +the library context I. + +ossl_method_store_cleanup() cleans up and shuts down the implementation method +store subsystem in the scope of the library context I. + +ossl_method_store_new() create a new empty method store using the supplied +I to allow access to the required underlying property data. + +ossl_method_store_free() frees resources allocated to I. + +ossl_method_store_add() adds the I constructed from an implementation in +the provider I to the I as an instance of an algorithm indicated by +I and the property definition I, unless the I already +has a method from the same provider with the same I and I. +If the I function is given, it's called to increment the +reference count of the method. +If the I function is given, it's called when this function +fails to add the method to the store, or later on when it is being released from +the I. + +ossl_method_store_remove() removes the I identified by I from the +I. + +ossl_method_store_fetch() queries I for a method identified by I +that matches the property query I. +I<*prop> may be a pointer to a provider, which will narrow the search +to methods from that provider. +The result, if any, is returned in I<*method>, and its provider in I<*prov>. + +ossl_method_store_remove_all_provided() removes all methods from I +that are provided by I. +When doing so, it also flushes the corresponding cache entries. + +=head2 Cache Functions + +ossl_method_store_cache_get() queries the cache associated with the I +for a method identified by I that matches the property query +I. +Additionally, if I isn't NULL, it will be used to narrow the search +to only include methods from that provider. +The result, if any, is returned in I. + +ossl_method_store_cache_set() sets a cache entry identified by I from the +provider I, with the property query I in the I. +Future calls to ossl_method_store_cache_get() will return the specified I. +The I function is called to increment the +reference count of the method and the I function is called +to decrement it. + +ossl_method_store_cache_flush_all() flushes all cached entries associated with +I. + +=head1 NOTES + +The I argument to ossl_method_store_cache_get() and +ossl_method_store_cache_set() is not allowed to be NULL. Use "" for an +empty property definition or query. + +=head1 RETURN VALUES + +ossl_method_store_new() returns a new method store object or NULL on failure. + +ossl_method_store_free(), ossl_method_store_add(), +ossl_method_store_remove(), ossl_method_store_fetch(), +ossl_method_store_cache_get(), ossl_method_store_cache_set() and +ossl_method_store_flush_cache() return B<1> on success and B<0> on error. + +ossl_method_store_free() and ossl_method_store_cleanup() do not return any value. + +=head1 HISTORY + +This functionality was added to OpenSSL 3.0. + +=head1 COPYRIGHT + +Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved. +Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. + +Licensed under the Apache License 2.0 (the "License"). You may not use this +file except in compliance with the License. You can obtain a copy in the file +LICENSE in the source distribution or at +L. + +=cut diff --git a/deps/openssl/openssl/doc/internal/man3/cms_add1_signing_cert.pod b/deps/openssl/openssl/doc/internal/man3/cms_add1_signing_cert.pod new file mode 100644 index 00000000000000..cc2747dcde6e70 --- /dev/null +++ b/deps/openssl/openssl/doc/internal/man3/cms_add1_signing_cert.pod @@ -0,0 +1,46 @@ +=pod + +=head1 NAME + +cms_add1_signing_cert, cms_add1_signing_cert_v2 +- add ESS signing-certificate signed attribute to a +CMS_SignerInfo data structure + +=head1 SYNOPSIS + + #include + + int cms_add1_signing_cert(CMS_SignerInfo *si, ESS_SIGNING_CERT *sc); + + int cms_add1_signing_cert_v2(CMS_SignerInfo *si, ESS_SIGNING_CERT_V2 *sc2); + +=head1 DESCRIPTION + +cms_add1_signing_cert() adds an ESS Signing Certificate I (version 1) signed +attribute to the CMS_SignerInfo I. +cms_add1_signing_cert_v2() adds an ESS Signing Certificate I (version 2) signed +attribute to the CMS_SignerInfo I. +The ESS Signing Certificate attributes version 1 and 2 are defined in RFC 5035 +which updates Section 5.4 of RFC 2634. + +=head1 NOTES + +This attribute is mandatory to make a CMS compliant with CAdES-BES +(European Standard ETSI EN 319 122-1 V1.1.1). +For a fuller description see L). + +=head1 RETURN VALUES + +cms_add1_signing_cert() and cms_add1_signing_cert_v2() return 1 if attribute +is added or 0 if an error occurred. + +=head1 COPYRIGHT + +Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved. + +Licensed under the Apache License 2.0 (the "License"). You may not use +this file except in compliance with the License. You can obtain a copy +in the file LICENSE in the source distribution or at +L. + +=cut diff --git a/deps/openssl/openssl/doc/internal/man3/evp_generic_fetch.pod b/deps/openssl/openssl/doc/internal/man3/evp_generic_fetch.pod new file mode 100644 index 00000000000000..b23d2ec0eaa244 --- /dev/null +++ b/deps/openssl/openssl/doc/internal/man3/evp_generic_fetch.pod @@ -0,0 +1,285 @@ +=pod + +=head1 NAME + +evp_generic_fetch, evp_generic_fetch_by_number, evp_generic_fetch_from_prov +- generic algorithm fetchers and method creators for EVP + +=head1 SYNOPSIS + + /* Only for EVP source */ + #include "evp_local.h" + + void *evp_generic_fetch(OSSL_LIB_CTX *libctx, int operation_id, + const char *name, const char *properties, + void *(*new_method)(int name_id, + const OSSL_DISPATCH *fns, + OSSL_PROVIDER *prov, + void *method_data), + void *method_data, + int (*up_ref_method)(void *), + void (*free_method)(void *)); + + void *evp_generic_fetch_by_number(OSSL_LIB_CTX *ctx, int operation_id, + int name_id, const char *properties, + void *(*new_method)(int name_id, + const OSSL_DISPATCH *fns, + OSSL_PROVIDER *prov, + void *method_data), + void *method_data, + int (*up_ref_method)(void *), + void (*free_method)(void *)); + void *evp_generic_fetch_from_prov(OSSL_PROVIDER *prov, int operation_id, + int name_id, const char *properties, + void *(*new_method)(int name_id, + const OSSL_DISPATCH *fns, + OSSL_PROVIDER *prov, + void *method_data), + void *method_data, + int (*up_ref_method)(void *), + void (*free_method)(void *)); + +=head1 DESCRIPTION + +evp_generic_fetch() calls ossl_method_construct() with the given +I, I, I, and I and uses +it to create an EVP method with the help of the functions +I, I, and I. + +evp_generic_fetch_by_number() does the same thing as evp_generic_fetch(), +but takes a numeric I instead of a name. +I must always be nonzero; as a matter of fact, it being zero +is considered a programming error. +This is meant to be used when one method needs to fetch an associated +method, and is typically called from inside the given function +I. + +evp_generic_fetch_from_prov() does the same thing as evp_generic_fetch(), +but limits the search of methods to the provider given with I. +This is meant to be used when one method needs to fetch an associated +method in the same provider. + +The three functions I, I, and +I are supposed to: + +=over 4 + +=item new_method() + +creates an internal method from function pointers found in the +dispatch table I, with name identity I. +The provider I and I are also passed to be used as +new_method() sees fit. + +=item up_ref_method() + +increments the reference counter for the given method, if there is +one. + +=item free_method() + +frees the given method. + +=back + +=head1 RETURN VALUES + +evp_generic_fetch() returns a method on success, or NULL on error. + +=head1 EXAMPLES + +This is a short example of the fictitious EVP API and operation called +B. + +To begin with, let's assume something like this in +F: + + #define OSSL_OP_FOO 100 + + #define OSSL_FUNC_FOO_NEWCTX_FUNC 2001 + #define OSSL_FUNC_FOO_INIT 2002 + #define OSSL_FUNC_FOO_OPERATE 2003 + #define OSSL_FUNC_FOO_CLEANCTX_FUNC 2004 + #define OSSL_FUNC_FOO_FREECTX_FUNC 2005 + + OSSL_CORE_MAKE_FUNC(void *, foo_newctx, (void)) + OSSL_CORE_MAKE_FUNC(int, foo_init, (void *vctx)) + OSSL_CORE_MAKE_FUNC(int, foo_operate, (void *vctx, + unsigned char *out, size_t *out_l, + unsigned char *in, size_t in_l)) + OSSL_CORE_MAKE_FUNC(void, foo_cleanctx, (void *vctx)) + OSSL_CORE_MAKE_FUNC(void, foo_freectx, (void *vctx)) + +And here's the implementation of the FOO method fetcher: + + /* typedef struct evp_foo_st EVP_FOO */ + struct evp_foo_st { + OSSL_PROVIDER *prov; + int name_id; + CRYPTO_REF_COUNT refcnt; + OSSL_FUNC_foo_newctx_fn *newctx; + OSSL_FUNC_foo_init_fn *init; + OSSL_FUNC_foo_operate_fn *operate; + OSSL_FUNC_foo_cleanctx_fn *cleanctx; + OSSL_FUNC_foo_freectx_fn *freectx; + }; + + /* + * In this example, we have a public method creator and destructor. + * It's not absolutely necessary, but is in the spirit of OpenSSL. + */ + EVP_FOO *EVP_FOO_meth_from_algorithm(int name_id, + const OSSL_DISPATCH *fns, + OSSL_PROVIDER *prov, + void *data) + { + EVP_FOO *foo = NULL; + + if ((foo = OPENSSL_zalloc(sizeof(*foo))) == NULL) + return NULL; + + foo->name_id = name_id; + + for (; fns->function_id != 0; fns++) { + switch (fns->function_id) { + case OSSL_FUNC_FOO_NEWCTX: + foo->newctx = OSSL_FUNC_foo_newctx(fns); + break; + case OSSL_FUNC_FOO_INIT: + foo->init = OSSL_FUNC_foo_init(fns); + break; + case OSSL_FUNC_FOO_OPERATE: + foo->operate = OSSL_FUNC_foo_operate(fns); + break; + case OSSL_FUNC_FOO_CLEANCTX: + foo->cleanctx = OSSL_FUNC_foo_cleanctx(fns); + break; + case OSSL_FUNC_FOO_FREECTX: + foo->freectx = OSSL_FUNC_foo_freectx(fns); + break; + } + } + foo->prov = prov; + if (prov) + ossl_provider_up_ref(prov); + + return foo; + } + + EVP_FOO_meth_free(EVP_FOO *foo) + { + if (foo != NULL) { + OSSL_PROVIDER *prov = foo->prov; + + OPENSSL_free(foo); + ossl_provider_free(prov); + } + } + + static void *foo_from_algorithm(const OSSL_DISPATCH *fns, + OSSL_PROVIDER *prov) + { + return EVP_FOO_meth_from_algorithm(fns, prov); + } + + static int foo_up_ref(void *vfoo) + { + EVP_FOO *foo = vfoo; + int ref = 0; + + CRYPTO_UP_REF(&foo->refcnt, &ref, foo_lock); + return 1; + } + + static void foo_free(void *vfoo) + { + EVP_FOO_meth_free(vfoo); + } + + EVP_FOO *EVP_FOO_fetch(OSSL_LIB_CTX *ctx, + const char *name, + const char *properties) + { + EVP_FOO *foo = + evp_generic_fetch(ctx, OSSL_OP_FOO, name, properties, + foo_from_algorithm, foo_up_ref, foo_free); + + /* + * If this method exists in legacy form, with a constant NID for the + * given |name|, this is the spot to find that NID and set it in + * the newly constructed EVP_FOO instance. + */ + + return foo; + + } + +And finally, the library functions: + + /* typedef struct evp_foo_st EVP_FOO_CTX */ + struct evp_foo_ctx_st { + const EVP_FOO *foo; + void *provctx; /* corresponding provider context */ + }; + + int EVP_FOO_CTX_reset(EVP_FOO_CTX *c) + { + if (c == NULL) + return 1; + if (c->foo != NULL && c->foo->cleanctx != NULL) + c->foo->cleanctx(c->provctx); + return 1; + } + + EVP_FOO_CTX *EVP_FOO_CTX_new(void) + { + return OPENSSL_zalloc(sizeof(EVP_FOO_CTX)); + } + + void EVP_FOO_CTX_free(EVP_FOO_CTX *c) + { + EVP_FOO_CTX_reset(c); + c->foo->freectx(c->provctx); + OPENSSL_free(c); + } + + int EVP_FooInit(EVP_FOO_CTX *c, const EVP_FOO *foo) + { + int ok = 1; + + c->foo = foo; + if (c->provctx == NULL) + c->provctx = c->foo->newctx(); + + ok = c->foo->init(c->provctx); + + return ok; + } + + int EVP_FooOperate(EVP_FOO_CTX *c, unsigned char *out, size_t *outl, + const unsigned char *in, size_t inl) + { + int ok = 1; + + ok = c->foo->update(c->provctx, out, inl, &outl, in, inl); + return ok; + } + +=head1 SEE ALSO + +L + +=head1 HISTORY + +The functions described here were all added in OpenSSL 3.0. + +=head1 COPYRIGHT + +Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved. + +Licensed under the Apache License 2.0 (the "License"). You may not use +this file except in compliance with the License. You can obtain a copy +in the file LICENSE in the source distribution or at +L. + +=cut diff --git a/deps/openssl/openssl/doc/internal/man3/evp_keymgmt_newdata.pod b/deps/openssl/openssl/doc/internal/man3/evp_keymgmt_newdata.pod new file mode 100644 index 00000000000000..9b3f2c55f160d2 --- /dev/null +++ b/deps/openssl/openssl/doc/internal/man3/evp_keymgmt_newdata.pod @@ -0,0 +1,88 @@ +=pod + +=head1 NAME + +evp_keymgmt_newdata, evp_keymgmt_freedata, +evp_keymgmt_get_params, +evp_keymgmt_has, evp_keymgmt_validate, +evp_keymgmt_import, evp_keymgmt_import_types, +evp_keymgmt_export, evp_keymgmt_export_types +- internal KEYMGMT interface functions + +=head1 SYNOPSIS + + #include "crypto/evp.h" + + void *evp_keymgmt_newdata(const EVP_KEYMGMT *keymgmt); + void evp_keymgmt_freedata(const EVP_KEYMGMT *keymgmt, void *keyddata); + int evp_keymgmt_get_params(const EVP_KEYMGMT *keymgmt, + void *keydata, OSSL_PARAM params[]); + + int evp_keymgmt_has(const EVP_KEYMGMT *keymgmt, void *keyddata, int selection); + int evp_keymgmt_validate(const EVP_KEYMGMT *keymgmt, void *keydata, + int selection); + + int evp_keymgmt_import(const EVP_KEYMGMT *keymgmt, void *keydata, + int selection, const OSSL_PARAM params[]); + const OSSL_PARAM *evp_keymgmt_import_types(const EVP_KEYMGMT *keymgmt, + int selection); + int evp_keymgmt_export(const EVP_KEYMGMT *keymgmt, void *keydata, + int selection, OSSL_CALLBACK *param_cb, void *cbarg); + const OSSL_PARAM *evp_keymgmt_export_types(const EVP_KEYMGMT *keymgmt, + int selection); + +=head1 DESCRIPTION + +All these functions are helpers to call the provider's corresponding +function. They all have in common that they take a B as +first argument, which they also retrieve a provider context from when +needed. The rest of the arguments are simply passed on to the +function they wrap around. + +evp_keymgmt_newdata() calls the method's new() function. + +evp_keymgmt_freedata() calls the method's free() function. + +(the name evp_keymgmt_freedata() was chosen to avoid a clash with +EVP_KEYMGMT_free() on case insensitive systems, the name +evp_keymgmt_newdata() was chosen for consistency) + +evp_keymgmt_get_params() calls the method's get_params() function. + +evp_keymgmt_has() calls the method's has() function. + +evp_keymgmt_validate() calls the method's validate() function. + +evp_keymgmt_import() calls the method's import() function. + +evp_keymgmt_import_types() calls the method's import_types() function. + +evp_keymgmt_export() calls the method's export() function. + +evp_keymgmt_export_types() calls the method's export_types() function. + +=head1 RETURN VALUES + +evp_keymgmt_newdata() returns a pointer to a provider side key object, +or NULL on error. + +evp_keymgmt_import_types(), and evp_keymgmt_export_types() return a parameter +descriptor for importing and exporting key data, or NULL if there are no such +descriptors. + +All other functions return 1 on success and 0 on error. + +=head1 HISTORY + +The functions described here were all added in OpenSSL 3.0. + +=head1 COPYRIGHT + +Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. + +Licensed under the Apache License 2.0 (the "License"). You may not use +this file except in compliance with the License. You can obtain a copy +in the file LICENSE in the source distribution or at +L. + +=cut diff --git a/deps/openssl/openssl/doc/internal/man3/evp_keymgmt_util_export_to_provider.pod b/deps/openssl/openssl/doc/internal/man3/evp_keymgmt_util_export_to_provider.pod new file mode 100644 index 00000000000000..7099e449647312 --- /dev/null +++ b/deps/openssl/openssl/doc/internal/man3/evp_keymgmt_util_export_to_provider.pod @@ -0,0 +1,106 @@ +=pod + +=head1 NAME + +evp_keymgmt_util_export, +evp_keymgmt_util_export_to_provider, +evp_keymgmt_util_find_operation_cache, +evp_keymgmt_util_clear_operation_cache, +evp_keymgmt_util_cache_keydata, +evp_keymgmt_util_cache_keyinfo, +evp_keymgmt_util_fromdata, +OP_CACHE_ELEM +- internal KEYMGMT utility functions + +=head1 SYNOPSIS + + #include "crypto/evp.h" + + typedef struct OP_CACHE_ELEM; + + int evp_keymgmt_util_export(const EVP_PKEY *pk, int selection, + OSSL_CALLBACK *export_cb, void *export_cbarg); + void *evp_keymgmt_util_export_to_provider(EVP_PKEY *pk, EVP_KEYMGMT *keymgmt, + int selection); + OP_CACHE_ELEM *evp_keymgmt_util_find_operation_cache(EVP_PKEY *pk, + EVP_KEYMGMT *keymgmt, + int selection); + int evp_keymgmt_util_clear_operation_cache(EVP_PKEY *pk, int locking); + int evp_keymgmt_util_cache_keydata(EVP_PKEY *pk, EVP_KEYMGMT *keymgmt, + void *keydata, int selection); + void evp_keymgmt_util_cache_keyinfo(EVP_PKEY *pk); + void *evp_keymgmt_util_fromdata(EVP_PKEY *target, EVP_KEYMGMT *keymgmt, + int selection, const OSSL_PARAM params[]); + +=head1 DESCRIPTION + +evp_keymgmt_util_export() calls L with the +I and I from I. This is used as a +helper for L. + +evp_keymgmt_util_export_to_provider() exports cached key material +(provider side key material) from the given key I to a provider +via a B interface, if this hasn't already been done. +It maintains a cache of provider key references in I to keep track +of all provider side keys. + +To export a legacy key, use L instead, +as this function ignores any legacy key data. + +evp_keymgmt_util_find_operation_cache() finds +I in I's cache of provided keys for operations. +It should only be called while holding I's lock (read or write). + +evp_keymgmt_util_clear_operation_cache() can be used to explicitly +clear the cache of operation key references. If I is set to 1 then +then I's lock will be obtained while doing the clear. Otherwise it will be +assumed that the lock has already been obtained or is not required. + +evp_keymgmt_util_cache_keydata() can be used to add a provider key +object to a B. + +evp_keymgmt_util_cache_keyinfo() can be used to get all kinds of +information from the provvider "origin" and save it in I's +information cache. + +evp_keymgmt_util_fromdata() can be used to add key object data to a +given key I via a B interface. This is used as a +helper for L. + +In all functions that take a I argument, the selection is used to +constraint the information requested on export. It is also used in the cache +so that key data is guaranteed to contain all the information requested in +the selection. + +=head1 RETURN VALUES + +evp_keymgmt_export_to_provider() and evp_keymgmt_util_fromdata() +return a pointer to the appropriate provider side key (created or +found again), or NULL on error. + +evp_keymgmt_util_find_operation_cache() returns a pointer to the +operation cache slot. If I is NULL, or if there is no slot +with a match for I, NULL is returned. + +evp_keymgmt_util_cache_keydata() and evp_keymgmt_util_clear_operation_cache() +return 1 on success or 0 otherwise. + +=head1 NOTES + +"Legacy key" is the term used for any key that has been assigned to an +B with EVP_PKEY_assign_RSA() and similar functions. + +=head1 SEE ALSO + +L, L + +=head1 COPYRIGHT + +Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved. + +Licensed under the Apache License 2.0 (the "License"). You may not use +this file except in compliance with the License. You can obtain a copy +in the file LICENSE in the source distribution or at +L. + +=cut diff --git a/deps/openssl/openssl/doc/internal/man3/evp_md_get_number.pod b/deps/openssl/openssl/doc/internal/man3/evp_md_get_number.pod new file mode 100644 index 00000000000000..1f913551aad61e --- /dev/null +++ b/deps/openssl/openssl/doc/internal/man3/evp_md_get_number.pod @@ -0,0 +1,112 @@ +=pod + +=head1 NAME + +ossl_decoder_get_number, evp_md_get_number, evp_cipher_get_number, +evp_mac_get_number, evp_rand_get_number, evp_keymgmt_get_number, +evp_signature_get_number, evp_asym_cipher_get_number, evp_kem_get_number, +evp_keyexch_get_number, evp_kdf_get_number, ossl_encoder_get_number, +ossl_store_loader_get_number - EVP get internal identification numbers + +=head1 SYNOPSIS + + #include "crypto/evp.h" + + int evp_asym_cipher_get_number(const EVP_ASYM_CIPHER *cipher); + int evp_cipher_get_number(const EVP_CIPHER *e); + int evp_kdf_get_number(const EVP_KDF *kdf); + int evp_kem_get_number(const EVP_KEM *kem); + int evp_keyexch_get_number(const EVP_KEYEXCH *exchange); + int evp_keymgmt_get_number(const EVP_KEYMGMT *keymgmt); + int evp_mac_get_number(const EVP_MAC *mac); + int evp_md_get_number(const EVP_MD *md); + int evp_rand_get_number(const EVP_RAND *rand); + int evp_signature_get_number(const EVP_SIGNATURE *signature); + int ossl_decoder_get_number(const OSSL_DECODER *decoder); + int ossl_encoder_get_number(const OSSL_ENCODER *encoder); + int ossl_store_loader_get_number(const OSSL_STORE_LOADER *loader); + +=head1 DESCRIPTION + +All provided algorithms get an associated integer identification number. +This number is dynamic and should be expected to vary from run to run. +These numbers should only be considered to be unique per provider per +library context. + +=over 4 + +=item evp_asym_cipher_get_number() + +Returns the internal dynamic number assigned to I. + +=item evp_cipher_get_number() + +Returns the internal dynamic number assigned to the I. This is only +useful with fetched Bs. + +=item evp_kdf_get_number() + +Keturns the internal dynamic number assigned to I. + +=item evp_kem_get_number() + +Returns the internal dynamic number assigned to I. + +=item evp_keyexch_get_number() + +Returns the internal dynamic number assigned to the I. + +=item evp_keymgmt_get_number() + +Returns the internal dynamic number assigned to the I. + +=item evp_mac_get_number() + +Returns the internal dynamic number assigned to I. + +=item evp_md_get_number() + +Returns the internal dynamic number assigned to the I. This is +only useful with fetched Bs. + +=item evp_rand_get_number() + +Returns the internal dynamic number assigned to I. + +=item evp_signature_get_number() + +Returns the internal dynamic number assigned to I. + +=item ossl_decoder_get_number() + +Returns the internal dynamic number assigned to the given I. + +=item ossl_encoder_get_number() + +Returns the internal dynamic number assigned to the given I. + +=item ossl_store_loader_get_number() + +Returns the internal dynamic number assigned to the given I. + +=back + +=head1 RETURN VALUES + +All of these functions return the provider specific identification number +for the specified algorithm. + +=head1 HISTORY + +This functionality was added to OpenSSL 3.0. + +=head1 COPYRIGHT + +Copyright 2021 The OpenSSL Project Authors. All Rights Reserved. + +Licensed under the Apache License 2.0 (the "License"). You may not use +this file except in compliance with the License. You can obtain a copy +in the file LICENSE in the source distribution or at +L. + +=cut diff --git a/deps/openssl/openssl/doc/internal/man3/evp_pkey_export_to_provider.pod b/deps/openssl/openssl/doc/internal/man3/evp_pkey_export_to_provider.pod new file mode 100644 index 00000000000000..44efbbe2668f0d --- /dev/null +++ b/deps/openssl/openssl/doc/internal/man3/evp_pkey_export_to_provider.pod @@ -0,0 +1,80 @@ +=pod + +=head1 NAME + +evp_pkey_export_to_provider, evp_pkey_copy_downgraded, evp_pkey_get_legacy +- internal EVP_PKEY support functions for providers + +=head1 SYNOPSIS + + /* Only for EVP source */ + #include "evp_local.h" + + void *evp_pkey_export_to_provider(EVP_PKEY *pk, OSSL_LIB_CTX *libctx, + EVP_KEYMGMT **keymgmt, + const char *propquery); + int evp_pkey_copy_downgraded(EVP_PKEY **dest, const EVP_PKEY *src); + void *evp_pkey_get_legacy(EVP_PKEY *pk); + +=head1 DESCRIPTION + +This manual uses the term "origin", which is explained in internal +L. + +evp_pkey_export_to_provider() exports the "origin" key contained in I +to its operation cache to make it suitable for an B given either +with I<*keymgmt> or with an implicit fetch using I (NULL means the +default context), the name of the legacy type of I, and the I +(NULL means the default property query settings). + +If I isn't NULL but I<*keymgmt> is, and the "origin" was successfully +exported, then I<*keymgmt> is assigned the implicitly fetched B. + +evp_pkey_copy_downgraded() makes a copy of I in legacy form into I<*dest>, +if there's a corresponding legacy implementation. This should be used if the +use of a downgraded key is temporary. +For example, L uses this to try its +best to get "traditional" PEM output even if the input B has a +provider-native internal key. + +evp_pkey_get_legacy() obtains and returns a legacy key structure. If the +EVP_PKEY already contains a legacy key then it is simply returned. If it is a +provider based key, then a new legacy key is constructed based on the provider +key. The legacy key is cached inside the EVP_PKEY and its value returned from +this function. Subsequent calls to evp_pkey_get_legacy() will return the cached +key. Subsequent changes to the provider key are not reflected back in the +legacy key. Similarly changes to the legacy key are not reflected back in the +provider key. + +=head1 RETURN VALUES + +evp_pkey_export_to_provider() returns the provider key data if there was any +allocated. It also either sets I<*keymgmt> to the B associated +with the returned key data, or NULL on error. + +evp_pkey_get_legacy() returns the legacy key or NULL on error. + +=head1 NOTES + +Some functions calling evp_pkey_export_to_provider() may have received a const +key, and may therefore have to cast the key to non-const form to call this +function. Since B is always dynamically allocated, this is OK. + +=head1 SEE ALSO + +L, L + +=head1 HISTORY + +The functions described here were all added in OpenSSL 3.0. + +=head1 COPYRIGHT + +Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved. + +Licensed under the Apache License 2.0 (the "License"). You may not use +this file except in compliance with the License. You can obtain a copy +in the file LICENSE in the source distribution or at +L. + +=cut diff --git a/deps/openssl/openssl/doc/internal/man3/evp_pkey_get1_ED25519.pod b/deps/openssl/openssl/doc/internal/man3/evp_pkey_get1_ED25519.pod new file mode 100644 index 00000000000000..37b41e4591667e --- /dev/null +++ b/deps/openssl/openssl/doc/internal/man3/evp_pkey_get1_ED25519.pod @@ -0,0 +1,43 @@ +=pod + +=head1 NAME + +evp_pkey_get1_ED25519, evp_pkey_get1_ED448, +evp_pkey_get1_X25519, evp_pkey_get1_X448 +- internal ECX from EVP_PKEY getter functions + +=head1 SYNOPSIS + + #include "internal/evp.h" + + ECX_KEY *evp_pkey_get1_ED25519(EVP_PKEY *pkey); + ECX_KEY *evp_pkey_get1_ED448(EVP_PKEY *pkey); + ECX_KEY *evp_pkey_get1_X25519(EVP_PKEY *pkey); + ECX_KEY *evp_pkey_get1_X448(EVP_PKEY *pkey); + +=head1 DESCRIPTION + +evp_pkey_get1_ED25519(), evp_pkey_get1_ED448(), evp_pkey_get1_X25519() and +evp_pkey_get1_X448() return the referenced key in I or NULL if the key +is not of the correct type. The returned key must be freed after use. + +=head1 RETURN VALUES + +evp_pkey_get1_ED25519(), evp_pkey_get1_ED448(), evp_pkey_get1_X25519() and +evp_pkey_get1_X448() return the referenced key or NULL if an error +occurred. + +=head1 HISTORY + +This functionality was added to OpenSSL 3.0. + +=head1 COPYRIGHT + +Copyright 2020 The OpenSSL Project Authors. All Rights Reserved. + +Licensed under the Apache License 2.0 (the "License"). You may not use this +file except in compliance with the License. You can obtain a copy in the file +LICENSE in the source distribution or at +L. + +=cut diff --git a/deps/openssl/openssl/doc/internal/man3/ossl_DER_w_begin_sequence.pod b/deps/openssl/openssl/doc/internal/man3/ossl_DER_w_begin_sequence.pod new file mode 100644 index 00000000000000..b78056f6e121c3 --- /dev/null +++ b/deps/openssl/openssl/doc/internal/man3/ossl_DER_w_begin_sequence.pod @@ -0,0 +1,48 @@ +=pod + +=head1 NAME + +ossl_DER_w_begin_sequence, ossl_DER_w_end_sequence +- internal DER writers for DER constructed elements + +=head1 SYNOPSIS + + #include "internal/der.h" + + int ossl_DER_w_begin_sequence(WPACKET *pkt, int tag); + int ossl_DER_w_end_sequence(WPACKET *pkt, int tag); + +=head1 DESCRIPTION + +All functions described here are wrappers for constructed structures, +i.e. the ASN.1 SEQUENCE, SET and CHOICE specifications. They all come +in pairs, as noted by the function names containing the words C +and B. + +When using these, special care must be taken to ensure that the ASN.1 tag +value I is the same in the matching C and C function calls. + +ossl_DER_w_begin_sequence() and ossl_DER_w_end_sequence() begins and ends a +SEQUENCE. + +=head1 RETURN VALUES + +All the functions return 1 on success and 0 on failure. Failure may +mean that the buffer held by the I is too small, but may also +mean that the values given to the functions are invalid, such as the provided +I value being too large for the implementation. + +=head1 SEE ALSO + +L + +=head1 COPYRIGHT + +Copyright 2020 The OpenSSL Project Authors. All Rights Reserved. + +Licensed under the Apache License 2.0 (the "License"). You may not use +this file except in compliance with the License. You can obtain a copy +in the file LICENSE in the source distribution or at +L. + +=cut diff --git a/deps/openssl/openssl/doc/internal/man3/ossl_DER_w_bn.pod b/deps/openssl/openssl/doc/internal/man3/ossl_DER_w_bn.pod new file mode 100644 index 00000000000000..49644ffd058f96 --- /dev/null +++ b/deps/openssl/openssl/doc/internal/man3/ossl_DER_w_bn.pod @@ -0,0 +1,66 @@ +=pod + +=head1 NAME + +ossl_DER_w_boolean, ossl_DER_w_uint32, ossl_DER_w_bn, ossl_DER_w_null, +ossl_DER_w_octet_string, ossl_DER_w_octet_string_uint32 +- internal DER writers for DER primitives + +=head1 SYNOPSIS + + #include "internal/der.h" + + int ossl_DER_w_boolean(WPACKET *pkt, int tag, int b); + int ossl_DER_w_uint32(WPACKET *pkt, int tag, uint32_t v); + int ossl_DER_w_bn(WPACKET *pkt, int tag, const BIGNUM *v); + int ossl_DER_w_null(WPACKET *pkt, int tag); + int ossl_DER_w_octet_string(WPACKET *pkt, int tag, + const unsigned char *data, size_t data_n); + int ossl_DER_w_octet_string_uint32(WPACKET *pkt, int tag, uint32_t value); + +=head1 DESCRIPTION + +All functions described here behave the same way, they prepend +(remember that DER writers are used backwards) the DER encoding of +their respective value to the already written output buffer held by +I. + +ossl_DER_w_boolean() writes the primitive BOOLEAN using the value I. +Any value that evaluates as true will render a B BOOLEAN, +otherwise a B BOOLEAN. + +ossl_DER_w_uint32() and ossl_DER_w_bn() both write the primitive INTEGER using +the value I. + +=for comment Other similar functions for diverse C integers should be +added. + +ossl_DER_w_null() writes the primitive NULL. + +ossl_DER_w_octet_string() writes the primitive OCTET STRING using the bytes +from I with a length of I. + +ossl_DER_w_octet_string_uint32() writes the primitive OCTET STRING using a +32 bit value in I. + +=head1 RETURN VALUES + +All the functions return 1 on success and 0 on failure. Failure may +mean that the buffer held by the I is too small, but may also +mean that the values given to the functions are invalid, such as the provided +I value being too large for the implementation. + +=head1 SEE ALSO + +L + +=head1 COPYRIGHT + +Copyright 2020-2022 The OpenSSL Project Authors. All Rights Reserved. + +Licensed under the Apache License 2.0 (the "License"). You may not use +this file except in compliance with the License. You can obtain a copy +in the file LICENSE in the source distribution or at +L. + +=cut diff --git a/deps/openssl/openssl/doc/internal/man3/ossl_DER_w_precompiled.pod b/deps/openssl/openssl/doc/internal/man3/ossl_DER_w_precompiled.pod new file mode 100644 index 00000000000000..aa7fa3930f8907 --- /dev/null +++ b/deps/openssl/openssl/doc/internal/man3/ossl_DER_w_precompiled.pod @@ -0,0 +1,48 @@ +=pod + +=head1 NAME + +ossl_DER_w_precompiled +- internal DER writers for precompiled DER blobs + +=head1 SYNOPSIS + + #include "internal/der.h" + + int ossl_DER_w_precompiled(WPACKET *pkt, int tag, + const unsigned char *precompiled, + size_t precompiled_n); + +=head1 DESCRIPTION + +There may be already existing DER blobs that can simply be copied to +the buffer held by I. For example, precompiled values, such as +OIDs (for example, C) or complete AlgorithmIdentifiers +(for example, C). To add those as an element in a +structure being DER encoded, use ossl_DER_w_precompiled(). + +ossl_DER_w_precompiled() will simply take the DER encoded blob given as +I with length I and add it to the buffer +held by I. + +=head1 RETURN VALUES + +ossl_DER_w_precompiled() returns 1 on success and 0 on failure. Failure +may mean that the buffer held by the I is too small, but may also +mean that the values given to the functions are invalid, such as the provided +I value being too large for the implementation. + +=head1 SEE ALSO + +L + +=head1 COPYRIGHT + +Copyright 2020 The OpenSSL Project Authors. All Rights Reserved. + +Licensed under the Apache License 2.0 (the "License"). You may not use +this file except in compliance with the License. You can obtain a copy +in the file LICENSE in the source distribution or at +L. + +=cut diff --git a/deps/openssl/openssl/doc/internal/man3/ossl_algorithm_do_all.pod b/deps/openssl/openssl/doc/internal/man3/ossl_algorithm_do_all.pod new file mode 100644 index 00000000000000..7a321d492a0463 --- /dev/null +++ b/deps/openssl/openssl/doc/internal/man3/ossl_algorithm_do_all.pod @@ -0,0 +1,63 @@ +=pod + +=head1 NAME + +ossl_algorithm_do_all - generic algorithm implementation iterator + +=head1 SYNOPSIS + + void ossl_algorithm_do_all(OSSL_LIB_CTX *libctx, int operation_id, + OSSL_PROVIDER *provider, + void (*fn)(OSSL_PROVIDER *provider, + const OSSL_ALGORITHM *algo, + int no_store, void *data), + void *data); + +=head1 DESCRIPTION + +ossl_algorithm_do_all() looks up every algorithm it can find, given a +library context I, an operation identity I and a +provider I. +I may be NULL to signify that the default library context should +be used. +I may be zero to signify that all kinds of operations +will be looked up. +I may be NULL to signify that all loaded providers will be +queried. + +For each implementation found, the function I is called with the +I for the implementation, the algorithm descriptor I, +the flag I indicating whether the algorithm descriptor may +be remembered or not, and the caller I that was passed to +ossl_algorithm_do_all(). + +=head1 RETURN VALUES + +ossl_algorithm_do_all() doesn't return any value. + +=head1 NOTES + +The function described here are mainly useful for discovery, and +possibly display of what has been discovered, for example an +application that wants to display the loaded providers and what they +may offer, but also for constructors, such as +L. + +=head1 SEE ALSO + +L, L + +=head1 HISTORY + +This functionality was added to OpenSSL 3.0. + +=head1 COPYRIGHT + +Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. + +Licensed under the Apache License 2.0 (the "License"). You may not use this +file except in compliance with the License. You can obtain a copy in the file +LICENSE in the source distribution or at +L. + +=cut diff --git a/deps/openssl/openssl/doc/internal/man3/ossl_cmp_X509_STORE_add1_certs.pod b/deps/openssl/openssl/doc/internal/man3/ossl_cmp_X509_STORE_add1_certs.pod new file mode 100644 index 00000000000000..97304ee40d920a --- /dev/null +++ b/deps/openssl/openssl/doc/internal/man3/ossl_cmp_X509_STORE_add1_certs.pod @@ -0,0 +1,44 @@ +=pod + +=head1 NAME + +ossl_cmp_X509_STORE_add1_certs, +ossl_cmp_X509_STORE_get1_certs +- functions manipulating stores of certificates + +=head1 SYNOPSIS + + #include + + int ossl_cmp_X509_STORE_add1_certs(X509_STORE *store, STACK_OF(X509) *certs, + int only_self_signed); + STACK_OF(X509) *ossl_cmp_X509_STORE_get1_certs(X509_STORE *store); + +=head1 DESCRIPTION + +ossl_cmp_X509_STORE_add1_certs() adds all or only self-signed certificates from +the given stack to given store. The I parameter may be NULL. + +ossl_cmp_X509_STORE_get1_certs() retrieves a copy of all certificates in the +given store. + +=head1 RETURN VALUES + +ossl_cmp_X509_STORE_add1_certs() returns 1 on success, 0 on error. + +ossl_cmp_X509_STORE_get1_certs() returns a list of certificates, NULL on error. + +=head1 HISTORY + +The OpenSSL CMP support was added in OpenSSL 3.0. + +=head1 COPYRIGHT + +Copyright 2007-2020 The OpenSSL Project Authors. All Rights Reserved. + +Licensed under the Apache License 2.0 (the "License"). You may not use +this file except in compliance with the License. You can obtain a copy +in the file LICENSE in the source distribution or at +L. + +=cut diff --git a/deps/openssl/openssl/doc/internal/man3/ossl_cmp_asn1_octet_string_set1.pod b/deps/openssl/openssl/doc/internal/man3/ossl_cmp_asn1_octet_string_set1.pod new file mode 100644 index 00000000000000..a154cda1c989ff --- /dev/null +++ b/deps/openssl/openssl/doc/internal/man3/ossl_cmp_asn1_octet_string_set1.pod @@ -0,0 +1,45 @@ +=pod + +=head1 NAME + +ossl_cmp_asn1_octet_string_set1, +ossl_cmp_asn1_octet_string_set1_bytes +- ASN.1 octet string utility functions + +=head1 SYNOPSIS + + #include "cmp_local.h" + + int ossl_cmp_asn1_octet_string_set1(ASN1_OCTET_STRING **tgt, + const ASN1_OCTET_STRING *src); + int ossl_cmp_asn1_octet_string_set1_bytes(ASN1_OCTET_STRING **tgt, + const unsigned char *bytes, int len); + +=head1 DESCRIPTION + +ossl_cmp_asn1_octet_string_set1() frees any previous value of the variable +referenced via the I argument and assigns either a copy of +the ASN1_OCTET_STRING given as the I argument or NULL. + +ossl_cmp_asn1_octet_string_set1_bytes() frees any previous value of the variable +referenced via the I argument and assigns either a copy of the given byte +string (with the given length) or NULL. + +=head1 RETURN VALUES + +All functions return 1 on success, 0 on error. + +=head1 HISTORY + +The OpenSSL CMP support was added in OpenSSL 3.0. + +=head1 COPYRIGHT + +Copyright 2007-2020 The OpenSSL Project Authors. All Rights Reserved. + +Licensed under the Apache License 2.0 (the "License"). You may not use +this file except in compliance with the License. You can obtain a copy +in the file LICENSE in the source distribution or at +L. + +=cut diff --git a/deps/openssl/openssl/doc/internal/man3/ossl_cmp_certreq_new.pod b/deps/openssl/openssl/doc/internal/man3/ossl_cmp_certreq_new.pod new file mode 100644 index 00000000000000..37a234066d3685 --- /dev/null +++ b/deps/openssl/openssl/doc/internal/man3/ossl_cmp_certreq_new.pod @@ -0,0 +1,178 @@ +=pod + +=head1 NAME + +ossl_cmp_certreq_new, +ossl_cmp_certrep_new, +ossl_cmp_rr_new, +ossl_cmp_rp_new, +ossl_cmp_certConf_new, +ossl_cmp_pkiconf_new, +ossl_cmp_pollReq_new, +ossl_cmp_pollRep_new, +ossl_cmp_genm_new, +ossl_cmp_genp_new, +ossl_cmp_error_new +- functions for generating CMP messages + +=head1 SYNOPSIS + + #include "cmp_local.h" + + OSSL_ossl_cmp_MSG *ossl_cmp_certreq_new(OSSL_CMP_CTX *ctx, int bodytype, + const OSSL_CRMF_MSG *crm); + OSSL_CMP_MSG *ossl_cmp_certrep_new(OSSL_CMP_CTX *ctx, int bodytype, + int certReqId, const OSSL_CMP_PKISI *si, + X509 *cert, const X509 *encryption_recip, + STACK_OF(X509) *chain, STACK_OF(X509) *caPubs, + int unprotectedErrors); + OSSL_CMP_MSG *ossl_cmp_rr_new(OSSL_CMP_CTX *ctx); + OSSL_CMP_MSG *ossl_cmp_rp_new(OSSL_CMP_CTX *ctx, const OSSL_CMP_PKISI *si, + const OSSL_CRMF_CERTID *cid, + int unprotectedErrors); + OSSL_CMP_MSG *ossl_cmp_certConf_new(OSSL_CMP_CTX *ctx, int certReqId, + int fail_info, const char *text); + OSSL_CMP_MSG *ossl_cmp_pkiconf_new(OSSL_CMP_CTX *ctx); + OSSL_CMP_MSG *ossl_cmp_pollReq_new(OSSL_CMP_CTX *ctx, int crid); + OSSL_CMP_MSG *ossl_cmp_pollRep_new(OSSL_CMP_CTX *ctx, int crid, int poll_after); + OSSL_CMP_MSG *ossl_cmp_genm_new(OSSL_CMP_CTX *ctx); + OSSL_CMP_MSG *ossl_cmp_genp_new(OSSL_CMP_CTX *ctx); + OSSL_CMP_MSG *ossl_cmp_error_new(OSSL_CMP_CTX *ctx, const OSSL_CMP_PKISI *si, + int64_t errorCode, const char *details, + int unprotected); + +=head1 DESCRIPTION + +This is the internal API for creating various CMP PKIMESSAGES. +All functions are based on L. +The allocate a new message, fill it with the relevant data derived from +the given B, and create the applicable protection. + +ossl_cmp_certreq_new() creates a PKIMessage for requesting a certificate, +which can be either of IR/CR/KUR/P10CR, depending on the given I. +The CRMF message to use may be given explicitly via a non-NULL I argument, +otherwise it is created from the information in the I. + +Available CMP certificate request PKIMessage Is are: + +=over 4 + +=item * B - Initialization Request + +=item * B - Certification Request + +=item * B - PKCS#10 Certification Request + +=item * B - Key Update Request + +=back + +ossl_cmp_certrep_new() creates a PKIMessage for certificate response, +which can be either of IP/CP/KUP, depending on the given I, +with the given I and I values and optionally with I, +I, and I. The I, I, and I arguments +are not consumed if present but their internal reference counter is increased. +The I is currently unsupported. +The function does not protect the message if the B value in I +is B and I is nonzero. + +Available CMP certificate response PKIMessage Is are: + +=over 4 + +=item * B - Initialization Response + +=item * B - Certification Response + +=item * B - Key Update Response + +=back + +The list of all CMP PKIMessage Is is: + + #define OSSL_CMP_PKIBODY_IR 0 + #define OSSL_CMP_PKIBODY_IP 1 + #define OSSL_CMP_PKIBODY_CR 2 + #define OSSL_CMP_PKIBODY_CP 3 + #define OSSL_CMP_PKIBODY_P10CR 4 + #define OSSL_CMP_PKIBODY_POPDECC 5 + #define OSSL_CMP_PKIBODY_POPDECR 6 + #define OSSL_CMP_PKIBODY_KRR 9 + #define OSSL_CMP_PKIBODY_KRP 10 + #define OSSL_CMP_PKIBODY_RR 11 + #define OSSL_CMP_PKIBODY_RP 12 + #define OSSL_CMP_PKIBODY_CCR 13 + #define OSSL_CMP_PKIBODY_CCP 14 + #define OSSL_CMP_PKIBODY_CKUANN 15 + #define OSSL_CMP_PKIBODY_CANN 16 + #define OSSL_CMP_PKIBODY_RANN 17 + #define OSSL_CMP_PKIBODY_CRLANN 18 + #define OSSL_CMP_PKIBODY_PKICONF 19 + #define OSSL_CMP_PKIBODY_NESTED 20 + #define OSSL_CMP_PKIBODY_GENM 21 + #define OSSL_CMP_PKIBODY_GENP 22 + #define OSSL_CMP_PKIBODY_ERROR 23 + #define OSSL_CMP_PKIBODY_CERTCONF 24 + #define OSSL_CMP_PKIBODY_POLLREQ 25 + #define OSSL_CMP_PKIBODY_POLLREP 26 + +ossl_cmp_rr_new() creates a Revocation Request message from the +information set via OSSL_CMP_CTX_set1_oldClCert(). + +ossl_cmp_rp_new() creates a Revocation Response message with I and I. +It does not protect the message if the B value in I is B +and I is nonzero. + +ossl_cmp_certConf_new() creates a Certificate Confirmation message for the last +received certificate with the given I. +The PKIStatus defaults to B if the I bit field is 0. +Otherwise it is taken as the failInfo of the PKIStatusInfo, PKIStatus is +set to B, and I is copied to statusString unless it is NULL. + +ossl_cmp_pkiconf_new() creates a PKI Confirmation message. + +ossl_cmp_pollReq_new() creates a Polling Request message with certReqId set to +I. + +ossl_cmp_pollRep_new() creates a Polling Response message with certReqId set to +I and pollAfter to I. + +ossl_cmp_genm_new() creates a new General Message with an empty ITAV stack. + +ossl_cmp_genp_new() creates a new General Response with an empty ITAV stack. + +ossl_cmp_error_new() creates a new Error Message with the given contents +I, I, and optional I
. +If I is positive and in the range of an OpenSSL error code, +the library and reason strings are included in the B field. +If given, the I
are added to the contents of the B field. +The function does not protect the message if I is nonzero. + +=head1 NOTES + +CMP is specified in RFC 4210 (and CRMF in RFC 4211). + +=head1 RETURN VALUES + +All of the functions return a new OSSL_CMP_MSG structure containing +the generated message on success, or NULL on error. + +=head1 SEE ALSO + +L, +L, L + +=head1 HISTORY + +The OpenSSL CMP support was added in OpenSSL 3.0. + +=head1 COPYRIGHT + +Copyright 2007-2023 The OpenSSL Project Authors. All Rights Reserved. + +Licensed under the Apache License 2.0 (the "License"). You may not use +this file except in compliance with the License. You can obtain a copy +in the file LICENSE in the source distribution or at +L. + +=cut diff --git a/deps/openssl/openssl/doc/internal/man3/ossl_cmp_ctx_set1_caPubs.pod b/deps/openssl/openssl/doc/internal/man3/ossl_cmp_ctx_set1_caPubs.pod new file mode 100644 index 00000000000000..f3c45ed56c65ba --- /dev/null +++ b/deps/openssl/openssl/doc/internal/man3/ossl_cmp_ctx_set1_caPubs.pod @@ -0,0 +1,76 @@ +=pod + +=head1 NAME + +ossl_cmp_ctx_set1_caPubs, +ossl_cmp_ctx_set0_validatedSrvCert, +ossl_cmp_ctx_set_status, +ossl_cmp_ctx_set0_statusString, +ossl_cmp_ctx_set_failInfoCode, +ossl_cmp_ctx_set0_newCert, +ossl_cmp_ctx_set1_extraCertsIn, +ossl_cmp_ctx_set1_recipNonce +- internal functions for managing the CMP client context datastructure + +=head1 SYNOPSIS + + #include + + int ossl_cmp_ctx_set1_caPubs(OSSL_CMP_CTX *ctx, STACK_OF(X509) *caPubs); + int ossl_cmp_ctx_set0_validatedSrvCert(OSSL_CMP_CTX *ctx, X509 *cert); + int ossl_cmp_ctx_set_status(OSSL_CMP_CTX *ctx, int status); + int ossl_cmp_ctx_set0_statusString(OSSL_CMP_CTX *ctx, + OSSL_CMP_PKIFREETEXT *text); + int ossl_cmp_ctx_set_failInfoCode(OSSL_CMP_CTX *ctx, int fail_info); + int ossl_cmp_ctx_set0_newCert(OSSL_CMP_CTX *ctx, X509 *cert); + int ossl_cmp_ctx_set1_extraCertsIn(OSSL_CMP_CTX *ctx, + STACK_OF(X509) *extraCertsIn); + int ossl_cmp_ctx_set1_recipNonce(OSSL_CMP_CTX *ctx, + const ASN1_OCTET_STRING *nonce); + +=head1 DESCRIPTION + +ossl_cmp_ctx_set1_caPubs() copies the given stack of CA certificates +to the caPubs field of the context. +The reference counts of those certificates handled successfully are increased. + +ossl_cmp_ctx_set0_validatedSrvCert() sets the validatedSrvCert of the context, +which caches any already validated server cert, or NULL if not available. + +ossl_cmp_ctx_set_status() sets the status field of the context. + +ossl_cmp_ctx_set0_statusString() sets the statusString field of the context. + +ossl_cmp_ctx_set_failInfoCode() sets the error code bits in the failInfoCode +field of the context based on the given OSSL_CMP_PKIFAILUREINFO structure. + +ossl_cmp_ctx_set0_newCert() sets the given (newly enrolled) certificate +in the context. + +ossl_cmp_ctx_set1_extraCertsIn() sets the extraCertsIn field of the context. +The reference counts of those certificates handled successfully are increased. + +ossl_cmp_ctx_set1_recipNonce() sets the given recipient nonce in the context. + +=head1 NOTES + +CMP is defined in RFC 4210 (and CRMF in RFC 4211). + +=head1 RETURN VALUES + +All functions return 1 on success, 0 on error. + +=head1 HISTORY + +The OpenSSL CMP support was added in OpenSSL 3.0. + +=head1 COPYRIGHT + +Copyright 2007-2018 The OpenSSL Project Authors. All Rights Reserved. + +Licensed under the Apache License 2.0 (the "License"). You may not use +this file except in compliance with the License. You can obtain a copy +in the file LICENSE in the source distribution or at +L. + +=cut diff --git a/deps/openssl/openssl/doc/internal/man3/ossl_cmp_hdr_init.pod b/deps/openssl/openssl/doc/internal/man3/ossl_cmp_hdr_init.pod new file mode 100644 index 00000000000000..a0804aa4cf2a46 --- /dev/null +++ b/deps/openssl/openssl/doc/internal/man3/ossl_cmp_hdr_init.pod @@ -0,0 +1,151 @@ +=pod + +=head1 NAME + +ossl_cmp_hdr_set_pvno, +ossl_cmp_hdr_get_pvno, +ossl_cmp_hdr_get_protection_nid, +ossl_cmp_hdr_get0_sendernonce, +ossl_cmp_general_name_is_NULL_DN, +ossl_cmp_hdr_set1_sender, +ossl_cmp_hdr_set1_recipient, +ossl_cmp_hdr_update_messagetime, +ossl_cmp_hdr_set1_senderKID, +ossl_cmp_hdr_push0_freeText, +ossl_cmp_hdr_push1_freeText, +ossl_cmp_hdr_generalinfo_item_push0, +ossl_cmp_hdr_generalinfo_items_push1, +ossl_cmp_hdr_set_implicitConfirm, +ossl_cmp_hdr_has_implicitConfirm, +ossl_cmp_hdr_set_transactionID, +ossl_cmp_hdr_init +- functions handling CMP message headers + +=head1 SYNOPSIS + + #include "cmp_local.h" + + int ossl_cmp_hdr_set_pvno(OSSL_CMP_PKIHEADER *hdr, int pvno); + int ossl_cmp_hdr_get_pvno(const OSSL_CMP_PKIHEADER *hdr); + int ossl_cmp_hdr_get_protection_nid(const OSSL_CMP_PKIHEADER *hdr); + ASN1_OCTET_STRING + *ossl_cmp_hdr_get0_sendernonce(const OSSL_CMP_PKIHEADER *hdr); + int ossl_cmp_general_name_is_NULL_DN(GENERAL_NAME *name); + + int ossl_cmp_hdr_set1_sender(OSSL_CMP_PKIHEADER *hdr, const X509_NAME *nm); + int ossl_cmp_hdr_set1_recipient(OSSL_CMP_PKIHEADER *hdr, const X509_NAME *nm); + int ossl_cmp_hdr_update_messagetime(OSSL_CMP_PKIHEADER *hdr); + int ossl_cmp_hdr_set1_senderKID(OSSL_CMP_PKIHEADER *hdr, + const ASN1_OCTET_STRING *senderKID); + int ossl_cmp_hdr_generalinfo_item_push0(OSSL_CMP_PKIHEADER *hdr, + OSSL_CMP_ITAV *itav); + int ossl_cmp_hdr_generalinfo_items_push1(OSSL_CMP_PKIHEADER *hdr, + STACK_OF(OSSL_CMP_ITAV) *itavs); + int ossl_cmp_hdr_push0_freeText(OSSL_CMP_PKIHEADER *hdr, + ASN1_UTF8STRING *text); + int ossl_cmp_hdr_push1_freeText(OSSL_CMP_PKIHEADER *hdr, + ASN1_UTF8STRING *text); + int ossl_cmp_hdr_set_implicitConfirm(OSSL_CMP_PKIHEADER *hdr); + int ossl_cmp_hdr_has_implicitConfirm(OSSL_CMP_PKIHEADER *hdr); + int ossl_cmp_hdr_set_transactionID(OSSL_CMP_CTX *ctx, OSSL_CMP_PKIHEADER *hdr); + int ossl_cmp_hdr_init(OSSL_CMP_CTX *ctx, OSSL_CMP_PKIHEADER *hdr); + +=head1 DESCRIPTION + +ossl_cmp_hdr_set_pvno() sets hdr->pvno to the given B. + +ossl_cmp_hdr_get_pvno() returns the pvno of the given B or -1 on error. + +ossl_cmp_hdr_get_protection_nid returns the NID of the protection algorithm +in B or NID_undef on error. + +ossl_cmp_hdr_get0_sendernonce() returns the sender nonce of the given PKIHeader. + +ossl_cmp_general_name_is_NULL_DN() determines if the given GENERAL_NAME +is the NULL-DN. + +ossl_cmp_hdr_set1_sender() sets the sender field in the given PKIHeader +to the given X509 Name value, without consuming the pointer. + +ossl_cmp_hdr_set1_recipient() sets the recipient field in the given +PKIHeader to the given X509 Name value, without consuming the pointer. +If B is NULL, recipient is set to the NULL DN (the empty list of strings). + +ossl_cmp_hdr_update_messagetime() (re-)sets the messageTime to the current +system time. As written in RFC 4210, section 5.1.1: +The messageTime field contains the time at which the sender created the message. +This may be useful to allow end entities to correct/check their local time for +consistency with the time on a central system. + +ossl_cmp_hdr_set1_senderKID() Sets hdr->senderKID to the given string. +In an PBMAC-protected IR this usually is a reference number issued by the CA, +else the subject key ID of the sender's protecting certificate. + +ossl_cmp_hdr_push0_freeText() pushes an ASN1_UTF8STRING to +hdr->freeText and consumes the given pointer. + +ossl_cmp_hdr_push1_freeText() pushes an ASN1_UTF8STRING to +hdr->freeText and does not consume the pointer. + +ossl_cmp_hdr_generalinfo_item_push0() adds the given InfoTypeAndValue +item to the hdr->generalInfo stack. Consumes the B pointer. + +ossl_cmp_hdr_generalinfo_items_push1() adds a copy of the B stack to +the generalInfo field of PKIheader of the B. Does not consume the B +pointer. + +ossl_cmp_hdr_set_implicitConfirm() sets implicitConfirm in the generalInfo field +of the PKIMessage header. + +ossl_cmp_hdr_has_implicitConfirm() returns 1 if implicitConfirm is +set int generalInfo field of the given PKIMessage header, 0 if not. + +ossl_cmp_hdr_set_transactionID() sets the B field in C. +In case ctx->transactionID is NULL, it starts a new transaction +by creating and storing a new random valuee with 128 bits length. + +ossl_cmp_hdr_init() initializes a PKIHeader structure based on the +values in the given OSSL_CMP_CTX structure. +This starts a new transaction in case ctx->transactionID is NULL. +The sender name is copied from the subject of the client cert, if any, +or else from the subject name provided for certification requests. +As required by RFC 4210 section 5.1.1., if the sender name is not known +to the client it set to the NULL-DN. In this case for identification at least +the senderKID must be set, which we take from any referenceValue provided. + +=head1 NOTES + +CMP is defined in RFC 4210 (and CRMF in RFC 4211). + +=head1 RETURN VALUES + +ossl_cmp_hdr_get_pvno() returns the pvno of the given B or -1 on error. + +ossl_cmp_hdr_get_protection_nid returns the respective NID, NID_undef on error. + +ossl_cmp_hdr_get0_sendernonce() returns the respective nonce, or NULL. + +ossl_cmp_general_name_is_NULL_DN() returns 1 given a NULL-DN, else 0. + +All other functions return 1 on success, 0 on error. + +See the individual functions above. + +=head1 SEE ALSO + +L + +=head1 HISTORY + +The OpenSSL CMP support was added in OpenSSL 3.0. + +=head1 COPYRIGHT + +Copyright 2007-2021 The OpenSSL Project Authors. All Rights Reserved. + +Licensed under the Apache License 2.0 (the "License"). You may not use +this file except in compliance with the License. You can obtain a copy +in the file LICENSE in the source distribution or at +L. + +=cut diff --git a/deps/openssl/openssl/doc/internal/man3/ossl_cmp_mock_srv_new.pod b/deps/openssl/openssl/doc/internal/man3/ossl_cmp_mock_srv_new.pod new file mode 100644 index 00000000000000..7bc449a843526f --- /dev/null +++ b/deps/openssl/openssl/doc/internal/man3/ossl_cmp_mock_srv_new.pod @@ -0,0 +1,89 @@ +=pod + +=head1 NAME + +ossl_cmp_mock_srv_new, +ossl_cmp_mock_srv_free, +ossl_cmp_mock_srv_set1_certOut, +ossl_cmp_mock_srv_set1_chainOut, +ossl_cmp_mock_srv_set1_caPubsOut, +ossl_cmp_mock_srv_set_statusInfo, +ossl_cmp_mock_srv_set_sendError, +ossl_cmp_mock_srv_set_pollCount, +ossl_cmp_mock_srv_set_checkAfterTime +- functions used for testing with CMP mock server + +=head1 SYNOPSIS + + #include "apps/cmp_mock_srv.h" + + OSSL_CMP_SRV_CTX *ossl_cmp_mock_srv_new(OSSL_LIB_CTX *libctx, const char *propq); + void ossl_cmp_mock_srv_free(OSSL_CMP_SRV_CTX *srv_ctx); + + int ossl_cmp_mock_srv_set1_certOut(OSSL_CMP_SRV_CTX *srv_ctx, X509 *cert); + int ossl_cmp_mock_srv_set1_chainOut(OSSL_CMP_SRV_CTX *srv_ctx, + STACK_OF(X509) *chain); + int ossl_cmp_mock_srv_set1_caPubsOut(OSSL_CMP_SRV_CTX *srv_ctx, + STACK_OF(X509) *caPubs); + int ossl_cmp_mock_srv_set_statusInfo(OSSL_CMP_SRV_CTX *srv_ctx, int status, + int fail_info, const char *text); + int ossl_cmp_mock_srv_set_sendError(OSSL_CMP_SRV_CTX *srv_ctx, int bodytype); + int ossl_cmp_mock_srv_set_pollCount(OSSL_CMP_SRV_CTX *srv_ctx, int count); + int ossl_cmp_mock_srv_set_checkAfterTime(OSSL_CMP_SRV_CTX *srv_ctx, int sec); + +=head1 DESCRIPTION + +ossl_cmp_mock_srv_new() allocates the contexts for the CMP mock server +associated with the library context I and property query string +I, both of which may be NULL to select the defaults. + +ossl_cmp_mock_srv_free() deallocates the contexts for the CMP mock server. + +ossl_cmp_mock_srv_set1_certOut() sets the certificate to be returned in +cp/ip/kup. + +ossl_cmp_mock_srv_set1_chainOut() sets the certificate chain to be added to +the extraCerts in a cp/ip/kup. +It should be useful for the validation of the certificate given via +ossl_cmp_mock_srv_set1_certOut(). + +ossl_cmp_mock_srv_set1_caPubsOut() sets the caPubs to be returned in an ip. + +ossl_cmp_mock_srv_set_statusInfo() sets the status info to be returned. + +ossl_cmp_mock_srv_set_sendError() enables enforcement of error responses +for requests of the given I, or for all requests if I is 1. +A I of -1 can be used to disable this feature, which is the default. + +ossl_cmp_mock_srv_set_pollCount() sets the number of polls before cert response. + +ossl_cmp_mock_srv_set_checkAfterTime() sets the number of seconds +the client should wait for the next poll. + +=head1 NOTES + +CMP is defined in RFC 4210 (and CRMF in RFC 4211). + +=head1 RETURN VALUES + +ossl_cmp_mock_srv() returns a B structure on success, +NULL on error. + +ossl_cmp_mock_srv_free() does not return a value. + +All other functions return 1 on success, 0 on error. + +=head1 HISTORY + +The OpenSSL CMP support was added in OpenSSL 3.0. + +=head1 COPYRIGHT + +Copyright 2007-2023 The OpenSSL Project Authors. All Rights Reserved. + +Licensed under the Apache License 2.0 (the "License"). You may not use +this file except in compliance with the License. You can obtain a copy +in the file LICENSE in the source distribution or at +L. + +=cut diff --git a/deps/openssl/openssl/doc/internal/man3/ossl_cmp_msg_check_update.pod b/deps/openssl/openssl/doc/internal/man3/ossl_cmp_msg_check_update.pod new file mode 100644 index 00000000000000..4e7a9224afddd1 --- /dev/null +++ b/deps/openssl/openssl/doc/internal/man3/ossl_cmp_msg_check_update.pod @@ -0,0 +1,95 @@ +=pod + +=head1 NAME + +ossl_cmp_allow_unprotected_cb_t, +ossl_cmp_msg_check_update +- generic checks on a received CMP message, updating the context + +=head1 SYNOPSIS + + #include "cmp_local.h" + + typedef int (*ossl_cmp_allow_unprotected_cb_t)(const OSSL_CMP_CTX *ctx, + const OSSL_CMP_MSG *msg, + int invalid_protection, int arg); + + int ossl_cmp_msg_check_update(OSSL_CMP_CTX *ctx, const OSSL_CMP_MSG *msg, + ossl_cmp_allow_unprotected_cb_t cb, int cb_arg); + +=head1 DESCRIPTION + +ossl_cmp_msg_check_update() does all generic checks on the given message B, +which may be a server response or a request by some client, +and updates the B accordingly. + +The B is checked for the following: + +=over 4 + +=item its sender is of appropriate type (currently only B) + and matches any expected sender or srvCert subject given in B, + +=item its protection is present and valid (or a callback function B +is present and indicates that a missing or invalid protection is acceptable), + +=item its CMP protocol version is acceptable, namely B, + +=item its body type is valid, + +=item its transaction ID matches any transaction ID given in B, and + +=item its recipNonce matches any senderNonce given in B. + +=back + +In case no protection is present and B is not NULL then this callback +function is called with its B parameter being 0, while in +case an invalid protection is present the B parameter is 1. +The callback is passed also the arguments B, B, and +(which typically contains the expected message type). +The callback should return 1 on acceptance, 0 on rejection, or -1 on error. +It should not put an error on the error stack since this could be misleading. + +ossl_cmp_msg_check_update() adds all extraCerts contained in the to +the list of untrusted certificates in B such that they are already usable +for OSSL_CMP_validate_msg(), which is called internally, and for future use. +Thus they are available also to the certificate confirmation callback, and the +peer does not need to send them again (at least not in the same transaction). +Note that it does not help validating the message before storing the extraCerts +because they are not part of the protected portion of the message anyway. +For efficiency, the extraCerts are prepended to the list so they get used first. + +If all checks pass then ossl_cmp_msg_check_update() +records in B the senderNonce of the received message as the new recipNonce +and learns the transaction ID if none is currently present in B. + +Moreover, according to RFC 4210 section 5.3.2, if the message protection is +PBM-based then any certificates in the caPubs field are added to the list of +trusted certificates (if set via L). +This way these certs are available for validating subsequent messages in the +same context and could apply to any Polling Response (pollRep), error, or PKI +Confirmation (PKIConf) messages following in the same or future transactions. + +=head1 RETURN VALUES + +ossl_cmp_msg_check_update() returns 1 on success, -1 on error. + +=head1 SEE ALSO + +L + +=head1 HISTORY + +The OpenSSL CMP support was added in OpenSSL 3.0. + +=head1 COPYRIGHT + +Copyright 2007-2020 The OpenSSL Project Authors. All Rights Reserved. + +Licensed under the Apache License 2.0 (the "License"). You may not use +this file except in compliance with the License. You can obtain a copy +in the file LICENSE in the source distribution or at +L. + +=cut diff --git a/deps/openssl/openssl/doc/internal/man3/ossl_cmp_msg_create.pod b/deps/openssl/openssl/doc/internal/man3/ossl_cmp_msg_create.pod new file mode 100644 index 00000000000000..d4294d3e9fa65c --- /dev/null +++ b/deps/openssl/openssl/doc/internal/man3/ossl_cmp_msg_create.pod @@ -0,0 +1,134 @@ +=pod + +=head1 NAME + +OSSL_CMP_PKIBODY_IR, +OSSL_CMP_PKIBODY_IP, +OSSL_CMP_PKIBODY_CR, +OSSL_CMP_PKIBODY_CP, +OSSL_CMP_PKIBODY_P10CR, +OSSL_CMP_PKIBODY_POPDECC, +OSSL_CMP_PKIBODY_POPDECR, +OSSL_CMP_PKIBODY_KUR, +OSSL_CMP_PKIBODY_KUP, +OSSL_CMP_PKIBODY_KRR, +OSSL_CMP_PKIBODY_KRP, +OSSL_CMP_PKIBODY_RR, +OSSL_CMP_PKIBODY_RP, +OSSL_CMP_PKIBODY_CCR, +OSSL_CMP_PKIBODY_CCP, +OSSL_CMP_PKIBODY_CKUANN, +OSSL_CMP_PKIBODY_CANN, +OSSL_CMP_PKIBODY_RANN, +OSSL_CMP_PKIBODY_CRLANN, +OSSL_CMP_PKIBODY_PKICONF, +OSSL_CMP_PKIBODY_NESTED, +OSSL_CMP_PKIBODY_GENM, +OSSL_CMP_PKIBODY_GENP, +OSSL_CMP_PKIBODY_ERROR, +OSSL_CMP_PKIBODY_CERTCONF, +OSSL_CMP_PKIBODY_POLLREQ, +OSSL_CMP_PKIBODY_POLLREP, +ossl_cmp_bodytype_to_string, +ossl_cmp_msg_get_bodytype, +ossl_cmp_msg_set_bodytype, +ossl_cmp_msg_create, +ossl_cmp_msg_gen_ITAV_push0, +ossl_cmp_msg_gen_ITAVs_push1 +- functions handling CMP messages + +=head1 SYNOPSIS + + #include "cmp_local.h" + + #define OSSL_CMP_PKIBODY_IR 0 + #define OSSL_CMP_PKIBODY_IP 1 + #define OSSL_CMP_PKIBODY_CR 2 + #define OSSL_CMP_PKIBODY_CP 3 + #define OSSL_CMP_PKIBODY_P10CR 4 + #define OSSL_CMP_PKIBODY_POPDECC 5 + #define OSSL_CMP_PKIBODY_POPDECR 6 + #define OSSL_CMP_PKIBODY_KUR 7 + #define OSSL_CMP_PKIBODY_KUP 8 + #define OSSL_CMP_PKIBODY_KRR 9 + #define OSSL_CMP_PKIBODY_KRP 10 + #define OSSL_CMP_PKIBODY_RR 11 + #define OSSL_CMP_PKIBODY_RP 12 + #define OSSL_CMP_PKIBODY_CCR 13 + #define OSSL_CMP_PKIBODY_CCP 14 + #define OSSL_CMP_PKIBODY_CKUANN 15 + #define OSSL_CMP_PKIBODY_CANN 16 + #define OSSL_CMP_PKIBODY_RANN 17 + #define OSSL_CMP_PKIBODY_CRLANN 18 + #define OSSL_CMP_PKIBODY_PKICONF 19 + #define OSSL_CMP_PKIBODY_NESTED 20 + #define OSSL_CMP_PKIBODY_GENM 21 + #define OSSL_CMP_PKIBODY_GENP 22 + #define OSSL_CMP_PKIBODY_ERROR 23 + #define OSSL_CMP_PKIBODY_CERTCONF 24 + #define OSSL_CMP_PKIBODY_POLLREQ 25 + #define OSSL_CMP_PKIBODY_POLLREP 26 + + const char *ossl_cmp_bodytype_to_string(int type); + int ossl_cmp_msg_get_bodytype(const OSSL_CMP_MSG *msg); + int ossl_cmp_msg_set_bodytype( OSSL_CMP_MSG *msg, int type); + OSSL_CMP_MSG *ossl_cmp_msg_create(OSSL_CMP_CTX *ctx, int bodytype); + int ossl_cmp_msg_gen_ITAV_push0(OSSL_CMP_MSG *msg, OSSL_CMP_ITAV *itav); + int ossl_cmp_msg_gen_ITAVs_push1(OSSL_CMP_MSG *msg, + STACK_OF(OSSL_CMP_ITAV) *itavs); + +=head1 DESCRIPTION + +ossl_cmp_bodytype_to_string() returns the name of the given body type as string, +or "illegal body type" on error. + +ossl_cmp_msg_get_bodytype() returns the body type of the given PKIMessage, +or -1 on error. + +ossl_cmp_msg_set_bodytype() sets the type of the message contained in +the PKIMessage body field. +Returns 1 on success, 0 on error. + +ossl_cmp_msg_create() creates and initializes an B structure, +using fields of B for the header and B for the body. +If the current B field in I indicates that there is no +current transaction, it creates and stores a random one with 128 bits length. +Thus, the I may be modified by this and related ossl_cmp_*_new() functions. +Returns pointer to created B on success, NULL on error. + +ossl_cmp_msg_gen_ITAV_push0() pushes the B to the body of the +PKIMessage B of GenMsg or GenRep type. Consumes the B pointer. +Returns 1 on success, 0 on error. + +ossl_cmp_msg_gen_ITAVs_push1() adds a copy of the B stack to the body +of the PKIMessage B of GenMsg or GenRep type. +Does not consume the B pointer nor its elements. +Returns 1 on success, 0 on error. + +=head1 NOTES + +CMP is defined in RFC 4210 (and CRMF in RFC 4211). + +=head1 RETURN VALUES + +See the individual functions above. + +=head1 SEE ALSO + +L, +L, L + +=head1 HISTORY + +The OpenSSL CMP support was added in OpenSSL 3.0. + +=head1 COPYRIGHT + +Copyright 2007-2021 The OpenSSL Project Authors. All Rights Reserved. + +Licensed under the Apache License 2.0 (the "License"). You may not use +this file except in compliance with the License. You can obtain a copy +in the file LICENSE in the source distribution or at +L. + +=cut diff --git a/deps/openssl/openssl/doc/internal/man3/ossl_cmp_msg_protect.pod b/deps/openssl/openssl/doc/internal/man3/ossl_cmp_msg_protect.pod new file mode 100644 index 00000000000000..744fbce576ca29 --- /dev/null +++ b/deps/openssl/openssl/doc/internal/man3/ossl_cmp_msg_protect.pod @@ -0,0 +1,66 @@ +=pod + +=head1 NAME + +ossl_cmp_calc_protection, +ossl_cmp_msg_protect, +ossl_cmp_msg_add_extraCerts +- functions for producing CMP message protection + +=head1 SYNOPSIS + + #include "cmp_local.h" + + ASN1_BIT_STRING *ossl_cmp_calc_protection(const OSSL_CMP_CTX *ctx, + const OSSL_CMP_MSG *msg); + int ossl_cmp_msg_protect(OSSL_CMP_CTX *ctx, OSSL_CMP_MSG *msg); + int ossl_cmp_msg_add_extraCerts(OSSL_CMP_CTX *ctx, OSSL_CMP_MSG *msg); + +=head1 DESCRIPTION + +ossl_cmp_calc_protection() calculates the protection for the given I +according to the algorithm and parameters in the message header's protectionAlg +using the credentials, library context, and property criteria in the I. + +ossl_cmp_msg_protect() (re-)protects the given message I using an algorithm +depending on the available context information given in the I. +If there is a secretValue it selects PBMAC, else if there is a protection cert +it selects Signature and uses ossl_cmp_msg_add_extraCerts (see below). +It also sets the protectionAlg field in the message header accordingly. + +ossl_cmp_msg_add_extraCerts() adds elements to the extraCerts field in I. +If signature-based message protection is used it adds first the CMP signer cert +ctx->cert and then its chain ctx->chain. If this chain is not present in I +tries to build it using ctx->untrusted and caches the result in ctx->chain. +In any case all the certificates explicitly specified to be sent out (i.e., +IextraCertsOut>) are added. Note that it will NOT add the root certificate +of the chain, i.e, the trust anchor (unless it is part of extraCertsOut). + +=head1 NOTES + +CMP is defined in RFC 4210 (and CRMF in RFC 4211). + +The I parameter of ossl_cmp_msg_add_extraCerts() +and thus also of ossl_cmp_msg_protect() cannot be made I +because Ichain> may get adapted to cache the chain of the CMP signer cert. + +=head1 RETURN VALUES + +ossl_cmp_calc_protection() returns the protection on success, else NULL. + +All other functions return 1 on success, 0 on error. + +=head1 HISTORY + +The OpenSSL CMP support was added in OpenSSL 3.0. + +=head1 COPYRIGHT + +Copyright 2007-2023 The OpenSSL Project Authors. All Rights Reserved. + +Licensed under the Apache License 2.0 (the "License"). You may not use +this file except in compliance with the License. You can obtain a copy +in the file LICENSE in the source distribution or at +L. + +=cut diff --git a/deps/openssl/openssl/doc/internal/man3/ossl_cmp_pkisi_get_status.pod b/deps/openssl/openssl/doc/internal/man3/ossl_cmp_pkisi_get_status.pod new file mode 100644 index 00000000000000..e44bfd3f01904c --- /dev/null +++ b/deps/openssl/openssl/doc/internal/man3/ossl_cmp_pkisi_get_status.pod @@ -0,0 +1,99 @@ +=pod + +=head1 NAME + +ossl_cmp_certresponse_get1_cert, +ossl_cmp_pkisi_get_status, +ossl_cmp_PKIStatus_to_string, +ossl_cmp_pkisi_get0_statusString, +ossl_cmp_pkisi_get_pkifailureinfo, +ossl_cmp_pkisi_check_pkifailureinfo +- functions for managing PKI status information + +=head1 SYNOPSIS + + #include "cmp.h" + +# define OSSL_CMP_PKIFAILUREINFO_badAlg 0 +# define OSSL_CMP_PKIFAILUREINFO_badMessageCheck 1 +# define OSSL_CMP_PKIFAILUREINFO_badRequest 2 +# define OSSL_CMP_PKIFAILUREINFO_badTime 3 +# define OSSL_CMP_PKIFAILUREINFO_badCertId 4 +# define OSSL_CMP_PKIFAILUREINFO_badDataFormat 5 +# define OSSL_CMP_PKIFAILUREINFO_wrongAuthority 6 +# define OSSL_CMP_PKIFAILUREINFO_incorrectData 7 +# define OSSL_CMP_PKIFAILUREINFO_missingTimeStamp 8 +# define OSSL_CMP_PKIFAILUREINFO_badPOP 9 +# define OSSL_CMP_PKIFAILUREINFO_certRevoked 10 +# define OSSL_CMP_PKIFAILUREINFO_certConfirmed 11 +# define OSSL_CMP_PKIFAILUREINFO_wrongIntegrity 12 +# define OSSL_CMP_PKIFAILUREINFO_badRecipientNonce 13 +# define OSSL_CMP_PKIFAILUREINFO_timeNotAvailable 14 +# define OSSL_CMP_PKIFAILUREINFO_unacceptedPolicy 15 +# define OSSL_CMP_PKIFAILUREINFO_unacceptedExtension 16 +# define OSSL_CMP_PKIFAILUREINFO_addInfoNotAvailable 17 +# define OSSL_CMP_PKIFAILUREINFO_badSenderNonce 18 +# define OSSL_CMP_PKIFAILUREINFO_badCertTemplate 19 +# define OSSL_CMP_PKIFAILUREINFO_signerNotTrusted 20 +# define OSSL_CMP_PKIFAILUREINFO_transactionIdInUse 21 +# define OSSL_CMP_PKIFAILUREINFO_unsupportedVersion 22 +# define OSSL_CMP_PKIFAILUREINFO_notAuthorized 23 +# define OSSL_CMP_PKIFAILUREINFO_systemUnavail 24 +# define OSSL_CMP_PKIFAILUREINFO_systemFailure 25 +# define OSSL_CMP_PKIFAILUREINFO_duplicateCertReq 26 +# define OSSL_CMP_PKIFAILUREINFO_MAX 26 + + X509 *ossl_cmp_certresponse_get1_cert(const OSSL_CMP_CTX *ctx, + const OSSL_CMP_CERTRESPONSE *crep); + int ossl_cmp_pkisi_get_status(const OSSL_CMP_PKISI *si); + const char *ossl_cmp_PKIStatus_to_string(int status); + OSSL_CMP_PKIFREETEXT *ossl_cmp_pkisi_get0_statusString(const OSSL_CMP_PKISI *si); + int ossl_cmp_pkisi_get_pkifailureinfo(const OSSL_CMP_PKISI *si); + int ossl_cmp_pkisi_check_pkifailureinfo(const OSSL_CMP_PKISI *si, int index); + +=head1 DESCRIPTION + +ossl_cmp_certresponse_get1_cert() returns a pointer to a copy of the newly +enrolled certificate from the given certResponse I, or NULL on error. +Uses data from I, which in case of indirect POPO includes the private key. + +ossl_cmp_pkisi_get_status() returns the PKIStatus of I, or -1 on error. + +ossl_cmp_PKIStatus_to_string() returns a human-readable string representing +the PKIStatus values as specified in RFC 4210, Appendix F. + +ossl_cmp_pkisi_get0_statusString() returns a direct pointer to the statusString +field contained in I. + +ossl_cmp_pkisi_get_pkifailureinfo() returns the PKIFailureInfo bits +of I, encoded as integer, or -1 on error. + +ossl_cmp_pkisi_check_pkifailureinfo() returns the state of the bit (0 or 1) +with index I in the PKIFailureInfo of the I, or -1 on error. + +=head1 NOTES + +CMP is defined in RFC 4210 (and CRMF in RFC 4211). + +=head1 RETURN VALUES + +See the individual functions above. + +=head1 SEE ALSO + +L, L + +=head1 HISTORY + +The OpenSSL CMP support was added in OpenSSL 3.0. + +=head1 COPYRIGHT + +Copyright 2007-2023 The OpenSSL Project Authors. All Rights Reserved. + +Licensed under the Apache License 2.0 (the "License"). You may not use +this file except in compliance with the License. You can obtain a copy +in the file LICENSE in the source distribution or at +L. + +=cut diff --git a/deps/openssl/openssl/doc/internal/man3/ossl_cmp_print_log.pod b/deps/openssl/openssl/doc/internal/man3/ossl_cmp_print_log.pod new file mode 100644 index 00000000000000..f4384402e584aa --- /dev/null +++ b/deps/openssl/openssl/doc/internal/man3/ossl_cmp_print_log.pod @@ -0,0 +1,108 @@ +=pod + +=head1 NAME + +ossl_cmp_print_log, +ossl_cmp_alert, +ossl_cmp_err, +ossl_cmp_warn, +ossl_cmp_info, +ossl_cmp_debug, +ossl_cmp_log, +ossl_cmp_log1, +ossl_cmp_log2, +ossl_cmp_log3, +ossl_cmp_log4, +ossl_cmp_log_parse_metadata, +ossl_cmp_add_error_data, +ossl_cmp_add_error_line +- logging and error reporting support for CMP + +=head1 SYNOPSIS + + #include "cmp_local.h" + + int ossl_cmp_print_log(OSSL_CMP_severity level, const OSSL_CMP_CTX *ctx, + const char *func, const char *file, int line, + const char *level_str, const char *format, ...); + #define ossl_cmp_alert(ctx, msg) + #define ossl_cmp_err(ctx, msg) + #define ossl_cmp_warn(ctx, msg) + #define ossl_cmp_info(ctx, msg) + #define ossl_cmp_debug(ctx, (msg) + #define ossl_cmp_log(level, ctx, msg) + #define ossl_cmp_log1(level, ctx, fmt, arg1) + #define ossl_cmp_log2(level, ctx, fmt, arg1, arg2) + #define ossl_cmp_log3(level, ctx, fmt, arg1, arg2, arg3) + #define ossl_cmp_log4(level, ctx, fmt, arg1, arg2, arg3, arg4) + const char *ossl_cmp_log_parse_metadata(const char *buf, + OSSL_CMP_severity *level, char **func, + char **file, int *line); + + #define ossl_cmp_add_error_data(txt) + #define ossl_cmp_add_error_line(txt) + +=head1 DESCRIPTION + +ossl_cmp_print_log() prints CMP log messages (i.e., diagnostic info) via the +log callback of the B if present and the severity level is sufficient. +If the trace API if enabled the function uses it, prepending the function name, +filename, line number, and severity information to the message being output. +In any case the B, B, B, and B parameters +and the message constructed using the given B and variable further +argument list are passed to the log callback function (unless it is NULL). +The B, B, B, and B arguments may be NULL. + +ossl_cmp_alert(), ossl_cmp_err(), ossl_cmp_warn(), ossl_cmp_info(), and +ossl_cmp_debug() output a simple alert/error/warning/info/debug message +via ossl_cmp_print_log(). + +ossl_cmp_log(), ossl_cmp_log1(), ossl_cmp_log2(), ossl_cmp_log3(), and +ossl_cmp_log4() output a log message with the given severity, +constructing the message text from the given format and arguments. + +ossl_cmp_log_parse_metadata() parses the given message buffer I populated +by ossl_cmp_log() etc. +according to the pattern OSSL_CMP_LOG_START#level ": %s\n", filling in +the variable pointed to by I with the severity level or -1, +the variable pointed to by I with the function name string or NULL, +the variable pointed to by I with the filename string or NULL, and +the variable pointed to by I with the line number or -1. +Any string returned via I<*func> and I<*file> must be freed by the caller. + +ossl_cmp_add_error_data() is a macro calling +L with the separator being ":". + +ossl_cmp_add_error_line() is a macro calling +L with the separator being "\n". + +=head1 RETURN VALUES + +ossl_cmp_log_parse_metadata() returns the pointer to the actual message text +after the OSSL_CMP_LOG_PREFIX and level and ':' if found in the buffer, +else the beginning of the buffer. + +ossl_cmp_add_error_data() and +ossl_cmp_add_error_line() +do not return anything. + +All other functions return 1 on success, 0 on error. + +=head1 SEE ALSO + +L + +=head1 HISTORY + +The OpenSSL CMP support was added in OpenSSL 3.0. + +=head1 COPYRIGHT + +Copyright 2007-2020 The OpenSSL Project Authors. All Rights Reserved. + +Licensed under the Apache License 2.0 (the "License"). You may not use +this file except in compliance with the License. You can obtain a copy +in the file LICENSE in the source distribution or at +L. + +=cut diff --git a/deps/openssl/openssl/doc/internal/man3/ossl_ends_with_dirsep.pod b/deps/openssl/openssl/doc/internal/man3/ossl_ends_with_dirsep.pod new file mode 100644 index 00000000000000..d19ce7a3b97c4d --- /dev/null +++ b/deps/openssl/openssl/doc/internal/man3/ossl_ends_with_dirsep.pod @@ -0,0 +1,45 @@ +=pod + +=head1 NAME + +ossl_ends_with_dirsep, ossl_is_absolute_path +- internal functions to work with paths + +=head1 SYNOPSIS + + #include "internal/cryptlib.h" + + int ossl_ends_with_dirsep(const char *path); + + int ossl_is_absolute_path(const char *path); + +=head1 DESCRIPTION + +ossl_ends_with_dirsep() detects whether the I ends with a directory +separator in a platform agnostic way. + +ossl_is_absolute_path() detects whether the I is absolute path in +a platform agnostic way. + +=head1 RETURN VALUES + +ossl_ends_with_dirsep() returns 1 if the I ends with a directory +separator, 0 otherwise. + +ossl_is_absolute_path() returns 1 if the I is absolute, 0 otherwise. + +=head1 HISTORY + +The functions described here were added in OpenSSL 3.0. + +=head1 COPYRIGHT + +Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. + +Licensed under the Apache License 2.0 (the "License"). You may not use +this file except in compliance with the License. You can obtain a copy +in the file LICENSE in the source distribution or at +L. + +=cut + diff --git a/deps/openssl/openssl/doc/internal/man3/ossl_global_properties_no_mirrored.pod b/deps/openssl/openssl/doc/internal/man3/ossl_global_properties_no_mirrored.pod new file mode 100644 index 00000000000000..6c39ccbc0ffe9b --- /dev/null +++ b/deps/openssl/openssl/doc/internal/man3/ossl_global_properties_no_mirrored.pod @@ -0,0 +1,56 @@ +=pod + +=head1 NAME + +ossl_property_list_to_string, ossl_global_properties_no_mirrored +- internal property routines + +=head1 SYNOPSIS + + #include "internal/property.h" + + size_t ossl_property_list_to_string(OSSL_LIB_CTX *ctx, + const OSSL_PROPERTY_LIST *list, char *buf, + size_t bufsize); + + int ossl_global_properties_no_mirrored(OSSL_LIB_CTX *libctx); + void ossl_global_properties_no_mirrored(OSSL_LIB_CTX *libctx); + + +=head1 DESCRIPTION + +ossl_property_list_to_string() takes a given OSSL_PROPERTY_LIST in I and +converts it to a string. If I is non NULL then the string will be stored +in I. The size of the buffer is provided in I. If I is +too short then the string will be truncated. If I is NULL then the length +of the string is still calculated and returned. If the property list has no +properties in it then the empty string will be stored in I. + +ossl_global_properties_no_mirrored() checks whether mirroring of global +properties from a parent library context is allowed for the current library +context. + +ossl_global_properties_no_mirrored() prevents future mirroring of global +properties from a parent library context for the current library context. + +=head1 RETURN VALUES + +ossl_property_list_to_string() returns the length of the string, or 0 on error. + +ossl_global_properties_no_mirrored() returns 1 if mirroring of global properties +is not allowed, or 0 otherwise. + +=head1 HISTORY + +The functions described here were all added in OpenSSL 3.0. + +=head1 COPYRIGHT + +Copyright 2021 The OpenSSL Project Authors. All Rights Reserved. + +Licensed under the Apache License 2.0 (the "License"). You may not use +this file except in compliance with the License. You can obtain a copy +in the file LICENSE in the source distribution or at +L. + +=cut diff --git a/deps/openssl/openssl/doc/internal/man3/ossl_init_thread_deregister.pod b/deps/openssl/openssl/doc/internal/man3/ossl_init_thread_deregister.pod new file mode 100644 index 00000000000000..6c9e0b5b8998cf --- /dev/null +++ b/deps/openssl/openssl/doc/internal/man3/ossl_init_thread_deregister.pod @@ -0,0 +1,66 @@ +=pod + +=head1 NAME + +OSSL_thread_stop_handler_fn, +ossl_init_thread_start, +ossl_init_thread_deregister +- internal thread routines + +=head1 SYNOPSIS + + #include "crypto/cryptlib.h" + #include + + typedef void (*OSSL_thread_stop_handler_fn)(void *arg); + + int ossl_init_thread_start(const void *index, void *arg, + OSSL_thread_stop_handler_fn handfn); + int ossl_init_thread_deregister(void *index); + +=head1 DESCRIPTION + +Thread aware code may be informed about when a thread is stopping, typically to +perform some cleanup operation. +Thread stop events may be detected by OpenSSL either automatically (using the +capabilities of the underlying threading library) where possible or explicitly +by the application calling OPENSSL_thread_stop() or OPENSSL_thread_stop_ex(). + +Thread aware code registers a "stop handler" for each new thread that it uses. +Typically, when a new thread is being used, code will add a new value to some +thread local variable and then register a stop handler. When the thread is +stopping the stop handler is called (while on that thread) and the code can +clean up the value stored in the thread local variable. + +A new stop handler is registered using the function ossl_init_thread_start(). +The I parameter should be a unique value that can be used to identify a +set of common stop handlers and is passed in a later call to +ossl_init_thread_deregister. If no later call to ossl_init_thread_deregister is +made then NULL can be passed for this parameter. The I parameter is passed +back as an argument to the stop handler when it is later invoked. Finally the +I is a function pointer to the stop handler itself. + +In the event that previously registered stop handlers need to be deregistered +then this can be done using the function ossl_init_thread_deregister(). +This will deregister all stop handlers (no matter which thread they were +registered for) which the same I value. + +=head1 RETURN VALUES + +ossl_init_thread_start() and ossl_init_thread_deregister() return 1 for success +or 0 on error. + +=head1 HISTORY + +The functions described here were all added in OpenSSL 3.0. + +=head1 COPYRIGHT + +Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. + +Licensed under the Apache License 2.0 (the "License"). You may not use +this file except in compliance with the License. You can obtain a copy +in the file LICENSE in the source distribution or at +L. + +=cut diff --git a/deps/openssl/openssl/doc/internal/man3/ossl_lib_ctx_get_data.pod b/deps/openssl/openssl/doc/internal/man3/ossl_lib_ctx_get_data.pod new file mode 100644 index 00000000000000..faedf7275f08d6 --- /dev/null +++ b/deps/openssl/openssl/doc/internal/man3/ossl_lib_ctx_get_data.pod @@ -0,0 +1,154 @@ +=pod + +=head1 NAME + +ossl_lib_ctx_get_data, ossl_lib_ctx_run_once, ossl_lib_ctx_onfree, +ossl_lib_ctx_is_child +- internal OSSL_LIB_CTX routines + +=head1 SYNOPSIS + + #include + #include "internal/cryptlib.h" + + typedef struct ossl_lib_ctx_method { + int priority; + void *(*new_func)(OSSL_LIB_CTX *ctx); + void (*free_func)(void *); + } OSSL_LIB_CTX_METHOD; + + void *ossl_lib_ctx_get_data(OSSL_LIB_CTX *ctx, int index, + const OSSL_LIB_CTX_METHOD *meth); + + int ossl_lib_ctx_run_once(OSSL_LIB_CTX *ctx, unsigned int idx, + ossl_lib_ctx_run_once_fn run_once_fn); + int ossl_lib_ctx_onfree(OSSL_LIB_CTX *ctx, ossl_lib_ctx_onfree_fn onfreefn); + + int ossl_lib_ctx_is_child(OSSL_LIB_CTX *ctx); + +=head1 DESCRIPTION + +Internally, the OpenSSL library context B is implemented +as a B, which allows data from diverse parts of the +library to be added and removed dynamically. +Each such data item must have a corresponding CRYPTO_EX_DATA index +associated with it. Unlike normal CRYPTO_EX_DATA objects we use static indexes +to identify data items. These are mapped transparently to CRYPTO_EX_DATA dynamic +indexes internally to the implementation. +See the example further down to see how that's done. + +ossl_lib_ctx_get_data() is used to retrieve a pointer to the data in +the library context I associated with the given I. An +OSSL_LIB_CTX_METHOD must be defined and given in the I parameter. The index +for it should be defined in cryptlib.h. The functions through the method are +used to create or free items that are stored at that index whenever a library +context is created or freed, meaning that the code that use a data item of that +index doesn't have to worry about that, just use the data available. + +Deallocation of an index happens automatically when the library +context is freed. + +ossl_lib_ctx_run_once is used to run some initialisation routine I +exactly once per library context I object. Each initialisation routine +should be allocate a unique run once index in cryptlib.h. + +Any resources allocated via a run once initialisation routine can be cleaned up +using ossl_lib_ctx_onfree. This associates an "on free" routine I with +the library context I. When I is freed all associated "on free" +routines are called. + +ossl_lib_ctx_is_child() returns 1 if this library context is a child and 0 +otherwise. + +=head1 RETURN VALUES + +ossl_lib_ctx_get_data() returns a pointer on success, or NULL on +failure. + +=head1 EXAMPLES + +=head2 Initialization + +For a type C that should end up in the OpenSSL library context, a +small bit of initialization is needed, i.e. to associate a constructor +and a destructor to an index. + + typedef struct foo_st { + int i; + void *data; + } FOO; + + static void *foo_new(OSSL_LIB_CTX *ctx) + { + FOO *ptr = OPENSSL_zalloc(sizeof(*foo)); + if (ptr != NULL) + ptr->i = 42; + return ptr; + } + static void foo_free(void *ptr) + { + OPENSSL_free(ptr); + } + + /* + * Include a reference to this in the methods table in context.c + * OSSL_LIB_CTX_FOO_INDEX should be added to internal/cryptlib.h + * Priorities can be OSSL_LIB_CTX_METHOD_DEFAULT_PRIORITY, + * OSSL_LIB_CTX_METHOD_PRIORITY_1, OSSL_LIB_CTX_METHOD_PRIORITY_2, etc. + * Default priority is low (0). The higher the priority the earlier the + * method's destructor will be called when the library context is cleaned up. + */ + const OSSL_LIB_CTX_METHOD foo_method = { + OSSL_LIB_CTX_METHOD_DEFAULT_PRIORITY, + foo_new, + foo_free + }; + +=head2 Usage + +To get and use the data stored in the library context, simply do this: + + /* + * ctx is received from a caller, + */ + FOO *data = ossl_lib_ctx_get_data(ctx, OSSL_LIB_CTX_FOO_INDEX, &foo_method); + +=head2 Run Once + + void foo_cleanup(OSSL_LIB_CTX *ctx) + { + /* Free foo resources associated with ctx */ + } + + static ossl_lib_ctx_run_once_fn do_foo_init; + static int do_foo_init(OSSL_LIB_CTX *ctx) + { + /* Allocate and initialise some foo resources and associated with ctx */ + return ossl_lib_ctx_onfree(ctx, &foo_cleanup) + } + + int foo_some_function(OSSL_LIB_CTX *ctx) + { + if (!ossl_lib_ctx_run_once(ctx, + OSSL_LIB_CTX_FOO_RUN_ONCE_INDEX, + do_foo_init)) + return 0; + + /* Do some work using foo resources in ctx */ + } + + +=head1 SEE ALSO + +L + +=head1 COPYRIGHT + +Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved. + +Licensed under the Apache License 2.0 (the "License"). You may not use +this file except in compliance with the License. You can obtain a copy +in the file LICENSE in the source distribution or at +L. + +=cut diff --git a/deps/openssl/openssl/doc/internal/man3/ossl_method_construct.pod b/deps/openssl/openssl/doc/internal/man3/ossl_method_construct.pod new file mode 100644 index 00000000000000..422d7a5b6850a2 --- /dev/null +++ b/deps/openssl/openssl/doc/internal/man3/ossl_method_construct.pod @@ -0,0 +1,158 @@ +=pod + +=head1 NAME + +OSSL_METHOD_CONSTRUCT_METHOD, ossl_method_construct +- generic method constructor + +=head1 SYNOPSIS + + #include "internal/core.h" + + struct ossl_method_construct_method_st { + /* Get a temporary store */ + void *(*get_tmp_store)(void *data); + /* Get an already existing method from a store */ + void *(*get)(void *store, const OSSL_PROVIDER *prov, void *data); + /* Store a method in a store */ + int (*put)(void *store, void *method, const OSSL_PROVIDER *prov, + const char *name, const char *propdef, void *data); + /* Construct a new method */ + void *(*construct)(const OSSL_ALGORITHM *algodef, OSSL_PROVIDER *prov, + void *data); + /* Destruct a method */ + void (*destruct)(void *method, void *data); + }; + typedef struct ossl_method_construct_method OSSL_METHOD_CONSTRUCT_METHOD; + + void *ossl_method_construct(OSSL_LIB_CTX *ctx, int operation_id, + OSSL_PROVIDER *prov, int force_cache, + OSSL_METHOD_CONSTRUCT_METHOD *mcm, void *mcm_data); + + +=head1 DESCRIPTION + +All libcrypto subsystems that want to create their own methods based +on provider dispatch tables need to do so in exactly the same way. +ossl_method_construct() does this while leaving it to the subsystems +to define more precisely how the methods are created, stored, etc. + +It's important to keep in mind that a method is identified by three things: + +=over 4 + +=item The operation identity + +=item The name of the algorithm + +=item The properties associated with the algorithm implementation + +=back + +=head2 Functions + +ossl_method_construct() creates a method by asking all available +providers for a dispatch table given an I, and then +calling the appropriate functions given by the subsystem specific +method creator through I and the data in I (which is +passed by ossl_method_construct()). +If I is not NULL, only that provider is considered, which is +useful in the case a method must be found in that particular +provider. + +This function assumes that the subsystem method creator implements +reference counting and acts accordingly (i.e. it will call the +subsystem destruct() method to decrement the reference count when +appropriate). + +=head2 Structures + +A central part of constructing a subsystem specific method is to give +ossl_method_construct a set of functions, all in the +B structure, which holds the following +function pointers: + +=over 4 + +=item get_tmp_store() + +Create a temporary method store in the scope of the library context I. +This store is used to temporarily store methods for easier lookup, for +when the provider doesn't want its dispatch table stored in a longer +term cache. + +=item get() + +Look up an already existing method from a store by name. + +The store may be given with I. +NULL is a valid value and means that a subsystem default store +must be used. +This default store should be stored in the library context I. + +The method to be looked up should be identified with data found in I +(which is the I that was passed to ossl_construct_method()). +In other words, the ossl_method_construct() caller is entirely responsible +for ensuring the necessary data is made available. + +Optionally, I may be given as a search criterion, to narrow down the +search of a method belonging to just one provider. + +This function is expected to increment the resulting method's reference count. + +=item put() + +Places the I created by the construct() function (see below) +in a store. + +The store may be given with I. +NULL is a valid value and means that a subsystem default store +must be used. +This default store should be stored in the library context I. + +The method should be associated with the given provider I, +I and property definition I as well as any +identification data given through I (which is the I +that was passed to ossl_construct_method()). + +This function is expected to increment the I's reference count. + +=item construct() + +Constructs a subsystem method for the given I and the given +dispatch table I. + +The associated provider object I is passed as well, to make +it possible for the subsystem constructor to keep a reference, which +is recommended. +If such a reference is kept, the I reference counter +must be incremented, using ossl_provider_up_ref(). + +This function is expected to set the method's reference count to 1. + +=item destruct() + +Decrement the I's reference count, and destruct it when +the reference count reaches zero. + +=back + +=head1 RETURN VALUES + +ossl_method_construct() returns a constructed method on success, or +NULL on error. + +=head1 HISTORY + +This functionality was added to OpenSSL 3.0. + +=head1 COPYRIGHT + +Copyright 2019-2024 The OpenSSL Project Authors. All Rights Reserved. + +Licensed under the Apache License 2.0 (the "License"). You may not use this +file except in compliance with the License. You can obtain a copy in the file +LICENSE in the source distribution or at +L. + +=cut diff --git a/deps/openssl/openssl/doc/internal/man3/ossl_namemap_new.pod b/deps/openssl/openssl/doc/internal/man3/ossl_namemap_new.pod new file mode 100644 index 00000000000000..ff247e87b03c0b --- /dev/null +++ b/deps/openssl/openssl/doc/internal/man3/ossl_namemap_new.pod @@ -0,0 +1,129 @@ +=pod + +=head1 NAME + +ossl_namemap_new, ossl_namemap_free, ossl_namemap_stored, ossl_namemap_empty, +ossl_namemap_add_name, ossl_namemap_add_name_n, ossl_namemap_add_names, +ossl_namemap_name2num, ossl_namemap_name2num_n, +ossl_namemap_doall_names +- internal number E-E name map + +=head1 SYNOPSIS + + #include "internal/cryptlib.h" + + OSSL_NAMEMAP *ossl_namemap_stored(OSSL_LIB_CTX *libctx); + + OSSL_NAMEMAP *ossl_namemap_new(void); + void ossl_namemap_free(OSSL_NAMEMAP *namemap); + int ossl_namemap_empty(OSSL_NAMEMAP *namemap); + + int ossl_namemap_add_name(OSSL_NAMEMAP *namemap, int number, const char *name); + int ossl_namemap_add_name_n(OSSL_NAMEMAP *namemap, int number, + const char *name, size_t name_len); + + int ossl_namemap_name2num(const OSSL_NAMEMAP *namemap, const char *name); + int ossl_namemap_name2num_n(const OSSL_NAMEMAP *namemap, + const char *name, size_t name_len); + int ossl_namemap_doall_names(const OSSL_NAMEMAP *namemap, int number, + void (*fn)(const char *name, void *data), + void *data); + + int ossl_namemap_add_names(OSSL_NAMEMAP *namemap, int number, + const char *names, const char separator); + +=head1 DESCRIPTION + +A B is a one-to-many number E-E names map, which +can be used to give any arbitrary set of names (any string) a unique +dynamic identity that is valid throughout the lifetime of the associated +library context. + +ossl_namemap_new() and ossl_namemap_free() construct and destruct a +new B. +This is suitable to use when the B is embedded in other +structures, or should be independent for any reason. + +ossl_namemap_empty() checks if the given B is empty or +not. + +ossl_namemap_stored() finds or auto-creates the default namemap in the +given library context. +The returned B can't be destructed using +ossl_namemap_free(). + +ossl_namemap_add_name() adds a new name to the namemap if it's not already +present. +If the given I is zero, a new number will be allocated to +identify this I. +If the given I is nonzero, the I is added to the set of +names already associated with that number. + +ossl_namemap_name2num() finds the number corresponding to the given +I. + +ossl_namemap_add_name_n() and ossl_namemap_name2num_n() do the same thing +as ossl_namemap_add_name() and ossl_namemap_name2num(), but take a string +length I as well, allowing the caller to use a fragment of +a string as a name. + +ossl_namemap_doall_names() walks through all names associated with +I in the given I and calls the function I for +each of them. +I is also passed the I argument, which allows any caller to +pass extra data for that function to use. + +ossl_namemap_add_names() divides up a set of names given in I, +separated by I, and adds each to the I, all with +the same number. If some of them already exist in the I, +they must all have the same associated number, which will be adopted +for any name that doesn't exist yet. + +=head1 RETURN VALUES + +ossl_namemap_new() and ossl_namemap_stored() return the pointer to a +B, or NULL on error. + +ossl_namemap_empty() returns 1 if the B is NULL or +empty, 0 if it's not empty, or -1 on internal error (such as inability +to lock). + +ossl_namemap_add_name() and ossl_namemap_add_name_n() return the number +associated with the added string, or zero on error. + +ossl_namemap_num2names() returns a pointer to a NULL-terminated list of +pointers to the names corresponding to the given number, or NULL if +it's undefined in the given B. + +ossl_namemap_name2num() and ossl_namemap_name2num_n() return the number +corresponding to the given name, or 0 if it's undefined in the given +B. + +ossl_namemap_doall_names() returns 1 if the callback was called for all names. A +return value of 0 means that the callback was not called for any names. + +ossl_namemap_add_names() returns the number associated with the added +names, or zero on error. + +=head1 NOTES + +The result from ossl_namemap_num2names() isn't thread safe, other threads +dealing with the same namemap may cause the list of names to change +location. +It is therefore strongly recommended to only use the result in code +guarded by a thread lock. + +=head1 HISTORY + +The functions described here were all added in OpenSSL 3.0. + +=head1 COPYRIGHT + +Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved. + +Licensed under the Apache License 2.0 (the "License"). You may not use +this file except in compliance with the License. You can obtain a copy +in the file LICENSE in the source distribution or at +L. + +=cut diff --git a/deps/openssl/openssl/doc/internal/man3/ossl_provider_add_conf_module.pod b/deps/openssl/openssl/doc/internal/man3/ossl_provider_add_conf_module.pod new file mode 100644 index 00000000000000..7e4d5097f6346b --- /dev/null +++ b/deps/openssl/openssl/doc/internal/man3/ossl_provider_add_conf_module.pod @@ -0,0 +1,41 @@ +=pod + +=head1 NAME + +ossl_provider_add_conf_module - internal standard configuration module + +=head1 SYNOPSIS + + #include "internal/provider.h" + + /* Configuration */ + void ossl_provider_add_conf_module(void); + +=head1 DESCRIPTION + +ossl_provider_add_conf_module() adds the standard configuration module +for providers. +This allows providers to be configured with an OpenSSL L file. + +=head1 RETURN VALUES + +ossl_provider_add_conf_module() doesn't return any value. + +=head1 SEE ALSO + +L, L + +=head1 HISTORY + +The functions described here were all added in OpenSSL 3.0. + +=head1 COPYRIGHT + +Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. + +Licensed under the Apache License 2.0 (the "License"). You may not use +this file except in compliance with the License. You can obtain a copy +in the file LICENSE in the source distribution or at +L. + +=cut diff --git a/deps/openssl/openssl/doc/internal/man3/ossl_provider_new.pod b/deps/openssl/openssl/doc/internal/man3/ossl_provider_new.pod new file mode 100644 index 00000000000000..193472462b38a6 --- /dev/null +++ b/deps/openssl/openssl/doc/internal/man3/ossl_provider_new.pod @@ -0,0 +1,400 @@ +=pod + +=head1 NAME + +ossl_provider_find, ossl_provider_new, ossl_provider_up_ref, +ossl_provider_free, +ossl_provider_set_fallback, ossl_provider_set_module_path, +ossl_provider_add_parameter, ossl_provider_set_child, ossl_provider_get_parent, +ossl_provider_up_ref_parent, ossl_provider_free_parent, +ossl_provider_default_props_update, ossl_provider_get0_dispatch, +ossl_provider_init_as_child, ossl_provider_deinit_child, +ossl_provider_activate, ossl_provider_deactivate, ossl_provider_add_to_store, +ossl_provider_ctx, +ossl_provider_doall_activated, +ossl_provider_name, ossl_provider_dso, +ossl_provider_module_name, ossl_provider_module_path, +ossl_provider_libctx, +ossl_provider_teardown, ossl_provider_gettable_params, +ossl_provider_get_params, +ossl_provider_query_operation, ossl_provider_unquery_operation, +ossl_provider_set_operation_bit, ossl_provider_test_operation_bit, +ossl_provider_get_capabilities +- internal provider routines + +=head1 SYNOPSIS + + #include "internal/provider.h" + + OSSL_PROVIDER *ossl_provider_find(OSSL_LIB_CTX *libctx, const char *name, + int noconfig); + OSSL_PROVIDER *ossl_provider_new(OSSL_LIB_CTX *libctx, const char *name, + ossl_provider_init_fn *init_function + int noconfig); + int ossl_provider_up_ref(OSSL_PROVIDER *prov); + void ossl_provider_free(OSSL_PROVIDER *prov); + + /* Setters */ + int ossl_provider_set_fallback(OSSL_PROVIDER *prov); + int ossl_provider_set_module_path(OSSL_PROVIDER *prov, const char *path); + int ossl_provider_add_parameter(OSSL_PROVIDER *prov, const char *name, + const char *value); + + /* Child Providers */ + int ossl_provider_set_child(OSSL_PROVIDER *prov, + const OSSL_CORE_HANDLE *handle); + const OSSL_CORE_HANDLE *ossl_provider_get_parent(OSSL_PROVIDER *prov); + int ossl_provider_up_ref_parent(OSSL_PROVIDER *prov, int activate); + int ossl_provider_free_parent(OSSL_PROVIDER *prov, int deactivate); + int ossl_provider_default_props_update(OSSL_LIB_CTX *libctx, + const char *props); + + /* + * Activate the Provider + * If the Provider is a module, the module will be loaded + */ + int ossl_provider_activate(OSSL_PROVIDER *prov, int upcalls, int aschild); + int ossl_provider_deactivate(OSSL_PROVIDER *prov, int removechildren); + int ossl_provider_add_to_store(OSSL_PROVIDER *prov, OSSL_PROVIDER **actualprov, + int retain_fallbacks); + + /* Return pointer to the provider's context */ + void *ossl_provider_ctx(const OSSL_PROVIDER *prov); + + const OSSL_DISPATCH *ossl_provider_get0_dispatch(const OSSL_PROVIDER *prov); + + /* Iterate over all loaded providers */ + int ossl_provider_doall_activated(OSSL_LIB_CTX *, + int (*cb)(OSSL_PROVIDER *provider, + void *cbdata), + void *cbdata); + + /* Getters for other library functions */ + const char *ossl_provider_name(OSSL_PROVIDER *prov); + const DSO *ossl_provider_dso(OSSL_PROVIDER *prov); + const char *ossl_provider_module_name(OSSL_PROVIDER *prov); + const char *ossl_provider_module_path(OSSL_PROVIDER *prov); + OSSL_LIB_CTX *ossl_provider_libctx(const OSSL_PROVIDER *prov); + + /* Thin wrappers around calls to the provider */ + void ossl_provider_teardown(const OSSL_PROVIDER *prov); + const OSSL_PARAM *ossl_provider_gettable_params(const OSSL_PROVIDER *prov); + int ossl_provider_get_params(const OSSL_PROVIDER *prov, OSSL_PARAM params[]); + int ossl_provider_get_capabilities(const OSSL_PROVIDER *prov, + const char *capability, + OSSL_CALLBACK *cb, + void *arg); + const OSSL_ALGORITHM *ossl_provider_query_operation(const OSSL_PROVIDER *prov, + int operation_id, + int *no_cache); + void ossl_provider_unquery_operation(const OSSL_PROVIDER *prov, + int operation_id, + const OSSL_ALGORITHM *algs); + + int ossl_provider_set_operation_bit(OSSL_PROVIDER *provider, size_t bitnum); + int ossl_provider_test_operation_bit(OSSL_PROVIDER *provider, size_t bitnum, + int *result); + + int ossl_provider_init_as_child(OSSL_LIB_CTX *ctx, + const OSSL_CORE_HANDLE *handle, + const OSSL_DISPATCH *in); + void ossl_provider_deinit_child(OSSL_LIB_CTX *ctx); + +=head1 DESCRIPTION + +I is a type that holds all the necessary information +to handle a provider, regardless of if it's built in to the +application or the OpenSSL libraries, or if it's a loadable provider +module. +Instances of this type are commonly referred to as "provider objects". + +A provider object is always stored in a set of provider objects +in the library context. + +Provider objects are reference counted. + +Provider objects are initially inactive, i.e. they are only recorded +in the store, but are not used. +They are activated with the first call to ossl_provider_activate(), +and are deactivated with the last call to ossl_provider_deactivate(). +Activation affects a separate counter. + +=head2 Functions + +ossl_provider_find() finds an existing provider object in the provider +object store by I. +The config file will be automatically loaded unless I is set. +Typically I should be 0. +We set I to 1 only when calling these functions while processing a +config file in order to avoid recursively attempting to load the file. +The provider object it finds has its reference count incremented. + +ossl_provider_new() creates a new provider object named I and +stores it in the provider object store, unless there already is one +there with the same name. +If there already is one with the same name, it's returned with its +reference count incremented. +The config file will be automatically loaded unless I is set. +Typically I should be 0. +We set I to 1 only when calling these functions while processing a +config file in order to avoid recursively attempting to load the file. +The reference count of a newly created provider object will always +be 2; one for being added to the store, and one for the returned +reference. +If I is NULL, the provider is assumed to be a +dynamically loadable module, with the symbol B as +its initialisation function. +If I isn't NULL, the provider is assumed to be built +in, with I being the pointer to its initialisation +function. +For further description of the initialisation function, see the +description of ossl_provider_activate() below. + +ossl_provider_up_ref() increments the provider object I's +reference count. + +ossl_provider_free() decrements the provider object I's +reference count; when it drops to zero, the provider object is assumed +to have fallen out of use and will be deinitialized (its I +function is called), and the associated module will be unloaded if one +was loaded, and I itself will be freed. + +ossl_provider_set_fallback() marks an available provider I as +fallback. +Note that after this call, the provider object pointer that was +used can simply be dropped, but not freed. + +ossl_provider_set_module_path() sets the module path to load the +provider module given the provider object I. +This will be used in preference to automatically trying to figure out +the path from the provider name and the default module directory (more +on this in L). + +ossl_provider_libctx() returns the library context the given +provider I is registered in. + +ossl_provider_add_parameter() adds a global parameter for the provider +to retrieve as it sees fit. +The parameters are a combination of I and I, and the +provider will use the name to find the value it wants. +Only text parameters can be given, and it's up to the provider to +interpret them. + +ossl_provider_set_child() marks this provider as a child of a provider in the +parent library context. I is the B object passed to +the provider's B function. + +ossl_provider_get_parent() obtains the handle on the parent provider. + +ossl_provider_up_ref_parent() increases the reference count on the parent +provider. If I is nonzero then the parent provider is also activated. + +ossl_provider_free_parent() decreases the reference count on the parent +provider. If I is nonzero then the parent provider is also +deactivated. + +ossl_provider_default_props_update() is responsible for informing any child +providers of an update to the default properties. The new properties are +supplied in the I string. + +ossl_provider_activate() "activates" the provider for the given +provider object I by incrementing its activation count, flagging +it as activated, and initializing it if it isn't already initialized. +Initializing means one of the following: + +=over 4 + +=item * + +If an initialization function was given with ossl_provider_new(), that +function will get called. + +=item * + +If no initialization function was given with ossl_provider_new(), a +loadable module with the I that was given to ossl_provider_new() +will be located and loaded, then the symbol B will +be located in that module, and called. + +=back + +If I is nonzero then, if this is a child provider, upcalls to the +parent libctx will be made to inform it of an up-ref. If I is nonzero +then the provider will only be activated if it is a child provider. Otherwise +no action is taken and ossl_provider_activate() returns success. + +ossl_provider_deactivate() "deactivates" the provider for the given +provider object I by decrementing its activation count. When +that count reaches zero, the activation flag is cleared. If the +I parameter is 0 then no attempt is made to remove any +associated child providers. + +ossl_provider_add_to_store() adds the provider I to the provider store and +makes it available to other threads. This will prevent future automatic loading +of fallback providers, unless I is true. If a provider of the +same name already exists in the store then it is not added but this function +still returns success. On success the I value is populated with a +pointer to the provider of the given name that is now in the store. The +reference passed in the I argument is consumed by this function. A +reference to the provider that should be used is passed back in the +I argument. + +ossl_provider_ctx() returns a context created by the provider. +Outside of the provider, it's completely opaque, but it needs to be +passed back to some of the provider functions. + +ossl_provider_get0_dispatch() returns the dispatch table that the provider +initially returned in the I parameter of its B +function. + +ossl_provider_doall_activated() iterates over all the currently +"activated" providers, and calls I for each of them. +If no providers have been "activated" yet, it tries to activate all +available fallback providers before iterating over them. + +ossl_provider_name() returns the name that was given with +ossl_provider_new(). + +ossl_provider_dso() returns a reference to the module, for providers +that come in the form of loadable modules. + +ossl_provider_module_name() returns the filename of the module, for +providers that come in the form of loadable modules. + +ossl_provider_module_path() returns the full path of the module file, +for providers that come in the form of loadable modules. + +ossl_provider_teardown() calls the provider's I function, if +the provider has one. + +ossl_provider_gettable_params() calls the provider's I +function, if the provider has one. +It should return an array of I to describe all the +parameters that the provider has for the provider object. + +ossl_provider_get_params() calls the provider's parameter request +responder. +It should treat the given I array as described in +L. + +ossl_provider_get_capabilities() calls the provider's I function, +if the provider has one. It provides the name of the I and a +callback I parameter to call for each capability that has a matching name in +the provider. The callback gets passed OSSL_PARAM details about the capability as +well as the caller supplied argument I. + +ossl_provider_query_operation() calls the provider's +I function, if the provider has one. +It should return an array of I for the given +I. + +ossl_provider_unquery_operation() informs the provider that the result of +ossl_provider_query_operation() is no longer going to be directly accessed and +that all relevant information has been copied. + +ossl_provider_set_operation_bit() registers a 1 for operation I +in a bitstring that's internal to I. + +ossl_provider_test_operation_bit() checks if the bit operation I +is set (1) or not (0) in the internal I bitstring, and sets +I<*result> to 1 or 0 accordingly. + +ossl_provider_init_as_child() stores in the library context I references to +the necessary upcalls for managing child providers. The I and I +parameters are the B and L pointers that were +passed to the provider's B function. + +ossl_provider_deinit_child() deregisters callbacks from the parent library +context about provider creation or removal events for the child library context +I. Must only be called if I is a child library context. + +=head1 NOTES + +Locating a provider module happens as follows: + +=over 4 + +=item 1. + +If a path was given with ossl_provider_set_module_path(), use that as +module path. +Otherwise, use the provider object's name as module path, with +platform specific standard extensions added. + +=item 2. + +If the environment variable B is defined, assume its +value is a directory specification and merge it with the module path. +Otherwise, merge the value of the OpenSSL built in macro B +with the module path. + +=back + +When this process is done, the result is used when trying to load the +provider module. + +The command C can be used to find out the value +of the built in macro B. + +=head1 RETURN VALUES + +ossl_provider_find() and ossl_provider_new() return a pointer to a +provider object (I) on success, or NULL on error. + +ossl_provider_up_ref() returns the value of the reference count after +it has been incremented. + +ossl_provider_free() doesn't return any value. + +ossl_provider_doall_activated() returns 1 if the callback was called for all +activated providers. A return value of 0 means that the callback was not +called for any activated providers. + +ossl_provider_set_module_path(), ossl_provider_set_fallback(), +ossl_provider_activate(), ossl_provider_activate_leave_fallbacks() and +ossl_provider_deactivate(), ossl_provider_add_to_store(), +ossl_provider_default_props_update() return 1 on success, or 0 on error. + +ossl_provider_name(), ossl_provider_dso(), +ossl_provider_module_name(), and ossl_provider_module_path() return a +pointer to their respective data if it's available, otherwise NULL +is returned. + +ossl_provider_libctx() return a pointer to the library context. +This may be NULL, and is perfectly valid, as it denotes the default +global library context. + +ossl_provider_teardown() doesn't return any value. + +ossl_provider_gettable_params() returns a pointer to a constant +I array if this function is available in the provider, +otherwise NULL. + +ossl_provider_get_params() returns 1 on success, or 0 on error. +If this function isn't available in the provider, 0 is returned. + +ossl_provider_set_operation_bit() and ossl_provider_test_operation_bit() +return 1 on success, or 0 on error. + +ossl_provider_get_capabilities() returns 1 on success, or 0 on error. +If this function isn't available in the provider or the provider does not +support the requested capability then 0 is returned. + +=head1 SEE ALSO + +L, L, L + +=head1 HISTORY + +The functions described here were all added in OpenSSL 3.0. + +=head1 COPYRIGHT + +Copyright 2019-2024 The OpenSSL Project Authors. All Rights Reserved. + +Licensed under the Apache License 2.0 (the "License"). You may not use +this file except in compliance with the License. You can obtain a copy +in the file LICENSE in the source distribution or at +L. + +=cut diff --git a/deps/openssl/openssl/doc/internal/man3/ossl_punycode_decode.pod b/deps/openssl/openssl/doc/internal/man3/ossl_punycode_decode.pod new file mode 100644 index 00000000000000..652626159e3ac8 --- /dev/null +++ b/deps/openssl/openssl/doc/internal/man3/ossl_punycode_decode.pod @@ -0,0 +1,60 @@ +=pod + +=head1 NAME + +ossl_punycode_decode, ossl_a2ulabel, ossl_a2ucompare +- internal punycode-related functions + +=head1 SYNOPSIS + + #include "crypto/punycode.h" + + int ossl_punycode_decode(const char *pEncoded, const size_t enc_len, + unsigned int *pDecoded, unsigned int *pout_length); + + int ossl_a2ulabel(const char *in, char *out, size_t *outlen); + + int ossl_a2ucompare(const char *a, const char *u); + +=head1 DESCRIPTION + +PUNYCODE encoding introduced in RFCs 3490-3492 is widely used for +representation of host names in ASCII-only format. Some specifications, +such as RFC 8398, require comparison of host names encoded in UTF-8 charset. + +ossl_a2ulabel() decodes NUL-terminated hostname from PUNYCODE to UTF-8, +using a provided buffer for output. + +ossl_a2ucompare() accepts two NUL-terminated hostnames, decodes the 1st +from PUNYCODE to UTF-8 and compares it with the 2nd one as is. + +ossl_punycode_decode() decodes one label (one dot-separated part) from +a hostname, with stripped PUNYCODE marker I. + +=head1 RETURN VALUES + +ossl_a2ulabel() returns 1 on success, 0 on not enough buf passed, +-1 on invalid PUNYCODE string passed. When valid string is provided, it sets the +I<*outlen> to the length of required buffer to perform correct decoding. + +ossl_a2ucompare() returns 1 on non-equal strings, 0 on equal strings, +-1 when invalid PUNYCODE string passed. + +ossl_punycode_decode() returns 1 on success, 0 on error. On success, +*pout_length contains the number of codepoints decoded. + +=head1 HISTORY + +The functions described here were all added in OpenSSL 3.0. + +=head1 COPYRIGHT + +Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved. + +Licensed under the Apache License 2.0 (the "License"). You may not use +this file except in compliance with the License. You can obtain a copy +in the file LICENSE in the source distribution or at +L. + +=cut + diff --git a/deps/openssl/openssl/doc/internal/man3/ossl_rand_get_entropy.pod b/deps/openssl/openssl/doc/internal/man3/ossl_rand_get_entropy.pod new file mode 100644 index 00000000000000..4da3f1f4d9db5f --- /dev/null +++ b/deps/openssl/openssl/doc/internal/man3/ossl_rand_get_entropy.pod @@ -0,0 +1,66 @@ +=pod + +=head1 NAME + +ossl_rand_get_entropy, ossl_rand_cleanup_entropy, +ossl_rand_get_nonce, ossl_rand_cleanup_nonce +- get seed material from the operating system + +=head1 SYNOPSIS + + #include "crypto/rand.h" + + size_t ossl_rand_get_entropy(OSSL_CORE_HANDLE *handle, + unsigned char **pout, int entropy, + size_t min_len, size_t max_len); + void ossl_rand_cleanup_entropy(OSSL_CORE_HANDLE *handle, + unsigned char *buf, size_t len); + size_t ossl_rand_get_nonce(OSSL_CORE_HANDLE *handle, + unsigned char **pout, size_t min_len, + size_t max_len, const void *salt, size_t salt_len); + void ossl_rand_cleanup_nonce(OSSL_CORE_HANDLE *handle, + unsigned char *buf, size_t len); + +=head1 DESCRIPTION + +ossl_rand_get_entropy() retrieves seeding material from the operating system. +The seeding material will have at least I bytes of randomness and is +stored in a buffer which contains at least I and at most I +bytes. The buffer address is stored in I<*pout> and the buffer length is +returned to the caller. + +ossl_rand_cleanup_entropy() cleanses and frees any storage allocated by +ossl_rand_get_entropy(). The seeding buffer is pointed to by I and is +of length I bytes. + +ossl_rand_get_nonce() retrieves a nonce using the passed I parameter +of length I and operating system specific information. +The I should contain uniquely identifying information and this is +included, in an unspecified manner, as part of the output. +The output is stored in a buffer which contains at least I and at +most I bytes. The buffer address is stored in I<*pout> and the +buffer length returned to the caller. + +ossl_rand_cleanup_nonce() cleanses and frees any storage allocated by +ossl_rand_get_nonce(). The nonce buffer is pointed to by I and is +of length I bytes. + +=head1 RETURN VALUES + +ossl_rand_get_entropy() and ossl_rand_get_nonce() return the number of bytes +in I<*pout> or 0 on error. + +=head1 HISTORY + +The functions described here were all added in OpenSSL 3.0. + +=head1 COPYRIGHT + +Copyright 2020 The OpenSSL Project Authors. All Rights Reserved. + +Licensed under the Apache License 2.0 (the "License"). You may not use +this file except in compliance with the License. You can obtain a copy +in the file LICENSE in the source distribution or at +L. + +=cut diff --git a/deps/openssl/openssl/doc/internal/man3/ossl_random_add_conf_module.pod b/deps/openssl/openssl/doc/internal/man3/ossl_random_add_conf_module.pod new file mode 100644 index 00000000000000..a3c1285fe01bb7 --- /dev/null +++ b/deps/openssl/openssl/doc/internal/man3/ossl_random_add_conf_module.pod @@ -0,0 +1,42 @@ +=pod + +=head1 NAME + +ossl_random_add_conf_module - internal random configuration module + +=head1 SYNOPSIS + + #include "crypto/rand.h" + + /* Configuration */ + void ossl_random_add_conf_module(void); + +=head1 DESCRIPTION + +ossl_random_add_conf_module() adds the random configuration module +for providers. +This allows the type and parameters of the standard setup of random number +generators to be configured with an OpenSSL L file. + +=head1 RETURN VALUES + +ossl_random_add_conf_module() doesn't return any value. + +=head1 SEE ALSO + +L, L, L + +=head1 HISTORY + +The functions described here were all added in OpenSSL 3.0. + +=head1 COPYRIGHT + +Copyright 2020-2024 The OpenSSL Project Authors. All Rights Reserved. + +Licensed under the Apache License 2.0 (the "License"). You may not use +this file except in compliance with the License. You can obtain a copy +in the file LICENSE in the source distribution or at +L. + +=cut diff --git a/deps/openssl/openssl/doc/internal/man3/ossl_rsa_get0_all_params.pod b/deps/openssl/openssl/doc/internal/man3/ossl_rsa_get0_all_params.pod new file mode 100644 index 00000000000000..a7ebb613bb025f --- /dev/null +++ b/deps/openssl/openssl/doc/internal/man3/ossl_rsa_get0_all_params.pod @@ -0,0 +1,75 @@ +=pod + +=head1 NAME + +ossl_rsa_set0_all_params, ossl_rsa_get0_all_params +- Internal routines for getting and setting data in an RSA object + +=head1 SYNOPSIS + + #include "crypto/rsa.h" + + int ossl_rsa_get0_all_params(RSA *r, STACK_OF(BIGNUM_const) *primes, + STACK_OF(BIGNUM_const) *exps, + STACK_OF(BIGNUM_const) *coeffs); + int ossl_rsa_set0_all_params(RSA *r, const STACK_OF(BIGNUM) *primes, + const STACK_OF(BIGNUM) *exps, + const STACK_OF(BIGNUM) *coeffs); + +=head1 DESCRIPTION + +ossl_rsa_set0_all_params() sets all primes, CRT exponents and CRT coefficients +in the B object I to the contents of the stacks of BIGNUMs I, +I and I. The B object takes ownership of the BIGNUMs, +but not of the stacks. + +ossl_rsa_get0_all_params() gets all primes, CRT exponents and CRT coefficients +in the B object I and pushes them on the stacks of constant BIGNUMs +I, I and I. The B object retains ownership of the +BIGNUMs, but not of the stacks. + +=head1 NOTES + +For RSA_set0_all_params() and RSA_get0_all_params(): + +=over 4 + +=item * + +the I stack contains I

, I, and then the rest of the primes +if the B object is a multi-prime RSA key. + +=item * + +the I stack contains I, I, and then the rest of the exponents +if the B object is a multi-prime RSA key. + +=item * + +the I stack contains I, and then the rest of the coefficients +if the B object is a multi-prime RSA key. + +=back + +The number of primes must always be equal to the number of exponents, and +the number of coefficients must be one less than the number of primes. + +=head1 RETURN VALUES + +ossl_rsa_get0_all_params() and ossl_rsa_set0_all_params() return 1 on success, +or 0 on failure. + +=head1 SEE ALSO + +L + +=head1 COPYRIGHT + +Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. + +Licensed under the Apache License 2.0 (the "License"). You may not use +this file except in compliance with the License. You can obtain a copy +in the file LICENSE in the source distribution or at +L. + +=cut diff --git a/deps/openssl/openssl/doc/internal/man3/x509v3_cache_extensions.pod b/deps/openssl/openssl/doc/internal/man3/x509v3_cache_extensions.pod new file mode 100644 index 00000000000000..cc0aeb6079a896 --- /dev/null +++ b/deps/openssl/openssl/doc/internal/man3/x509v3_cache_extensions.pod @@ -0,0 +1,41 @@ +=pod + +=head1 NAME + +x509v3_cache_extensions +- cache info on various X.509v3 extensions and further derived certificate data + +=head1 SYNOPSIS + + #include + + int x509v3_cache_extensions(X509 *x, OSSL_LIB_CTX *libctx, const char *propq); + +=head1 DESCRIPTION + +This function processes any X509v3 extensions present in an X509 object I +and caches the result of that processing as well as further derived info, +for instance whether the certificate is self-issued or has version X.509v1. +It computes the SHA1 digest of the certificate using the default library context +and property query string and stores the result in x->sha1_hash, +or on failure sets B in x->flags. +It sets B in x->flags if x->siginf was filled successfully, +which may not be possible if a referenced algorithm is unknown or not available. +Many OpenSSL functions that use an X509 object call this function implicitly. + +=head1 RETURN VALUES + +This function returns 0 if the extensions or other portions of the certificate +are invalid or an error occurred. +Otherwise it returns 1. + +=head1 COPYRIGHT + +Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved. + +Licensed under the Apache License 2.0 (the "License"). You may not use +this file except in compliance with the License. You can obtain a copy +in the file LICENSE in the source distribution or at +L. + +=cut diff --git a/deps/openssl/openssl/doc/internal/man7/DERlib.pod b/deps/openssl/openssl/doc/internal/man7/DERlib.pod new file mode 100644 index 00000000000000..24280b976b344e --- /dev/null +++ b/deps/openssl/openssl/doc/internal/man7/DERlib.pod @@ -0,0 +1,149 @@ +=pod + +=head1 NAME + +DERlib - internal OpenSSL DER library + +=head1 DESCRIPTION + +OpenSSL contains an internal small DER reading and writing library, +as an alternative to the publicly known i2d and d2i functions. It's +solely constituted of functions that work as building blocks to create +more similar functions to encode and decode larger structures. + +All these functions have similar function signatures (C +will vary depending on what the function will encode): + + int DER_w_something(WPACKET *pkt, int tag, ...); + +=begin comment + +When readers are added, add this: + + int DER_r_something(PACKET *pkt, int tag, ...); + +=end comment + +I is the packet context used, and I should be the +context-specific tag value of the element being handled, or -1 if there +is no tag number for that element (you may use the convenience macro +B instead of -1). Any argument following is the C +variable that's being encoded or decoded. + +=head2 DER writers / encoders + +DER writers are based in L, a generic packet writing +library, so before using any of them, I must be initialized +using L or L + +DER writers must be used in reverse order, except for the wrapping +functions that implement a constructed element. The latter are easily +recognised by their function name including the words C and +C. As an example, we can look at the DSA signature structure, +which is defined like this in ASN.1 terms: + + -- Copied from RFC 3279, section 2.2.2 + Dss-Sig-Value ::= SEQUENCE { + r INTEGER, + s INTEGER } + +With the DER library, this is the corresponding code, given two OpenSSL +Bs I and I: + + int ok = ossl_DER_w_begin_sequence(pkt, -1) + && ossl_DER_w_bn(pkg, -1, s) + && ossl_DER_w_bn(pkg, -1, r) + && ossl_DER_w_end_sequence(pkt, -1); + +As an example of the use of I, an ASN.1 element like this: + + v [1] INTEGER OPTIONAL + +Would be encoded like this: + + ossl_DER_w_bn(pkt, 1, v) + +=begin comment + +=head2 DER readers / decoders + +TBA + +=end comment + +=head1 EXAMPLES + +A more complex example, encoding the AlgorithmIdentifier with +RSASSA-PSS values. + +As a reminder, the AlgorithmIdentifier is specified like this: + + -- From RFC 3280, section 4.1.1.2 + AlgorithmIdentifier ::= SEQUENCE { + algorithm OBJECT IDENTIFIER, + parameters ANY DEFINED BY algorithm OPTIONAL } + +And the RSASSA-PSS OID and parameters are specified like this: + + -- From RFC 3279, section 3.1 + id-RSASSA-PSS OBJECT IDENTIFIER ::= { pkcs-1 10 } + + RSASSA-PSS-params ::= SEQUENCE { + hashAlgorithm [0] HashAlgorithm DEFAULT + sha1Identifier, + maskGenAlgorithm [1] MaskGenAlgorithm DEFAULT + mgf1SHA1Identifier, + saltLength [2] INTEGER DEFAULT 20, + trailerField [3] INTEGER DEFAULT 1 } + +The value we want to encode, written in ASN.1 syntax: + + { + algorithm id-RSASSA-PSS, + parameters { + hashAlgorithm sha256Identifier, + maskGenAlgorithm mgf1SHA256Identifier, + saltLength 20 -- unnecessarily explicit + } + } + +Assuming that we have precompiled constants for C, +C and C, the DER writing code +looks as follows. This is a complete function to write that specific +value: + + int DER_w_AlgorithmIdentifier_RSASSA_PSS_special(WPACKET *pkt, + int tag, + RSA *rsa) + { + return ossl_DER_w_begin_sequence(pkt, tag) + && (ossl_DER_w_begin_sequence(pkt, DER_NO_CONTEXT) + && ossl_DER_w_uint32(pkt, 2, 20) + && ossl_DER_w_precompiled(pkt, 1, + der_mgf1SHA256Identifier, + sizeof(der_mgf1SHA256Identifier)) + && ossl_DER_w_precompiled(pkt, 0, + der_sha256Identifier, + sizeof(der_sha256Identifier)) + && ossl_DER_w_end_sequence(pkt, DER_NO_CONTEXT)) + && ossl_DER_w_precompiled(pkt, DER_NO_CONTEXT, + der_id_RSASSA_PSS, + sizeof(der_id_RSASSA_PSS)) + && ossl_DER_w_end_sequence(pkt, tag); + } + +=head1 SEE ALSO + +L, L, +L + +=head1 COPYRIGHT + +Copyright 2020-2022 The OpenSSL Project Authors. All Rights Reserved. + +Licensed under the Apache License 2.0 (the "License"). You may not use +this file except in compliance with the License. You can obtain a copy +in the file LICENSE in the source distribution or at +L. + +=cut diff --git a/deps/openssl/openssl/doc/internal/man7/EVP_PKEY.pod b/deps/openssl/openssl/doc/internal/man7/EVP_PKEY.pod new file mode 100644 index 00000000000000..3dc10fa4104cf1 --- /dev/null +++ b/deps/openssl/openssl/doc/internal/man7/EVP_PKEY.pod @@ -0,0 +1,212 @@ +=pod + +=head1 NAME + +EVP_PKEY - an internal description + +=head1 SYNOPSIS + + #include "crypto/evp.h" + + typedef struct evp_pkey_st EVP_PKEY; + +=head1 DESCRIPTION + +I + +B is a complex type that's essentially a container for +private/public key pairs, but has had other uses as well. + +=for comment "uses" could as well be "abuses"... + +The private/public key pair that an B contains is referred to +as its "internal key" or "origin" (the reason for "origin" is +explained further down, in L), +and it can take one of the following forms: + +=over 4 + +=item legacy origin + +This is the form that an B in OpenSSL prior to 3.0 had. The +internal key in the B is a pointer to the low-level key +types, such as B, B and B, or an engine driven +structure, and is governed by an associated L and +an L. + +The functions available through those two method structures get full +access to the B and therefore have a lot of freedom to +modify whatever they want. This also means that an B is a +shared structure between libcrypto and any ENGINE that serves such +methods. + +=item provider-native origin + +This is a new form in OpenSSL 3.0, which permits providers to hold the +key data (see L). The internal key in the +B is a pointer to that key data held by the provider, and +is governed by an associated L method structure. + +The functions available through the L have no access +to the B, and can therefore not make any direct changes. +Similarly, the key data that the B points at is only known +to the functions pointed at in the L. + +=back + +These two forms can never co-exist in the same B, the main +reason being that having both at the same time will create problems +with synchronising between the two forms, and potentially make it +confusing which one of the two is the origin. + +=head2 Key mutability + +The B internal keys are mutable. + +This is especially visible with internal legacy keys, since they can +be extracted with functions like L and then +modified at will with functions like L. Note that if the +internal key is a provider key then the return value from functions such as +L is a cached copy of the key. Changes to the cached +copy are not reflected back in the provider key. + +Internal provider native keys are also possible to be modified, if the +associated L implementation allows it. This is done +with L and its specialised derivatives. The +OpenSSL providers allow it for the following: + +=over 4 + +=item DH, EC, X25519, X448: + +It's possible to set the encoded public key. This is supported in +particular through L. + +=item EC: + +It's possible to flip the ECDH cofactor mode. + +=back + +Every time the B internal key mutates, an internal dirty +count is incremented. The need for a dirty count is explained further +in L. + +For provider native origin keys, this doesn't require any help from +the L, the dirty count is maintained in the B +itself, and is incremented every time L or its +specialised derivatives are called. +For legacy origin keys, this requires the associated +L to implement the dirty_cnt() function. All +of OpenSSL's built-in L implement this +function. + +=head2 Export cache for provider operations + +OpenSSL 3.0 can handle operations such as signing, encrypting, etc in +diverse providers, potentially others than the provider of the +L. Two providers, possibly from different vendors, +can't be expected to share internal key structures. There are +therefore instances where key data will need to be exported to the +provider that is going to perform the operation (this also implies +that every provider that implements a key pair based operation must +also implement an L). + +For performance reasons, libcrypto tries to minimize the need to +perform such an export, so it maintains a cache of such exports in the +B. Each cache entry has two items, a pointer to the +provider side key data and the associated L. + +I + +The export to the operation key cache can be performed independent of +what form the origin has. +For a legacy origin, this requires that the associated +L implements the functions export_to() and +dirty_cnt(). +For a provider native origin, this requires that the associated +L implements the OSSL_FUNC_keymgmt_export() function +(see L). +In all cases, the receiving L (the one associated with +the exported key data) must implement OSSL_FUNC_keymgmt_import(). + +If such caching isn't supported, the operations that can be performed +with that key are limited to the same backend as the origin key +(ENGINE for legacy origin keys, provider for provider side origin +keys). + +=head3 Exporting implementation details + + +Exporting a key to the operation cache involves the following: + +=over 4 + +=item 1. + +Check if the dirty count for the internal origin key has changed since +the previous time. This is done by comparing it with a copy of the +dirty count, which is maintained by the export function. + +If the dirty count has changed, the export cache is cleared. + +=item 2. + +Check if there's an entry in the export cache with the same +L that's the same provider that an export is to be +made to (which is the provider that's going to perform an operation +for which the current B is going to be used). + +If such an entry is found, nothing more is done, the key data and +L found in that export cache entry will be used for +the operation to be performed. + +=item 3. + +Export the internal origin key to the provider, using the appropriate +method. + +For legacy origin keys, that's done with the help of the +L export_to() function. + +For provider native origin keys, that's done by retrieving the key +data in L form from the origin keys, using the +OSSL_FUNC_keymgmt_export() functions of the associated +L, and sending that data to the L of +the provider that's to perform the operation, using its +OSSL_FUNC_keymgmt_import() function. + +=back + +=head2 Changing a key origin + +It is never possible to change the origin of a key. An B with a legacy +origin will I be upgraded to become an B with a provider +native origin. Instead, we have the operation cache as described above, that +takes care of the needs of the diverse operation the application may want to +perform. + +Similarly an B with a provider native origin, will I be +I into an B with a legacy origin. Instead we may have a +cached copy of the provider key in legacy form. Once the cached copy is created +it is never updated. Changes made to the provider key are not reflected back in +the cached legacy copy. Similarly changes made to the cached legacy copy are not +reflected back in the provider key. + +=head1 SEE ALSO + +L + +=head1 COPYRIGHT + +Copyright 2020-2024 The OpenSSL Project Authors. All Rights Reserved. + +Licensed under the Apache License 2.0 (the "License"). You may not use +this file except in compliance with the License. You can obtain a copy +in the file LICENSE in the source distribution or at +L. + +=cut diff --git a/deps/openssl/openssl/doc/internal/man7/VERSION.pod b/deps/openssl/openssl/doc/internal/man7/VERSION.pod new file mode 100644 index 00000000000000..4bc8ba6b932752 --- /dev/null +++ b/deps/openssl/openssl/doc/internal/man7/VERSION.pod @@ -0,0 +1,149 @@ +=pod + +=head1 NAME + +VERSION - OpenSSL version information + +=head1 SYNOPSIS + + MAJOR=3 + MINOR=0 + PATCH=0 + PRE_RELEASE_TAG=dev + BUILD_METADATA= + RELEASE_DATE= + SHLIB_VERSION=3 + +=head1 DESCRIPTION + +This file is a set of keyed information looking like simple variable +assignments. When given an empty value, they are seen as unassigned. +The keys that are recognised are: + +=over 4 + +=item B, B, B + +The three parts of OpenSSL's 3 numbered version number, MAJOR.MINOR.PATCH. +These are used to compose the values for the C macros B, +B, B. + +=item B + +This is the added pre-release tag, which is added to the version separated by +a dash. For a value C, the C macro B gets +the string C<-foo> (dash added). + +=item B + +Extra metadata to be used by anyone for their own purposes. This is added to +the version and possible pre-release tag, separated by a plus sign. For a +value C, the C macro B gets the string +C<+bar>. + +=item B + +Defined in releases. When not set, it gets the value C. + +=item B + +The shared library version, which is something other than the project version. + +=back + +It is a configuration error if B, B, B and B +don't have values. Configuration will stop in that case. + +=head2 Affected configuration data + +The following items in %config from F are affected: + +=over 4 + +=item $config{major}, $config{minor}, $config{patch}, $config{shlib_version} + +These items get their values from B, B, B, and +B, respectively. + +=item $config{prerelease} + +If B is assigned a value, $config{prerelease} gets that same value, +prefixed by a dash, otherwise the empty string. + +=item $config{build_metadata} + +If B is assigned a value, $config{build_metadata} gets that same +value, prefixed by a plus sign, otherwise the empty string. + +=item $config{release_date} + +If B is assigned a value, $config{release_date} gets that same +value, otherwise the string C. + +=item $config{version} + +The minimal version number, a string composed from B, B and +B, separated by periods. For C, C and C, +the string will be C<3.0.0>. + +=item $config{full_version} + +The fully loaded version number, a string composed from $config{version}, +$config{prerelease} and $config{build_metadata}. See See L for +a few examples. + +=back + +=head1 EXAMPLES + +=over 4 + +=item 1. + + MAJOR=3 + MINOR=0 + PATCH=0 + PRE_RELEASE_TAG=dev + BUILD_METADATA= + +The fully loaded version number ($config{full_version}) will be +C<3.0.0-dev>. + +=item 2. + + MAJOR=3 + MINOR=0 + PATCH=0 + PRE_RELEASE_TAG= + BUILD_METADATA=something + +The fully loaded version number ($config{full_version}) will be +C<3.0.0+something>. + +=item 3. + + MAJOR=3 + MINOR=0 + PATCH=0 + PRE_RELEASE_TAG=alpha3 + BUILD_METADATA=something + +The fully loaded version number ($config{full_version}) will be +C<3.0.0-alpha3+something>. + +=back + +=head1 SEE ALSO + +L + +=head1 COPYRIGHT + +Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. + +Licensed under the Apache License 2.0 (the "License"). You may not use +this file except in compliance with the License. You can obtain a copy +in the file LICENSE in the source distribution or at +L. + +=cut diff --git a/deps/openssl/openssl/doc/internal/man7/build.info.pod b/deps/openssl/openssl/doc/internal/man7/build.info.pod new file mode 100644 index 00000000000000..080c9e444eea4b --- /dev/null +++ b/deps/openssl/openssl/doc/internal/man7/build.info.pod @@ -0,0 +1,644 @@ +=pod + +=head1 NAME + +build.info - Building information files + +=head1 SYNOPSIS + +B0|1B<]> + +B0|1B<]> + +B + +B + +B I

... + +B I ... + +B I ... + +B I ... + +B I ... + +BIB<]=> I ... + +BIB<]=> I I ... + +BIB<]=> I ... + +BIB<]=> I ... + +BIB<]=> I[B<=>I] ... + +BIB<]=> I ... + +B<$>IB<=>I + +=head1 DESCRIPTION + +OpenSSL's build system revolves around three questions: + +=over 4 + +=item What to build for? + +This is about choice of platform (combination of hardware, operating +system, and toolchain). + +=item What to build? + +This is about having all the information on what needs to be built and +from what. + +=item How to build it? + +This is about build file generation. + +=back + +This document is all about the second item, "What to build?", and most +of all, how to specify that information. + +For some terms used in this document, please see the L at +the end. + +=head2 F files + +F files are meta data files for OpenSSL's built file +generators, and are used to specify exactly what end product files +(programs, libraries, modules or scripts) are to be produced, and from +what sources. + +Intermediate files, such as object files, are seldom referred to at +all. They sometimes can be, if there's a need, but this should happen +very rarely, and support for that sort of thing is added on as-needed +basis. + +Any time a directory or file is expected in a statement value, Unix +syntax must be used, which means that the slash C must be used as +the directory separator. + +=head2 General syntax + +=head3 Comments + +Comments are any line that start with a hash sign (C<#>). The hash +sign may be preceded by any number of horizontal spaces. + +=head3 Filenames + +F files are platform agnostic. This means that there is +some information in them that is representative rather than specific. + +This is particularly visible with end product names, they work more +like a tag than as the actual filename that's going to be produced. +This is because different platforms have different decorations on +different types of files. + +For example, if we say that we want to produce a program C, it +would look like this: + + PROGRAM=foo + +However, the program filename may end up being just C (typical +for Unix), or C (typical for Windows), or even C +(possible on VMS, depending on policy). + +These platform specific decorations are not the concern of +F files. The build file generators are responsible for +transforming these platform agnostic names to their platform specific +counterparts. + +=head3 Statements + +With the exception of variables and conditions, the general statement +syntax is one of: + +=over 4 + +=item B> B<=> I ... + +=item B[>IB<]> B<=> I ... + +=back + +Every B> represents some particular type of information. + +The first form (sometimes called "plain statement") is used to specify +information on what end products need to be built, for example: + + PROGRAMS=foo bar + LIBS=libpoly libcookie + MODULES=awesome-plugin + SCRIPTS=tool1 tool2 + SUBDIRS=dir1 dir2 + +This says that we want to build programs C and C, the +libraries C and C, an awesome plugin module +C, a couple of scripts C and C, and +finally that there are more F files in subdirectories +C and C. + +The second form (sometimes called "indexed statement") is used to +specify further details for existing items, for example: + + SOURCE[foo]=foo.c details.c + DEPEND[foo]=libcookie + +This says that the program C is built from the source files +F and F, and that it depends on the library +C (in other words, the library will be included when +linking that program together). + +Multiple space separated items are allowed too: + + SOURCE[foo]=foo.c + SOURCE[details]=details.c + DEPEND[foo details]=libcookie + +For any indexed statement for which the items haven't been specified +through any plain statement, or where the items exists but the indexed +statement does not apply, the value is simply ignored by the build +file generators. + +=head3 Statement attributes + +Some statements can have attributes added to them, to allow for +variations on how they are treated. + +=over 4 + +=item B{> I | IB<=>I [,...]B<}> +B<=> I ... + +=item B[>IB<]{> I | IB<=>I +[,...]B<}> B<=> I ... + +=back + +Attributes are passed as they are to the build file generators, and +the exact interpretation of those attributes is entirely up to them +(see L below for details). + +A current example: + + LIBS{noinst,has_main}=libtestutil.a + +This says that the static library C should not be +installed (C), and that it includes an object file that has +the C
symbol (C). Most platforms don't need to know +the latter, but there are some where the program linker will not look +for C
in libraries unless it's explicitly told so, so this is +way to tell the build file generator to emit the necessary command +options to make that happen. + +Attributes are accumulated globally. This means that a library could +be given like this in different places: + + # Location 1 + LIBS=libwhatever + + # Location 2 + LIBS{noinst}=libwhatever + + # Location 3 + LIBS{has_main}=libwhatever + +The end result is that the library C will have the +attributes C and C attached to it. + +=head3 Quoting and tokens + +Statement values are normally split into a list of tokens, separated +by spaces. + +To avoid having a value split up into several tokens, they may be +quoted with double (C<">) or single (C<'>) quotes. + +For example: + + PROGRAMS=foo "space cadet" bar + +This says that we sant to build three programs, C, C +and C. + +=head3 Conditionals + +F files include a very simple condition system, involving +the following keywords: + +=over 4 + +=item B0|1B<]> + +=item B0|1B<]> + +=item B + +=item B + +=back + +This works like any condition system with similar syntax, and the +condition value in B and B can really be any literal value +that perl can interpret as true or false. + +Conditional statements are nesting. + +In itself, this is not very powerful, but together with L, +it can be. + +=head3 Variables + +F handles simple variables. They are defined by +assignment: + +=over 4 + +=item B<$>I B<=> I + +=back + +These variables can then be used as part of any statement value or +indexed statement item. This should be used with some care, as +I. + +I + +Variable references can be one of: + +=over 4 + +=item B<$>I or B<${>IB<}> + +Simple reference; the variable reference is replaced with its value, +verbatim. + +=item B<${>IBIBIB<}> + +Substitution reference; the variable reference is replaced with its +value, modified by replacing all occurrences of I with I. + +=back + +=head2 Scope + +Most of the statement values are accumulated globally from all the +F files that are digested. There are two exceptions, +F variables and B statement, for which the scope +is the F file they are in. + +=head2 Perl nuggets + +Whenever a F file is read, it is passed through the Perl +template processor L, which is a small extension of +L. + +Perl nuggets are anything between C<{-> and C<-}>, and whatever the +result from such a nugget is, that value will replace the nugget in +text form. This is useful to get dynamically generated F +statements, and is most often seen used together with the B and +B conditional statements. + +For example: + + IF[{- $disabled{something} -}] + # do whatever's needed when "something" is disabled + ELSIF[{- $somethingelse eq 'blah' -}] + # do whatever's needed to satisfy this condition + ELSE + # fallback + ENDIF + +Normal Perl scope applies, so it's possible to have an initial perl +nugget that sets diverse global variables that are used in later +nuggets. Each nugget is a Perl block of its own, so B definitions +are only in scope within the same nugget, while B definitions are +in scope within the whole F file. + +=head1 REFERENCE + +=head2 Conditionals + +=over 4 + +=item B0|1B<]> + +If the condition is true (represented as C<1> here), everything +between this B and the next corresponding B or B +applies, and the rest until the corresponding B is skipped +over. + +If the condition is false (represented as C<0> here), everything +from this B is skipped over until the next corresponding B +or B, at which point processing continues. + +=item B + +If F statements have been skipped over to this point since +the corresponding B or B, F processing starts +again following this line. + +=item B0|1B<]> + +This is B and B combined. + +=item B + +Marks the end of a conditional. + +=back + +=head2 Plain statements + +=over 4 + +=item B I ... + +This instructs the F reader to also read the F +file in every specified directory. All directories should be given +relative to the location of the current F file. + +=item B I ... + +Collects names of programs that should be built. + +B statements may have attributes, which apply to all the +programs given in such a statement. For example: + + PROGRAMS=foo + PROGRAMS{noinst}=bar + +With those two lines, the program C will not have the attribute +C, while the program C will. + +=item B I ... + +Collects names of libraries that should be built. + +The normal case is that libraries are built in both static and shared +form. However, if a name ends with C<.a>, only the static form will +be produced. + +Similarly, libraries may be referred in indexed statements as just the +plain name, or the name including the ending C<.a>. If given without +the ending C<.a>, any form available will be used, but if given with +the ending C<.a>, the static library form is used unconditionally. + +B statements may have attributes, which apply to all the +libraries given in such a statement. For example: + + LIBS=libfoo + LIBS{noinst}=libbar + +With those two lines, the library C will not have the +attribute C, while the library C will. + +=item B I + +Collects names of dynamically loadable modules that should be built. + +B statements may have attributes, which apply to all the +modules given in such a statement. For example: + + MODULES=foo + MODULES{noinst}=bar + +With those two lines, the module C will not have the attribute +C, while the module C will. + +=item B I + +Collects names of scripts that should be built, or that just exist. +That is how they differ from programs, as programs are always expected +to be compiled from multiple sources. + +B statements may have attributes, which apply to all the +scripts given in such a statement. For example: + + SCRIPTS=foo + SCRIPTS{noinst}=bar + +With those two lines, the script C will not have the attribute +C, while the script C will. + +=back + +=head2 Indexed statements + +=over 4 + +=item BIB<]> B<=> I ... + +Collects dependencies, where I depend on the given Is. + +As a special case, the I may be empty, for which the build file +generators should make the whole build depend on the given Is, +rather than the specific I. + +The I may be any program, library, module, script, or any +filename used as a value anywhere. + +The I may also be literal build file targets. Those are +recognised by being surrounded be vertical bars (also known as the +"pipe" character), C<|>. For example: + + DEPEND[|tests|]=fipsmodule.cnf + +B statements may have attributes, which apply to each +individual dependency in such a statement. For example: + + DEPEND[libfoo.a]=libmandatory.a + DEPEND[libfoo.a]{weak}=libbar.a libcookie.a + +With those statements, the dependency between C and +C is strong, while the dependency between C +and C and C is weak. See the description of +B in L for more information. + +=item BIB<]> B<=> I I ... + +This specifies that the I is generated using the I +with the Is as arguments, plus the name of the output +file as last argument. + +For Is where this is applicable, any B statement +for the same I will be given to the I as its +inclusion directories. Likewise, any B statement for the same +I will be given to the I as an extra file or module +to load, where this is applicable. + +The build file generators must be able to recognise the I. +Currently, they at least recognise files ending in C<.pl>, and will +execute them to generate the I, and files ending in C<.in>, +which will be used as input for L to generate +I (in other words, we use the exact same style of +L mechanism that is used to read F files). + +=item BIB<]> B<=> I ... + +Collects filenames that will be used as source files for I. + +The I must be a singular item, and may be any program, library, +module or script given with B, B, B and +B. + +Static libraries may be sources. In that case, its object files are +used directly when building I instead of relying on library +dependency and symbol resolution (through B statements). + +B statements may have attributes, which apply to each +individual dependency in such a statement. For example: + + SOURCE[prog]=prog_a.c + SOURCE[prog]{check}=prog_b.c prog_c.c + +With those statements, the association between C and C +comes with no extra attributes, while the association between C +and C as well as C comes with the extra attribute +C. + +=item BIB<]> B<=> I ... + +Collects filenames that will be used as source files for I. + +The I must be a singular item, and may be any library or module +given with B or B. For libraries, the given filenames +are only used for their shared form, so if the item is a library name +ending with C<.a>, the filenames will be ignored. + +B statements may have attributes, just as B +statements. + +=item BIB<]> B<=> I[B<=>I] ... + +Collects I / I pairs (or just I with no defined +value if no I is given) associated with I. + +The build file generators will decide what to do with them. For +example, these pairs should become C macro definitions whenever a +C<.c> file is built into an object file. + +=item BIB<]> B<=> I ... + +Collects inclusion directories that will be used when building the +I components (object files and whatever else). This is used at +the discretion of the build file generators. + +=back + +=head2 Known attributes + +Note: this will never be a complete list of attributes. + +=over 4 + +=item B + +This is used to specify that the end products this is set for should +not be installed, that they are only internal. This is applicable on +internal static libraries, or on test programs. + +=item B + +This is used with B, to specify that some scripts should be +installed in the "misc" directory rather than the normal program +directory. + +=item B + +This is used with B, to specify what modules are engines and +should be installed in the engines directory instead of the modules +directory. + +=item B + +This is used with B where libraries are involved, to specify +that the dependency between two libraries is weak and is only there to +infer order. + +Without this attribute, a dependency between two libraries, expressed +like this, means that if C appears in a linking command +line, so will C: + + DEPEND[libfoo.a]=libmandatory.a + +With this attribute, a dependency between two libraries, expressed +like this, means that if I C and C +appear in a linking command line (because of recursive dependencies +through other libraries), they will be ordered in such a way that this +dependency is maintained: + + DEPEND[libfoo.a]{weak}=libfoo.a libcookie.a + +This is useful in complex dependency trees where two libraries can be +used as alternatives for each other. In this example, C and +C have alternative implementations of the same thing, and +C has unresolved references to that same thing, and is +therefore depending on either of them, but not both at the same time: + + DEPEND[program1]=libmandatory.a lib1.a + DEPEND[program2]=libmandatory.a lib2.a + DEPEND[libmandatory]{weak}=lib1.a lib2.a + +=back + +=head1 GLOSSARY + +=over 4 + +=item "build file" + +This is any platform specific file that describes the complete build, +with platform specific commands. On Unix, this is typically +F; on VMS, this is typically F. + +=item "build file generator" + +Perl code that generates build files, given configuration data and +data collected from F files. + +=item "plain statement" + +Any F statement of the form B>=I, with +the exception of conditional statements and variable assignments. + +=item "indexed statement" + +Any F statement of the form B[>IB<]=>I, +with the exception of conditional statements. + +=item "intermediate file" + +Any file that's an intermediate between a source file and an end +product. + +=item "end product" + +Any file that is mentioned in the B, B, B or +B. + +=back + +=head1 SEE ALSO + +For OpenSSL::Template documentation, +C + +L + +=head1 COPYRIGHT + +Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved. + +Licensed under the Apache License 2.0 (the "License"). You may not use this +file except in compliance with the License. You can obtain a copy in the file +LICENSE in the source distribution or at +L. + +=cut diff --git a/deps/openssl/openssl/doc/internal/man7/deprecation.pod b/deps/openssl/openssl/doc/internal/man7/deprecation.pod new file mode 100644 index 00000000000000..13a4b059a04cce --- /dev/null +++ b/deps/openssl/openssl/doc/internal/man7/deprecation.pod @@ -0,0 +1,140 @@ +=pod + +=head1 NAME + +OPENSSL_NO_DEPRECATED_3_0, OSSL_DEPRECATEDIN_3_0, +OPENSSL_NO_DEPRECATED_1_1_1, OSSL_DEPRECATEDIN_1_1_1, +OPENSSL_NO_DEPRECATED_1_1_0, OSSL_DEPRECATEDIN_1_1_0, +OPENSSL_NO_DEPRECATED_1_0_2, OSSL_DEPRECATEDIN_1_0_2, +OPENSSL_NO_DEPRECATED_1_0_1, OSSL_DEPRECATEDIN_1_0_1, +OPENSSL_NO_DEPRECATED_1_0_0, OSSL_DEPRECATEDIN_1_0_0, +OPENSSL_NO_DEPRECATED_0_9_8, OSSL_DEPRECATEDIN_0_9_8, +deprecation - How to do deprecation + +=head1 DESCRIPTION + +Deprecation of a symbol is adding an attribute to the declaration of that +symbol (function, type, variable, but we currently only do that for +functions in our public header files, F<< >>). + +Removal of a symbol is not the same thing as deprecation, as it actually +explicitly removes the symbol from public view. + +OpenSSL configuration supports deprecation as well as simulating removal of +symbols from public view (with the configuration option C, or +if the user chooses to do so, with L), and also +supports doing this in terms of a specified OpenSSL version (with the +configuration option C<--api>, or if the user chooses to do so, with +L). + +Deprecation is done using attribute macros named +B>, used with any declaration it applies to. + +Simulating removal is done with C<#ifndef> preprocessor guards using macros +named B>. + +B> and B> are +defined in F<< >>. + +In those macro names, B> corresponds to the OpenSSL release since +which the deprecation applies, with underscores instead of periods. Because +of the change in version scheme with OpenSSL 3.0, the B> for +versions before that are three numbers (such as C<1_1_0>), while they are +two numbers (such as C<3_0>) from 3.0 and on. + +The implementation of a deprecated symbol is kept for one of two reasons: + +=over 4 + +=item Planned to be removed + +The symbol and its implementation are planned to be removed some time in the +future, but needs to remain available until that time. +Such an implementation needs to be guarded appropriately, as shown in +L below. + +=item Planned to remain internally + +The symbol is planned to be removed from public view, but will otherwise +remain for internal purposes. In this case, the implementation doesn't need +to change or be guarded. + +However, it's necessary to ensure that the declaration remains available for +the translation unit where the symbol is used or implemented, even when the +symbol is publicly unavailable through simulated removal. That's done by +including an internal header file very early in the affected translation +units. See L below. + +In the future, when the deprecated declaration is to actually be removed +from public view, it should be moved to an internal header file, with the +deprecation attribute removed, and the translation units that implement or +use that symbol should adjust their header inclusions accordingly. + +=back + +=head1 EXAMPLES + +=head2 Header files + +In public header files (F<< >>), this is what a deprecation is +expected to look like, including the preprocessor wrapping for simulated +removal: + + # ifndef OPENSSL_NO_DEPRECATED_3_0 + /* ... */ + + OSSL_DEPRECATEDIN_3_0 RSA *RSA_new_method(ENGINE *engine); + + /* ... */ + # endif + +=head2 Implementations to be removed + +For a deprecated function that we plan to remove in the future, for example +RSA_new_method(), the following should be found very early (before including +any OpenSSL header file) in the translation unit that implements it and in +any translation unit that uses it: + + /* + * Suppress deprecation warnings for RSA low level implementations that are + * kept until removal. + */ + #define OPENSSL_SUPPRESS_DEPRECATED + +The RSA_new_method() implementation itself must be guarded the same way as +its declaration in the public header file is: + + #ifndef OPENSSL_NO_DEPRECATED_3_0 + RSA *RSA_new_method(ENGINE *engine) + { + /* ... */ + } + #endif + +=head2 Implementations to remain internally + +For a deprecated function that we plan to keep internally, for example +RSA_size(), the following should be found very early (before including any +other OpenSSL header file) in the translation unit that implements it and in +any translation unit that uses it: + + /* + * RSA low level APIs are deprecated for public use, but are kept for + * internal use. + */ + #include "internal/deprecated.h" + +=head1 SEE ALSO + +L + +=head1 COPYRIGHT + +Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved. + +Licensed under the Apache License 2.0 (the "License"). You may not use +this file except in compliance with the License. You can obtain a copy +in the file LICENSE in the source distribution or at +L. + +=cut diff --git a/deps/openssl/openssl/doc/life-cycles/Makefile b/deps/openssl/openssl/doc/life-cycles/Makefile new file mode 100644 index 00000000000000..4c12558e63df4b --- /dev/null +++ b/deps/openssl/openssl/doc/life-cycles/Makefile @@ -0,0 +1,26 @@ +GRAPHS=cipher.dot digest.dot kdf.dot mac.dot pkey.dot rand.dot +IMAGES= + +all: png txt +png: $(subst .dot,.png,$(GRAPHS)) +txt: $(subst .dot,.txt,$(GRAPHS)) + @echo + @echo Remember to check and manually fix the mistakes before merging + @echo into the man pages. + @echo + +# for the dot program: +# sudo apt install graphviz +%.png: %.dot + dot -Tpng -O $< + @mv $<.png $@ + +# for the graph-easy program: +# sudo apt install cpanminus +# sudo cpanm Graph::Easy +%.txt: %.dot + graph-easy --from=dot --as_ascii < $< > $@ + +clean: + rm -f $(wildcard *.png) $(wildcard *.txt) + diff --git a/deps/openssl/openssl/doc/life-cycles/README.md b/deps/openssl/openssl/doc/life-cycles/README.md new file mode 100644 index 00000000000000..e65c3d3435fc0a --- /dev/null +++ b/deps/openssl/openssl/doc/life-cycles/README.md @@ -0,0 +1,20 @@ +Algorithm Life-Cycle Diagrams +============================= + +This directory contains the algorithm life-cycle diagram sources. + +The canonical life-cycles are in the spreadsheet. + +The various .dot files are graph descriptions for the +[GraphViz](https://www.graphviz.org/) tool. These omit edges and should +be used for guidance only. + +To generate the rendered images, you need to install the following packages: + + sudo apt install graphviz cpanminus + sudo cpanm Graph::Easy + +Running `make` will produce a number of `.txt` and `.png` files. +These are the rendered `.dot` files. The `.txt` files require +additional editing before they can be added to the manual pages in +`internal/man7/life_cycle-*.pod`. diff --git a/deps/openssl/openssl/doc/life-cycles/cipher.dot b/deps/openssl/openssl/doc/life-cycles/cipher.dot new file mode 100644 index 00000000000000..c1d5b8346890da --- /dev/null +++ b/deps/openssl/openssl/doc/life-cycles/cipher.dot @@ -0,0 +1,72 @@ +digraph cipher { + bgcolor="transparent"; + + begin [label=start, color="#deeaee", style="filled"]; + newed [fontcolor="#c94c4c", style="solid"]; + + initialised [fontcolor="#c94c4c"]; + updated [fontcolor="#c94c4c"]; + finaled [fontcolor="#c94c4c"]; + end [label="freed", color="#deeaee", style="filled"]; + + d_initialised [label="initialised\n(decryption)", fontcolor="#c94c4c"]; + d_updated [label="updated\n(decryption)", fontcolor="#c94c4c"]; + e_initialised [label="initialised\n(encryption)", fontcolor="#c94c4c"]; + e_updated [label="updated\n(encryption)", fontcolor="#c94c4c"]; + + begin -> newed [label="EVP_CIPHER_CTX_new"]; + newed -> initialised [label="EVP_CipherInit"]; + initialised -> initialised [label="EVP_CipherInit\n(not required but allowed)", + style=dashed]; + initialised -> updated [label="EVP_CipherUpdate", weight=2]; + updated -> updated [label="EVP_CipherUpdate"]; + updated -> finaled [label="EVP_CipherFinal"]; + finaled -> finaled [label="EVP_CIPHER_CTX_get_params\n(AEAD encryption)", + style=dashed]; + finaled -> end [label="EVP_CIPHER_CTX_free"]; + newed -> d_initialised [label="EVP_DecryptInit"]; + d_initialised -> d_initialised [label="EVP_DecryptInit\n(not required but allowed)", + style=dashed]; + d_initialised -> d_updated [label="EVP_DecryptUpdate", weight=2]; + d_updated -> d_updated [label="EVP_DecryptUpdate"]; + d_updated -> finaled [label="EVP_DecryptFinal"]; + newed -> e_initialised [label="EVP_EncryptInit"]; + e_initialised -> e_initialised [label="EVP_EncryptInit\n(not required but allowed)", + style=dashed]; + e_initialised -> e_updated [label="EVP_EncryptUpdate", weight=2]; + e_updated -> e_updated [label="EVP_EncryptUpdate"]; + e_updated -> finaled [label="EVP_EncryptFinal"]; + most -> newed [label="EVP_CIPHER_CTX_reset", style=dashed, + color="#034f84", fontcolor="#034f84"]; + most [label="any of the initialised\nupdated or finaled states", style=dashed, + color="#034f84", fontcolor="#034f84"]; +} + +/* This is a version with a single flavour which is easier to comprehend +digraph cipher { + bgcolor="transparent"; + + begin [label=start, color="#deeaee", style="filled"]; + newed [fontcolor="#c94c4c", style="solid"]; + initialised [fontcolor="#c94c4c"]; + updated [fontcolor="#c94c4c"]; + finaled [fontcolor="#c94c4c"]; + end [label="freed", color="#deeaee", style="filled"]; + + begin -> newed [label="EVP_CIPHER_CTX_new"]; + newed -> initialised [label="EVP_CipherInit"]; + initialised -> initialised [label="EVP_CipherInit\n(not required but allowed)", + style=dashed]; + initialised -> updated [label="EVP_CipherUpdate", weight=2]; + updated -> updated [label="EVP_CipherUpdate"]; + updated -> finaled [label="EVP_CipherFinal"]; + finaled -> finaled [label="EVP_CIPHER_CTX_get_params\n(AEAD encryption)", + style=dashed]; + finaled -> end [label="EVP_CIPHER_CTX_free"]; + finaled -> newed [label="EVP_CIPHER_CTX_reset", style=dashed, + color="#034f84", fontcolor="#034f84"]; + updated -> newed [label="EVP_CIPHER_CTX_reset", style=dashed, + color="#034f84", fontcolor="#034f84"]; +} +*/ + diff --git a/deps/openssl/openssl/doc/life-cycles/digest.dot b/deps/openssl/openssl/doc/life-cycles/digest.dot new file mode 100644 index 00000000000000..8d4d72480c9acc --- /dev/null +++ b/deps/openssl/openssl/doc/life-cycles/digest.dot @@ -0,0 +1,33 @@ +digraph digest { + bgcolor="transparent"; + + begin [label=start, color="#deeaee", style="filled"]; + newed [label=newed, fontcolor="#c94c4c", style="solid"]; + initialised [label=initialised, fontcolor="#c94c4c"]; + updated [label=updated, fontcolor="#c94c4c"]; + finaled [label="finaled", fontcolor="#c94c4c"]; + end [label="freed", color="#deeaee", style="filled"]; + + begin -> newed [label="EVP_MD_CTX_new"]; + newed -> initialised [label="EVP_DigestInit"]; + initialised -> updated [label="EVP_DigestUpdate", weight=3]; + updated -> updated [label="EVP_DigestUpdate"]; + updated -> finaled [label="EVP_DigestFinal"]; + updated -> finaled [label="EVP_DigestFinalXOF", + fontcolor="#808080", color="#808080"]; + /* Once this works it should go back in: + finaled -> finaled [taillabel="EVP_DigestFinalXOF", + labeldistance=9, labelangle=345, + labelfontcolor="#808080", color="#808080"]; + */ + finaled -> end [label="EVP_MD_CTX_free"]; + finaled -> newed [label="EVP_MD_CTX_reset", style=dashed, weight=2, + color="#034f84", fontcolor="#034f84"]; + updated -> newed [label="EVP_MD_CTX_reset", style=dashed, + color="#034f84", fontcolor="#034f84"]; + updated -> initialised [label="EVP_DigestInit", weight=0, style=dashed, + color="#034f84", fontcolor="#034f84"]; + finaled -> initialised [label="EVP_DigestInit", style=dashed, + color="#034f84", fontcolor="#034f84"]; +} + diff --git a/deps/openssl/openssl/doc/life-cycles/kdf.dot b/deps/openssl/openssl/doc/life-cycles/kdf.dot new file mode 100644 index 00000000000000..2dce34377db661 --- /dev/null +++ b/deps/openssl/openssl/doc/life-cycles/kdf.dot @@ -0,0 +1,16 @@ +strict digraph kdf { + bgcolor="transparent"; + + begin [label=start, color="#deeaee", style="filled"]; + newed [label="newed", fontcolor="#c94c4c", style="solid"]; + deriving [label="deriving", fontcolor="#c94c4c"]; + end [label="freed", color="#deeaee", style="filled"]; + + begin -> newed [label="EVP_KDF_CTX_new"]; + newed -> deriving [label="EVP_KDF_derive"]; + deriving -> deriving [label="EVP_KDF_derive", style=dashed]; + deriving -> end [label="EVP_KDF_CTX_free"]; + deriving -> newed [label="EVP_KDF_CTX_reset", style=dashed, + color="#034f84", fontcolor="#034f84"]; +} + diff --git a/deps/openssl/openssl/doc/life-cycles/lifecycles.ods b/deps/openssl/openssl/doc/life-cycles/lifecycles.ods new file mode 100644 index 00000000000000..6cc2030a9efa0f Binary files /dev/null and b/deps/openssl/openssl/doc/life-cycles/lifecycles.ods differ diff --git a/deps/openssl/openssl/doc/life-cycles/mac.dot b/deps/openssl/openssl/doc/life-cycles/mac.dot new file mode 100644 index 00000000000000..fe277f8328e613 --- /dev/null +++ b/deps/openssl/openssl/doc/life-cycles/mac.dot @@ -0,0 +1,28 @@ +digraph mac { + bgcolor="transparent"; + + begin [label=start, color="#deeaee", style="filled"]; + newed [fontcolor="#c94c4c", style="solid"]; + initialised [fontcolor="#c94c4c"]; + updated [fontcolor="#c94c4c"]; + finaled [fontcolor="#c94c4c"]; + end [label=freed, color="#deeaee", style="filled"]; + + begin -> newed [label="EVP_MAC_CTX_new"]; + newed -> initialised [label="EVP_MAC_init"]; + initialised -> updated [label="EVP_MAC_update"]; + updated -> updated [label="EVP_MAC_update"]; + updated -> finaled [label="EVP_MAC_final"]; + updated -> finaled [label="EVP_MAC_finalXOF", + fontcolor="#808080", color="#808080"]; + /* Once this works it should go back in: + finaled -> finaled [label="EVP_MAC_final_XOF", + fontcolor="#808080", color="#808080"]; + */ + finaled -> end [label="EVP_MAC_CTX_free"]; + updated -> initialised [label="EVP_MAC_init", style=dashed, + color="#034f84", fontcolor="#034f84"]; + finaled -> initialised [label="EVP_MAC_init", style=dashed, + color="#034f84", fontcolor="#034f84"]; +} + diff --git a/deps/openssl/openssl/doc/life-cycles/pkey.dot b/deps/openssl/openssl/doc/life-cycles/pkey.dot new file mode 100644 index 00000000000000..58b3a0c5bb77e7 --- /dev/null +++ b/deps/openssl/openssl/doc/life-cycles/pkey.dot @@ -0,0 +1,49 @@ +strict digraph pkey { + bgcolor="transparent"; + layout=circo + + begin [label=start, color="#deeaee", style="filled"]; + newed [fontcolor="#c94c4c", style="solid"]; + digestsign [label="digest sign", fontcolor="#AB3910", color="#AB3910"] + verify [fontcolor="#F8CF2C", color="#F8CF2C"] + verifyrecover [label="verify recover", fontcolor="#B19FF9", color="#B19FF9"] + encrypt [fontcolor="#63AAC0", color="#63AAC0"] + decrypt [fontcolor="#425F06", color="#425F06"] + derive [fontcolor="#FEA303", color="#FEA303"] + encapsulate [fontcolor="#D95980", color="#D95980"] + decapsulate [fontcolor="#A16AE8", color="#A16AE8"] + paramgen [label="parameter\ngeneration", fontcolor="#2879C0", color="#2879C0"] + keygen [label="key\ngeneration", fontcolor="#2F7604", color="#2F7604"] + + begin -> newed [label="EVP_PKEY_CTX_new"]; + + newed -> digestsign [label="EVP_PKEY_sign_init", color="#AB3910", fontcolor="#AB3910"]; + digestsign -> digestsign [label="EVP_PKEY_sign", color="#AB3910", fontcolor="#AB3910"]; + + newed -> verify [label="EVP_PKEY_verify_init", fontcolor="#F8CF2C", color="#F8CF2C"]; + verify -> verify [label="EVP_PKEY_verify", fontcolor="#F8CF2C", color="#F8CF2C"]; + + newed -> verifyrecover [label="EVP_PKEY_verify_recover_init", fontcolor="#B19FF9", color="#B19FF9"]; + verifyrecover -> verifyrecover [label="EVP_PKEY_verify_recover", fontcolor="#B19FF9", color="#B19FF9"]; + + newed -> encrypt [label="EVP_PKEY_encrypt_init", fontcolor="#63AAC0", color="#63AAC0"]; + encrypt -> encrypt [label="EVP_PKEY_encrypt", fontcolor="#63AAC0", color="#63AAC0"]; + + newed -> decrypt [label="EVP_PKEY_decrypt_init", fontcolor="#425F06", color="#425F06"]; + decrypt -> decrypt [label="EVP_PKEY_decrypt", fontcolor="#425F06", color="#425F06"]; + + newed -> derive [label="EVP_PKEY_derive_init", fontcolor="#FEA303", color="#FEA303"]; + derive -> derive [label="EVP_PKEY_derive\nEVP_PKEY_derive_set_peer", fontcolor="#FEA303", color="#FEA303"]; + + newed -> encapsulate [label="EVP_PKEY_encapsulate_init", fontcolor="#D95980", color="#D95980"]; + encapsulate -> encapsulate [label="EVP_PKEY_encapsulate", fontcolor="#D95980", color="#D95980"]; + + newed -> decapsulate [label="EVP_PKEY_decapsulate_init", fontcolor="#A16AE8", color="#A16AE8"]; + decapsulate -> decapsulate [label="EVP_PKEY_decapsulate", fontcolor="#A16AE8", color="#A16AE8"]; + + newed -> paramgen [label="EVP_PKEY_paramgen_init", fontcolor="#2879C0", color="#2879C0"]; + paramgen -> paramgen [label="EVP_PKEY_paramgen\nEVP_PKEY_gen", fontcolor="#2879C0", color="#2879C0"]; + + newed -> keygen [label="EVP_PKEY_keygen_init", fontcolor="#2F7604", color="#2F7604"]; + keygen -> keygen [label="EVP_PKEY_keygen\nEVP_PKEY_gen", fontcolor="#2F7604", color="#2F7604"]; +} diff --git a/deps/openssl/openssl/doc/life-cycles/rand.dot b/deps/openssl/openssl/doc/life-cycles/rand.dot new file mode 100644 index 00000000000000..a57cf710c75d52 --- /dev/null +++ b/deps/openssl/openssl/doc/life-cycles/rand.dot @@ -0,0 +1,17 @@ +strict digraph rand { + bgcolor="transparent"; + + begin [label=start, color="#deeaee", style="filled"]; + newed [fontcolor="#c94c4c", style="solid"]; + instantiated [fontcolor="#c94c4c"]; + uninstantiated [fontcolor="#c94c4c"]; + end [label="freed", color="#deeaee", style="filled"]; + + begin -> newed [label="EVP_RAND_CTX_new"]; + newed -> instantiated [label="EVP_RAND_instantiate"]; + instantiated -> instantiated [label="EVP_RAND_generate"]; + instantiated -> uninstantiated [label="EVP_RAND_uninstantiate"]; + uninstantiated -> end [label="EVP_RAND_CTX_free"]; + uninstantiated -> instantiated [label="EVP_RAND_instantiate", style=dashed, color="#034f84", fontcolor="#034f84"]; +} + diff --git a/deps/openssl/openssl/doc/man1/CA.pl.pod b/deps/openssl/openssl/doc/man1/CA.pl.pod new file mode 100644 index 00000000000000..e05775cdca668c --- /dev/null +++ b/deps/openssl/openssl/doc/man1/CA.pl.pod @@ -0,0 +1,199 @@ +=pod + +=head1 NAME + +CA.pl - friendlier interface for OpenSSL certificate programs + +=head1 SYNOPSIS + +B +B<-?> | +B<-h> | +B<-help> + +B +B<-newcert> | +B<-newreq> | +B<-newreq-nodes> | +B<-xsign> | +B<-sign> | +B<-signCA> | +B<-signcert> | +B<-crl> | +B<-newca> +[B<-extra-I> I] + +B B<-pkcs12> [I] + +B B<-verify> I ... + +B B<-revoke> I [I] + +=head1 DESCRIPTION + +The B script is a perl script that supplies the relevant command line +arguments to the L command for some common certificate operations. +It is intended to simplify the process of certificate creation and management +by the use of some simple options. + +The script is intended as a simple front end for the L program for +use by a beginner. Its behaviour isn't always what is wanted. For more control +over the behaviour of the certificate commands call the L command +directly. + +Most of the filenames mentioned below can be modified by editing the +B script. + +Under some environments it may not be possible to run the B script +directly (for example Win32) and the default configuration file location may +be wrong. In this case the command: + + perl -S CA.pl + +can be used and the B environment variable can be set to point to +the correct path of the configuration file. + +=head1 OPTIONS + +=over 4 + +=item B<-?>, B<-h>, B<-help> + +Prints a usage message. + +=item B<-newcert> + +Creates a new self signed certificate. The private key is written to the file +F and the request written to the file F. +Invokes L. + +=item B<-newreq> + +Creates a new certificate request. The private key is written to the file +F and the request written to the file F. +Executes L under the hood. + +=item B<-newreq-nodes> + +Is like B<-newreq> except that the private key will not be encrypted. +Uses L. + +=item B<-newca> + +Creates a new CA hierarchy for use with the B program (or the B<-signcert> +and B<-xsign> options). The user is prompted to enter the filename of the CA +certificates (which should also contain the private key) or by hitting ENTER +details of the CA will be prompted for. The relevant files and directories +are created in a directory called F in the current directory. +Uses L and L. + +If the F directory already exists then the B<-newca> command will not +overwrite it and will do nothing. This can happen if a previous call using +the B<-newca> option terminated abnormally. To get the correct behaviour +delete the directory if it already exists. + +=item B<-pkcs12> + +Create a PKCS#12 file containing the user certificate, private key and CA +certificate. It expects the user certificate and private key to be in the +file F and the CA certificate to be in the file F, +it creates a file F. This command can thus be called after the +B<-sign> option. The PKCS#12 file can be imported directly into a browser. +If there is an additional argument on the command line it will be used as the +"friendly name" for the certificate (which is typically displayed in the browser +list box), otherwise the name "My Certificate" is used. +Delegates work to L. + +=item B<-sign>, B<-signcert>, B<-xsign> + +Calls the L command to sign a certificate request. It expects the +request to be in the file F. The new certificate is written to the +file F except in the case of the B<-xsign> option when it is +written to standard output. + +=item B<-signCA> + +This option is the same as the B<-sign> option except it uses the +configuration file section B and so makes the signed request a +valid CA certificate. This is useful when creating intermediate CA from +a root CA. Extra params are passed to L. + +=item B<-signcert> + +This option is the same as B<-sign> except it expects a self signed certificate +to be present in the file F. +Extra params are passed to L and L. + +=item B<-crl> + +Generate a CRL. Executes L. + +=item B<-revoke> I [I] + +Revoke the certificate contained in the specified B. An optional +reason may be specified, and must be one of: B, +B, B, B, B, +B, B, or B. +Leverages L. + +=item B<-verify> + +Verifies certificates against the CA certificate for F. If no +certificates are specified on the command line it tries to verify the file +F. Invokes L. + +=item B<-extra-I> I + +For each option B>, pass I to the L +sub-command with the same name as I, if that sub-command is invoked. +For example, if L is invoked, the I given with +B<-extra-req> will be passed to it. +For multi-word parameters, either repeat the option or quote the I +so it looks like one word to your shell. +See the individual command documentation for more information. + +=back + +=head1 EXAMPLES + +Create a CA hierarchy: + + CA.pl -newca + +Complete certificate creation example: create a CA, create a request, sign +the request and finally create a PKCS#12 file containing it. + + CA.pl -newca + CA.pl -newreq + CA.pl -sign + CA.pl -pkcs12 "My Test Certificate" + +=head1 ENVIRONMENT + +The environment variable B may be used to specify the name of +the OpenSSL program. It can be a full pathname, or a relative one. + +The environment variable B may be used to specify a +configuration option and value to the B and B commands invoked by +this script. It's value should be the option and pathname, as in +C<-config /path/to/conf-file>. + +=head1 SEE ALSO + +L, +L, +L, +L, +L, +L + +=head1 COPYRIGHT + +Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved. + +Licensed under the Apache License 2.0 (the "License"). You may not use +this file except in compliance with the License. You can obtain a copy +in the file LICENSE in the source distribution or at +L. + +=cut diff --git a/deps/openssl/openssl/doc/man1/build.info b/deps/openssl/openssl/doc/man1/build.info new file mode 100644 index 00000000000000..b796fce42fdd90 --- /dev/null +++ b/deps/openssl/openssl/doc/man1/build.info @@ -0,0 +1,57 @@ +# All .pod.in files are detected by build.info in the parent directory, and +# turned into appropriate DEPEND and GENERATE lines. All we need here are +# the additional dependencies on ../perlvars.pm. + +DEPEND[openssl-asn1parse.pod]=../perlvars.pm +DEPEND[openssl-ca.pod]=../perlvars.pm +DEPEND[openssl-ciphers.pod]=../perlvars.pm +DEPEND[openssl-cmds.pod]=../perlvars.pm +DEPEND[openssl-cmp.pod]=../perlvars.pm +DEPEND[openssl-cms.pod]=../perlvars.pm +DEPEND[openssl-crl2pkcs7.pod]=../perlvars.pm +DEPEND[openssl-crl.pod]=../perlvars.pm +DEPEND[openssl-dgst.pod]=../perlvars.pm +DEPEND[openssl-dhparam.pod]=../perlvars.pm +DEPEND[openssl-dsaparam.pod]=../perlvars.pm +DEPEND[openssl-dsa.pod]=../perlvars.pm +DEPEND[openssl-ecparam.pod]=../perlvars.pm +DEPEND[openssl-ec.pod]=../perlvars.pm +DEPEND[openssl-enc.pod]=../perlvars.pm +DEPEND[openssl-engine.pod]=../perlvars.pm +DEPEND[openssl-errstr.pod]=../perlvars.pm +DEPEND[openssl-fipsinstall.pod]=../perlvars.pm +DEPEND[openssl-gendsa.pod]=../perlvars.pm +DEPEND[openssl-genpkey.pod]=../perlvars.pm +DEPEND[openssl-genrsa.pod]=../perlvars.pm +DEPEND[openssl-info.pod]=../perlvars.pm +DEPEND[openssl-kdf.pod]=../perlvars.pm +DEPEND[openssl-list.pod]=../perlvars.pm +DEPEND[openssl-mac.pod]=../perlvars.pm +DEPEND[openssl-nseq.pod]=../perlvars.pm +DEPEND[openssl-ocsp.pod]=../perlvars.pm +DEPEND[openssl-passwd.pod]=../perlvars.pm +DEPEND[openssl-pkcs12.pod]=../perlvars.pm +DEPEND[openssl-pkcs7.pod]=../perlvars.pm +DEPEND[openssl-pkcs8.pod]=../perlvars.pm +DEPEND[openssl-pkeyparam.pod]=../perlvars.pm +DEPEND[openssl-pkey.pod]=../perlvars.pm +DEPEND[openssl-pkeyutl.pod]=../perlvars.pm +DEPEND[openssl-prime.pod]=../perlvars.pm +DEPEND[openssl-rand.pod]=../perlvars.pm +DEPEND[openssl-rehash.pod]=../perlvars.pm +DEPEND[openssl-req.pod]=../perlvars.pm +DEPEND[openssl-rsa.pod]=../perlvars.pm +DEPEND[openssl-rsautl.pod]=../perlvars.pm +DEPEND[openssl-s_client.pod]=../perlvars.pm +DEPEND[openssl-sess_id.pod]=../perlvars.pm +DEPEND[openssl-smime.pod]=../perlvars.pm +DEPEND[openssl-speed.pod]=../perlvars.pm +DEPEND[openssl-spkac.pod]=../perlvars.pm +DEPEND[openssl-srp.pod]=../perlvars.pm +DEPEND[openssl-s_server.pod]=../perlvars.pm +DEPEND[openssl-s_time.pod]=../perlvars.pm +DEPEND[openssl-storeutl.pod]=../perlvars.pm +DEPEND[openssl-ts.pod]=../perlvars.pm +DEPEND[openssl-verify.pod]=../perlvars.pm +DEPEND[openssl-version.pod]=../perlvars.pm +DEPEND[openssl-x509.pod]=../perlvars.pm diff --git a/deps/openssl/openssl/doc/man1/openssl-asn1parse.pod.in b/deps/openssl/openssl/doc/man1/openssl-asn1parse.pod.in new file mode 100644 index 00000000000000..f098c89c33822f --- /dev/null +++ b/deps/openssl/openssl/doc/man1/openssl-asn1parse.pod.in @@ -0,0 +1,220 @@ +=pod +{- OpenSSL::safe::output_do_not_edit_headers(); -} + +=head1 NAME + +openssl-asn1parse - ASN.1 parsing command + +=head1 SYNOPSIS + +B B +[B<-help>] +[B<-inform> B|B] +[B<-in> I] +[B<-out> I] +[B<-noout>] +[B<-offset> I] +[B<-length> I] +[B<-i>] +[B<-oid> I] +[B<-dump>] +[B<-dlimit> I] +[B<-strparse> I] +[B<-genstr> I] +[B<-genconf> I] +[B<-strictpem>] +[B<-item> I] + +=head1 DESCRIPTION + +This command is a diagnostic utility that can parse ASN.1 structures. +It can also be used to extract data from ASN.1 formatted data. + +=head1 OPTIONS + +=over 4 + +=item B<-help> + +Print out a usage message. + +=item B<-inform> B|B + +The input format; the default is B. +See L for details. + +=item B<-in> I + +The input file, default is standard input. + +=item B<-out> I + +Output file to place the DER encoded data into. If this +option is not present then no data will be output. This is most useful when +combined with the B<-strparse> option. + +=item B<-noout> + +Don't output the parsed version of the input file. + +=item B<-offset> I + +Starting offset to begin parsing, default is start of file. + +=item B<-length> I + +Number of bytes to parse, default is until end of file. + +=item B<-i> + +Indents the output according to the "depth" of the structures. + +=item B<-oid> I + +A file containing additional OBJECT IDENTIFIERs (OIDs). The format of this +file is described in the NOTES section below. + +=item B<-dump> + +Dump unknown data in hex format. + +=item B<-dlimit> I + +Like B<-dump>, but only the first B bytes are output. + +=item B<-strparse> I + +Parse the contents octets of the ASN.1 object starting at B. This +option can be used multiple times to "drill down" into a nested structure. + +=item B<-genstr> I, B<-genconf> I + +Generate encoded data based on I, I or both using +L format. If I only is +present then the string is obtained from the default section using the name +B. The encoded data is passed through the ASN1 parser and printed out as +though it came from a file, the contents can thus be examined and written to a +file using the B<-out> option. + +=item B<-strictpem> + +If this option is used then B<-inform> will be ignored. Without this option any +data in a PEM format input file will be treated as being base64 encoded and +processed whether it has the normal PEM BEGIN and END markers or not. This +option will ignore any data prior to the start of the BEGIN marker, or after an +END marker in a PEM file. + +=item B<-item> I + +Attempt to decode and print the data as an B I. This can be +used to print out the fields of any supported ASN.1 structure if the type is +known. + +=back + +=head2 Output + +The output will typically contain lines like this: + + 0:d=0 hl=4 l= 681 cons: SEQUENCE + +..... + + 229:d=3 hl=3 l= 141 prim: BIT STRING + 373:d=2 hl=3 l= 162 cons: cont [ 3 ] + 376:d=3 hl=3 l= 159 cons: SEQUENCE + 379:d=4 hl=2 l= 29 cons: SEQUENCE + 381:d=5 hl=2 l= 3 prim: OBJECT :X509v3 Subject Key Identifier + 386:d=5 hl=2 l= 22 prim: OCTET STRING + 410:d=4 hl=2 l= 112 cons: SEQUENCE + 412:d=5 hl=2 l= 3 prim: OBJECT :X509v3 Authority Key Identifier + 417:d=5 hl=2 l= 105 prim: OCTET STRING + 524:d=4 hl=2 l= 12 cons: SEQUENCE + +..... + +This example is part of a self-signed certificate. Each line starts with the +offset in decimal. C specifies the current depth. The depth is increased +within the scope of any SET or SEQUENCE. C gives the header length +(tag and length octets) of the current type. C gives the length of +the contents octets. + +The B<-i> option can be used to make the output more readable. + +Some knowledge of the ASN.1 structure is needed to interpret the output. + +In this example the BIT STRING at offset 229 is the certificate public key. +The contents octets of this will contain the public key information. This can +be examined using the option C<-strparse 229> to yield: + + 0:d=0 hl=3 l= 137 cons: SEQUENCE + 3:d=1 hl=3 l= 129 prim: INTEGER :E5D21E1F5C8D208EA7A2166C7FAF9F6BDF2059669C60876DDB70840F1A5AAFA59699FE471F379F1DD6A487E7D5409AB6A88D4A9746E24B91D8CF55DB3521015460C8EDE44EE8A4189F7A7BE77D6CD3A9AF2696F486855CF58BF0EDF2B4068058C7A947F52548DDF7E15E96B385F86422BEA9064A3EE9E1158A56E4A6F47E5897 + 135:d=1 hl=2 l= 3 prim: INTEGER :010001 + +=head1 NOTES + +If an OID is not part of OpenSSL's internal table it will be represented in +numerical form (for example 1.2.3.4). The file passed to the B<-oid> option +allows additional OIDs to be included. Each line consists of three columns, +the first column is the OID in numerical format and should be followed by white +space. The second column is the "short name" which is a single word followed +by whitespace. The final column is the rest of the line and is the +"long name". Example: + +C<1.2.3.4 shortName A long name> + +For any OID with an associated short and long name, this command will display +the long name. + +=head1 EXAMPLES + +Parse a file: + + openssl asn1parse -in file.pem + +Parse a DER file: + + openssl asn1parse -inform DER -in file.der + +Generate a simple UTF8String: + + openssl asn1parse -genstr 'UTF8:Hello World' + +Generate and write out a UTF8String, don't print parsed output: + + openssl asn1parse -genstr 'UTF8:Hello World' -noout -out utf8.der + +Generate using a config file: + + openssl asn1parse -genconf asn1.cnf -noout -out asn1.der + +Example config file: + + asn1=SEQUENCE:seq_sect + + [seq_sect] + + field1=BOOL:TRUE + field2=EXP:0, UTF8:some random string + + +=head1 BUGS + +There should be options to change the format of output lines. The output of some +ASN.1 types is not well handled (if at all). + +=head1 SEE ALSO + +L, +L + +=head1 COPYRIGHT + +Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved. + +Licensed under the Apache License 2.0 (the "License"). You may not use +this file except in compliance with the License. You can obtain a copy +in the file LICENSE in the source distribution or at +L. + +=cut diff --git a/deps/openssl/openssl/doc/man1/openssl-ca.pod.in b/deps/openssl/openssl/doc/man1/openssl-ca.pod.in new file mode 100644 index 00000000000000..1c07db3c8ef167 --- /dev/null +++ b/deps/openssl/openssl/doc/man1/openssl-ca.pod.in @@ -0,0 +1,849 @@ +=pod +{- OpenSSL::safe::output_do_not_edit_headers(); -} + +=head1 NAME + +openssl-ca - sample minimal CA application + +=head1 SYNOPSIS + +B B +[B<-help>] +[B<-verbose>] +[B<-config> I] +[B<-name> I
] +[B<-section> I
] +[B<-gencrl>] +[B<-revoke> I] +[B<-valid> I] +[B<-status> I] +[B<-updatedb>] +[B<-crl_reason> I] +[B<-crl_hold> I] +[B<-crl_compromise> I