laantungir/nostr_core_lib
1
1
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

.

Browse Source
This commit is contained in:
Laan Tungir
2025-08-14 18:30:16 -04:00
parent 9191d446d3
commit d6a0bd67b2
9309 changed files with 47274 additions and 396945 deletions
Download Patch File Download Diff File Expand all files Collapse all files

120
openssl-3.4.2/doc/html/man3/ADMISSIONS.html
View File

@@ -1,120 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>ADMISSIONS</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>ADMISSIONS, ADMISSIONS_get0_admissionAuthority, ADMISSIONS_get0_namingAuthority, ADMISSIONS_get0_professionInfos, ADMISSIONS_set0_admissionAuthority, ADMISSIONS_set0_namingAuthority, ADMISSIONS_set0_professionInfos, ADMISSION_SYNTAX, ADMISSION_SYNTAX_get0_admissionAuthority, ADMISSION_SYNTAX_get0_contentsOfAdmissions, ADMISSION_SYNTAX_set0_admissionAuthority, ADMISSION_SYNTAX_set0_contentsOfAdmissions, NAMING_AUTHORITY, NAMING_AUTHORITY_get0_authorityId, NAMING_AUTHORITY_get0_authorityURL, NAMING_AUTHORITY_get0_authorityText, NAMING_AUTHORITY_set0_authorityId, NAMING_AUTHORITY_set0_authorityURL, NAMING_AUTHORITY_set0_authorityText, PROFESSION_INFO, PROFESSION_INFOS, PROFESSION_INFO_get0_addProfessionInfo, PROFESSION_INFO_get0_namingAuthority, PROFESSION_INFO_get0_professionItems, PROFESSION_INFO_get0_professionOIDs, PROFESSION_INFO_get0_registrationNumber, PROFESSION_INFO_set0_addProfessionInfo, PROFESSION_INFO_set0_namingAuthority, PROFESSION_INFO_set0_professionItems, PROFESSION_INFO_set0_professionOIDs, PROFESSION_INFO_set0_registrationNumber - Accessors and settors for ADMISSION_SYNTAX</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>typedef struct NamingAuthority_st NAMING_AUTHORITY;
typedef struct ProfessionInfo_st PROFESSION_INFO;
typedef STACK_OF(PROFESSION_INFO) PROFESSION_INFOS;
typedef struct Admissions_st ADMISSIONS;
typedef struct AdmissionSyntax_st ADMISSION_SYNTAX;
const ASN1_OBJECT *NAMING_AUTHORITY_get0_authorityId(
const NAMING_AUTHORITY *n);
void NAMING_AUTHORITY_set0_authorityId(NAMING_AUTHORITY *n,
ASN1_OBJECT* namingAuthorityId);
const ASN1_IA5STRING *NAMING_AUTHORITY_get0_authorityURL(
const NAMING_AUTHORITY *n);
void NAMING_AUTHORITY_set0_authorityURL(NAMING_AUTHORITY *n,
ASN1_IA5STRING* namingAuthorityUrl);
const ASN1_STRING *NAMING_AUTHORITY_get0_authorityText(
const NAMING_AUTHORITY *n);
void NAMING_AUTHORITY_set0_authorityText(NAMING_AUTHORITY *n,
ASN1_STRING* namingAuthorityText);
const GENERAL_NAME *ADMISSION_SYNTAX_get0_admissionAuthority(
const ADMISSION_SYNTAX *as);
void ADMISSION_SYNTAX_set0_admissionAuthority(
ADMISSION_SYNTAX *as, GENERAL_NAME *aa);
const STACK_OF(ADMISSIONS) *ADMISSION_SYNTAX_get0_contentsOfAdmissions(
const ADMISSION_SYNTAX *as);
void ADMISSION_SYNTAX_set0_contentsOfAdmissions(
ADMISSION_SYNTAX *as, STACK_OF(ADMISSIONS) *a);
const GENERAL_NAME *ADMISSIONS_get0_admissionAuthority(const ADMISSIONS *a);
void ADMISSIONS_set0_admissionAuthority(ADMISSIONS *a, GENERAL_NAME *aa);
const NAMING_AUTHORITY *ADMISSIONS_get0_namingAuthority(const ADMISSIONS *a);
void ADMISSIONS_set0_namingAuthority(ADMISSIONS *a, NAMING_AUTHORITY *na);
const PROFESSION_INFOS *ADMISSIONS_get0_professionInfos(const ADMISSIONS *a);
void ADMISSIONS_set0_professionInfos(ADMISSIONS *a, PROFESSION_INFOS *pi);
const ASN1_OCTET_STRING *PROFESSION_INFO_get0_addProfessionInfo(
const PROFESSION_INFO *pi);
void PROFESSION_INFO_set0_addProfessionInfo(
PROFESSION_INFO *pi, ASN1_OCTET_STRING *aos);
const NAMING_AUTHORITY *PROFESSION_INFO_get0_namingAuthority(
const PROFESSION_INFO *pi);
void PROFESSION_INFO_set0_namingAuthority(
PROFESSION_INFO *pi, NAMING_AUTHORITY *na);
const STACK_OF(ASN1_STRING) *PROFESSION_INFO_get0_professionItems(
const PROFESSION_INFO *pi);
void PROFESSION_INFO_set0_professionItems(
PROFESSION_INFO *pi, STACK_OF(ASN1_STRING) *as);
const STACK_OF(ASN1_OBJECT) *PROFESSION_INFO_get0_professionOIDs(
const PROFESSION_INFO *pi);
void PROFESSION_INFO_set0_professionOIDs(
PROFESSION_INFO *pi, STACK_OF(ASN1_OBJECT) *po);
const ASN1_PRINTABLESTRING *PROFESSION_INFO_get0_registrationNumber(
const PROFESSION_INFO *pi);
void PROFESSION_INFO_set0_registrationNumber(
PROFESSION_INFO *pi, ASN1_PRINTABLESTRING *rn);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>The <b>PROFESSION_INFOS</b>, <b>ADMISSION_SYNTAX</b>, <b>ADMISSIONS</b>, and <b>PROFESSION_INFO</b> types are opaque structures representing the analogous types defined in the Common PKI Specification published by <a href="https://www.t7ev.org">https://www.t7ev.org</a>. Knowledge of those structures and their semantics is assumed.</p>
<p>The conventional routines to convert between DER and the local format are described in <a href="../man3/d2i_X509.html">d2i_X509(3)</a>. The conventional routines to allocate and free the types are defined in <a href="../man3/X509_dup.html">X509_dup(3)</a>.</p>
<p>The <b>PROFESSION_INFOS</b> type is a stack of <b>PROFESSION_INFO</b>; see <a href="../man3/DEFINE_STACK_OF.html">DEFINE_STACK_OF(3)</a> for details.</p>
<p>The <b>NAMING_AUTHORITY</b> type has an authority ID and URL, and text fields. The NAMING_AUTHORITY_get0_authorityId(), NAMING_AUTHORITY_get0_get0_authorityURL(), and NAMING_AUTHORITY_get0_get0_authorityText(), functions return pointers to those values within the object. The NAMING_AUTHORITY_set0_authorityId(), NAMING_AUTHORITY_set0_get0_authorityURL(), and NAMING_AUTHORITY_set0_get0_authorityText(), functions free any existing value and set the pointer to the specified value.</p>
<p>The <b>ADMISSION_SYNTAX</b> type has an authority name and a stack of <b>ADMISSION</b> objects. The ADMISSION_SYNTAX_get0_admissionAuthority() and ADMISSION_SYNTAX_get0_contentsOfAdmissions() functions return pointers to those values within the object. The ADMISSION_SYNTAX_set0_admissionAuthority() and ADMISSION_SYNTAX_set0_contentsOfAdmissions() functions free any existing value and set the pointer to the specified value.</p>
<p>The <b>ADMISSION</b> type has an authority name, authority object, and a stack of <b>PROFESSION_INFO</b> items. The ADMISSIONS_get0_admissionAuthority(), ADMISSIONS_get0_namingAuthority(), and ADMISSIONS_get0_professionInfos() functions return pointers to those values within the object. The ADMISSIONS_set0_admissionAuthority(), ADMISSIONS_set0_namingAuthority(), and ADMISSIONS_set0_professionInfos() functions free any existing value and set the pointer to the specified value.</p>
<p>The <b>PROFESSION_INFO</b> type has a name authority, stacks of profession Items and OIDs, a registration number, and additional profession info. The functions PROFESSION_INFO_get0_addProfessionInfo(), PROFESSION_INFO_get0_namingAuthority(), PROFESSION_INFO_get0_professionItems(), PROFESSION_INFO_get0_professionOIDs(), and PROFESSION_INFO_get0_registrationNumber() functions return pointers to those values within the object. The PROFESSION_INFO_set0_addProfessionInfo(), PROFESSION_INFO_set0_namingAuthority(), PROFESSION_INFO_set0_professionItems(), PROFESSION_INFO_set0_professionOIDs(), and PROFESSION_INFO_set0_registrationNumber() functions free any existing value and set the pointer to the specified value.</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>Described above. Note that all of the <i>get0</i> functions return a pointer to the internal data structure and must not be freed.</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/X509_dup.html">X509_dup(3)</a>, <a href="../man3/d2i_X509.html">d2i_X509(3)</a>,</p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

169
openssl-3.4.2/doc/html/man3/ASN1_EXTERN_FUNCS.html
View File

@@ -1,169 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>ASN1_EXTERN_FUNCS</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#HISTORY">HISTORY</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>ASN1_EXTERN_FUNCS, ASN1_ex_d2i, ASN1_ex_d2i_ex, ASN1_ex_i2d, ASN1_ex_new_func, ASN1_ex_new_ex_func, ASN1_ex_free_func, ASN1_ex_print_func, IMPLEMENT_EXTERN_ASN1 - ASN.1 external function support</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/asn1t.h&gt;
typedef int ASN1_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
const ASN1_ITEM *it, int tag, int aclass, char opt,
ASN1_TLC *ctx);
typedef int ASN1_ex_d2i_ex(ASN1_VALUE **pval, const unsigned char **in, long len,
const ASN1_ITEM *it, int tag, int aclass, char opt,
ASN1_TLC *ctx, OSSL_LIB_CTX *libctx,
const char *propq);
typedef int ASN1_ex_i2d(const ASN1_VALUE **pval, unsigned char **out,
const ASN1_ITEM *it, int tag, int aclass);
typedef int ASN1_ex_new_func(ASN1_VALUE **pval, const ASN1_ITEM *it);
typedef int ASN1_ex_new_ex_func(ASN1_VALUE **pval, const ASN1_ITEM *it,
OSSL_LIB_CTX *libctx, const char *propq);
typedef void ASN1_ex_free_func(ASN1_VALUE **pval, const ASN1_ITEM *it);
typedef int ASN1_ex_print_func(BIO *out, const ASN1_VALUE **pval,
int indent, const char *fname,
const ASN1_PCTX *pctx);
struct ASN1_EXTERN_FUNCS_st {
void *app_data;
ASN1_ex_new_func *asn1_ex_new;
ASN1_ex_free_func *asn1_ex_free;
ASN1_ex_free_func *asn1_ex_clear;
ASN1_ex_d2i *asn1_ex_d2i;
ASN1_ex_i2d *asn1_ex_i2d;
ASN1_ex_print_func *asn1_ex_print;
ASN1_ex_new_ex_func *asn1_ex_new_ex;
ASN1_ex_d2i_ex *asn1_ex_d2i_ex;
};
typedef struct ASN1_EXTERN_FUNCS_st ASN1_EXTERN_FUNCS;
#define IMPLEMENT_EXTERN_ASN1(sname, tag, fptrs)</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>ASN.1 data structures templates are typically defined in OpenSSL using a series of macros such as ASN1_SEQUENCE(), ASN1_SEQUENCE_END() and so on. Instead templates can also be defined based entirely on external functions. These external functions are called to perform operations such as creating a new <b>ASN1_VALUE</b> or converting an <b>ASN1_VALUE</b> to or from DER encoding.</p>
<p>The macro IMPLEMENT_EXTERN_ASN1() can be used to create such an externally defined structure. The name of the structure should be supplied in the <i>sname</i> parameter. The tag for the structure (e.g. typically <b>V_ASN1_SEQUENCE</b>) should be supplied in the <i>tag</i> parameter. Finally a pointer to an <b>ASN1_EXTERN_FUNCS</b> structure should be supplied in the <i>fptrs</i> parameter.</p>
<p>The <b>ASN1_EXTERN_FUNCS</b> structure has the following entries.</p>
<dl>
<dt id="app_data"><i>app_data</i></dt>
<dd>
<p>A pointer to arbitrary application specific data.</p>
</dd>
<dt id="asn1_ex_new"><i>asn1_ex_new</i></dt>
<dd>
<p>A &quot;new&quot; function responsible for constructing a new <b>ASN1_VALUE</b> object. The newly constructed value should be stored in <i>*pval</i>. The <i>it</i> parameter is a pointer to the <b>ASN1_ITEM</b> template object created via the IMPLEMENT_EXTERN_ASN1() macro.</p>
<p>Returns a positive value on success or 0 on error.</p>
</dd>
<dt id="asn1_ex_free"><i>asn1_ex_free</i></dt>
<dd>
<p>A &quot;free&quot; function responsible for freeing the <b>ASN1_VALUE</b> passed in <i>*pval</i> that was previously allocated via a &quot;new&quot; function. The <i>it</i> parameter is a pointer to the <b>ASN1_ITEM</b> template object created via the IMPLEMENT_EXTERN_ASN1() macro.</p>
</dd>
<dt id="asn1_ex_clear"><i>asn1_ex_clear</i></dt>
<dd>
<p>A &quot;clear&quot; function responsible for clearing any data in the <b>ASN1_VALUE</b> passed in <i>*pval</i> and making it suitable for reuse. The <i>it</i> parameter is a pointer to the <b>ASN1_ITEM</b> template object created via the IMPLEMENT_EXTERN_ASN1() macro.</p>
</dd>
<dt id="asn1_ex_d2i"><i>asn1_ex_d2i</i></dt>
<dd>
<p>A &quot;d2i&quot; function responsible for converting DER data with the tag <i>tag</i> and class <i>class</i> into an <b>ASN1_VALUE</b>. If <i>*pval</i> is non-NULL then the <b>ASN_VALUE</b> it points to should be reused. Otherwise a new <b>ASN1_VALUE</b> should be allocated and stored in <i>*pval</i>. <i>*in</i> points to the DER data to be decoded and <i>len</i> is the length of that data. After decoding <i>*in</i> should be updated to point at the next byte after the decoded data. If the <b>ASN1_VALUE</b> is considered optional in this context then <i>opt</i> will be nonzero. Otherwise it will be zero. The <i>it</i> parameter is a pointer to the <b>ASN1_ITEM</b> template object created via the IMPLEMENT_EXTERN_ASN1() macro. A pointer to the current <b>ASN1_TLC</b> context (which may be required for other ASN1 function calls) is passed in the <i>ctx</i> parameter.</p>
<p>The <i>asn1_ex_d2i</i> entry may be NULL if <i>asn1_ex_d2i_ex</i> has been specified instead.</p>
<p>Returns &lt;= 0 on error or a positive value on success.</p>
</dd>
<dt id="asn1_ex_i2d"><i>asn1_ex_i2d</i></dt>
<dd>
<p>An &quot;i2d&quot; function responsible for converting an <b>ASN1_VALUE</b> into DER encoding. On entry <i>*pval</i> will contain the <b>ASN1_VALUE</b> to be encoded. If default tagging is to be used then <i>tag</i> will be -1 on entry. Otherwise if implicit tagging should be used then <i>tag</i> and <i>aclass</i> will be the tag and associated class.</p>
<p>If <i>out</i> is not NULL then this function should write the DER encoded data to the buffer in <i>*out</i>, and then increment <i>*out</i> to point to immediately after the data just written.</p>
<p>If <i>out</i> is NULL then no data should be written but the length calculated and returned as if it were.</p>
<p>The <i>asn1_ex_i2d</i> entry may be NULL if <i>asn1_ex_i2d_ex</i> has been specified instead.</p>
<p>The return value should be negative if a fatal error occurred, or 0 if a non-fatal error occurred. Otherwise it should return the length of the encoded data.</p>
</dd>
<dt id="asn1_ex_print"><i>asn1_ex_print</i></dt>
<dd>
<p>A &quot;print&quot; function. <i>out</i> is the BIO to print the output to. <i>*pval</i> is the <b>ASN1_VALUE</b> to be printed. <i>indent</i> is the number of spaces of indenting to be printed before any data is printed. <i>fname</i> is currently unused and is always &quot;&quot;. <i>pctx</i> is a pointer to the <b>ASN1_PCTX</b> for the print operation.</p>
<p>Returns 0 on error or a positive value on success. If the return value is 2 then an additional newline will be printed after the data printed by this function.</p>
</dd>
<dt id="asn1_ex_new_ex"><i>asn1_ex_new_ex</i></dt>
<dd>
<p>This is the same as <i>asn1_ex_new</i> except that it is additionally passed the OSSL_LIB_CTX to be used in <i>libctx</i> and any property query string to be used for algorithm fetching in the <i>propq</i> parameter. See <a href="../man7/crypto.html">&quot;ALGORITHM FETCHING&quot; in crypto(7)</a> for further details. If <i>asn1_ex_new_ex</i> is non NULL, then it will always be called in preference to <i>asn1_ex_new</i>.</p>
</dd>
<dt id="asn1_ex_d2i_ex"><i>asn1_ex_d2i_ex</i></dt>
<dd>
<p>This is the same as <i>asn1_ex_d2i</i> except that it is additionally passed the OSSL_LIB_CTX to be used in <i>libctx</i> and any property query string to be used for algorithm fetching in the <i>propq</i> parameter. See <a href="../man7/crypto.html">&quot;ALGORITHM FETCHING&quot; in crypto(7)</a> for further details. If <i>asn1_ex_d2i_ex</i> is non NULL, then it will always be called in preference to <i>asn1_ex_d2i</i>.</p>
</dd>
</dl>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>Return values for the various callbacks are as described above.</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/ASN1_item_new_ex.html">ASN1_item_new_ex(3)</a></p>
<h1 id="HISTORY">HISTORY</h1>
<p>The <i>asn1_ex_new_ex</i> and <i>asn1_ex_d2i_ex</i> callbacks were added in OpenSSL 3.0.</p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2021 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

116
openssl-3.4.2/doc/html/man3/ASN1_INTEGER_get_int64.html
View File

@@ -1,116 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>ASN1_INTEGER_get_int64</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#BUGS">BUGS</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#HISTORY">HISTORY</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>ASN1_INTEGER_get_uint64, ASN1_INTEGER_set_uint64, ASN1_INTEGER_get_int64, ASN1_INTEGER_get, ASN1_INTEGER_set_int64, ASN1_INTEGER_set, BN_to_ASN1_INTEGER, ASN1_INTEGER_to_BN, ASN1_ENUMERATED_get_int64, ASN1_ENUMERATED_get, ASN1_ENUMERATED_set_int64, ASN1_ENUMERATED_set, BN_to_ASN1_ENUMERATED, ASN1_ENUMERATED_to_BN - ASN.1 INTEGER and ENUMERATED utilities</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/asn1.h&gt;
int ASN1_INTEGER_get_int64(int64_t *pr, const ASN1_INTEGER *a);
long ASN1_INTEGER_get(const ASN1_INTEGER *a);
int ASN1_INTEGER_set_int64(ASN1_INTEGER *a, int64_t r);
int ASN1_INTEGER_set(ASN1_INTEGER *a, long v);
int ASN1_INTEGER_get_uint64(uint64_t *pr, const ASN1_INTEGER *a);
int ASN1_INTEGER_set_uint64(ASN1_INTEGER *a, uint64_t r);
ASN1_INTEGER *BN_to_ASN1_INTEGER(const BIGNUM *bn, ASN1_INTEGER *ai);
BIGNUM *ASN1_INTEGER_to_BN(const ASN1_INTEGER *ai, BIGNUM *bn);
int ASN1_ENUMERATED_get_int64(int64_t *pr, const ASN1_ENUMERATED *a);
long ASN1_ENUMERATED_get(const ASN1_ENUMERATED *a);
int ASN1_ENUMERATED_set_int64(ASN1_ENUMERATED *a, int64_t r);
int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v);
ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(const BIGNUM *bn, ASN1_ENUMERATED *ai);
BIGNUM *ASN1_ENUMERATED_to_BN(const ASN1_ENUMERATED *ai, BIGNUM *bn);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>These functions convert to and from <b>ASN1_INTEGER</b> and <b>ASN1_ENUMERATED</b> structures.</p>
<p>ASN1_INTEGER_get_int64() converts an <b>ASN1_INTEGER</b> into an <b>int64_t</b> type If successful it returns 1 and sets <i>*pr</i> to the value of <i>a</i>. If it fails (due to invalid type or the value being too big to fit into an <b>int64_t</b> type) it returns 0.</p>
<p>ASN1_INTEGER_get_uint64() is similar to ASN1_INTEGER_get_int64_t() except it converts to a <b>uint64_t</b> type and an error is returned if the passed integer is negative.</p>
<p>ASN1_INTEGER_get() also returns the value of <i>a</i> but it returns 0 if <i>a</i> is NULL and -1 on error (which is ambiguous because -1 is a legitimate value for an <b>ASN1_INTEGER</b>). New applications should use ASN1_INTEGER_get_int64() instead.</p>
<p>ASN1_INTEGER_set_int64() sets the value of <b>ASN1_INTEGER</b> <i>a</i> to the <b>int64_t</b> value <i>r</i>.</p>
<p>ASN1_INTEGER_set_uint64() sets the value of <b>ASN1_INTEGER</b> <i>a</i> to the <b>uint64_t</b> value <i>r</i>.</p>
<p>ASN1_INTEGER_set() sets the value of <b>ASN1_INTEGER</b> <i>a</i> to the <i>long</i> value <i>v</i>.</p>
<p>BN_to_ASN1_INTEGER() converts <b>BIGNUM</b> <i>bn</i> to an <b>ASN1_INTEGER</b>. If <i>ai</i> is NULL a new <b>ASN1_INTEGER</b> structure is returned. If <i>ai</i> is not NULL then the existing structure will be used instead.</p>
<p>ASN1_INTEGER_to_BN() converts ASN1_INTEGER <i>ai</i> into a <b>BIGNUM</b>. If <i>bn</i> is NULL a new <b>BIGNUM</b> structure is returned. If <i>bn</i> is not NULL then the existing structure will be used instead.</p>
<p>ASN1_ENUMERATED_get_int64(), ASN1_ENUMERATED_set_int64(), ASN1_ENUMERATED_set(), BN_to_ASN1_ENUMERATED() and ASN1_ENUMERATED_to_BN() behave in an identical way to their ASN1_INTEGER counterparts except they operate on an <b>ASN1_ENUMERATED</b> value.</p>
<p>ASN1_ENUMERATED_get() returns the value of <i>a</i> in a similar way to ASN1_INTEGER_get() but it returns <b>0xffffffffL</b> if the value of <i>a</i> will not fit in a long type. New applications should use ASN1_ENUMERATED_get_int64() instead.</p>
<h1 id="NOTES">NOTES</h1>
<p>In general an <b>ASN1_INTEGER</b> or <b>ASN1_ENUMERATED</b> type can contain an integer of almost arbitrary size and so cannot always be represented by a C <b>int64_t</b> type. However, in many cases (for example version numbers) they represent small integers which can be more easily manipulated if converted to an appropriate C integer type.</p>
<h1 id="BUGS">BUGS</h1>
<p>The ambiguous return values of ASN1_INTEGER_get() and ASN1_ENUMERATED_get() mean these functions should be avoided if possible. They are retained for compatibility. Normally the ambiguous return values are not legitimate values for the fields they represent.</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>ASN1_INTEGER_set_int64(), ASN1_INTEGER_set(), ASN1_ENUMERATED_set_int64() and ASN1_ENUMERATED_set() return 1 for success and 0 for failure. They will only fail if a memory allocation error occurs.</p>
<p>ASN1_INTEGER_get_int64() and ASN1_ENUMERATED_get_int64() return 1 for success and 0 for failure. They will fail if the passed type is incorrect (this will only happen if there is a programming error) or if the value exceeds the range of an <b>int64_t</b> type.</p>
<p>BN_to_ASN1_INTEGER() and BN_to_ASN1_ENUMERATED() return an <b>ASN1_INTEGER</b> or <b>ASN1_ENUMERATED</b> structure respectively or NULL if an error occurs. They will only fail due to a memory allocation error.</p>
<p>ASN1_INTEGER_to_BN() and ASN1_ENUMERATED_to_BN() return a <b>BIGNUM</b> structure of NULL if an error occurs. They can fail if the passed type is incorrect (due to programming error) or due to a memory allocation failure.</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
<h1 id="HISTORY">HISTORY</h1>
<p>ASN1_INTEGER_set_int64(), ASN1_INTEGER_get_int64(), ASN1_ENUMERATED_set_int64() and ASN1_ENUMERATED_get_int64() were added in OpenSSL 1.1.0.</p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2015-2020 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

63
openssl-3.4.2/doc/html/man3/ASN1_INTEGER_new.html
View File

@@ -1,63 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>ASN1_INTEGER_new</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>ASN1_INTEGER_new, ASN1_INTEGER_free - ASN1_INTEGER allocation functions</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/asn1.h&gt;
ASN1_INTEGER *ASN1_INTEGER_new(void);
void ASN1_INTEGER_free(ASN1_INTEGER *a);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>ASN1_INTEGER_new() returns an allocated <b>ASN1_INTEGER</b> structure.</p>
<p>ASN1_INTEGER_free() frees up a single <b>ASN1_INTEGER</b> object. If the argument is NULL, nothing is done.</p>
<p><b>ASN1_INTEGER</b> structure representing the ASN.1 INTEGER type</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>ASN1_INTEGER_new() return a valid <b>ASN1_INTEGER</b> structure or NULL if an error occurred.</p>
<p>ASN1_INTEGER_free() does not return a value.</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2020-2024 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

59
openssl-3.4.2/doc/html/man3/ASN1_ITEM_lookup.html
View File

@@ -1,59 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>ASN1_ITEM_lookup</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>ASN1_ITEM_lookup, ASN1_ITEM_get - lookup ASN.1 structures</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/asn1.h&gt;
const ASN1_ITEM *ASN1_ITEM_lookup(const char *name);
const ASN1_ITEM *ASN1_ITEM_get(size_t i);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>ASN1_ITEM_lookup() returns the <b>ASN1_ITEM</b> named <i>name</i>.</p>
<p>ASN1_ITEM_get() returns the <b>ASN1_ITEM</b> with index <i>i</i>. This function returns NULL if the index <i>i</i> is out of range.</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>ASN1_ITEM_lookup() and ASN1_ITEM_get() return a valid <b>ASN1_ITEM</b> structure or NULL if an error occurred.</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

68
openssl-3.4.2/doc/html/man3/ASN1_OBJECT_new.html
View File

@@ -1,68 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>ASN1_OBJECT_new</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>ASN1_OBJECT_new, ASN1_OBJECT_free - object allocation functions</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/asn1.h&gt;
ASN1_OBJECT *ASN1_OBJECT_new(void);
void ASN1_OBJECT_free(ASN1_OBJECT *a);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>The <b>ASN1_OBJECT</b> allocation routines, allocate and free an <b>ASN1_OBJECT</b> structure, which represents an ASN1 OBJECT IDENTIFIER.</p>
<p>ASN1_OBJECT_new() allocates and initializes an <b>ASN1_OBJECT</b> structure.</p>
<p>ASN1_OBJECT_free() frees up the <b>ASN1_OBJECT</b> structure <i>a</i>. If <i>a</i> is NULL, nothing is done.</p>
<h1 id="NOTES">NOTES</h1>
<p>Although ASN1_OBJECT_new() allocates a new <b>ASN1_OBJECT</b> structure it is almost never used in applications. The ASN1 object utility functions such as OBJ_nid2obj() are used instead.</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>If the allocation fails, ASN1_OBJECT_new() returns NULL and sets an error code that can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>. Otherwise it returns a pointer to the newly allocated structure.</p>
<p>ASN1_OBJECT_free() returns no value.</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/d2i_ASN1_OBJECT.html">d2i_ASN1_OBJECT(3)</a></p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

82
openssl-3.4.2/doc/html/man3/ASN1_STRING_TABLE_add.html
View File

@@ -1,82 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>ASN1_STRING_TABLE_add</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a>
<ul>
<li><a href="#Types">Types</a></li>
<li><a href="#Functions">Functions</a></li>
</ul>
</li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>ASN1_STRING_TABLE, ASN1_STRING_TABLE_add, ASN1_STRING_TABLE_get, ASN1_STRING_TABLE_cleanup - ASN1_STRING_TABLE manipulation functions</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/asn1.h&gt;
typedef struct asn1_string_table_st ASN1_STRING_TABLE;
int ASN1_STRING_TABLE_add(int nid, long minsize, long maxsize,
unsigned long mask, unsigned long flags);
ASN1_STRING_TABLE *ASN1_STRING_TABLE_get(int nid);
void ASN1_STRING_TABLE_cleanup(void);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<h2 id="Types">Types</h2>
<p><b>ASN1_STRING_TABLE</b> is a table which holds string information (basically minimum size, maximum size, type and etc) for a NID object.</p>
<h2 id="Functions">Functions</h2>
<p>ASN1_STRING_TABLE_add() adds a new <b>ASN1_STRING_TABLE</b> item into the local ASN1 string table based on the <i>nid</i> along with other parameters.</p>
<p>If the item is already in the table, fields of <b>ASN1_STRING_TABLE</b> are updated (depending on the values of those parameters, e.g., <i>minsize</i> and <i>maxsize</i> &gt;= 0, <i>mask</i> and <i>flags</i> != 0). If the <i>nid</i> is standard, a copy of the standard <b>ASN1_STRING_TABLE</b> is created and updated with other parameters.</p>
<p>ASN1_STRING_TABLE_get() searches for an <b>ASN1_STRING_TABLE</b> item based on <i>nid</i>. It will search the local table first, then the standard one.</p>
<p>ASN1_STRING_TABLE_cleanup() frees all <b>ASN1_STRING_TABLE</b> items added by ASN1_STRING_TABLE_add().</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>ASN1_STRING_TABLE_add() returns 1 on success, 0 if an error occurred.</p>
<p>ASN1_STRING_TABLE_get() returns a valid <b>ASN1_STRING_TABLE</b> structure or NULL if nothing is found.</p>
<p>ASN1_STRING_TABLE_cleanup() does not return a value.</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2017-2020 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

107
openssl-3.4.2/doc/html/man3/ASN1_STRING_length.html
View File

@@ -1,107 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>ASN1_STRING_length</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>ASN1_STRING_dup, ASN1_STRING_cmp, ASN1_STRING_set, ASN1_STRING_length, ASN1_STRING_type, ASN1_STRING_get0_data, ASN1_STRING_data, ASN1_STRING_to_UTF8 - ASN1_STRING utility functions</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/asn1.h&gt;
int ASN1_STRING_length(ASN1_STRING *x);
const unsigned char *ASN1_STRING_get0_data(const ASN1_STRING *x);
unsigned char *ASN1_STRING_data(ASN1_STRING *x);
ASN1_STRING *ASN1_STRING_dup(const ASN1_STRING *a);
int ASN1_STRING_cmp(ASN1_STRING *a, ASN1_STRING *b);
int ASN1_STRING_set(ASN1_STRING *str, const void *data, int len);
int ASN1_STRING_type(const ASN1_STRING *x);
int ASN1_STRING_to_UTF8(unsigned char **out, const ASN1_STRING *in);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>These functions allow an <b>ASN1_STRING</b> structure to be manipulated.</p>
<p>ASN1_STRING_length() returns the length of the content of <i>x</i>.</p>
<p>ASN1_STRING_get0_data() returns an internal pointer to the data of <i>x</i>. Since this is an internal pointer it should <b>not</b> be freed or modified in any way.</p>
<p>ASN1_STRING_data() is similar to ASN1_STRING_get0_data() except the returned value is not constant. This function is deprecated: applications should use ASN1_STRING_get0_data() instead.</p>
<p>ASN1_STRING_dup() returns a copy of the structure <i>a</i>.</p>
<p>ASN1_STRING_cmp() compares <i>a</i> and <i>b</i> returning 0 if the two are identical. The string types and content are compared.</p>
<p>ASN1_STRING_set() sets the data of string <i>str</i> to the buffer <i>data</i> or length <i>len</i>. The supplied data is copied. If <i>len</i> is -1 then the length is determined by strlen(data).</p>
<p>ASN1_STRING_type() returns the type of <i>x</i>, using standard constants such as <b>V_ASN1_OCTET_STRING</b>.</p>
<p>ASN1_STRING_to_UTF8() converts the string <i>in</i> to UTF8 format, the converted data is allocated in a buffer in <i>*out</i>. The length of <i>out</i> is returned or a negative error code. The buffer <i>*out</i> should be freed using OPENSSL_free().</p>
<h1 id="NOTES">NOTES</h1>
<p>Almost all ASN1 types in OpenSSL are represented as an <b>ASN1_STRING</b> structure. Other types such as <b>ASN1_OCTET_STRING</b> are simply typedef&#39;ed to <b>ASN1_STRING</b> and the functions call the <b>ASN1_STRING</b> equivalents. <b>ASN1_STRING</b> is also used for some <b>CHOICE</b> types which consist entirely of primitive string types such as <b>DirectoryString</b> and <b>Time</b>.</p>
<p>These functions should <b>not</b> be used to examine or modify <b>ASN1_INTEGER</b> or <b>ASN1_ENUMERATED</b> types: the relevant <b>INTEGER</b> or <b>ENUMERATED</b> utility functions should be used instead.</p>
<p>In general it cannot be assumed that the data returned by ASN1_STRING_data() is null terminated or does not contain embedded nulls. The actual format of the data will depend on the actual string type itself: for example for an IA5String the data will be ASCII, for a BMPString two bytes per character in big endian format, and for a UTF8String it will be in UTF8 format.</p>
<p>Similar care should be take to ensure the data is in the correct format when calling ASN1_STRING_set().</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>ASN1_STRING_length() returns the length of the content of <i>x</i>.</p>
<p>ASN1_STRING_get0_data() and ASN1_STRING_data() return an internal pointer to the data of <i>x</i>.</p>
<p>ASN1_STRING_dup() returns a valid <b>ASN1_STRING</b> structure or NULL if an error occurred.</p>
<p>ASN1_STRING_cmp() returns an integer greater than, equal to, or less than 0, according to whether <i>a</i> is greater than, equal to, or less than <i>b</i>.</p>
<p>ASN1_STRING_set() returns 1 on success or 0 on error.</p>
<p>ASN1_STRING_type() returns the type of <i>x</i>.</p>
<p>ASN1_STRING_to_UTF8() returns the number of bytes in output string <i>out</i> or a negative value if an error occurred.</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2002-2020 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

69
openssl-3.4.2/doc/html/man3/ASN1_STRING_new.html
View File

@@ -1,69 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>ASN1_STRING_new</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>ASN1_STRING_new, ASN1_STRING_type_new, ASN1_STRING_free - ASN1_STRING allocation functions</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/asn1.h&gt;
ASN1_STRING *ASN1_STRING_new(void);
ASN1_STRING *ASN1_STRING_type_new(int type);
void ASN1_STRING_free(ASN1_STRING *a);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>ASN1_STRING_new() returns an allocated <b>ASN1_STRING</b> structure. Its type is undefined.</p>
<p>ASN1_STRING_type_new() returns an allocated <b>ASN1_STRING</b> structure of type <i>type</i>.</p>
<p>ASN1_STRING_free() frees up <i>a</i>. If <i>a</i> is NULL nothing is done.</p>
<h1 id="NOTES">NOTES</h1>
<p>Other string types call the <b>ASN1_STRING</b> functions. For example ASN1_OCTET_STRING_new() calls ASN1_STRING_type_new(V_ASN1_OCTET_STRING).</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>ASN1_STRING_new() and ASN1_STRING_type_new() return a valid <b>ASN1_STRING</b> structure or NULL if an error occurred.</p>
<p>ASN1_STRING_free() does not return a value.</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2002-2023 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

103
openssl-3.4.2/doc/html/man3/ASN1_STRING_print_ex.html
View File

@@ -1,103 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>ASN1_STRING_print_ex</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>ASN1_tag2str, ASN1_STRING_print_ex, ASN1_STRING_print_ex_fp, ASN1_STRING_print - ASN1_STRING output routines</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/asn1.h&gt;
int ASN1_STRING_print_ex(BIO *out, const ASN1_STRING *str, unsigned long flags);
int ASN1_STRING_print_ex_fp(FILE *fp, const ASN1_STRING *str, unsigned long flags);
int ASN1_STRING_print(BIO *out, const ASN1_STRING *str);
const char *ASN1_tag2str(int tag);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>These functions output an <b>ASN1_STRING</b> structure. <b>ASN1_STRING</b> is used to represent all the ASN1 string types.</p>
<p>ASN1_STRING_print_ex() outputs <i>str</i> to <i>out</i>, the format is determined by the options <i>flags</i>. ASN1_STRING_print_ex_fp() is identical except it outputs to <i>fp</i> instead.</p>
<p>ASN1_STRING_print() prints <i>str</i> to <i>out</i> but using a different format to ASN1_STRING_print_ex(). It replaces unprintable characters (other than CR, LF) with &#39;.&#39;.</p>
<p>ASN1_tag2str() returns a human-readable name of the specified ASN.1 <i>tag</i>.</p>
<h1 id="NOTES">NOTES</h1>
<p>ASN1_STRING_print() is a deprecated function which should be avoided; use ASN1_STRING_print_ex() instead.</p>
<p>Although there are a large number of options frequently <b>ASN1_STRFLGS_RFC2253</b> is suitable, or on UTF8 terminals <b>ASN1_STRFLGS_RFC2253 &amp; ~ASN1_STRFLGS_ESC_MSB</b>.</p>
<p>The complete set of supported options for <i>flags</i> is listed below.</p>
<p>Various characters can be escaped. If <b>ASN1_STRFLGS_ESC_2253</b> is set the characters determined by RFC2253 are escaped. If <b>ASN1_STRFLGS_ESC_CTRL</b> is set control characters are escaped. If <b>ASN1_STRFLGS_ESC_MSB</b> is set characters with the MSB set are escaped: this option should <b>not</b> be used if the terminal correctly interprets UTF8 sequences.</p>
<p>Escaping takes several forms.</p>
<p>If the character being escaped is a 16 bit character then the form &quot;\UXXXX&quot; is used using exactly four characters for the hex representation. If it is 32 bits then &quot;\WXXXXXXXX&quot; is used using eight characters of its hex representation. These forms will only be used if UTF8 conversion is not set (see below).</p>
<p>Printable characters are normally escaped using the backslash &#39;\&#39; character. If <b>ASN1_STRFLGS_ESC_QUOTE</b> is set then the whole string is instead surrounded by double quote characters: this is arguably more readable than the backslash notation. Other characters use the &quot;\XX&quot; using exactly two characters of the hex representation.</p>
<p>If <b>ASN1_STRFLGS_UTF8_CONVERT</b> is set then characters are converted to UTF8 format first. If the terminal supports the display of UTF8 sequences then this option will correctly display multi byte characters.</p>
<p>If <b>ASN1_STRFLGS_IGNORE_TYPE</b> is set then the string type is not interpreted at all: everything is assumed to be one byte per character. This is primarily for debugging purposes and can result in confusing output in multi character strings.</p>
<p>If <b>ASN1_STRFLGS_SHOW_TYPE</b> is set then the string type itself is printed out before its value (for example &quot;BMPSTRING&quot;), this actually uses ASN1_tag2str().</p>
<p>The content of a string instead of being interpreted can be &quot;dumped&quot;: this just outputs the value of the string using the form #XXXX using hex format for each octet.</p>
<p>If <b>ASN1_STRFLGS_DUMP_ALL</b> is set then any type is dumped.</p>
<p>Normally non character string types (such as OCTET STRING) are assumed to be one byte per character, if <b>ASN1_STRFLGS_DUMP_UNKNOWN</b> is set then they will be dumped instead.</p>
<p>When a type is dumped normally just the content octets are printed, if <b>ASN1_STRFLGS_DUMP_DER</b> is set then the complete encoding is dumped instead (including tag and length octets).</p>
<p><b>ASN1_STRFLGS_RFC2253</b> includes all the flags required by RFC2253. It is equivalent to: ASN1_STRFLGS_ESC_2253 | ASN1_STRFLGS_ESC_CTRL | ASN1_STRFLGS_ESC_MSB | ASN1_STRFLGS_UTF8_CONVERT | ASN1_STRFLGS_DUMP_UNKNOWN ASN1_STRFLGS_DUMP_DER</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>ASN1_STRING_print_ex() and ASN1_STRING_print_ex_fp() return the number of characters written or -1 if an error occurred.</p>
<p>ASN1_STRING_print() returns 1 on success or 0 on error.</p>
<p>ASN1_tag2str() returns a human-readable name of the specified ASN.1 <i>tag</i>.</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/ASN1_tag2str.html">ASN1_tag2str(3)</a></p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

205
openssl-3.4.2/doc/html/man3/ASN1_TIME_set.html
View File

@@ -1,205 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>ASN1_TIME_set</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#BUGS">BUGS</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#EXAMPLES">EXAMPLES</a></li>
<li><a href="#HISTORY">HISTORY</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>ASN1_TIME_set, ASN1_UTCTIME_set, ASN1_GENERALIZEDTIME_set, ASN1_TIME_adj, ASN1_UTCTIME_adj, ASN1_GENERALIZEDTIME_adj, ASN1_TIME_check, ASN1_UTCTIME_check, ASN1_GENERALIZEDTIME_check, ASN1_TIME_set_string, ASN1_UTCTIME_set_string, ASN1_GENERALIZEDTIME_set_string, ASN1_TIME_set_string_X509, ASN1_TIME_normalize, ASN1_TIME_to_tm, ASN1_TIME_print, ASN1_TIME_print_ex, ASN1_UTCTIME_print, ASN1_GENERALIZEDTIME_print, ASN1_TIME_diff, ASN1_TIME_cmp_time_t, ASN1_UTCTIME_cmp_time_t, ASN1_TIME_compare, ASN1_TIME_to_generalizedtime, ASN1_TIME_dup, ASN1_UTCTIME_dup, ASN1_GENERALIZEDTIME_dup - ASN.1 Time functions</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s, time_t t);
ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t);
ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s,
time_t t);
ASN1_TIME *ASN1_TIME_adj(ASN1_TIME *s, time_t t, int offset_day,
long offset_sec);
ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t,
int offset_day, long offset_sec);
ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_adj(ASN1_GENERALIZEDTIME *s,
time_t t, int offset_day,
long offset_sec);
int ASN1_TIME_set_string(ASN1_TIME *s, const char *str);
int ASN1_TIME_set_string_X509(ASN1_TIME *s, const char *str);
int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, const char *str);
int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s,
const char *str);
int ASN1_TIME_normalize(ASN1_TIME *s);
int ASN1_TIME_check(const ASN1_TIME *t);
int ASN1_UTCTIME_check(const ASN1_UTCTIME *t);
int ASN1_GENERALIZEDTIME_check(const ASN1_GENERALIZEDTIME *t);
int ASN1_TIME_print(BIO *b, const ASN1_TIME *s);
int ASN1_TIME_print_ex(BIO *bp, const ASN1_TIME *tm, unsigned long flags);
int ASN1_UTCTIME_print(BIO *b, const ASN1_UTCTIME *s);
int ASN1_GENERALIZEDTIME_print(BIO *b, const ASN1_GENERALIZEDTIME *s);
int ASN1_TIME_to_tm(const ASN1_TIME *s, struct tm *tm);
int ASN1_TIME_diff(int *pday, int *psec, const ASN1_TIME *from,
const ASN1_TIME *to);
int ASN1_TIME_cmp_time_t(const ASN1_TIME *s, time_t t);
int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t);
int ASN1_TIME_compare(const ASN1_TIME *a, const ASN1_TIME *b);
ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t,
ASN1_GENERALIZEDTIME **out);
ASN1_TIME *ASN1_TIME_dup(const ASN1_TIME *t);
ASN1_UTCTIME *ASN1_UTCTIME_dup(const ASN1_UTCTIME *t);
ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_dup(const ASN1_GENERALIZEDTIME *t);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>The ASN1_TIME_set(), ASN1_UTCTIME_set() and ASN1_GENERALIZEDTIME_set() functions set the structure <i>s</i> to the time represented by the time_t value <i>t</i>. If <i>s</i> is NULL a new time structure is allocated and returned.</p>
<p>The ASN1_TIME_adj(), ASN1_UTCTIME_adj() and ASN1_GENERALIZEDTIME_adj() functions set the time structure <i>s</i> to the time represented by the time <i>offset_day</i> and <i>offset_sec</i> after the time_t value <i>t</i>. The values of <i>offset_day</i> or <i>offset_sec</i> can be negative to set a time before <i>t</i>. The <i>offset_sec</i> value can also exceed the number of seconds in a day. If <i>s</i> is NULL a new structure is allocated and returned.</p>
<p>The ASN1_TIME_set_string(), ASN1_UTCTIME_set_string() and ASN1_GENERALIZEDTIME_set_string() functions set the time structure <i>s</i> to the time represented by string <i>str</i> which must be in appropriate ASN.1 time format (for example YYMMDDHHMMSSZ or YYYYMMDDHHMMSSZ). If <i>s</i> is NULL this function performs a format check on <i>str</i> only. The string <i>str</i> is copied into <i>s</i>.</p>
<p>ASN1_TIME_set_string_X509() sets <b>ASN1_TIME</b> structure <i>s</i> to the time represented by string <i>str</i> which must be in appropriate time format that RFC 5280 requires, which means it only allows YYMMDDHHMMSSZ and YYYYMMDDHHMMSSZ (leap second is rejected), all other ASN.1 time format are not allowed. If <i>s</i> is NULL this function performs a format check on <i>str</i> only.</p>
<p>The ASN1_TIME_normalize() function converts an <b>ASN1_GENERALIZEDTIME</b> or <b>ASN1_UTCTIME</b> into a time value that can be used in a certificate. It should be used after the ASN1_TIME_set_string() functions and before ASN1_TIME_print() functions to get consistent (i.e. GMT) results.</p>
<p>The ASN1_TIME_check(), ASN1_UTCTIME_check() and ASN1_GENERALIZEDTIME_check() functions check the syntax of the time structure <i>s</i>.</p>
<p>The ASN1_TIME_print(), ASN1_UTCTIME_print() and ASN1_GENERALIZEDTIME_print() functions print the time structure <i>s</i> to BIO <i>b</i> in human readable format. It will be of the format MMM DD HH:MM:SS[.s*] YYYY GMT, for example &quot;Feb 3 00:55:52 2015 GMT&quot;, which does not include a newline. If the time structure has invalid format it prints out &quot;Bad time value&quot; and returns an error. The output for generalized time may include a fractional part following the second.</p>
<p>ASN1_TIME_print_ex() provides <i>flags</i> to specify the output format of the datetime. This can be either <b>ASN1_DTFLGS_RFC822</b> or <b>ASN1_DTFLGS_ISO8601</b>.</p>
<p>ASN1_TIME_to_tm() converts the time <i>s</i> to the standard <i>tm</i> structure. If <i>s</i> is NULL, then the current time is converted. The output time is GMT. The <i>tm_sec</i>, <i>tm_min</i>, <i>tm_hour</i>, <i>tm_mday</i>, <i>tm_wday</i>, <i>tm_yday</i>, <i>tm_mon</i> and <i>tm_year</i> fields of <i>tm</i> structure are set to proper values, whereas all other fields are set to 0. If <i>tm</i> is NULL this function performs a format check on <i>s</i> only. If <i>s</i> is in Generalized format with fractional seconds, e.g. YYYYMMDDHHMMSS.SSSZ, the fractional seconds will be lost while converting <i>s</i> to <i>tm</i> structure.</p>
<p>ASN1_TIME_diff() sets <i>*pday</i> and <i>*psec</i> to the time difference between <i>from</i> and <i>to</i>. If <i>to</i> represents a time later than <i>from</i> then one or both (depending on the time difference) of <i>*pday</i> and <i>*psec</i> will be positive. If <i>to</i> represents a time earlier than <i>from</i> then one or both of <i>*pday</i> and <i>*psec</i> will be negative. If <i>to</i> and <i>from</i> represent the same time then <i>*pday</i> and <i>*psec</i> will both be zero. If both <i>*pday</i> and <i>*psec</i> are nonzero they will always have the same sign. The value of <i>*psec</i> will always be less than the number of seconds in a day. If <i>from</i> or <i>to</i> is NULL the current time is used.</p>
<p>The ASN1_TIME_cmp_time_t() and ASN1_UTCTIME_cmp_time_t() functions compare the two times represented by the time structure <i>s</i> and the time_t <i>t</i>.</p>
<p>The ASN1_TIME_compare() function compares the two times represented by the time structures <i>a</i> and <i>b</i>.</p>
<p>The ASN1_TIME_to_generalizedtime() function converts an <b>ASN1_TIME</b> to an <b>ASN1_GENERALIZEDTIME</b>, regardless of year. If either <i>out</i> or <i>*out</i> are NULL, then a new object is allocated and must be freed after use.</p>
<p>The ASN1_TIME_dup(), ASN1_UTCTIME_dup() and ASN1_GENERALIZEDTIME_dup() functions duplicate the time structure <i>t</i> and return the duplicated result correspondingly.</p>
<h1 id="NOTES">NOTES</h1>
<p>The <b>ASN1_TIME</b> structure corresponds to the ASN.1 structure <b>Time</b> defined in RFC5280 et al. The time setting functions obey the rules outlined in RFC5280: if the date can be represented by UTCTime it is used, else GeneralizedTime is used.</p>
<p>The <b>ASN1_TIME</b>, <b>ASN1_UTCTIME</b> and <b>ASN1_GENERALIZEDTIME</b> structures are represented as an <b>ASN1_STRING</b> internally and can be freed up using ASN1_STRING_free().</p>
<p>The <b>ASN1_TIME</b> structure can represent years from 0000 to 9999 but no attempt is made to correct ancient calendar changes (for example from Julian to Gregorian calendars).</p>
<p><b>ASN1_UTCTIME</b> is limited to a year range of 1950 through 2049.</p>
<p>Some applications add offset times directly to a time_t value and pass the results to ASN1_TIME_set() (or equivalent). This can cause problems as the time_t value can overflow on some systems resulting in unexpected results. New applications should use ASN1_TIME_adj() instead and pass the offset value in the <i>offset_sec</i> and <i>offset_day</i> parameters instead of directly manipulating a time_t value.</p>
<p>ASN1_TIME_adj() may change the type from <b>ASN1_GENERALIZEDTIME</b> to <b>ASN1_UTCTIME</b>, or vice versa, based on the resulting year. ASN1_GENERALIZEDTIME_adj() and ASN1_UTCTIME_adj() will not modify the type of the return structure.</p>
<p>It is recommended that functions starting with <b>ASN1_TIME</b> be used instead of those starting with <b>ASN1_UTCTIME</b> or <b>ASN1_GENERALIZEDTIME</b>. The functions starting with <b>ASN1_UTCTIME</b> and <b>ASN1_GENERALIZEDTIME</b> act only on that specific time format. The functions starting with <b>ASN1_TIME</b> will operate on either format.</p>
<p>Users familiar with RFC822 should note that when specifying the flag <b>ASN1_DTFLGS_RFC822</b> the year will be formatted as documented above, i.e., using 4 digits, not 2 as specified in RFC822.</p>
<h1 id="BUGS">BUGS</h1>
<p>ASN1_TIME_print(), ASN1_UTCTIME_print() and ASN1_GENERALIZEDTIME_print() do not print out the timezone: it either prints out &quot;GMT&quot; or nothing. But all certificates complying with RFC5280 et al use GMT anyway.</p>
<p>ASN1_TIME_print(), ASN1_TIME_print_ex(), ASN1_UTCTIME_print() and ASN1_GENERALIZEDTIME_print() do not distinguish if they fail because of an I/O error or invalid time format.</p>
<p>Use the ASN1_TIME_normalize() function to normalize the time value before printing to get GMT results.</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>ASN1_TIME_set(), ASN1_UTCTIME_set(), ASN1_GENERALIZEDTIME_set(), ASN1_TIME_adj(), ASN1_UTCTIME_adj() and ASN1_GENERALIZEDTIME_set() return a pointer to a time structure or NULL if an error occurred.</p>
<p>ASN1_TIME_set_string(), ASN1_UTCTIME_set_string(), ASN1_GENERALIZEDTIME_set_string() and ASN1_TIME_set_string_X509() return 1 if the time value is successfully set and 0 otherwise.</p>
<p>ASN1_TIME_normalize() returns 1 on success, and 0 on error.</p>
<p>ASN1_TIME_check(), ASN1_UTCTIME_check and ASN1_GENERALIZEDTIME_check() return 1 if the structure is syntactically correct and 0 otherwise.</p>
<p>ASN1_TIME_print(), ASN1_UTCTIME_print() and ASN1_GENERALIZEDTIME_print() return 1 if the time is successfully printed out and 0 if an I/O error occurred an error occurred (I/O error or invalid time format).</p>
<p>ASN1_TIME_to_tm() returns 1 if the time is successfully parsed and 0 if an error occurred (invalid time format).</p>
<p>ASN1_TIME_diff() returns 1 for success and 0 for failure. It can fail if the passed-in time structure has invalid syntax, for example.</p>
<p>ASN1_TIME_cmp_time_t() and ASN1_UTCTIME_cmp_time_t() return -1 if <i>s</i> is before <i>t</i>, 0 if <i>s</i> equals <i>t</i>, or 1 if <i>s</i> is after <i>t</i>. -2 is returned on error.</p>
<p>ASN1_TIME_compare() returns -1 if <i>a</i> is before <i>b</i>, 0 if <i>a</i> equals <i>b</i>, or 1 if <i>a</i> is after <i>b</i>. -2 is returned on error.</p>
<p>ASN1_TIME_to_generalizedtime() returns a pointer to the appropriate time structure on success or NULL if an error occurred.</p>
<p>ASN1_TIME_dup(), ASN1_UTCTIME_dup() and ASN1_GENERALIZEDTIME_dup() return a pointer to a time structure or NULL if an error occurred.</p>
<h1 id="EXAMPLES">EXAMPLES</h1>
<p>Set a time structure to one hour after the current time and print it out:</p>
<pre><code>#include &lt;time.h&gt;
#include &lt;openssl/asn1.h&gt;
ASN1_TIME *tm;
time_t t;
BIO *b;
t = time(NULL);
tm = ASN1_TIME_adj(NULL, t, 0, 60 * 60);
b = BIO_new_fp(stdout, BIO_NOCLOSE);
ASN1_TIME_print(b, tm);
ASN1_STRING_free(tm);
BIO_free(b);</code></pre>
<p>Determine if one time is later or sooner than the current time:</p>
<pre><code>int day, sec;
if (!ASN1_TIME_diff(&amp;day, &amp;sec, NULL, to))
/* Invalid time format */
if (day &gt; 0 || sec &gt; 0)
printf(&quot;Later\n&quot;);
else if (day &lt; 0 || sec &lt; 0)
printf(&quot;Sooner\n&quot;);
else
printf(&quot;Same\n&quot;);</code></pre>
<h1 id="HISTORY">HISTORY</h1>
<p>The ASN1_TIME_to_tm() function was added in OpenSSL 1.1.1. The ASN1_TIME_set_string_X509() function was added in OpenSSL 1.1.1. The ASN1_TIME_normalize() function was added in OpenSSL 1.1.1. The ASN1_TIME_cmp_time_t() function was added in OpenSSL 1.1.1. The ASN1_TIME_compare() function was added in OpenSSL 1.1.1.</p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2015-2025 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

89
openssl-3.4.2/doc/html/man3/ASN1_TYPE_get.html
View File

@@ -1,89 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>ASN1_TYPE_get</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>ASN1_TYPE_get, ASN1_TYPE_set, ASN1_TYPE_set1, ASN1_TYPE_cmp, ASN1_TYPE_unpack_sequence, ASN1_TYPE_pack_sequence - ASN1_TYPE utility functions</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/asn1.h&gt;
int ASN1_TYPE_get(const ASN1_TYPE *a);
void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value);
int ASN1_TYPE_set1(ASN1_TYPE *a, int type, const void *value);
int ASN1_TYPE_cmp(const ASN1_TYPE *a, const ASN1_TYPE *b);
void *ASN1_TYPE_unpack_sequence(const ASN1_ITEM *it, const ASN1_TYPE *t);
ASN1_TYPE *ASN1_TYPE_pack_sequence(const ASN1_ITEM *it, void *s,
ASN1_TYPE **t);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>These functions allow an <b>ASN1_TYPE</b> structure to be manipulated. The <b>ASN1_TYPE</b> structure can contain any ASN.1 type or constructed type such as a SEQUENCE: it is effectively equivalent to the ASN.1 ANY type.</p>
<p>ASN1_TYPE_get() returns the type of <i>a</i> or 0 if it fails.</p>
<p>ASN1_TYPE_set() sets the value of <i>a</i> to <i>type</i> and <i>value</i>. This function uses the pointer <i>value</i> internally so it must <b>not</b> be freed up after the call.</p>
<p>ASN1_TYPE_set1() sets the value of <i>a</i> to <i>type</i> a copy of <i>value</i>.</p>
<p>ASN1_TYPE_cmp() compares ASN.1 types <i>a</i> and <i>b</i> and returns 0 if they are identical and nonzero otherwise.</p>
<p>ASN1_TYPE_unpack_sequence() attempts to parse the SEQUENCE present in <i>t</i> using the ASN.1 structure <i>it</i>. If successful it returns a pointer to the ASN.1 structure corresponding to <i>it</i> which must be freed by the caller. If it fails it return NULL.</p>
<p>ASN1_TYPE_pack_sequence() attempts to encode the ASN.1 structure <i>s</i> corresponding to <i>it</i> into an <b>ASN1_TYPE</b>. If successful the encoded <b>ASN1_TYPE</b> is returned. If <i>t</i> and <i>*t</i> are not NULL the encoded type is written to <i>t</i> overwriting any existing data. If <i>t</i> is not NULL but <i>*t</i> is NULL the returned <b>ASN1_TYPE</b> is written to <i>*t</i>.</p>
<h1 id="NOTES">NOTES</h1>
<p>The type and meaning of the <i>value</i> parameter for ASN1_TYPE_set() and ASN1_TYPE_set1() is determined by the <i>type</i> parameter. If <i>type</i> is <b>V_ASN1_NULL</b> <i>value</i> is ignored. If <i>type</i> is <b>V_ASN1_BOOLEAN</b> then the boolean is set to TRUE if <i>value</i> is not NULL. If <i>type</i> is <b>V_ASN1_OBJECT</b> then value is an <b>ASN1_OBJECT</b> structure. Otherwise <i>type</i> is and <b>ASN1_STRING</b> structure. If <i>type</i> corresponds to a primitive type (or a string type) then the contents of the <b>ASN1_STRING</b> contain the content octets of the type. If <i>type</i> corresponds to a constructed type or a tagged type (<b>V_ASN1_SEQUENCE</b>, <b>V_ASN1_SET</b> or <b>V_ASN1_OTHER</b>) then the <b>ASN1_STRING</b> contains the entire ASN.1 encoding verbatim (including tag and length octets).</p>
<p>ASN1_TYPE_cmp() may not return zero if two types are equivalent but have different encodings. For example the single content octet of the boolean TRUE value under BER can have any nonzero encoding but ASN1_TYPE_cmp() will only return zero if the values are the same.</p>
<p>If either or both of the parameters passed to ASN1_TYPE_cmp() is NULL the return value is nonzero. Technically if both parameters are NULL the two types could be absent OPTIONAL fields and so should match, however, passing NULL values could also indicate a programming error (for example an unparsable type which returns NULL) for types which do <b>not</b> match. So applications should handle the case of two absent values separately.</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>ASN1_TYPE_get() returns the type of the <b>ASN1_TYPE</b> argument.</p>
<p>ASN1_TYPE_set() does not return a value.</p>
<p>ASN1_TYPE_set1() returns 1 for success and 0 for failure.</p>
<p>ASN1_TYPE_cmp() returns 0 if the types are identical and nonzero otherwise.</p>
<p>ASN1_TYPE_unpack_sequence() returns a pointer to an ASN.1 structure or NULL on failure.</p>
<p>ASN1_TYPE_pack_sequence() return an <b>ASN1_TYPE</b> structure if it succeeds or NULL on failure.</p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2015-2020 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

307
openssl-3.4.2/doc/html/man3/ASN1_aux_cb.html
View File

@@ -1,307 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>ASN1_aux_cb</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#HISTORY">HISTORY</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>ASN1_AUX, ASN1_PRINT_ARG, ASN1_STREAM_ARG, ASN1_aux_cb, ASN1_aux_const_cb - ASN.1 auxiliary data</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/asn1t.h&gt;
struct ASN1_AUX_st {
void *app_data;
int flags;
int ref_offset; /* Offset of reference value */
int ref_lock; /* Offset to an CRYPTO_RWLOCK */
ASN1_aux_cb *asn1_cb;
int enc_offset; /* Offset of ASN1_ENCODING structure */
ASN1_aux_const_cb *asn1_const_cb; /* for ASN1_OP_I2D_ and ASN1_OP_PRINT_ */
};
typedef struct ASN1_AUX_st ASN1_AUX;
struct ASN1_PRINT_ARG_st {
BIO *out;
int indent;
const ASN1_PCTX *pctx;
};
typedef struct ASN1_PRINT_ARG_st ASN1_PRINT_ARG;
struct ASN1_STREAM_ARG_st {
BIO *out;
BIO *ndef_bio;
unsigned char **boundary;
};
typedef struct ASN1_STREAM_ARG_st ASN1_STREAM_ARG;
typedef int ASN1_aux_cb(int operation, ASN1_VALUE **in, const ASN1_ITEM *it,
void *exarg);
typedef int ASN1_aux_const_cb(int operation, const ASN1_VALUE **in,
const ASN1_ITEM *it, void *exarg);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>ASN.1 data structures can be associated with an <b>ASN1_AUX</b> object to supply additional information about the ASN.1 structure. An <b>ASN1_AUX</b> structure is associated with the structure during the definition of the ASN.1 template. For example an <b>ASN1_AUX</b> structure will be associated by using one of the various ASN.1 template definition macros that supply auxiliary information such as ASN1_SEQUENCE_enc(), ASN1_SEQUENCE_ref(), ASN1_SEQUENCE_cb_const_cb(), ASN1_SEQUENCE_const_cb(), ASN1_SEQUENCE_cb() or ASN1_NDEF_SEQUENCE_cb().</p>
<p>An <b>ASN1_AUX</b> structure contains the following information.</p>
<dl>
<dt id="app_data"><i>app_data</i></dt>
<dd>
<p>Arbitrary application data</p>
</dd>
<dt id="flags"><i>flags</i></dt>
<dd>
<p>Flags which indicate the auxiliarly functionality supported.</p>
<p>The <b>ASN1_AFLG_REFCOUNT</b> flag indicates that objects support reference counting.</p>
<p>The <b>ASN1_AFLG_ENCODING</b> flag indicates that the original encoding of the object will be saved.</p>
<p>The <b>ASN1_AFLG_BROKEN</b> flag is a work around for broken encoders where the sequence length value may not be correct. This should generally not be used.</p>
<p>The <b>ASN1_AFLG_CONST_CB</b> flag indicates that the &quot;const&quot; form of the <b>ASN1_AUX</b> callback should be used in preference to the non-const form.</p>
</dd>
<dt id="ref_offset"><i>ref_offset</i></dt>
<dd>
<p>If the <b>ASN1_AFLG_REFCOUNT</b> flag is set then this value is assumed to be an offset into the <b>ASN1_VALUE</b> structure where a <b>CRYPTO_REF_COUNT</b> may be found for the purposes of reference counting.</p>
</dd>
<dt id="ref_lock"><i>ref_lock</i></dt>
<dd>
<p>If the <b>ASN1_AFLG_REFCOUNT</b> flag is set then this value is assumed to be an offset into the <b>ASN1_VALUE</b> structure where a <b>CRYPTO_RWLOCK</b> may be found for the purposes of reference counting.</p>
</dd>
<dt id="asn1_cb"><i>asn1_cb</i></dt>
<dd>
<p>A callback that will be invoked at various points during the processing of the <b>ASN1_VALUE</b>. See below for further details.</p>
</dd>
<dt id="enc_offset"><i>enc_offset</i></dt>
<dd>
<p>Offset into the <b>ASN1_VALUE</b> object where the original encoding of the object will be saved if the <b>ASN1_AFLG_ENCODING</b> flag has been set.</p>
</dd>
<dt id="asn1_const_cb"><i>asn1_const_cb</i></dt>
<dd>
<p>A callback that will be invoked at various points during the processing of the <b>ASN1_VALUE</b>. This is used in preference to the <i>asn1_cb</i> callback if the <b>ASN1_AFLG_CONST_CB</b> flag is set. See below for further details.</p>
</dd>
</dl>
<p>During the processing of an <b>ASN1_VALUE</b> object the callbacks set via <i>asn1_cb</i> or <i>asn1_const_cb</i> will be invoked as a result of various events indicated via the <i>operation</i> parameter. The value of <i>*in</i> will be the <b>ASN1_VALUE</b> object being processed based on the template in <i>it</i>. An additional operation specific parameter may be passed in <i>exarg</i>. The currently supported operations are as follows. The callbacks should return a positive value on success or zero on error, unless otherwise noted below.</p>
<dl>
<dt id="ASN1_OP_NEW_PRE"><b>ASN1_OP_NEW_PRE</b></dt>
<dd>
<p>Invoked when processing a <b>CHOICE</b>, <b>SEQUENCE</b> or <b>NDEF_SEQUENCE</b> structure prior to an <b>ASN1_VALUE</b> object being allocated. The callback may allocate the <b>ASN1_VALUE</b> itself and store it in <i>*pval</i>. If it does so it should return 2 from the callback. On error it should return 0.</p>
</dd>
<dt id="ASN1_OP_NEW_POST"><b>ASN1_OP_NEW_POST</b></dt>
<dd>
<p>Invoked when processing a <b>CHOICE</b>, <b>SEQUENCE</b> or <b>NDEF_SEQUENCE</b> structure after an <b>ASN1_VALUE</b> object has been allocated. The allocated object is in <i>*pval</i>.</p>
</dd>
<dt id="ASN1_OP_FREE_PRE"><b>ASN1_OP_FREE_PRE</b></dt>
<dd>
<p>Invoked when processing a <b>CHOICE</b>, <b>SEQUENCE</b> or <b>NDEF_SEQUENCE</b> structure immediately before an <b>ASN1_VALUE</b> is freed. If the callback originally constructed the <b>ASN1_VALUE</b> via <b>ASN1_OP_NEW_PRE</b> then it should free it at this point and return 2 from the callback. Otherwise it should return 1 for success or 0 on error.</p>
</dd>
<dt id="ASN1_OP_FREE_POST"><b>ASN1_OP_FREE_POST</b></dt>
<dd>
<p>Invoked when processing a <b>CHOICE</b>, <b>SEQUENCE</b> or <b>NDEF_SEQUENCE</b> structure immediately after <b>ASN1_VALUE</b> sub-structures are freed.</p>
</dd>
<dt id="ASN1_OP_D2I_PRE"><b>ASN1_OP_D2I_PRE</b></dt>
<dd>
<p>Invoked when processing a <b>CHOICE</b>, <b>SEQUENCE</b> or <b>NDEF_SEQUENCE</b> structure immediately before a &quot;d2i&quot; operation for the <b>ASN1_VALUE</b>.</p>
</dd>
<dt id="ASN1_OP_D2I_POST"><b>ASN1_OP_D2I_POST</b></dt>
<dd>
<p>Invoked when processing a <b>CHOICE</b>, <b>SEQUENCE</b> or <b>NDEF_SEQUENCE</b> structure immediately after a &quot;d2i&quot; operation for the <b>ASN1_VALUE</b>.</p>
</dd>
<dt id="ASN1_OP_I2D_PRE"><b>ASN1_OP_I2D_PRE</b></dt>
<dd>
<p>Invoked when processing a <b>CHOICE</b>, <b>SEQUENCE</b> or <b>NDEF_SEQUENCE</b> structure immediately before a &quot;i2d&quot; operation for the <b>ASN1_VALUE</b>.</p>
</dd>
<dt id="ASN1_OP_I2D_POST"><b>ASN1_OP_I2D_POST</b></dt>
<dd>
<p>Invoked when processing a <b>CHOICE</b>, <b>SEQUENCE</b> or <b>NDEF_SEQUENCE</b> structure immediately after a &quot;i2d&quot; operation for the <b>ASN1_VALUE</b>.</p>
</dd>
<dt id="ASN1_OP_PRINT_PRE"><b>ASN1_OP_PRINT_PRE</b></dt>
<dd>
<p>Invoked when processing a <b>SEQUENCE</b> or <b>NDEF_SEQUENCE</b> structure immediately before printing the <b>ASN1_VALUE</b>. The <i>exarg</i> argument will be a pointer to an <b>ASN1_PRINT_ARG</b> structure (see below).</p>
</dd>
<dt id="ASN1_OP_PRINT_POST"><b>ASN1_OP_PRINT_POST</b></dt>
<dd>
<p>Invoked when processing a <b>SEQUENCE</b> or <b>NDEF_SEQUENCE</b> structure immediately after printing the <b>ASN1_VALUE</b>. The <i>exarg</i> argument will be a pointer to an <b>ASN1_PRINT_ARG</b> structure (see below).</p>
</dd>
<dt id="ASN1_OP_STREAM_PRE"><b>ASN1_OP_STREAM_PRE</b></dt>
<dd>
<p>Invoked immediately prior to streaming the <b>ASN1_VALUE</b> data using indefinite length encoding. The <i>exarg</i> argument will be a pointer to a <b>ASN1_STREAM_ARG</b> structure (see below).</p>
</dd>
<dt id="ASN1_OP_STREAM_POST"><b>ASN1_OP_STREAM_POST</b></dt>
<dd>
<p>Invoked immediately after streaming the <b>ASN1_VALUE</b> data using indefinite length encoding. The <i>exarg</i> argument will be a pointer to a <b>ASN1_STREAM_ARG</b> structure (see below).</p>
</dd>
<dt id="ASN1_OP_DETACHED_PRE"><b>ASN1_OP_DETACHED_PRE</b></dt>
<dd>
<p>Invoked immediately prior to processing the <b>ASN1_VALUE</b> data as a &quot;detached&quot; value (as used in CMS and PKCS7). The <i>exarg</i> argument will be a pointer to a <b>ASN1_STREAM_ARG</b> structure (see below).</p>
</dd>
<dt id="ASN1_OP_DETACHED_POST"><b>ASN1_OP_DETACHED_POST</b></dt>
<dd>
<p>Invoked immediately after processing the <b>ASN1_VALUE</b> data as a &quot;detached&quot; value (as used in CMS and PKCS7). The <i>exarg</i> argument will be a pointer to a <b>ASN1_STREAM_ARG</b> structure (see below).</p>
</dd>
<dt id="ASN1_OP_DUP_PRE"><b>ASN1_OP_DUP_PRE</b></dt>
<dd>
<p>Invoked immediate prior to an ASN1_VALUE being duplicated via a call to ASN1_item_dup().</p>
</dd>
<dt id="ASN1_OP_DUP_POST"><b>ASN1_OP_DUP_POST</b></dt>
<dd>
<p>Invoked immediate after to an ASN1_VALUE has been duplicated via a call to ASN1_item_dup().</p>
</dd>
<dt id="ASN1_OP_GET0_LIBCTX"><b>ASN1_OP_GET0_LIBCTX</b></dt>
<dd>
<p>Invoked in order to obtain the <b>OSSL_LIB_CTX</b> associated with an <b>ASN1_VALUE</b> if any. A pointer to an <b>OSSL_LIB_CTX</b> should be stored in <i>*exarg</i> if such a value exists.</p>
</dd>
<dt id="ASN1_OP_GET0_PROPQ"><b>ASN1_OP_GET0_PROPQ</b></dt>
<dd>
<p>Invoked in order to obtain the property query string associated with an <b>ASN1_VALUE</b> if any. A pointer to the property query string should be stored in <i>*exarg</i> if such a value exists.</p>
</dd>
</dl>
<p>An <b>ASN1_PRINT_ARG</b> object is used during processing of <b>ASN1_OP_PRINT_PRE</b> and <b>ASN1_OP_PRINT_POST</b> callback operations. It contains the following information.</p>
<dl>
<dt id="out"><i>out</i></dt>
<dd>
<p>The <b>BIO</b> being used to print the data out.</p>
</dd>
<dt id="ndef_bio"><i>ndef_bio</i></dt>
<dd>
<p>The current number of indent spaces that should be used for printing this data.</p>
</dd>
<dt id="pctx"><i>pctx</i></dt>
<dd>
<p>The context for the <b>ASN1_PCTX</b> operation.</p>
</dd>
</dl>
<p>An <b>ASN1_STREAM_ARG</b> object is used during processing of <b>ASN1_OP_STREAM_PRE</b>, <b>ASN1_OP_STREAM_POST</b>, <b>ASN1_OP_DETACHED_PRE</b> and <b>ASN1_OP_DETACHED_POST</b> callback operations. It contains the following information.</p>
<dl>
<dt id="out1"><i>out</i></dt>
<dd>
<p>The <b>BIO</b> to stream through</p>
</dd>
<dt id="ndef_bio1"><i>ndef_bio</i></dt>
<dd>
<p>The <b>BIO</b> with filters appended</p>
</dd>
<dt id="boundary"><i>boundary</i></dt>
<dd>
<p>The streaming I/O boundary.</p>
</dd>
</dl>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>The callbacks return 0 on error and a positive value on success. Some operations require specific positive success values as noted above.</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/ASN1_item_new_ex.html">ASN1_item_new_ex(3)</a></p>
<h1 id="HISTORY">HISTORY</h1>
<p>The ASN1_aux_const_cb() callback and the <b>ASN1_OP_GET0_LIBCTX</b> and <b>ASN1_OP_GET0_PROPQ</b> operation types were added in OpenSSL 3.0.</p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2021-2025 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

274
openssl-3.4.2/doc/html/man3/ASN1_generate_nconf.html
View File

@@ -1,274 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>ASN1_generate_nconf</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#GENERATION-STRING-FORMAT">GENERATION STRING FORMAT</a>
<ul>
<li><a href="#Supported-Types">Supported Types</a></li>
<li><a href="#Modifiers">Modifiers</a></li>
</ul>
</li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#EXAMPLES">EXAMPLES</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>ASN1_generate_nconf, ASN1_generate_v3 - ASN1 string generation functions</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/asn1.h&gt;
ASN1_TYPE *ASN1_generate_nconf(const char *str, CONF *nconf);
ASN1_TYPE *ASN1_generate_v3(const char *str, X509V3_CTX *cnf);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>These functions generate the ASN1 encoding of a string in an <b>ASN1_TYPE</b> structure.</p>
<p><i>str</i> contains the string to encode. <i>nconf</i> or <i>cnf</i> contains the optional configuration information where additional strings will be read from. <i>nconf</i> will typically come from a config file whereas <i>cnf</i> is obtained from an <b>X509V3_CTX</b> structure, which will typically be used by X509 v3 certificate extension functions. <i>cnf</i> or <i>nconf</i> can be set to NULL if no additional configuration will be used.</p>
<h1 id="GENERATION-STRING-FORMAT">GENERATION STRING FORMAT</h1>
<p>The actual data encoded is determined by the string <i>str</i> and the configuration information. The general format of the string is:</p>
<dl>
<dt id="modifier-type-:value">[<i>modifier</i>,]<i>type</i>[:<i>value</i>]</dt>
<dd>
</dd>
</dl>
<p>That is zero or more comma separated modifiers followed by a type followed by an optional colon and a value. The formats of <i>type</i>, <i>value</i> and <i>modifier</i> are explained below.</p>
<h2 id="Supported-Types">Supported Types</h2>
<p>The supported types are listed below. Case is not significant in the type names. Unless otherwise specified only the <b>ASCII</b> format is permissible.</p>
<dl>
<dt id="BOOLEAN-BOOL"><b>BOOLEAN</b>, <b>BOOL</b></dt>
<dd>
<p>This encodes a boolean type. The <i>value</i> string is mandatory and should be <b>TRUE</b> or <b>FALSE</b>. Additionally <b>TRUE</b>, <b>true</b>, <b>Y</b>, <b>y</b>, <b>YES</b>, <b>yes</b>, <b>FALSE</b>, <b>false</b>, <b>N</b>, <b>n</b>, <b>NO</b> and <b>no</b> are acceptable.</p>
</dd>
<dt id="NULL"><b>NULL</b></dt>
<dd>
<p>Encode the <b>NULL</b> type, the <i>value</i> string must not be present.</p>
</dd>
<dt id="INTEGER-INT"><b>INTEGER</b>, <b>INT</b></dt>
<dd>
<p>Encodes an ASN1 <b>INTEGER</b> type. The <i>value</i> string represents the value of the integer, it can be prefaced by a minus sign and is normally interpreted as a decimal value unless the prefix <b>0x</b> is included.</p>
</dd>
<dt id="ENUMERATED-ENUM"><b>ENUMERATED</b>, <b>ENUM</b></dt>
<dd>
<p>Encodes the ASN1 <b>ENUMERATED</b> type, it is otherwise identical to <b>INTEGER</b>.</p>
</dd>
<dt id="OBJECT-OID"><b>OBJECT</b>, <b>OID</b></dt>
<dd>
<p>Encodes an ASN1 <b>OBJECT IDENTIFIER</b>, the <i>value</i> string can be a short name, a long name or numerical format.</p>
</dd>
<dt id="UTCTIME-UTC"><b>UTCTIME</b>, <b>UTC</b></dt>
<dd>
<p>Encodes an ASN1 <b>UTCTime</b> structure, the value should be in the format <b>YYMMDDHHMMSSZ</b>.</p>
</dd>
<dt id="GENERALIZEDTIME-GENTIME"><b>GENERALIZEDTIME</b>, <b>GENTIME</b></dt>
<dd>
<p>Encodes an ASN1 <b>GeneralizedTime</b> structure, the value should be in the format <b>YYYYMMDDHHMMSSZ</b>.</p>
</dd>
<dt id="OCTETSTRING-OCT"><b>OCTETSTRING</b>, <b>OCT</b></dt>
<dd>
<p>Encodes an ASN1 <b>OCTET STRING</b>. <i>value</i> represents the contents of this structure, the format strings <b>ASCII</b> and <b>HEX</b> can be used to specify the format of <i>value</i>.</p>
</dd>
<dt id="BITSTRING-BITSTR"><b>BITSTRING</b>, <b>BITSTR</b></dt>
<dd>
<p>Encodes an ASN1 <b>BIT STRING</b>. <i>value</i> represents the contents of this structure, the format strings <b>ASCII</b>, <b>HEX</b> and <b>BITLIST</b> can be used to specify the format of <i>value</i>.</p>
<p>If the format is anything other than <b>BITLIST</b> the number of unused bits is set to zero.</p>
</dd>
<dt id="UNIVERSALSTRING-UNIV-IA5-IA5STRING-UTF8-UTF8String-BMP-BMPSTRING-VISIBLESTRING-VISIBLE-PRINTABLESTRING-PRINTABLE-T61-T61STRING-TELETEXSTRING-GeneralString-NUMERICSTRING-NUMERIC"><b>UNIVERSALSTRING</b>, <b>UNIV</b>, <b>IA5</b>, <b>IA5STRING</b>, <b>UTF8</b>, <b>UTF8String</b>, <b>BMP</b>, <b>BMPSTRING</b>, <b>VISIBLESTRING</b>, <b>VISIBLE</b>, <b>PRINTABLESTRING</b>, <b>PRINTABLE</b>, <b>T61</b>, <b>T61STRING</b>, <b>TELETEXSTRING</b>, <b>GeneralString</b>, <b>NUMERICSTRING</b>, <b>NUMERIC</b></dt>
<dd>
<p>These encode the corresponding string types. <i>value</i> represents the contents of this structure. The format can be <b>ASCII</b> or <b>UTF8</b>.</p>
</dd>
<dt id="SEQUENCE-SEQ-SET"><b>SEQUENCE</b>, <b>SEQ</b>, <b>SET</b></dt>
<dd>
<p>Formats the result as an ASN1 <b>SEQUENCE</b> or <b>SET</b> type. <i>value</i> should be a section name which will contain the contents. The field names in the section are ignored and the values are in the generated string format. If <i>value</i> is absent then an empty SEQUENCE will be encoded.</p>
</dd>
</dl>
<h2 id="Modifiers">Modifiers</h2>
<p>Modifiers affect the following structure, they can be used to add EXPLICIT or IMPLICIT tagging, add wrappers or to change the string format of the final type and value. The supported formats are documented below.</p>
<dl>
<dt id="EXPLICIT-EXP"><b>EXPLICIT</b>, <b>EXP</b></dt>
<dd>
<p>Add an explicit tag to the following structure. This string should be followed by a colon and the tag value to use as a decimal value.</p>
<p>By following the number with <b>U</b>, <b>A</b>, <b>P</b> or <b>C</b> UNIVERSAL, APPLICATION, PRIVATE or CONTEXT SPECIFIC tagging can be used, the default is CONTEXT SPECIFIC.</p>
</dd>
<dt id="IMPLICIT-IMP"><b>IMPLICIT</b>, <b>IMP</b></dt>
<dd>
<p>This is the same as <b>EXPLICIT</b> except IMPLICIT tagging is used instead.</p>
</dd>
<dt id="OCTWRAP-SEQWRAP-SETWRAP-BITWRAP"><b>OCTWRAP</b>, <b>SEQWRAP</b>, <b>SETWRAP</b>, <b>BITWRAP</b></dt>
<dd>
<p>The following structure is surrounded by an OCTET STRING, a SEQUENCE, a SET or a BIT STRING respectively. For a BIT STRING the number of unused bits is set to zero.</p>
</dd>
<dt id="FORMAT"><b>FORMAT</b></dt>
<dd>
<p>This specifies the format of the ultimate value. It should be followed by a colon and one of the strings <b>ASCII</b>, <b>UTF8</b>, <b>HEX</b> or <b>BITLIST</b>.</p>
<p>If no format specifier is included then <b>ASCII</b> is used. If <b>UTF8</b> is specified then the value string must be a valid <b>UTF8</b> string. For <b>HEX</b> the output must be a set of hex digits. <b>BITLIST</b> (which is only valid for a BIT STRING) is a comma separated list of the indices of the set bits, all other bits are zero.</p>
</dd>
</dl>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>ASN1_generate_nconf() and ASN1_generate_v3() return the encoded data as an <b>ASN1_TYPE</b> structure or NULL if an error occurred.</p>
<p>The error codes that can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
<h1 id="EXAMPLES">EXAMPLES</h1>
<p>A simple IA5String:</p>
<pre><code>IA5STRING:Hello World</code></pre>
<p>An IA5String explicitly tagged:</p>
<pre><code>EXPLICIT:0,IA5STRING:Hello World</code></pre>
<p>An IA5String explicitly tagged using APPLICATION tagging:</p>
<pre><code>EXPLICIT:0A,IA5STRING:Hello World</code></pre>
<p>A BITSTRING with bits 1 and 5 set and all others zero:</p>
<pre><code>FORMAT:BITLIST,BITSTRING:1,5</code></pre>
<p>A more complex example using a config file to produce a SEQUENCE consisting of a BOOL an OID and a UTF8String:</p>
<pre><code>asn1 = SEQUENCE:seq_section
[seq_section]
field1 = BOOLEAN:TRUE
field2 = OID:commonName
field3 = UTF8:Third field</code></pre>
<p>This example produces an RSAPrivateKey structure, this is the key contained in the file client.pem in all OpenSSL distributions (note: the field names such as &#39;coeff&#39; are ignored and are present just for clarity):</p>
<pre><code>asn1=SEQUENCE:private_key
[private_key]
version=INTEGER:0
n=INTEGER:0xBB6FE79432CC6EA2D8F970675A5A87BFBE1AFF0BE63E879F2AFFB93644\
D4D2C6D000430DEC66ABF47829E74B8C5108623A1C0EE8BE217B3AD8D36D5EB4FCA1D9
e=INTEGER:0x010001
d=INTEGER:0x6F05EAD2F27FFAEC84BEC360C4B928FD5F3A9865D0FCAAD291E2A52F4A\
F810DC6373278C006A0ABBA27DC8C63BF97F7E666E27C5284D7D3B1FFFE16B7A87B51D
p=INTEGER:0xF3929B9435608F8A22C208D86795271D54EBDFB09DDEF539AB083DA912\
D4BD57
q=INTEGER:0xC50016F89DFF2561347ED1186A46E150E28BF2D0F539A1594BBD7FE467\
46EC4F
exp1=INTEGER:0x9E7D4326C924AFC1DEA40B45650134966D6F9DFA3A7F9D698CD4ABEA\
9C0A39B9
exp2=INTEGER:0xBA84003BB95355AFB7C50DF140C60513D0BA51D637272E355E397779\
E7B2458F
coeff=INTEGER:0x30B9E4F2AFA5AC679F920FC83F1F2DF1BAF1779CF989447FABC2F5\
628657053A</code></pre>
<p>This example is the corresponding public key in a SubjectPublicKeyInfo structure:</p>
<pre><code># Start with a SEQUENCE
asn1=SEQUENCE:pubkeyinfo
# pubkeyinfo contains an algorithm identifier and the public key wrapped
# in a BIT STRING
[pubkeyinfo]
algorithm=SEQUENCE:rsa_alg
pubkey=BITWRAP,SEQUENCE:rsapubkey
# algorithm ID for RSA is just an OID and a NULL
[rsa_alg]
algorithm=OID:rsaEncryption
parameter=NULL
# Actual public key: modulus and exponent
[rsapubkey]
n=INTEGER:0xBB6FE79432CC6EA2D8F970675A5A87BFBE1AFF0BE63E879F2AFFB93644\
D4D2C6D000430DEC66ABF47829E74B8C5108623A1C0EE8BE217B3AD8D36D5EB4FCA1D9
e=INTEGER:0x010001</code></pre>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2002-2021 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

101
openssl-3.4.2/doc/html/man3/ASN1_item_d2i_bio.html
View File

@@ -1,101 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>ASN1_item_d2i_bio</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#HISTORY">HISTORY</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>ASN1_item_d2i_ex, ASN1_item_d2i, ASN1_item_d2i_bio_ex, ASN1_item_d2i_bio, ASN1_item_d2i_fp_ex, ASN1_item_d2i_fp, ASN1_item_i2d_mem_bio, ASN1_item_pack, ASN1_item_unpack_ex, ASN1_item_unpack - decode and encode DER-encoded ASN.1 structures</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/asn1.h&gt;
ASN1_VALUE *ASN1_item_d2i_ex(ASN1_VALUE **pval, const unsigned char **in,
long len, const ASN1_ITEM *it,
OSSL_LIB_CTX *libctx, const char *propq);
ASN1_VALUE *ASN1_item_d2i(ASN1_VALUE **pval, const unsigned char **in,
long len, const ASN1_ITEM *it);
void *ASN1_item_d2i_bio_ex(const ASN1_ITEM *it, BIO *in, void *x,
OSSL_LIB_CTX *libctx, const char *propq);
void *ASN1_item_d2i_bio(const ASN1_ITEM *it, BIO *in, void *x);
void *ASN1_item_d2i_fp_ex(const ASN1_ITEM *it, FILE *in, void *x,
OSSL_LIB_CTX *libctx, const char *propq);
void *ASN1_item_d2i_fp(const ASN1_ITEM *it, FILE *in, void *x);
BIO *ASN1_item_i2d_mem_bio(const ASN1_ITEM *it, const ASN1_VALUE *val);
ASN1_STRING *ASN1_item_pack(void *obj, const ASN1_ITEM *it, ASN1_STRING **oct);
void *ASN1_item_unpack(const ASN1_STRING *oct, const ASN1_ITEM *it);
void *ASN1_item_unpack_ex(const ASN1_STRING *oct, const ASN1_ITEM *it,
OSSL_LIB_CTX *libctx, const char *propq);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>ASN1_item_d2i_ex() decodes the contents of the data stored in <i>*in</i> of length <i>len</i> which must be a DER-encoded ASN.1 structure, using the ASN.1 template <i>it</i>. It places the result in <i>*pval</i> unless <i>pval</i> is NULL. If <i>*pval</i> is non-NULL on entry then the <b>ASN1_VALUE</b> present there will be reused. Otherwise a new <b>ASN1_VALUE</b> will be allocated. If any algorithm fetches are required during the process then they will use the <b>OSSL_LIB_CTX</b>provided in the <i>libctx</i> parameter and the property query string in <i>propq</i>. See <a href="../man7/crypto.html">&quot;ALGORITHM FETCHING&quot; in crypto(7)</a> for more information about algorithm fetching. On exit <i>*in</i> will be updated to point to the next byte in the buffer after the decoded structure.</p>
<p>ASN1_item_d2i() is the same as ASN1_item_d2i_ex() except that the default OSSL_LIB_CTX is used (i.e. NULL) and with a NULL property query string.</p>
<p>ASN1_item_d2i_bio_ex() decodes the contents of its input BIO <i>in</i>, which must be a DER-encoded ASN.1 structure, using the ASN.1 template <i>it</i> and places the result in <i>*pval</i> unless <i>pval</i> is NULL. If <i>in</i> is NULL it returns NULL, else a pointer to the parsed structure. If any algorithm fetches are required during the process then they will use the <b>OSSL_LIB_CTX</b> provided in the <i>libctx</i> parameter and the property query string in <i>propq</i>. See <a href="../man7/crypto.html">&quot;ALGORITHM FETCHING&quot; in crypto(7)</a> for more information about algorithm fetching.</p>
<p>ASN1_item_d2i_bio() is the same as ASN1_item_d2i_bio_ex() except that the default <b>OSSL_LIB_CTX</b> is used (i.e. NULL) and with a NULL property query string.</p>
<p>ASN1_item_d2i_fp_ex() is the same as ASN1_item_d2i_bio_ex() except that a FILE pointer is provided instead of a BIO.</p>
<p>ASN1_item_d2i_fp() is the same as ASN1_item_d2i_fp_ex() except that the default <b>OSSL_LIB_CTX</b> is used (i.e. NULL) and with a NULL property query string.</p>
<p>ASN1_item_i2d_mem_bio() encodes the given ASN.1 value <i>val</i> using the ASN.1 template <i>it</i> and returns the result in a memory BIO.</p>
<p>ASN1_item_pack() encodes the given ASN.1 value in <i>obj</i> using the ASN.1 template <i>it</i> and returns an <b>ASN1_STRING</b> object. If the passed in <i>*oct</i> is not NULL then this is used to store the returned result, otherwise a new <b>ASN1_STRING</b> object is created. If <i>oct</i> is not NULL and <i>*oct</i> is NULL then the returned return is also set into <i>*oct</i>. If there is an error the optional passed in <b>ASN1_STRING</b> will not be freed, but the previous value may be cleared when ASN1_STRING_set0(*oct, NULL, 0) is called internally.</p>
<p>ASN1_item_unpack() uses ASN1_item_d2i() to decode the DER-encoded <b>ASN1_STRING</b> <i>oct</i> using the ASN.1 template <i>it</i>.</p>
<p>ASN1_item_unpack_ex() is similar to ASN1_item_unpack(), but uses ASN1_item_d2i_ex() so that the <i>libctx</i> and <i>propq</i> can be used when doing algorithm fetching.</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>ASN1_item_d2i_bio(), ASN1_item_unpack_ex() and ASN1_item_unpack() return a pointer to an <b>ASN1_VALUE</b> or NULL on error.</p>
<p>ASN1_item_i2d_mem_bio() returns a pointer to a memory BIO or NULL on error.</p>
<p>ASN1_item_pack() returns a pointer to an <b>ASN1_STRING</b> or NULL on error.</p>
<h1 id="HISTORY">HISTORY</h1>
<p>The functions ASN1_item_d2i_ex(), ASN1_item_d2i_bio_ex(), ASN1_item_d2i_fp_ex() and ASN1_item_i2d_mem_bio() were added in OpenSSL 3.0.</p>
<p>The function ASN1_item_unpack_ex() was added in OpenSSL 3.2.</p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2021-2023 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

60
openssl-3.4.2/doc/html/man3/ASN1_item_new.html
View File

@@ -1,60 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>ASN1_item_new</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#HISTORY">HISTORY</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>ASN1_item_new_ex, ASN1_item_new - create new ASN.1 values</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/asn1.h&gt;
ASN1_VALUE *ASN1_item_new_ex(const ASN1_ITEM *it, OSSL_LIB_CTX *libctx,
const char *propq);
ASN1_VALUE *ASN1_item_new(const ASN1_ITEM *it);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>ASN1_item_new_ex() creates a new <b>ASN1_VALUE</b> structure based on the <b>ASN1_ITEM</b> template given in the <i>it</i> parameter. If any algorithm fetches are required during the process then they will use the <b>OSSL_LIB_CTX</b> provided in the <i>libctx</i> parameter and the property query string in <i>propq</i>. See <a href="../man7/crypto.html">&quot;ALGORITHM FETCHING&quot; in crypto(7)</a> for more information about algorithm fetching.</p>
<p>ASN1_item_new() is the same as ASN1_item_new_ex() except that the default <b>OSSL_LIB_CTX</b> is used (i.e. NULL) and with a NULL property query string.</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>ASN1_item_new_ex() and ASN1_item_new() return a pointer to the newly created <b>ASN1_VALUE</b> or NULL on error.</p>
<h1 id="HISTORY">HISTORY</h1>
<p>The function ASN1_item_new_ex() was added in OpenSSL 3.0.</p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2021 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

212
openssl-3.4.2/doc/html/man3/ASN1_item_sign.html
View File

@@ -1,212 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>ASN1_item_sign</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#EXAMPLES">EXAMPLES</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#HISTORY">HISTORY</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>ASN1_item_sign, ASN1_item_sign_ex, ASN1_item_sign_ctx, ASN1_item_verify, ASN1_item_verify_ex, ASN1_item_verify_ctx - ASN1 sign and verify</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/x509.h&gt;
int ASN1_item_sign_ex(const ASN1_ITEM *it, X509_ALGOR *algor1,
X509_ALGOR *algor2, ASN1_BIT_STRING *signature,
const void *data, const ASN1_OCTET_STRING *id,
EVP_PKEY *pkey, const EVP_MD *md, OSSL_LIB_CTX *libctx,
const char *propq);
int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2,
ASN1_BIT_STRING *signature, const void *data,
EVP_PKEY *pkey, const EVP_MD *md);
int ASN1_item_sign_ctx(const ASN1_ITEM *it, X509_ALGOR *algor1,
X509_ALGOR *algor2, ASN1_BIT_STRING *signature,
const void *data, EVP_MD_CTX *ctx);
int ASN1_item_verify_ex(const ASN1_ITEM *it, const X509_ALGOR *alg,
const ASN1_BIT_STRING *signature, const void *data,
const ASN1_OCTET_STRING *id, EVP_PKEY *pkey,
OSSL_LIB_CTX *libctx, const char *propq);
int ASN1_item_verify(const ASN1_ITEM *it, const X509_ALGOR *alg,
const ASN1_BIT_STRING *signature, const void *data,
EVP_PKEY *pkey);
int ASN1_item_verify_ctx(const ASN1_ITEM *it, const X509_ALGOR *alg,
const ASN1_BIT_STRING *signature, const void *data,
EVP_MD_CTX *ctx);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>ASN1_item_sign_ex() is used to sign arbitrary ASN1 data using a data object <i>data</i>, the ASN.1 structure <i>it</i>, private key <i>pkey</i> and message digest <i>md</i>. The data that is signed is formed by taking the data object in <i>data</i> and converting it to der format using the ASN.1 structure <i>it</i>. The <i>data</i> that will be signed, and a structure containing the signature may both have a copy of the <b>X509_ALGOR</b>. The ASN1_item_sign_ex() function will write the correct <b>X509_ALGOR</b> to the structs based on the algorithms and parameters that have been set up. If one of <i>algor1</i> or <i>algor2</i> points to the <b>X509_ALGOR</b> of the <i>data</i> to be signed, then that <b>X509_ALGOR</b> will first be written before the signature is generated. Examples of valid values that can be used by the ASN.1 structure <i>it</i> are ASN1_ITEM_rptr(X509_CINF), ASN1_ITEM_rptr(X509_REQ_INFO) and ASN1_ITEM_rptr(X509_CRL_INFO). The <b>OSSL_LIB_CTX</b> specified in <i>libctx</i> and the property query string specified in <i>props</i> are used when searching for algorithms in providers. The generated signature is set into <i>signature</i>. The optional parameter <i>id</i> can be NULL, but can be set for special key types. See EVP_PKEY_CTX_set1_id() for further info. The output parameters &lt;algor1&gt; and <i>algor2</i> are ignored if they are NULL.</p>
<p>ASN1_item_sign() is similar to ASN1_item_sign_ex() but uses default values of NULL for the <i>id</i>, <i>libctx</i> and <i>propq</i>.</p>
<p>ASN1_item_sign_ctx() is similar to ASN1_item_sign() but uses the parameters contained in digest context <i>ctx</i>.</p>
<p>ASN1_item_verify_ex() is used to verify the signature <i>signature</i> of internal data <i>data</i> using the public key <i>pkey</i> and algorithm identifier <i>alg</i>. The data that is verified is formed by taking the data object in <i>data</i> and converting it to der format using the ASN.1 structure <i>it</i>. The <b>OSSL_LIB_CTX</b> specified in <i>libctx</i> and the property query string specified in <i>props</i> are used when searching for algorithms in providers. The optional parameter <i>id</i> can be NULL, but can be set for special key types. See EVP_PKEY_CTX_set1_id() for further info.</p>
<p>ASN1_item_verify() is similar to ASN1_item_verify_ex() but uses default values of NULL for the <i>id</i>, <i>libctx</i> and <i>propq</i>.</p>
<p>ASN1_item_verify_ctx() is similar to ASN1_item_verify() but uses the parameters contained in digest context <i>ctx</i>.</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>All sign functions return the size of the signature in bytes for success and zero for failure.</p>
<p>All verify functions return 1 if the signature is valid and 0 if the signature check fails. If the signature could not be checked at all because it was ill-formed or some other error occurred then -1 is returned.</p>
<h1 id="EXAMPLES">EXAMPLES</h1>
<p>In the following example a &#39;MyObject&#39; object is signed using the key contained in an EVP_MD_CTX. The signature is written to MyObject.signature. The object is then output in DER format and then loaded back in and verified.</p>
<pre><code> #include &lt;openssl/x509.h&gt;
#include &lt;openssl/asn1t.h&gt;
/* An object used to store the ASN1 data fields that will be signed */
typedef struct MySignInfoObject_st
{
ASN1_INTEGER *version;
X509_ALGOR sig_alg;
} MySignInfoObject;
DECLARE_ASN1_FUNCTIONS(MySignInfoObject)
/*
* A higher level object containing the ASN1 fields, signature alg and
* output signature.
*/
typedef struct MyObject_st
{
MySignInfoObject info;
X509_ALGOR sig_alg;
ASN1_BIT_STRING *signature;
} MyObject;
DECLARE_ASN1_FUNCTIONS(MyObject)
/* The ASN1 definition of MySignInfoObject */
ASN1_SEQUENCE_cb(MySignInfoObject, NULL) = {
ASN1_SIMPLE(MySignInfoObject, version, ASN1_INTEGER)
ASN1_EMBED(MySignInfoObject, sig_alg, X509_ALGOR),
} ASN1_SEQUENCE_END_cb(MySignInfoObject, MySignInfoObject)
/* new, free, d2i &amp; i2d functions for MySignInfoObject */
IMPLEMENT_ASN1_FUNCTIONS(MySignInfoObject)
/* The ASN1 definition of MyObject */
ASN1_SEQUENCE_cb(MyObject, NULL) = {
ASN1_EMBED(MyObject, info, MySignInfoObject),
ASN1_EMBED(MyObject, sig_alg, X509_ALGOR),
ASN1_SIMPLE(MyObject, signature, ASN1_BIT_STRING)
} ASN1_SEQUENCE_END_cb(MyObject, MyObject)
/* new, free, d2i &amp; i2d functions for MyObject */
IMPLEMENT_ASN1_FUNCTIONS(MyObject)
int test_asn1_item_sign_verify(const char *mdname, EVP_PKEY *pkey, long version)
{
int ret = 0;
unsigned char *obj_der = NULL;
const unsigned char *p = NULL;
MyObject *obj = NULL, *loaded_obj = NULL;
const ASN1_ITEM *it = ASN1_ITEM_rptr(MySignInfoObject);
EVP_MD_CTX *sctx = NULL, *vctx = NULL;
int len;
/* Create MyObject and set its version */
obj = MyObject_new();
if (obj == NULL)
goto err;
if (!ASN1_INTEGER_set(obj-&gt;info.version, version))
goto err;
/* Set the key and digest used for signing */
sctx = EVP_MD_CTX_new();
if (sctx == NULL
|| !EVP_DigestSignInit_ex(sctx, NULL, mdname, NULL, NULL, pkey))
goto err;
/*
* it contains the mapping between ASN.1 data and an object MySignInfoObject
* obj-&gt;info is the &#39;MySignInfoObject&#39; object that will be
* converted into DER data and then signed.
* obj-&gt;signature will contain the output signature.
* obj-&gt;sig_alg is filled with the private key&#39;s signing algorithm id.
* obj-&gt;info.sig_alg is another copy of the signing algorithm id that sits
* within MyObject.
*/
len = ASN1_item_sign_ctx(it, &amp;obj-&gt;sig_alg, &amp;obj-&gt;info.sig_alg,
obj-&gt;signature, &amp;obj-&gt;info, sctx);
if (len &lt;= 0
|| X509_ALGOR_cmp(&amp;obj-&gt;sig_alg, &amp;obj-&gt;info.sig_alg) != 0)
goto err;
/* Output MyObject in der form */
len = i2d_MyObject(obj, &amp;obj_der);
if (len &lt;= 0)
goto err;
/* Set the key and digest used for verifying */
vctx = EVP_MD_CTX_new();
if (vctx == NULL
|| !EVP_DigestVerifyInit_ex(vctx, NULL, mdname, NULL, NULL, pkey))
goto err;
/* Load the der data back into an object */
p = obj_der;
loaded_obj = d2i_MyObject(NULL, &amp;p, len);
if (loaded_obj == NULL)
goto err;
/* Verify the loaded object */
ret = ASN1_item_verify_ctx(it, &amp;loaded_obj-&gt;sig_alg, loaded_obj-&gt;signature,
&amp;loaded_obj-&gt;info, vctx);
err:
OPENSSL_free(obj_der);
MyObject_free(loaded_obj);
MyObject_free(obj);
EVP_MD_CTX_free(sctx);
EVP_MD_CTX_free(vctx);
return ret;
}</code></pre>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509_verify.html">X509_verify(3)</a></p>
<h1 id="HISTORY">HISTORY</h1>
<p>ASN1_item_sign_ex() and ASN1_item_verify_ex() were added in OpenSSL 3.0.</p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2020-2022 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

153
openssl-3.4.2/doc/html/man3/ASYNC_WAIT_CTX_new.html
View File

@@ -1,153 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>ASYNC_WAIT_CTX_new</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#HISTORY">HISTORY</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>ASYNC_WAIT_CTX_new, ASYNC_WAIT_CTX_free, ASYNC_WAIT_CTX_set_wait_fd, ASYNC_WAIT_CTX_get_fd, ASYNC_WAIT_CTX_get_all_fds, ASYNC_WAIT_CTX_get_changed_fds, ASYNC_WAIT_CTX_clear_fd, ASYNC_WAIT_CTX_set_callback, ASYNC_WAIT_CTX_get_callback, ASYNC_WAIT_CTX_set_status, ASYNC_WAIT_CTX_get_status, ASYNC_callback_fn, ASYNC_STATUS_UNSUPPORTED, ASYNC_STATUS_ERR, ASYNC_STATUS_OK, ASYNC_STATUS_EAGAIN - functions to manage waiting for asynchronous jobs to complete</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/async.h&gt;
#define ASYNC_STATUS_UNSUPPORTED 0
#define ASYNC_STATUS_ERR 1
#define ASYNC_STATUS_OK 2
#define ASYNC_STATUS_EAGAIN 3
typedef int (*ASYNC_callback_fn)(void *arg);
ASYNC_WAIT_CTX *ASYNC_WAIT_CTX_new(void);
void ASYNC_WAIT_CTX_free(ASYNC_WAIT_CTX *ctx);
int ASYNC_WAIT_CTX_set_wait_fd(ASYNC_WAIT_CTX *ctx, const void *key,
OSSL_ASYNC_FD fd,
void *custom_data,
void (*cleanup)(ASYNC_WAIT_CTX *, const void *,
OSSL_ASYNC_FD, void *));
int ASYNC_WAIT_CTX_get_fd(ASYNC_WAIT_CTX *ctx, const void *key,
OSSL_ASYNC_FD *fd, void **custom_data);
int ASYNC_WAIT_CTX_get_all_fds(ASYNC_WAIT_CTX *ctx, OSSL_ASYNC_FD *fd,
size_t *numfds);
int ASYNC_WAIT_CTX_get_changed_fds(ASYNC_WAIT_CTX *ctx, OSSL_ASYNC_FD *addfd,
size_t *numaddfds, OSSL_ASYNC_FD *delfd,
size_t *numdelfds);
int ASYNC_WAIT_CTX_clear_fd(ASYNC_WAIT_CTX *ctx, const void *key);
int ASYNC_WAIT_CTX_set_callback(ASYNC_WAIT_CTX *ctx,
ASYNC_callback_fn callback,
void *callback_arg);
int ASYNC_WAIT_CTX_get_callback(ASYNC_WAIT_CTX *ctx,
ASYNC_callback_fn *callback,
void **callback_arg);
int ASYNC_WAIT_CTX_set_status(ASYNC_WAIT_CTX *ctx, int status);
int ASYNC_WAIT_CTX_get_status(ASYNC_WAIT_CTX *ctx);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>For an overview of how asynchronous operations are implemented in OpenSSL see <a href="../man3/ASYNC_start_job.html">ASYNC_start_job(3)</a>. An <b>ASYNC_WAIT_CTX</b> object represents an asynchronous &quot;session&quot;, i.e. a related set of crypto operations. For example in SSL terms this would have a one-to-one correspondence with an SSL connection.</p>
<p>Application code must create an <b>ASYNC_WAIT_CTX</b> using the ASYNC_WAIT_CTX_new() function prior to calling ASYNC_start_job() (see <a href="../man3/ASYNC_start_job.html">ASYNC_start_job(3)</a>). When the job is started it is associated with the <b>ASYNC_WAIT_CTX</b> for the duration of that job. An <b>ASYNC_WAIT_CTX</b> should only be used for one <b>ASYNC_JOB</b> at any one time, but can be reused after an <b>ASYNC_JOB</b> has finished for a subsequent <b>ASYNC_JOB</b>. When the session is complete (e.g. the SSL connection is closed), application code cleans up with ASYNC_WAIT_CTX_free().</p>
<p><b>ASYNC_WAIT_CTX</b>s can have &quot;wait&quot; file descriptors associated with them. Calling ASYNC_WAIT_CTX_get_all_fds() and passing in a pointer to an <b>ASYNC_WAIT_CTX</b> in the <i>ctx</i> parameter will return the wait file descriptors associated with that job in <i>*fd</i>. The number of file descriptors returned will be stored in <i>*numfds</i>. It is the caller&#39;s responsibility to ensure that sufficient memory has been allocated in <i>*fd</i> to receive all the file descriptors. Calling ASYNC_WAIT_CTX_get_all_fds() with a NULL <i>fd</i> value will return no file descriptors but will still populate <i>*numfds</i>. Therefore, application code is typically expected to call this function twice: once to get the number of fds, and then again when sufficient memory has been allocated. If only one asynchronous engine is being used then normally this call will only ever return one fd. If multiple asynchronous engines are being used then more could be returned.</p>
<p>The function ASYNC_WAIT_CTX_get_changed_fds() can be used to detect if any fds have changed since the last call time ASYNC_start_job() returned <b>ASYNC_PAUSE</b> (or since the <b>ASYNC_WAIT_CTX</b> was created if no <b>ASYNC_PAUSE</b> result has been received). The <i>numaddfds</i> and <i>numdelfds</i> parameters will be populated with the number of fds added or deleted respectively. <i>*addfd</i> and <i>*delfd</i> will be populated with the list of added and deleted fds respectively. Similarly to ASYNC_WAIT_CTX_get_all_fds() either of these can be NULL, but if they are not NULL then the caller is responsible for ensuring sufficient memory is allocated.</p>
<p>Implementers of async aware code (e.g. engines) are encouraged to return a stable fd for the lifetime of the <b>ASYNC_WAIT_CTX</b> in order to reduce the &quot;churn&quot; of regularly changing fds - although no guarantees of this are provided to applications.</p>
<p>Applications can wait for the file descriptor to be ready for &quot;read&quot; using a system function call such as select or poll (being ready for &quot;read&quot; indicates that the job should be resumed). If no file descriptor is made available then an application will have to periodically &quot;poll&quot; the job by attempting to restart it to see if it is ready to continue.</p>
<p>Async aware code (e.g. engines) can get the current <b>ASYNC_WAIT_CTX</b> from the job via <a href="../man3/ASYNC_get_wait_ctx.html">ASYNC_get_wait_ctx(3)</a> and provide a file descriptor to use for waiting on by calling ASYNC_WAIT_CTX_set_wait_fd(). Typically this would be done by an engine immediately prior to calling ASYNC_pause_job() and not by end user code. An existing association with a file descriptor can be obtained using ASYNC_WAIT_CTX_get_fd() and cleared using ASYNC_WAIT_CTX_clear_fd(). Both of these functions requires a <i>key</i> value which is unique to the async aware code. This could be any unique value but a good candidate might be the <b>ENGINE *</b> for the engine. The <i>custom_data</i> parameter can be any value, and will be returned in a subsequent call to ASYNC_WAIT_CTX_get_fd(). The ASYNC_WAIT_CTX_set_wait_fd() function also expects a pointer to a &quot;cleanup&quot; routine. This can be NULL but if provided will automatically get called when the <b>ASYNC_WAIT_CTX</b> is freed, and gives the engine the opportunity to close the fd or any other resources. Note: The &quot;cleanup&quot; routine does not get called if the fd is cleared directly via a call to ASYNC_WAIT_CTX_clear_fd().</p>
<p>An example of typical usage might be an async capable engine. User code would initiate cryptographic operations. The engine would initiate those operations asynchronously and then call ASYNC_WAIT_CTX_set_wait_fd() followed by ASYNC_pause_job() to return control to the user code. The user code can then perform other tasks or wait for the job to be ready by calling &quot;select&quot; or other similar function on the wait file descriptor. The engine can signal to the user code that the job should be resumed by making the wait file descriptor &quot;readable&quot;. Once resumed the engine should clear the wake signal on the wait file descriptor.</p>
<p>As well as a file descriptor, user code may also be notified via a callback. The callback and data pointers are stored within the <b>ASYNC_WAIT_CTX</b> along with an additional status field that can be used for the notification of retries from an engine. This additional method can be used when the user thinks that a file descriptor is too costly in terms of CPU cycles or in some context where a file descriptor is not appropriate.</p>
<p>ASYNC_WAIT_CTX_set_callback() sets the callback and the callback argument. The callback will be called to notify user code when an engine completes a cryptography operation. It is a requirement that the callback function is small and nonblocking as it will be run in the context of a polling mechanism or an interrupt.</p>
<p>ASYNC_WAIT_CTX_get_callback() returns the callback set in the <b>ASYNC_WAIT_CTX</b> structure.</p>
<p>ASYNC_WAIT_CTX_set_status() allows an engine to set the current engine status. The possible status values are the following:</p>
<dl>
<dt id="ASYNC_STATUS_UNSUPPORTED"><b>ASYNC_STATUS_UNSUPPORTED</b></dt>
<dd>
<p>The engine does not support the callback mechanism. This is the default value. The engine must call ASYNC_WAIT_CTX_set_status() to set the status to some value other than <b>ASYNC_STATUS_UNSUPPORTED</b> if it intends to enable the callback mechanism.</p>
</dd>
<dt id="ASYNC_STATUS_ERR"><b>ASYNC_STATUS_ERR</b></dt>
<dd>
<p>The engine has a fatal problem with this request. The user code should clean up this session.</p>
</dd>
<dt id="ASYNC_STATUS_OK"><b>ASYNC_STATUS_OK</b></dt>
<dd>
<p>The request has been successfully submitted.</p>
</dd>
<dt id="ASYNC_STATUS_EAGAIN"><b>ASYNC_STATUS_EAGAIN</b></dt>
<dd>
<p>The engine has some problem which will be recovered soon, such as a buffer is full, so user code should resume the job.</p>
</dd>
</dl>
<p>ASYNC_WAIT_CTX_get_status() allows user code to obtain the current status value. If the status is any value other than <b>ASYNC_STATUS_OK</b> then the user code should not expect to receive a callback from the engine even if one has been set.</p>
<p>An example of the usage of the callback method might be the following. User code would initiate cryptographic operations, and the engine code would dispatch this operation to hardware, and if the dispatch is successful, then the engine code would call ASYNC_pause_job() to return control to the user code. After that, user code can perform other tasks. When the hardware completes the operation, normally it is detected by a polling function or an interrupt, as the user code set a callback by calling ASYNC_WAIT_CTX_set_callback() previously, then the registered callback will be called.</p>
<p>ASYNC_WAIT_CTX_free() frees up a single <b>ASYNC_WAIT_CTX</b> object. If the argument is NULL, nothing is done.</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>ASYNC_WAIT_CTX_new() returns a pointer to the newly allocated <b>ASYNC_WAIT_CTX</b> or NULL on error.</p>
<p>ASYNC_WAIT_CTX_set_wait_fd, ASYNC_WAIT_CTX_get_fd, ASYNC_WAIT_CTX_get_all_fds, ASYNC_WAIT_CTX_get_changed_fds, ASYNC_WAIT_CTX_clear_fd, ASYNC_WAIT_CTX_set_callback, ASYNC_WAIT_CTX_get_callback and ASYNC_WAIT_CTX_set_status all return 1 on success or 0 on error. ASYNC_WAIT_CTX_get_status() returns the engine status.</p>
<h1 id="NOTES">NOTES</h1>
<p>On Windows platforms the <i>&lt;openssl/async.h&gt;</i> header is dependent on some of the types customarily made available by including <i>&lt;windows.h&gt;</i>. The application developer is likely to require control over when the latter is included, commonly as one of the first included headers. Therefore, it is defined as an application developer&#39;s responsibility to include <i>&lt;windows.h&gt;</i> prior to <i>&lt;openssl/async.h&gt;</i>.</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/ASYNC_start_job.html">ASYNC_start_job(3)</a></p>
<h1 id="HISTORY">HISTORY</h1>
<p>ASYNC_WAIT_CTX_new(), ASYNC_WAIT_CTX_free(), ASYNC_WAIT_CTX_set_wait_fd(), ASYNC_WAIT_CTX_get_fd(), ASYNC_WAIT_CTX_get_all_fds(), ASYNC_WAIT_CTX_get_changed_fds() and ASYNC_WAIT_CTX_clear_fd() were added in OpenSSL 1.1.0.</p>
<p>ASYNC_WAIT_CTX_set_callback(), ASYNC_WAIT_CTX_get_callback(), ASYNC_WAIT_CTX_set_status(), and ASYNC_WAIT_CTX_get_status() were added in OpenSSL 3.0.</p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2016-2024 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

303
openssl-3.4.2/doc/html/man3/ASYNC_start_job.html
View File

@@ -1,303 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>ASYNC_start_job</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#EXAMPLES">EXAMPLES</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#HISTORY">HISTORY</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>ASYNC_get_wait_ctx, ASYNC_init_thread, ASYNC_cleanup_thread, ASYNC_start_job, ASYNC_pause_job, ASYNC_get_current_job, ASYNC_block_pause, ASYNC_unblock_pause, ASYNC_is_capable, ASYNC_stack_alloc_fn, ASYNC_stack_free_fn, ASYNC_set_mem_functions, ASYNC_get_mem_functions - asynchronous job management functions</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/async.h&gt;
int ASYNC_init_thread(size_t max_size, size_t init_size);
void ASYNC_cleanup_thread(void);
int ASYNC_start_job(ASYNC_JOB **job, ASYNC_WAIT_CTX *ctx, int *ret,
int (*func)(void *), void *args, size_t size);
int ASYNC_pause_job(void);
ASYNC_JOB *ASYNC_get_current_job(void);
ASYNC_WAIT_CTX *ASYNC_get_wait_ctx(ASYNC_JOB *job);
void ASYNC_block_pause(void);
void ASYNC_unblock_pause(void);
int ASYNC_is_capable(void);
typedef void *(*ASYNC_stack_alloc_fn)(size_t *num);
typedef void (*ASYNC_stack_free_fn)(void *addr);
int ASYNC_set_mem_functions(ASYNC_stack_alloc_fn alloc_fn,
ASYNC_stack_free_fn free_fn);
void ASYNC_get_mem_functions(ASYNC_stack_alloc_fn *alloc_fn,
ASYNC_stack_free_fn *free_fn);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>OpenSSL implements asynchronous capabilities through an <b>ASYNC_JOB</b>. This represents code that can be started and executes until some event occurs. At that point the code can be paused and control returns to user code until some subsequent event indicates that the job can be resumed. It&#39;s OpenSSL specific implementation of cooperative multitasking.</p>
<p>The creation of an <b>ASYNC_JOB</b> is a relatively expensive operation. Therefore, for efficiency reasons, jobs can be created up front and reused many times. They are held in a pool until they are needed, at which point they are removed from the pool, used, and then returned to the pool when the job completes. If the user application is multi-threaded, then ASYNC_init_thread() may be called for each thread that will initiate asynchronous jobs. Before user code exits per-thread resources need to be cleaned up. This will normally occur automatically (see <a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>) but may be explicitly initiated by using ASYNC_cleanup_thread(). No asynchronous jobs must be outstanding for the thread when ASYNC_cleanup_thread() is called. Failing to ensure this will result in memory leaks.</p>
<p>The <i>max_size</i> argument limits the number of <b>ASYNC_JOB</b>s that will be held in the pool. If <i>max_size</i> is set to 0 then no upper limit is set. When an <b>ASYNC_JOB</b> is needed but there are none available in the pool already then one will be automatically created, as long as the total of <b>ASYNC_JOB</b>s managed by the pool does not exceed <i>max_size</i>. When the pool is first initialised <i>init_size</i> <b>ASYNC_JOB</b>s will be created immediately. If ASYNC_init_thread() is not called before the pool is first used then it will be called automatically with a <i>max_size</i> of 0 (no upper limit) and an <i>init_size</i> of 0 (no <b>ASYNC_JOB</b>s created up front).</p>
<p>An asynchronous job is started by calling the ASYNC_start_job() function. Initially <i>*job</i> should be NULL. <i>ctx</i> should point to an <b>ASYNC_WAIT_CTX</b> object created through the <a href="../man3/ASYNC_WAIT_CTX_new.html">ASYNC_WAIT_CTX_new(3)</a> function. <i>ret</i> should point to a location where the return value of the asynchronous function should be stored on completion of the job. <i>func</i> represents the function that should be started asynchronously. The data pointed to by <i>args</i> and of size <i>size</i> will be copied and then passed as an argument to <i>func</i> when the job starts. ASYNC_start_job will return one of the following values:</p>
<dl>
<dt id="ASYNC_ERR"><b>ASYNC_ERR</b></dt>
<dd>
<p>An error occurred trying to start the job. Check the OpenSSL error queue (e.g. see <a href="../man3/ERR_print_errors.html">ERR_print_errors(3)</a>) for more details.</p>
</dd>
<dt id="ASYNC_NO_JOBS"><b>ASYNC_NO_JOBS</b></dt>
<dd>
<p>There are no jobs currently available in the pool. This call can be retried again at a later time.</p>
</dd>
<dt id="ASYNC_PAUSE"><b>ASYNC_PAUSE</b></dt>
<dd>
<p>The job was successfully started but was &quot;paused&quot; before it completed (see ASYNC_pause_job() below). A handle to the job is placed in <i>*job</i>. Other work can be performed (if desired) and the job restarted at a later time. To restart a job call ASYNC_start_job() again passing the job handle in <i>*job</i>. The <i>func</i>, <i>args</i> and <i>size</i> parameters will be ignored when restarting a job. When restarting a job ASYNC_start_job() <b>must</b> be called from the same thread that the job was originally started from. <b>ASYNC_WAIT_CTX</b> is used to know when a job is ready to be restarted.</p>
</dd>
<dt id="ASYNC_FINISH"><b>ASYNC_FINISH</b></dt>
<dd>
<p>The job completed. <i>*job</i> will be NULL and the return value from <i>func</i> will be placed in <i>*ret</i>.</p>
</dd>
</dl>
<p>At any one time there can be a maximum of one job actively running per thread (you can have many that are paused). ASYNC_get_current_job() can be used to get a pointer to the currently executing <b>ASYNC_JOB</b>. If no job is currently executing then this will return NULL.</p>
<p>If executing within the context of a job (i.e. having been called directly or indirectly by the function &quot;func&quot; passed as an argument to ASYNC_start_job()) then ASYNC_pause_job() will immediately return control to the calling application with <b>ASYNC_PAUSE</b> returned from the ASYNC_start_job() call. A subsequent call to ASYNC_start_job passing in the relevant <b>ASYNC_JOB</b> in the <i>*job</i> parameter will resume execution from the ASYNC_pause_job() call. If ASYNC_pause_job() is called whilst not within the context of a job then no action is taken and ASYNC_pause_job() returns immediately.</p>
<p>ASYNC_get_wait_ctx() can be used to get a pointer to the <b>ASYNC_WAIT_CTX</b> for the <i>job</i> (see <a href="../man3/ASYNC_WAIT_CTX_new.html">ASYNC_WAIT_CTX_new(3)</a>). <b>ASYNC_WAIT_CTX</b>s contain two different ways to notify applications that a job is ready to be resumed. One is a &quot;wait&quot; file descriptor, and the other is a &quot;callback&quot; mechanism.</p>
<p>The &quot;wait&quot; file descriptor associated with <b>ASYNC_WAIT_CTX</b> is used for applications to wait for the file descriptor to be ready for &quot;read&quot; using a system function call such as select(2) or poll(2) (being ready for &quot;read&quot; indicates that the job should be resumed). If no file descriptor is made available then an application will have to periodically &quot;poll&quot; the job by attempting to restart it to see if it is ready to continue.</p>
<p><b>ASYNC_WAIT_CTX</b>s also have a &quot;callback&quot; mechanism to notify applications. The callback is set by an application, and it will be automatically called when an engine completes a cryptography operation, so that the application can resume the paused work flow without polling. An engine could be written to look whether the callback has been set. If it has then it would use the callback mechanism in preference to the file descriptor notifications. If a callback is not set then the engine may use file descriptor based notifications. Please note that not all engines may support the callback mechanism, so the callback may not be used even if it has been set. See ASYNC_WAIT_CTX_new() for more details.</p>
<p>The ASYNC_block_pause() function will prevent the currently active job from pausing. The block will remain in place until a subsequent call to ASYNC_unblock_pause(). These functions can be nested, e.g. if you call ASYNC_block_pause() twice then you must call ASYNC_unblock_pause() twice in order to re-enable pausing. If these functions are called while there is no currently active job then they have no effect. This functionality can be useful to avoid deadlock scenarios. For example during the execution of an <b>ASYNC_JOB</b> an application acquires a lock. It then calls some cryptographic function which invokes ASYNC_pause_job(). This returns control back to the code that created the <b>ASYNC_JOB</b>. If that code then attempts to acquire the same lock before resuming the original job then a deadlock can occur. By calling ASYNC_block_pause() immediately after acquiring the lock and ASYNC_unblock_pause() immediately before releasing it then this situation cannot occur.</p>
<p>Some platforms cannot support async operations. The ASYNC_is_capable() function can be used to detect whether the current platform is async capable or not.</p>
<p>Custom memory allocation functions are supported for the POSIX platform. Custom memory allocation functions allow alternative methods of allocating stack memory such as mmap, or using stack memory from the current thread. Using an ASYNC_stack_alloc_fn callback also allows manipulation of the stack size, which defaults to 32k. The stack size can be altered by allocating a stack of a size different to the requested size, and passing back the new stack size in the callback&#39;s <i>*num</i> parameter.</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>ASYNC_init_thread returns 1 on success or 0 otherwise.</p>
<p>ASYNC_start_job returns one of <b>ASYNC_ERR</b>, <b>ASYNC_NO_JOBS</b>, <b>ASYNC_PAUSE</b> or <b>ASYNC_FINISH</b> as described above.</p>
<p>ASYNC_pause_job returns 0 if an error occurred or 1 on success. If called when not within the context of an <b>ASYNC_JOB</b> then this is counted as success so 1 is returned.</p>
<p>ASYNC_get_current_job returns a pointer to the currently executing <b>ASYNC_JOB</b> or NULL if not within the context of a job.</p>
<p>ASYNC_get_wait_ctx() returns a pointer to the <b>ASYNC_WAIT_CTX</b> for the job.</p>
<p>ASYNC_is_capable() returns 1 if the current platform is async capable or 0 otherwise.</p>
<p>ASYNC_set_mem_functions returns 1 if custom stack allocators are supported by the current platform and no allocations have already occurred or 0 otherwise.</p>
<h1 id="NOTES">NOTES</h1>
<p>On Windows platforms the <i>&lt;openssl/async.h&gt;</i> header is dependent on some of the types customarily made available by including <i>&lt;windows.h&gt;</i>. The application developer is likely to require control over when the latter is included, commonly as one of the first included headers. Therefore, it is defined as an application developer&#39;s responsibility to include <i>&lt;windows.h&gt;</i> prior to <i>&lt;openssl/async.h&gt;</i>.</p>
<h1 id="EXAMPLES">EXAMPLES</h1>
<p>The following example demonstrates how to use most of the core async APIs:</p>
<pre><code>#ifdef _WIN32
# include &lt;windows.h&gt;
#endif
#include &lt;stdio.h&gt;
#include &lt;unistd.h&gt;
#include &lt;openssl/async.h&gt;
#include &lt;openssl/crypto.h&gt;
int unique = 0;
void cleanup(ASYNC_WAIT_CTX *ctx, const void *key, OSSL_ASYNC_FD r, void *vw)
{
OSSL_ASYNC_FD *w = (OSSL_ASYNC_FD *)vw;
close(r);
close(*w);
OPENSSL_free(w);
}
int jobfunc(void *arg)
{
ASYNC_JOB *currjob;
unsigned char *msg;
int pipefds[2] = {0, 0};
OSSL_ASYNC_FD *wptr;
char buf = &#39;X&#39;;
currjob = ASYNC_get_current_job();
if (currjob != NULL) {
printf(&quot;Executing within a job\n&quot;);
} else {
printf(&quot;Not executing within a job - should not happen\n&quot;);
return 0;
}
msg = (unsigned char *)arg;
printf(&quot;Passed in message is: %s\n&quot;, msg);
/*
* Create a way to inform the calling thread when this job is ready
* to resume, in this example we&#39;re using file descriptors.
* For offloading the task to an asynchronous ENGINE it&#39;s not necessary,
* the ENGINE should handle that internally.
*/
if (pipe(pipefds) != 0) {
printf(&quot;Failed to create pipe\n&quot;);
return 0;
}
wptr = OPENSSL_malloc(sizeof(OSSL_ASYNC_FD));
if (wptr == NULL) {
printf(&quot;Failed to malloc\n&quot;);
return 0;
}
*wptr = pipefds[1];
ASYNC_WAIT_CTX_set_wait_fd(ASYNC_get_wait_ctx(currjob), &amp;unique,
pipefds[0], wptr, cleanup);
/*
* Normally some external event (like a network read being ready,
* disk access being finished, or some hardware offload operation
* completing) would cause this to happen at some
* later point - but we do it here for demo purposes, i.e.
* immediately signalling that the job is ready to be woken up after
* we return to main via ASYNC_pause_job().
*/
write(pipefds[1], &amp;buf, 1);
/*
* Return control back to main just before calling a blocking
* method. The main thread will wait until pipefds[0] is ready
* for reading before returning control to this thread.
*/
ASYNC_pause_job();
/* Perform the blocking call (it won&#39;t block with this example code) */
read(pipefds[0], &amp;buf, 1);
printf (&quot;Resumed the job after a pause\n&quot;);
return 1;
}
int main(void)
{
ASYNC_JOB *job = NULL;
ASYNC_WAIT_CTX *ctx = NULL;
int ret;
OSSL_ASYNC_FD waitfd;
fd_set waitfdset;
size_t numfds;
unsigned char msg[13] = &quot;Hello world!&quot;;
printf(&quot;Starting...\n&quot;);
ctx = ASYNC_WAIT_CTX_new();
if (ctx == NULL) {
printf(&quot;Failed to create ASYNC_WAIT_CTX\n&quot;);
abort();
}
for (;;) {
switch (ASYNC_start_job(&amp;job, ctx, &amp;ret, jobfunc, msg, sizeof(msg))) {
case ASYNC_ERR:
case ASYNC_NO_JOBS:
printf(&quot;An error occurred\n&quot;);
goto end;
case ASYNC_PAUSE:
printf(&quot;Job was paused\n&quot;);
break;
case ASYNC_FINISH:
printf(&quot;Job finished with return value %d\n&quot;, ret);
goto end;
}
/* Get the file descriptor we can use to wait for the job
* to be ready to be woken up
*/
printf(&quot;Waiting for the job to be woken up\n&quot;);
if (!ASYNC_WAIT_CTX_get_all_fds(ctx, NULL, &amp;numfds)
|| numfds &gt; 1) {
printf(&quot;Unexpected number of fds\n&quot;);
abort();
}
ASYNC_WAIT_CTX_get_all_fds(ctx, &amp;waitfd, &amp;numfds);
FD_ZERO(&amp;waitfdset);
FD_SET(waitfd, &amp;waitfdset);
/* Wait for the job to be ready for wakeup */
select(waitfd + 1, &amp;waitfdset, NULL, NULL, NULL);
}
end:
ASYNC_WAIT_CTX_free(ctx);
printf(&quot;Finishing\n&quot;);
return 0;
}</code></pre>
<p>The expected output from executing the above example program is:</p>
<pre><code>Starting...
Executing within a job
Passed in message is: Hello world!
Job was paused
Waiting for the job to be woken up
Resumed the job after a pause
Job finished with return value 1
Finishing</code></pre>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/ERR_print_errors.html">ERR_print_errors(3)</a></p>
<h1 id="HISTORY">HISTORY</h1>
<p>ASYNC_init_thread, ASYNC_cleanup_thread, ASYNC_start_job, ASYNC_pause_job, ASYNC_get_current_job, ASYNC_get_wait_ctx(), ASYNC_block_pause(), ASYNC_unblock_pause() and ASYNC_is_capable() were first added in OpenSSL 1.1.0.</p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2015-2024 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

104
openssl-3.4.2/doc/html/man3/BF_encrypt.html
View File

@@ -1,104 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>BF_encrypt</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#NOTE">NOTE</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#HISTORY">HISTORY</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>BF_set_key, BF_encrypt, BF_decrypt, BF_ecb_encrypt, BF_cbc_encrypt, BF_cfb64_encrypt, BF_ofb64_encrypt, BF_options - Blowfish encryption</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/blowfish.h&gt;</code></pre>
<p>The following functions have been deprecated since OpenSSL 3.0, and can be hidden entirely by defining <b>OPENSSL_API_COMPAT</b> with a suitable version value, see <a href="../man7/openssl_user_macros.html">openssl_user_macros(7)</a>:</p>
<pre><code>void BF_set_key(BF_KEY *key, int len, const unsigned char *data);
void BF_ecb_encrypt(const unsigned char *in, unsigned char *out,
BF_KEY *key, int enc);
void BF_cbc_encrypt(const unsigned char *in, unsigned char *out,
long length, BF_KEY *schedule,
unsigned char *ivec, int enc);
void BF_cfb64_encrypt(const unsigned char *in, unsigned char *out,
long length, BF_KEY *schedule,
unsigned char *ivec, int *num, int enc);
void BF_ofb64_encrypt(const unsigned char *in, unsigned char *out,
long length, BF_KEY *schedule,
unsigned char *ivec, int *num);
const char *BF_options(void);
void BF_encrypt(BF_LONG *data, const BF_KEY *key);
void BF_decrypt(BF_LONG *data, const BF_KEY *key);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>All of the functions described on this page are deprecated. Applications should instead use <a href="../man3/EVP_EncryptInit_ex.html">EVP_EncryptInit_ex(3)</a>, <a href="../man3/EVP_EncryptUpdate.html">EVP_EncryptUpdate(3)</a> and <a href="../man3/EVP_EncryptFinal_ex.html">EVP_EncryptFinal_ex(3)</a> or the equivalently named decrypt functions.</p>
<p>This library implements the Blowfish cipher, which was invented and described by Counterpane (see http://www.counterpane.com/blowfish.html ).</p>
<p>Blowfish is a block cipher that operates on 64 bit (8 byte) blocks of data. It uses a variable size key, but typically, 128 bit (16 byte) keys are considered good for strong encryption. Blowfish can be used in the same modes as DES (see <a href="../man7/des_modes.html">des_modes(7)</a>). Blowfish is currently one of the faster block ciphers. It is quite a bit faster than DES, and much faster than IDEA or RC2.</p>
<p>Blowfish consists of a key setup phase and the actual encryption or decryption phase.</p>
<p>BF_set_key() sets up the <b>BF_KEY</b> <b>key</b> using the <b>len</b> bytes long key at <b>data</b>.</p>
<p>BF_ecb_encrypt() is the basic Blowfish encryption and decryption function. It encrypts or decrypts the first 64 bits of <b>in</b> using the key <b>key</b>, putting the result in <b>out</b>. <b>enc</b> decides if encryption (<b>BF_ENCRYPT</b>) or decryption (<b>BF_DECRYPT</b>) shall be performed. The vector pointed at by <b>in</b> and <b>out</b> must be 64 bits in length, no less. If they are larger, everything after the first 64 bits is ignored.</p>
<p>The mode functions BF_cbc_encrypt(), BF_cfb64_encrypt() and BF_ofb64_encrypt() all operate on variable length data. They all take an initialization vector <b>ivec</b> which needs to be passed along into the next call of the same function for the same message. <b>ivec</b> may be initialized with anything, but the recipient needs to know what it was initialized with, or it won&#39;t be able to decrypt. Some programs and protocols simplify this, like SSH, where <b>ivec</b> is simply initialized to zero. BF_cbc_encrypt() operates on data that is a multiple of 8 bytes long, while BF_cfb64_encrypt() and BF_ofb64_encrypt() are used to encrypt a variable number of bytes (the amount does not have to be an exact multiple of 8). The purpose of the latter two is to simulate stream ciphers, and therefore, they need the parameter <b>num</b>, which is a pointer to an integer where the current offset in <b>ivec</b> is stored between calls. This integer must be initialized to zero when <b>ivec</b> is initialized.</p>
<p>BF_cbc_encrypt() is the Cipher Block Chaining function for Blowfish. It encrypts or decrypts the 64 bits chunks of <b>in</b> using the key <b>schedule</b>, putting the result in <b>out</b>. <b>enc</b> decides if encryption (BF_ENCRYPT) or decryption (BF_DECRYPT) shall be performed. <b>ivec</b> must point at an 8 byte long initialization vector.</p>
<p>BF_cfb64_encrypt() is the CFB mode for Blowfish with 64 bit feedback. It encrypts or decrypts the bytes in <b>in</b> using the key <b>schedule</b>, putting the result in <b>out</b>. <b>enc</b> decides if encryption (<b>BF_ENCRYPT</b>) or decryption (<b>BF_DECRYPT</b>) shall be performed. <b>ivec</b> must point at an 8 byte long initialization vector. <b>num</b> must point at an integer which must be initially zero.</p>
<p>BF_ofb64_encrypt() is the OFB mode for Blowfish with 64 bit feedback. It uses the same parameters as BF_cfb64_encrypt(), which must be initialized the same way.</p>
<p>BF_encrypt() and BF_decrypt() are the lowest level functions for Blowfish encryption. They encrypt/decrypt the first 64 bits of the vector pointed by <b>data</b>, using the key <b>key</b>. These functions should not be used unless you implement &#39;modes&#39; of Blowfish. The alternative is to use BF_ecb_encrypt(). If you still want to use these functions, you should be aware that they take each 32-bit chunk in host-byte order, which is little-endian on little-endian platforms and big-endian on big-endian ones.</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>None of the functions presented here return any value.</p>
<h1 id="NOTE">NOTE</h1>
<p>Applications should use the higher level functions <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a> etc. instead of calling these functions directly.</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man7/des_modes.html">des_modes(7)</a></p>
<h1 id="HISTORY">HISTORY</h1>
<p>All of these functions were deprecated in OpenSSL 3.0.</p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

109
openssl-3.4.2/doc/html/man3/BIO_ADDR.html
View File

@@ -1,109 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>BIO_ADDR</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#RAW-ADDRESSES">RAW ADDRESSES</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#HISTORY">HISTORY</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>BIO_ADDR, BIO_ADDR_new, BIO_ADDR_copy, BIO_ADDR_dup, BIO_ADDR_clear, BIO_ADDR_free, BIO_ADDR_rawmake, BIO_ADDR_family, BIO_ADDR_rawaddress, BIO_ADDR_rawport, BIO_ADDR_hostname_string, BIO_ADDR_service_string, BIO_ADDR_path_string - BIO_ADDR routines</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;sys/types.h&gt;
#include &lt;openssl/bio.h&gt;
typedef union bio_addr_st BIO_ADDR;
BIO_ADDR *BIO_ADDR_new(void);
int BIO_ADDR_copy(BIO_ADDR *dst, const BIO_ADDR *src);
BIO_ADDR *BIO_ADDR_dup(const BIO_ADDR *ap);
void BIO_ADDR_free(BIO_ADDR *ap);
void BIO_ADDR_clear(BIO_ADDR *ap);
int BIO_ADDR_rawmake(BIO_ADDR *ap, int family,
const void *where, size_t wherelen, unsigned short port);
int BIO_ADDR_family(const BIO_ADDR *ap);
int BIO_ADDR_rawaddress(const BIO_ADDR *ap, void *p, size_t *l);
unsigned short BIO_ADDR_rawport(const BIO_ADDR *ap);
char *BIO_ADDR_hostname_string(const BIO_ADDR *ap, int numeric);
char *BIO_ADDR_service_string(const BIO_ADDR *ap, int numeric);
char *BIO_ADDR_path_string(const BIO_ADDR *ap);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>The <b>BIO_ADDR</b> type is a wrapper around all types of socket addresses that OpenSSL deals with, currently transparently supporting AF_INET, AF_INET6 and AF_UNIX according to what&#39;s available on the platform at hand.</p>
<p>BIO_ADDR_new() creates a new unfilled <b>BIO_ADDR</b>, to be used with routines that will fill it with information, such as BIO_accept_ex().</p>
<p>BIO_ADDR_copy() copies the contents of <b>src</b> into <b>dst</b>. Neither <b>src</b> or <b>dst</b> can be NULL.</p>
<p>BIO_ADDR_dup() creates a new <b>BIO_ADDR</b>, with a copy of the address data in <b>ap</b>.</p>
<p>BIO_ADDR_free() frees a <b>BIO_ADDR</b> created with BIO_ADDR_new() or BIO_ADDR_dup(). If the argument is NULL, nothing is done.</p>
<p>BIO_ADDR_clear() clears any data held within the provided <b>BIO_ADDR</b> and sets it back to an uninitialised state.</p>
<p>BIO_ADDR_rawmake() takes a protocol <b>family</b>, a byte array of size <b>wherelen</b> with an address in network byte order pointed at by <b>where</b> and a port number in network byte order in <b>port</b> (except for the <b>AF_UNIX</b> protocol family, where <b>port</b> is meaningless and therefore ignored) and populates the given <b>BIO_ADDR</b> with them. In case this creates a <b>AF_UNIX</b> <b>BIO_ADDR</b>, <b>wherelen</b> is expected to be the length of the path string (not including the terminating NUL, such as the result of a call to strlen()). Read on about the addresses in <a href="#RAW-ADDRESSES">&quot;RAW ADDRESSES&quot;</a> below.</p>
<p>BIO_ADDR_family() returns the protocol family of the given <b>BIO_ADDR</b>. The possible non-error results are one of the constants AF_INET, AF_INET6 and AF_UNIX. It will also return AF_UNSPEC if the BIO_ADDR has not been initialised.</p>
<p>BIO_ADDR_rawaddress() will write the raw address of the given <b>BIO_ADDR</b> in the area pointed at by <b>p</b> if <b>p</b> is non-NULL, and will set <b>*l</b> to be the amount of bytes the raw address takes up if <b>l</b> is non-NULL. A technique to only find out the size of the address is a call with <b>p</b> set to <b>NULL</b>. The raw address will be in network byte order, most significant byte first. In case this is a <b>AF_UNIX</b> <b>BIO_ADDR</b>, <b>l</b> gets the length of the path string (not including the terminating NUL, such as the result of a call to strlen()). Read on about the addresses in <a href="#RAW-ADDRESSES">&quot;RAW ADDRESSES&quot;</a> below.</p>
<p>BIO_ADDR_rawport() returns the raw port of the given <b>BIO_ADDR</b>. The raw port will be in network byte order.</p>
<p>BIO_ADDR_hostname_string() returns a character string with the hostname of the given <b>BIO_ADDR</b>. If <b>numeric</b> is 1, the string will contain the numerical form of the address. This only works for <b>BIO_ADDR</b> of the protocol families AF_INET and AF_INET6. The returned string has been allocated on the heap and must be freed with OPENSSL_free().</p>
<p>BIO_ADDR_service_string() returns a character string with the service name of the port of the given <b>BIO_ADDR</b>. If <b>numeric</b> is 1, the string will contain the port number. This only works for <b>BIO_ADDR</b> of the protocol families AF_INET and AF_INET6. The returned string has been allocated on the heap and must be freed with OPENSSL_free().</p>
<p>BIO_ADDR_path_string() returns a character string with the path of the given <b>BIO_ADDR</b>. This only works for <b>BIO_ADDR</b> of the protocol family AF_UNIX. The returned string has been allocated on the heap and must be freed with OPENSSL_free().</p>
<h1 id="RAW-ADDRESSES">RAW ADDRESSES</h1>
<p>Both BIO_ADDR_rawmake() and BIO_ADDR_rawaddress() take a pointer to a network byte order address of a specific site. Internally, those are treated as a pointer to <b>struct in_addr</b> (for <b>AF_INET</b>), <b>struct in6_addr</b> (for <b>AF_INET6</b>) or <b>char *</b> (for <b>AF_UNIX</b>), all depending on the protocol family the address is for.</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>The string producing functions BIO_ADDR_hostname_string(), BIO_ADDR_service_string() and BIO_ADDR_path_string() will return <b>NULL</b> on error and leave an error indication on the OpenSSL error stack.</p>
<p>BIO_ADDR_copy() returns 1 on success or 0 on error.</p>
<p>All other functions described here return 0 or <b>NULL</b> when the information they should return isn&#39;t available.</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/BIO_connect.html">BIO_connect(3)</a>, <a href="../man3/BIO_s_connect.html">BIO_s_connect(3)</a></p>
<h1 id="HISTORY">HISTORY</h1>
<p>BIO_ADDR_copy() and BIO_ADDR_dup() were added in OpenSSL 3.2.</p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2016-2024 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

101
openssl-3.4.2/doc/html/man3/BIO_ADDRINFO.html
View File

@@ -1,101 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>BIO_ADDRINFO</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#HISTORY">HISTORY</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>BIO_lookup_type, BIO_ADDRINFO, BIO_ADDRINFO_next, BIO_ADDRINFO_free, BIO_ADDRINFO_family, BIO_ADDRINFO_socktype, BIO_ADDRINFO_protocol, BIO_ADDRINFO_address, BIO_lookup_ex, BIO_lookup - BIO_ADDRINFO type and routines</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;sys/types.h&gt;
#include &lt;openssl/bio.h&gt;
typedef union bio_addrinfo_st BIO_ADDRINFO;
enum BIO_lookup_type {
BIO_LOOKUP_CLIENT, BIO_LOOKUP_SERVER
};
int BIO_lookup_ex(const char *host, const char *service, int lookup_type,
int family, int socktype, int protocol, BIO_ADDRINFO **res);
int BIO_lookup(const char *host, const char *service,
enum BIO_lookup_type lookup_type,
int family, int socktype, BIO_ADDRINFO **res);
const BIO_ADDRINFO *BIO_ADDRINFO_next(const BIO_ADDRINFO *bai);
int BIO_ADDRINFO_family(const BIO_ADDRINFO *bai);
int BIO_ADDRINFO_socktype(const BIO_ADDRINFO *bai);
int BIO_ADDRINFO_protocol(const BIO_ADDRINFO *bai);
const BIO_ADDR *BIO_ADDRINFO_address(const BIO_ADDRINFO *bai);
void BIO_ADDRINFO_free(BIO_ADDRINFO *bai);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>The <b>BIO_ADDRINFO</b> type is a wrapper for address information types provided on your platform.</p>
<p><b>BIO_ADDRINFO</b> normally forms a chain of several that can be picked at one by one.</p>
<p>BIO_lookup_ex() looks up a specified <b>host</b> and <b>service</b>, and uses <b>lookup_type</b> to determine what the default address should be if <b>host</b> is <b>NULL</b>. <b>family</b>, <b>socktype</b> and <b>protocol</b> are used to determine what protocol family, socket type and protocol should be used for the lookup. <b>family</b> can be any of AF_INET, AF_INET6, AF_UNIX and AF_UNSPEC. <b>socktype</b> can be SOCK_STREAM, SOCK_DGRAM or 0. Specifying 0 indicates that any type can be used. <b>protocol</b> specifies a protocol such as IPPROTO_TCP, IPPROTO_UDP or IPPORTO_SCTP. If set to 0 than any protocol can be used. <b>res</b> points at a pointer to hold the start of a <b>BIO_ADDRINFO</b> chain.</p>
<p>For the family <b>AF_UNIX</b>, BIO_lookup_ex() will ignore the <b>service</b> parameter and expects the <b>host</b> parameter to hold the path to the socket file.</p>
<p>BIO_lookup() does the same as BIO_lookup_ex() but does not provide the ability to select based on the protocol (any protocol may be returned).</p>
<p>BIO_ADDRINFO_family() returns the family of the given <b>BIO_ADDRINFO</b>. The result will be one of the constants AF_INET, AF_INET6 and AF_UNIX.</p>
<p>BIO_ADDRINFO_socktype() returns the socket type of the given <b>BIO_ADDRINFO</b>. The result will be one of the constants SOCK_STREAM and SOCK_DGRAM.</p>
<p>BIO_ADDRINFO_protocol() returns the protocol id of the given <b>BIO_ADDRINFO</b>. The result will be one of the constants IPPROTO_TCP and IPPROTO_UDP.</p>
<p>BIO_ADDRINFO_address() returns the underlying <b>BIO_ADDR</b> of the given <b>BIO_ADDRINFO</b>.</p>
<p>BIO_ADDRINFO_next() returns the next <b>BIO_ADDRINFO</b> in the chain from the given one.</p>
<p>BIO_ADDRINFO_free() frees the chain of <b>BIO_ADDRINFO</b> starting with the given one. If the argument is NULL, nothing is done.</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>BIO_lookup_ex() and BIO_lookup() return 1 on success and 0 when an error occurred, and will leave an error indication on the OpenSSL error stack in that case.</p>
<p>All other functions described here return 0 or <b>NULL</b> when the information they should return isn&#39;t available.</p>
<h1 id="NOTES">NOTES</h1>
<p>The BIO_lookup_ex() implementation uses the platform provided getaddrinfo() function. On Linux it is known that specifying 0 for the protocol will not return any SCTP based addresses when calling getaddrinfo(). Therefore, if an SCTP address is required then the <b>protocol</b> parameter to BIO_lookup_ex() should be explicitly set to IPPROTO_SCTP. The same may be true on other platforms.</p>
<h1 id="HISTORY">HISTORY</h1>
<p>The BIO_lookup_ex() function was added in OpenSSL 1.1.1.</p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2016-2024 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

127
openssl-3.4.2/doc/html/man3/BIO_connect.html
View File

@@ -1,127 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>BIO_connect</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#FLAGS">FLAGS</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#HISTORY">HISTORY</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>BIO_socket, BIO_bind, BIO_connect, BIO_listen, BIO_accept_ex, BIO_closesocket - BIO socket communication setup routines</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/bio.h&gt;
int BIO_socket(int domain, int socktype, int protocol, int options);
int BIO_bind(int sock, const BIO_ADDR *addr, int options);
int BIO_connect(int sock, const BIO_ADDR *addr, int options);
int BIO_listen(int sock, const BIO_ADDR *addr, int options);
int BIO_accept_ex(int accept_sock, BIO_ADDR *peer, int options);
int BIO_closesocket(int sock);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>BIO_socket() creates a socket in the domain <b>domain</b>, of type <b>socktype</b> and <b>protocol</b>. Socket <b>options</b> are currently unused, but is present for future use.</p>
<p>BIO_bind() binds the source address and service to a socket and may be useful before calling BIO_connect(). The options may include <b>BIO_SOCK_REUSEADDR</b>, which is described in <a href="#FLAGS">&quot;FLAGS&quot;</a> below.</p>
<p>BIO_connect() connects <b>sock</b> to the address and service given by <b>addr</b>. Connection <b>options</b> may be zero or any combination of <b>BIO_SOCK_KEEPALIVE</b>, <b>BIO_SOCK_NONBLOCK</b> and <b>BIO_SOCK_NODELAY</b>. The flags are described in <a href="#FLAGS">&quot;FLAGS&quot;</a> below.</p>
<p>BIO_listen() has <b>sock</b> start listening on the address and service given by <b>addr</b>. Connection <b>options</b> may be zero or any combination of <b>BIO_SOCK_KEEPALIVE</b>, <b>BIO_SOCK_NONBLOCK</b>, <b>BIO_SOCK_NODELAY</b>, <b>BIO_SOCK_REUSEADDR</b> and <b>BIO_SOCK_V6_ONLY</b>. The flags are described in <a href="#FLAGS">&quot;FLAGS&quot;</a> below.</p>
<p>BIO_accept_ex() waits for an incoming connections on the given socket <b>accept_sock</b>. When it gets a connection, the address and port of the peer gets stored in <b>peer</b> if that one is non-NULL. Accept <b>options</b> may be zero or <b>BIO_SOCK_NONBLOCK</b>, and is applied on the accepted socket. The flags are described in <a href="#FLAGS">&quot;FLAGS&quot;</a> below.</p>
<p>BIO_closesocket() closes <b>sock</b>.</p>
<h1 id="FLAGS">FLAGS</h1>
<dl>
<dt id="BIO_SOCK_KEEPALIVE">BIO_SOCK_KEEPALIVE</dt>
<dd>
<p>Enables regular sending of keep-alive messages.</p>
</dd>
<dt id="BIO_SOCK_NONBLOCK">BIO_SOCK_NONBLOCK</dt>
<dd>
<p>Sets the socket to nonblocking mode.</p>
</dd>
<dt id="BIO_SOCK_NODELAY">BIO_SOCK_NODELAY</dt>
<dd>
<p>Corresponds to <b>TCP_NODELAY</b>, and disables the Nagle algorithm. With this set, any data will be sent as soon as possible instead of being buffered until there&#39;s enough for the socket to send out in one go.</p>
</dd>
<dt id="BIO_SOCK_REUSEADDR">BIO_SOCK_REUSEADDR</dt>
<dd>
<p>Try to reuse the address and port combination for a recently closed port.</p>
</dd>
<dt id="BIO_SOCK_V6_ONLY">BIO_SOCK_V6_ONLY</dt>
<dd>
<p>When creating an IPv6 socket, make it only listen for IPv6 addresses and not IPv4 addresses mapped to IPv6.</p>
</dd>
<dt id="BIO_SOCK_TFO">BIO_SOCK_TFO</dt>
<dd>
<p>Enables TCP Fast Open on the socket. Uses appropriate APIs on supported operating systems, including Linux, macOS and FreeBSD. Can be used with BIO_connect(), BIO_set_conn_mode(), BIO_set_bind_mode(), and BIO_listen(). On Linux kernels before 4.14, use BIO_set_conn_address() to specify the peer address before starting the TLS handshake.</p>
</dd>
</dl>
<p>These flags are bit flags, so they are to be combined with the <code>|</code> operator, for example:</p>
<pre><code>BIO_connect(sock, addr, BIO_SOCK_KEEPALIVE | BIO_SOCK_NONBLOCK);</code></pre>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>BIO_socket() returns the socket number on success or <b>INVALID_SOCKET</b> (-1) on error. When an error has occurred, the OpenSSL error stack will hold the error data and errno has the system error.</p>
<p>BIO_bind(), BIO_connect() and BIO_listen() return 1 on success or 0 on error. When an error has occurred, the OpenSSL error stack will hold the error data and errno has the system error.</p>
<p>BIO_accept_ex() returns the accepted socket on success or <b>INVALID_SOCKET</b> (-1) on error. When an error has occurred, the OpenSSL error stack will hold the error data and errno has the system error.</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/BIO_ADDR.html">BIO_ADDR(3)</a></p>
<h1 id="HISTORY">HISTORY</h1>
<p>BIO_gethostname(), BIO_get_port(), BIO_get_host_ip(), BIO_get_accept_socket() and BIO_accept() were deprecated in OpenSSL 1.1.0. Use the functions described above instead.</p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2016-2022 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

151
openssl-3.4.2/doc/html/man3/BIO_ctrl.html
View File

@@ -1,151 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>BIO_ctrl</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#BUGS">BUGS</a></li>
<li><a href="#HISTORY">HISTORY</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>BIO_ctrl, BIO_callback_ctrl, BIO_ptr_ctrl, BIO_int_ctrl, BIO_reset, BIO_seek, BIO_tell, BIO_flush, BIO_eof, BIO_set_close, BIO_get_close, BIO_pending, BIO_wpending, BIO_ctrl_pending, BIO_ctrl_wpending, BIO_get_info_callback, BIO_set_info_callback, BIO_info_cb, BIO_get_ktls_send, BIO_get_ktls_recv, BIO_set_conn_mode, BIO_get_conn_mode, BIO_set_tfo - BIO control operations</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/bio.h&gt;
typedef int BIO_info_cb(BIO *b, int state, int res);
long BIO_ctrl(BIO *bp, int cmd, long larg, void *parg);
long BIO_callback_ctrl(BIO *b, int cmd, BIO_info_cb *cb);
void *BIO_ptr_ctrl(BIO *bp, int cmd, long larg);
long BIO_int_ctrl(BIO *bp, int cmd, long larg, int iarg);
int BIO_reset(BIO *b);
int BIO_seek(BIO *b, int ofs);
int BIO_tell(BIO *b);
int BIO_flush(BIO *b);
int BIO_eof(BIO *b);
int BIO_set_close(BIO *b, long flag);
int BIO_get_close(BIO *b);
int BIO_pending(BIO *b);
int BIO_wpending(BIO *b);
size_t BIO_ctrl_pending(BIO *b);
size_t BIO_ctrl_wpending(BIO *b);
int BIO_get_info_callback(BIO *b, BIO_info_cb **cbp);
int BIO_set_info_callback(BIO *b, BIO_info_cb *cb);
int BIO_get_ktls_send(BIO *b);
int BIO_get_ktls_recv(BIO *b);
int BIO_set_conn_mode(BIO *b, int mode);
int BIO_get_conn_mode(BIO *b);
int BIO_set_tfo(BIO *b, int onoff);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>BIO_ctrl(), BIO_callback_ctrl(), BIO_ptr_ctrl() and BIO_int_ctrl() are BIO &quot;control&quot; operations taking arguments of various types. These functions are not normally called directly, various macros are used instead. The standard macros are described below, macros specific to a particular type of BIO are described in the specific BIOs manual page as well as any special features of the standard calls.</p>
<p>BIO_reset() typically resets a BIO to some initial state, in the case of file related BIOs for example it rewinds the file pointer to the start of the file.</p>
<p>BIO_seek() resets a file related BIO&#39;s (that is file descriptor and FILE BIOs) file position pointer to <b>ofs</b> bytes from start of file.</p>
<p>BIO_tell() returns the current file position of a file related BIO.</p>
<p>BIO_flush() normally writes out any internally buffered data, in some cases it is used to signal EOF and that no more data will be written.</p>
<p>BIO_eof() returns 1 if the BIO has read EOF, the precise meaning of &quot;EOF&quot; varies according to the BIO type.</p>
<p>BIO_set_close() sets the BIO <b>b</b> close flag to <b>flag</b>. <b>flag</b> can take the value BIO_CLOSE or BIO_NOCLOSE. Typically BIO_CLOSE is used in a source/sink BIO to indicate that the underlying I/O stream should be closed when the BIO is freed.</p>
<p>BIO_get_close() returns the BIOs close flag.</p>
<p>BIO_pending(), BIO_ctrl_pending(), BIO_wpending() and BIO_ctrl_wpending() return the number of pending characters in the BIOs read and write buffers. Not all BIOs support these calls. BIO_ctrl_pending() and BIO_ctrl_wpending() return a size_t type and are functions, BIO_pending() and BIO_wpending() are macros which call BIO_ctrl().</p>
<p>BIO_get_ktls_send() returns 1 if the BIO is using the Kernel TLS data-path for sending. Otherwise, it returns zero. BIO_get_ktls_recv() returns 1 if the BIO is using the Kernel TLS data-path for receiving. Otherwise, it returns zero.</p>
<p>BIO_get_conn_mode() returns the BIO connection mode. BIO_set_conn_mode() sets the BIO connection mode.</p>
<p>BIO_set_tfo() disables TCP Fast Open when <b>onoff</b> is 0, and enables TCP Fast Open when <b>onoff</b> is nonzero. Setting the value to 1 is equivalent to setting <b>BIO_SOCK_TFO</b> in BIO_set_conn_mode().</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>BIO_reset() normally returns 1 for success and &lt;=0 for failure. File BIOs are an exception, they return 0 for success and -1 for failure.</p>
<p>BIO_seek() and BIO_tell() both return the current file position on success and -1 for failure, except file BIOs which for BIO_seek() always return 0 for success and -1 for failure.</p>
<p>BIO_flush() returns 1 for success and &lt;=0 for failure.</p>
<p>BIO_eof() returns 1 if EOF has been reached, 0 if not, or negative values for failure.</p>
<p>BIO_set_close() returns 1 on success or &lt;=0 for failure.</p>
<p>BIO_get_close() returns the close flag value: BIO_CLOSE or BIO_NOCLOSE. It also returns other negative values if an error occurs.</p>
<p>BIO_pending(), BIO_ctrl_pending(), BIO_wpending() and BIO_ctrl_wpending() return the amount of pending data. BIO_pending() and BIO_wpending() return negative value or 0 on error. BIO_ctrl_pending() and BIO_ctrl_wpending() return 0 on error.</p>
<p>BIO_get_ktls_send() returns 1 if the BIO is using the Kernel TLS data-path for sending. Otherwise, it returns zero. BIO_get_ktls_recv() returns 1 if the BIO is using the Kernel TLS data-path for receiving. Otherwise, it returns zero.</p>
<p>BIO_set_conn_mode() returns 1 for success and 0 for failure. BIO_get_conn_mode() returns the current connection mode. Which may contain the bitwise-or of the following flags:</p>
<pre><code>BIO_SOCK_REUSEADDR
BIO_SOCK_V6_ONLY
BIO_SOCK_KEEPALIVE
BIO_SOCK_NONBLOCK
BIO_SOCK_NODELAY
BIO_SOCK_TFO</code></pre>
<p>BIO_set_tfo() returns 1 for success, and 0 for failure.</p>
<h1 id="NOTES">NOTES</h1>
<p>BIO_flush(), because it can write data may return 0 or -1 indicating that the call should be retried later in a similar manner to BIO_write_ex(). The BIO_should_retry() call should be used and appropriate action taken is the call fails.</p>
<p>The return values of BIO_pending() and BIO_wpending() may not reliably determine the amount of pending data in all cases. For example in the case of a file BIO some data may be available in the FILE structures internal buffers but it is not possible to determine this in a portably way. For other types of BIO they may not be supported.</p>
<p>Filter BIOs if they do not internally handle a particular BIO_ctrl() operation usually pass the operation to the next BIO in the chain. This often means there is no need to locate the required BIO for a particular operation, it can be called on a chain and it will be automatically passed to the relevant BIO. However, this can cause unexpected results: for example no current filter BIOs implement BIO_seek(), but this may still succeed if the chain ends in a FILE or file descriptor BIO.</p>
<p>Source/sink BIOs return an 0 if they do not recognize the BIO_ctrl() operation.</p>
<h1 id="BUGS">BUGS</h1>
<p>Some of the return values are ambiguous and care should be taken. In particular a return value of 0 can be returned if an operation is not supported, if an error occurred, if EOF has not been reached and in the case of BIO_seek() on a file BIO for a successful operation.</p>
<p>In older versions of OpenSSL the BIO_ctrl_pending() and BIO_ctrl_wpending() could return values greater than INT_MAX on error.</p>
<h1 id="HISTORY">HISTORY</h1>
<p>The BIO_get_ktls_send() and BIO_get_ktls_recv() macros were added in OpenSSL 3.0. They were modified to never return -1 in OpenSSL 3.0.4.</p>
<p>The BIO_get_conn_mode(), BIO_set_conn_mode() and BIO_set_tfo() functions were added in OpenSSL 3.2.</p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2000-2022 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

119
openssl-3.4.2/doc/html/man3/BIO_f_base64.html
View File

@@ -1,119 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>BIO_f_base64</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#EXAMPLES">EXAMPLES</a></li>
<li><a href="#BUGS">BUGS</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>BIO_f_base64 - base64 BIO filter</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/bio.h&gt;
#include &lt;openssl/evp.h&gt;
const BIO_METHOD *BIO_f_base64(void);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>BIO_f_base64() returns the base64 BIO method. This is a filter BIO that base64 encodes any data written through it and decodes any data read through it.</p>
<p>Base64 BIOs do not support BIO_gets() or BIO_puts().</p>
<p>For writing, by default output is divided to lines of length 64 characters and there is a newline at the end of output. This behavior can be changed with <b>BIO_FLAGS_BASE64_NO_NL</b> flag.</p>
<p>For reading, the first line of base64 content should be at most 1024 bytes long including newline unless the flag <b>BIO_FLAGS_BASE64_NO_NL</b> is set. Subsequent input lines can be of any length (i.e., newlines may appear anywhere in the input) and a newline at the end of input is not needed.</p>
<p>Also when reading, unless the flag <b>BIO_FLAGS_BASE64_NO_NL</b> is set, initial lines that contain non-base64 content (whitespace is tolerated and ignored) are skipped, as are lines longer than 1024 bytes. Decoding starts with the first line that is shorter than 1024 bytes (including the newline) and consists of only (at least one) valid base64 characters plus optional whitespace. Decoding stops when base64 padding is encountered, a soft end-of-input character (<b>-</b>, see <a href="../man3/EVP_DecodeUpdate.html">EVP_DecodeUpdate(3)</a>) occurs as the first byte after a complete group of 4 valid base64 characters is decoded, or when an error occurs (e.g. due to input characters other than valid base64 or whitespace).</p>
<p>If decoding stops as a result of an error, the first <a href="../man3/BIO_read.html">BIO_read(3)</a> that returns no decoded data will typically return a negative result, rather than 0 (which indicates normal end of input). However, a negative return value can also occur if the underlying BIO supports retries, see <a href="../man3/BIO_should_read.html">BIO_should_read(3)</a> and <a href="../man3/BIO_set_mem_eof_return.html">BIO_set_mem_eof_return(3)</a>.</p>
<p>BIO_flush() on a base64 BIO that is being written through is used to signal that no more data is to be encoded: this is used to flush the final block through the BIO.</p>
<p>The flag <b>BIO_FLAGS_BASE64_NO_NL</b> can be set with BIO_set_flags(). For writing, it causes all data to be written on one line without newline at the end. For reading, it removes all expectations on newlines in the input data.</p>
<h1 id="NOTES">NOTES</h1>
<p>Because of the format of base64 encoding the end of the encoded block cannot always be reliably determined.</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>BIO_f_base64() returns the base64 BIO method.</p>
<h1 id="EXAMPLES">EXAMPLES</h1>
<p>Base64 encode the string &quot;Hello World\n&quot; and write the result to standard output:</p>
<pre><code>BIO *bio, *b64;
char message[] = &quot;Hello World \n&quot;;
b64 = BIO_new(BIO_f_base64());
bio = BIO_new_fp(stdout, BIO_NOCLOSE);
BIO_push(b64, bio);
BIO_write(b64, message, strlen(message));
BIO_flush(b64);
BIO_free_all(b64);</code></pre>
<p>Read base64 encoded data from standard input and write the decoded data to standard output:</p>
<pre><code>BIO *bio, *b64, *bio_out;
char inbuf[512];
int inlen;
b64 = BIO_new(BIO_f_base64());
bio = BIO_new_fp(stdin, BIO_NOCLOSE);
bio_out = BIO_new_fp(stdout, BIO_NOCLOSE);
BIO_push(b64, bio);
while ((inlen = BIO_read(b64, inbuf, 512)) &gt; 0)
BIO_write(bio_out, inbuf, inlen);
BIO_flush(bio_out);
BIO_free_all(b64);</code></pre>
<h1 id="BUGS">BUGS</h1>
<p>The hyphen character (<b>-</b>) is treated as an ad hoc soft end-of-input character when it occurs at the start of a base64 group of 4 encoded characters.</p>
<p>This heuristic works to detect the ends of base64 blocks in PEM or multi-part MIME, provided there are no stray hyphens in the middle input. But it is just a heuristic, and sufficiently unusual input could produce unexpected results.</p>
<p>There should perhaps be some way of specifying a test that the BIO can perform to reliably determine EOF (for example a MIME boundary).</p>
<p>It may be possible for <a href="../man3/BIO_read.html">BIO_read(3)</a> to return zero, rather than -1, even if an error has been detected, more tests are needed to cover all the potential error paths.</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/BIO_read.html">BIO_read(3)</a>, <a href="../man3/BIO_should_read.html">BIO_should_read(3)</a>, <a href="../man3/BIO_set_mem_eof_return.html">BIO_set_mem_eof_return(3)</a>, <a href="../man3/EVP_DecodeUpdate.html">EVP_DecodeUpdate(3)</a>.</p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2000-2024 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

89
openssl-3.4.2/doc/html/man3/BIO_f_buffer.html
View File

@@ -1,89 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>BIO_f_buffer</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>BIO_get_buffer_num_lines, BIO_set_read_buffer_size, BIO_set_write_buffer_size, BIO_set_buffer_size, BIO_set_buffer_read_data, BIO_f_buffer - buffering BIO</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/bio.h&gt;
const BIO_METHOD *BIO_f_buffer(void);
long BIO_get_buffer_num_lines(BIO *b);
long BIO_set_read_buffer_size(BIO *b, long size);
long BIO_set_write_buffer_size(BIO *b, long size);
long BIO_set_buffer_size(BIO *b, long size);
long BIO_set_buffer_read_data(BIO *b, void *buf, long num);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>BIO_f_buffer() returns the buffering BIO method.</p>
<p>Data written to a buffering BIO is buffered and periodically written to the next BIO in the chain. Data read from a buffering BIO comes from an internal buffer which is filled from the next BIO in the chain. Both BIO_gets() and BIO_puts() are supported.</p>
<p>Calling BIO_reset() on a buffering BIO clears any buffered data.</p>
<p>BIO_get_buffer_num_lines() returns the number of lines currently buffered.</p>
<p>BIO_set_read_buffer_size(), BIO_set_write_buffer_size() and BIO_set_buffer_size() set the read, write or both read and write buffer sizes to <b>size</b>. The initial buffer size is DEFAULT_BUFFER_SIZE, currently 4096. Any attempt to reduce the buffer size below DEFAULT_BUFFER_SIZE is ignored. Any buffered data is cleared when the buffer is resized.</p>
<p>BIO_set_buffer_read_data() clears the read buffer and fills it with <b>num</b> bytes of <b>buf</b>. If <b>num</b> is larger than the current buffer size the buffer is expanded.</p>
<h1 id="NOTES">NOTES</h1>
<p>These functions, other than BIO_f_buffer(), are implemented as macros.</p>
<p>Buffering BIOs implement BIO_read_ex() and BIO_gets() by using BIO_read_ex() operations on the next BIO in the chain and storing the result in an internal buffer, from which bytes are given back to the caller as appropriate for the call; a BIO_gets() is guaranteed to give the caller a whole line, and BIO_read_ex() is guaranteed to give the caller the number of bytes it asks for, unless there&#39;s an error or end of communication is reached in the next BIO. By prepending a buffering BIO to a chain it is therefore possible to provide BIO_gets() or exact size BIO_read_ex() functionality if the following BIOs do not support it.</p>
<p>Do not add more than one BIO_f_buffer() to a BIO chain. The result of doing so will force a full read of the size of the internal buffer of the top BIO_f_buffer(), which is 4 KiB at a minimum.</p>
<p>Data is only written to the next BIO in the chain when the write buffer fills or when BIO_flush() is called. It is therefore important to call BIO_flush() whenever any pending data should be written such as when removing a buffering BIO using BIO_pop(). BIO_flush() may need to be retried if the ultimate source/sink BIO is non blocking.</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>BIO_f_buffer() returns the buffering BIO method.</p>
<p>BIO_get_buffer_num_lines() returns the number of lines buffered (may be 0) or a negative value in case of errors.</p>
<p>BIO_set_read_buffer_size(), BIO_set_write_buffer_size() and BIO_set_buffer_size() return 1 if the buffer was successfully resized or &lt;=0 for failure.</p>
<p>BIO_set_buffer_read_data() returns 1 if the data was set correctly or &lt;=0 if there was an error.</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man7/bio.html">bio(7)</a>, <a href="../man3/BIO_reset.html">BIO_reset(3)</a>, <a href="../man3/BIO_flush.html">BIO_flush(3)</a>, <a href="../man3/BIO_pop.html">BIO_pop(3)</a>, <a href="../man3/BIO_ctrl.html">BIO_ctrl(3)</a>.</p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

81
openssl-3.4.2/doc/html/man3/BIO_f_cipher.html
View File

@@ -1,81 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>BIO_f_cipher</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>BIO_f_cipher, BIO_set_cipher, BIO_get_cipher_status, BIO_get_cipher_ctx - cipher BIO filter</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/bio.h&gt;
#include &lt;openssl/evp.h&gt;
const BIO_METHOD *BIO_f_cipher(void);
int BIO_set_cipher(BIO *b, const EVP_CIPHER *cipher,
const unsigned char *key, const unsigned char *iv, int enc);
int BIO_get_cipher_status(BIO *b);
int BIO_get_cipher_ctx(BIO *b, EVP_CIPHER_CTX **pctx);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>BIO_f_cipher() returns the cipher BIO method. This is a filter BIO that encrypts any data written through it, and decrypts any data read from it. It is a BIO wrapper for the cipher routines EVP_CipherInit(), EVP_CipherUpdate() and EVP_CipherFinal().</p>
<p>Cipher BIOs do not support BIO_gets() or BIO_puts().</p>
<p>BIO_flush() on an encryption BIO that is being written through is used to signal that no more data is to be encrypted: this is used to flush and possibly pad the final block through the BIO.</p>
<p>BIO_set_cipher() sets the cipher of BIO <b>b</b> to <b>cipher</b> using key <b>key</b> and IV <b>iv</b>. <b>enc</b> should be set to 1 for encryption and zero for decryption.</p>
<p>When reading from an encryption BIO the final block is automatically decrypted and checked when EOF is detected. BIO_get_cipher_status() is a BIO_ctrl() macro which can be called to determine whether the decryption operation was successful.</p>
<p>BIO_get_cipher_ctx() is a BIO_ctrl() macro which retrieves the internal BIO cipher context. The retrieved context can be used in conjunction with the standard cipher routines to set it up. This is useful when BIO_set_cipher() is not flexible enough for the applications needs.</p>
<h1 id="NOTES">NOTES</h1>
<p>When encrypting BIO_flush() <b>must</b> be called to flush the final block through the BIO. If it is not then the final block will fail a subsequent decrypt.</p>
<p>When decrypting an error on the final block is signaled by a zero return value from the read operation. A successful decrypt followed by EOF will also return zero for the final read. BIO_get_cipher_status() should be called to determine if the decrypt was successful.</p>
<p>As always, if BIO_gets() or BIO_puts() support is needed then it can be achieved by preceding the cipher BIO with a buffering BIO.</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>BIO_f_cipher() returns the cipher BIO method.</p>
<p>BIO_set_cipher() returns 1 for success and 0 for failure.</p>
<p>BIO_get_cipher_status() returns 1 for a successful decrypt and &lt;=0 for failure.</p>
<p>BIO_get_cipher_ctx() returns 1 for success and &lt;=0 for failure.</p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

156
openssl-3.4.2/doc/html/man3/BIO_f_md.html
View File

@@ -1,156 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>BIO_f_md</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#EXAMPLES">EXAMPLES</a></li>
<li><a href="#BUGS">BUGS</a></li>
<li><a href="#HISTORY">HISTORY</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>BIO_f_md, BIO_set_md, BIO_get_md, BIO_get_md_ctx - message digest BIO filter</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/bio.h&gt;
#include &lt;openssl/evp.h&gt;
const BIO_METHOD *BIO_f_md(void);
int BIO_set_md(BIO *b, EVP_MD *md);
int BIO_get_md(BIO *b, EVP_MD **mdp);
int BIO_get_md_ctx(BIO *b, EVP_MD_CTX **mdcp);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>BIO_f_md() returns the message digest BIO method. This is a filter BIO that digests any data passed through it. It is a BIO wrapper for the digest routines EVP_DigestInit(), EVP_DigestUpdate() and EVP_DigestFinal().</p>
<p>Any data written or read through a digest BIO using BIO_read_ex() and BIO_write_ex() is digested.</p>
<p>BIO_gets(), if its <b>size</b> parameter is large enough finishes the digest calculation and returns the digest value. BIO_puts() is not supported.</p>
<p>BIO_reset() reinitialises a digest BIO.</p>
<p>BIO_set_md() sets the message digest of BIO <b>b</b> to <b>md</b>: this must be called to initialize a digest BIO before any data is passed through it. It is a BIO_ctrl() macro.</p>
<p>BIO_get_md() places a pointer to the digest BIOs digest method in <b>mdp</b>. It is a BIO_ctrl() macro.</p>
<p>BIO_get_md_ctx() returns the digest BIOs context into <b>mdcp</b>.</p>
<h1 id="NOTES">NOTES</h1>
<p>The context returned by BIO_get_md_ctx() can be used in calls to EVP_DigestFinal() and also the signature routines EVP_SignFinal() and EVP_VerifyFinal().</p>
<p>The context returned by BIO_get_md_ctx() is an internal context structure. Changes made to this context will affect the digest BIO itself and the context pointer will become invalid when the digest BIO is freed.</p>
<p>After the digest has been retrieved from a digest BIO it must be reinitialized by calling BIO_reset(), or BIO_set_md() before any more data is passed through it.</p>
<p>If an application needs to call BIO_gets() or BIO_puts() through a chain containing digest BIOs then this can be done by prepending a buffering BIO.</p>
<p>Calling BIO_get_md_ctx() will return the context and initialize the BIO state. This allows applications to initialize the context externally if the standard calls such as BIO_set_md() are not sufficiently flexible.</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>BIO_f_md() returns the digest BIO method.</p>
<p>BIO_set_md(), BIO_get_md() and BIO_md_ctx() return 1 for success and &lt;=0 for failure.</p>
<h1 id="EXAMPLES">EXAMPLES</h1>
<p>The following example creates a BIO chain containing an SHA1 and MD5 digest BIO and passes the string &quot;Hello World&quot; through it. Error checking has been omitted for clarity.</p>
<pre><code>BIO *bio, *mdtmp;
char message[] = &quot;Hello World&quot;;
bio = BIO_new(BIO_s_null());
mdtmp = BIO_new(BIO_f_md());
BIO_set_md(mdtmp, EVP_sha1());
/*
* For BIO_push() we want to append the sink BIO and keep a note of
* the start of the chain.
*/
bio = BIO_push(mdtmp, bio);
mdtmp = BIO_new(BIO_f_md());
BIO_set_md(mdtmp, EVP_md5());
bio = BIO_push(mdtmp, bio);
/* Note: mdtmp can now be discarded */
BIO_write(bio, message, strlen(message));</code></pre>
<p>The next example digests data by reading through a chain instead:</p>
<pre><code>BIO *bio, *mdtmp;
char buf[1024];
int rdlen;
bio = BIO_new_file(file, &quot;rb&quot;);
mdtmp = BIO_new(BIO_f_md());
BIO_set_md(mdtmp, EVP_sha1());
bio = BIO_push(mdtmp, bio);
mdtmp = BIO_new(BIO_f_md());
BIO_set_md(mdtmp, EVP_md5());
bio = BIO_push(mdtmp, bio);
do {
rdlen = BIO_read(bio, buf, sizeof(buf));
/* Might want to do something with the data here */
} while (rdlen &gt; 0);</code></pre>
<p>This next example retrieves the message digests from a BIO chain and outputs them. This could be used with the examples above.</p>
<pre><code>BIO *mdtmp;
unsigned char mdbuf[EVP_MAX_MD_SIZE];
int mdlen;
int i;
mdtmp = bio; /* Assume bio has previously been set up */
do {
EVP_MD *md;
mdtmp = BIO_find_type(mdtmp, BIO_TYPE_MD);
if (!mdtmp)
break;
BIO_get_md(mdtmp, &amp;md);
printf(&quot;%s digest&quot;, OBJ_nid2sn(EVP_MD_get_type(md)));
mdlen = BIO_gets(mdtmp, mdbuf, EVP_MAX_MD_SIZE);
for (i = 0; i &lt; mdlen; i++) printf(&quot;:%02X&quot;, mdbuf[i]);
printf(&quot;\n&quot;);
mdtmp = BIO_next(mdtmp);
} while (mdtmp);
BIO_free_all(bio);</code></pre>
<h1 id="BUGS">BUGS</h1>
<p>The lack of support for BIO_puts() and the non standard behaviour of BIO_gets() could be regarded as anomalous. It could be argued that BIO_gets() and BIO_puts() should be passed to the next BIO in the chain and digest the data passed through and that digests should be retrieved using a separate BIO_ctrl() call.</p>
<h1 id="HISTORY">HISTORY</h1>
<p>Before OpenSSL 1.0.0., the call to BIO_get_md_ctx() would only work if the BIO was initialized first.</p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

58
openssl-3.4.2/doc/html/man3/BIO_f_null.html
View File

@@ -1,58 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>BIO_f_null</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>BIO_f_null - null filter</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/bio.h&gt;
const BIO_METHOD *BIO_f_null(void);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>BIO_f_null() returns the null filter BIO method. This is a filter BIO that does nothing.</p>
<p>All requests to a null filter BIO are passed through to the next BIO in the chain: this means that a BIO chain containing a null filter BIO behaves just as though the BIO was not there.</p>
<h1 id="NOTES">NOTES</h1>
<p>As may be apparent a null filter BIO is not particularly useful.</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>BIO_f_null() returns the null filter BIO method.</p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

80
openssl-3.4.2/doc/html/man3/BIO_f_prefix.html
View File

@@ -1,80 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>BIO_f_prefix</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>BIO_f_prefix, BIO_set_prefix, BIO_set_indent, BIO_get_indent - prefix BIO filter</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/bio.h&gt;
const BIO_METHOD *BIO_f_prefix(void);
long BIO_set_prefix(BIO *b, const char *prefix);
long BIO_set_indent(BIO *b, long indent);
long BIO_get_indent(BIO *b);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>BIO_f_cipher() returns the prefix BIO method. This is a filter for text output, where each line gets automatically prefixed and indented according to user input.</p>
<p>The prefix and the indentation are combined. For each line of output going through this filter, the prefix is output first, then the amount of additional spaces indicated by the indentation, and then the line itself.</p>
<p>By default, there is no prefix, and indentation is set to 0.</p>
<p>BIO_set_prefix() sets the prefix to be used for future lines of text, using <i>prefix</i>. <i>prefix</i> may be NULL, signifying that there should be no prefix. If <i>prefix</i> isn&#39;t NULL, this function makes a copy of it.</p>
<p>BIO_set_indent() sets the indentation to be used for future lines of text, using <i>indent</i>. Negative values are not allowed.</p>
<p>BIO_get_indent() gets the current indentation.</p>
<h1 id="NOTES">NOTES</h1>
<p>BIO_set_prefix(), BIO_set_indent() and BIO_get_indent() are implemented as macros.</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>BIO_f_prefix() returns the prefix BIO method.</p>
<p>BIO_set_prefix() returns 1 if the prefix was correctly set, or &lt;=0 on failure.</p>
<p>BIO_set_indent() returns 1 if the prefix was correctly set, or &lt;=0 on failure.</p>
<p>BIO_get_indent() returns the current indentation, or a negative value for failure.</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man7/bio.html">bio(7)</a></p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

69
openssl-3.4.2/doc/html/man3/BIO_f_readbuffer.html
View File

@@ -1,69 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>BIO_f_readbuffer</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>BIO_f_readbuffer - read only buffering BIO that supports BIO_tell() and BIO_seek()</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/bio.h&gt;
const BIO_METHOD *BIO_f_readbuffer(void);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>BIO_f_readbuffer() returns the read buffering BIO method.</p>
<p>This BIO filter can be inserted on top of BIO&#39;s that do not support BIO_tell() or BIO_seek() (e.g. A file BIO that uses stdin).</p>
<p>Data read from a read buffering BIO comes from an internal buffer which is filled from the next BIO in the chain.</p>
<p>BIO_gets() is supported for read buffering BIOs. Writing data to a read buffering BIO is not supported.</p>
<p>Calling BIO_reset() on a read buffering BIO does not clear any buffered data.</p>
<h1 id="NOTES">NOTES</h1>
<p>Read buffering BIOs implement BIO_read_ex() by using BIO_read_ex() operations on the next BIO (e.g. a file BIO) in the chain and storing the result in an internal buffer, from which bytes are given back to the caller as appropriate for the call. BIO_read_ex() is guaranteed to give the caller the number of bytes it asks for, unless there&#39;s an error or end of communication is reached in the next BIO. The internal buffer can grow to cache the entire contents of the next BIO in the chain. BIO_seek() uses the internal buffer, so that it can only seek into data that is already read.</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>BIO_f_readbuffer() returns the read buffering BIO method.</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man7/bio.html">bio(7)</a>, <a href="../man3/BIO_read.html">BIO_read(3)</a>, <a href="../man3/BIO_gets.html">BIO_gets(3)</a>, <a href="../man3/BIO_reset.html">BIO_reset(3)</a>, <a href="../man3/BIO_ctrl.html">BIO_ctrl(3)</a>.</p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2021 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

258
openssl-3.4.2/doc/html/man3/BIO_f_ssl.html
View File

@@ -1,258 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>BIO_f_ssl</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#EXAMPLES">EXAMPLES</a></li>
<li><a href="#HISTORY">HISTORY</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>BIO_do_handshake, BIO_f_ssl, BIO_set_ssl, BIO_get_ssl, BIO_set_ssl_mode, BIO_set_ssl_renegotiate_bytes, BIO_get_num_renegotiates, BIO_set_ssl_renegotiate_timeout, BIO_new_ssl, BIO_new_ssl_connect, BIO_new_buffer_ssl_connect, BIO_ssl_copy_session_id, BIO_ssl_shutdown - SSL BIO</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/bio.h&gt;
#include &lt;openssl/ssl.h&gt;
const BIO_METHOD *BIO_f_ssl(void);
long BIO_set_ssl(BIO *b, SSL *ssl, long c);
long BIO_get_ssl(BIO *b, SSL **sslp);
long BIO_set_ssl_mode(BIO *b, long client);
long BIO_set_ssl_renegotiate_bytes(BIO *b, long num);
long BIO_set_ssl_renegotiate_timeout(BIO *b, long seconds);
long BIO_get_num_renegotiates(BIO *b);
BIO *BIO_new_ssl(SSL_CTX *ctx, int client);
BIO *BIO_new_ssl_connect(SSL_CTX *ctx);
BIO *BIO_new_buffer_ssl_connect(SSL_CTX *ctx);
int BIO_ssl_copy_session_id(BIO *to, BIO *from);
void BIO_ssl_shutdown(BIO *bio);
long BIO_do_handshake(BIO *b);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>BIO_f_ssl() returns the SSL BIO method. This is a filter BIO which is a wrapper round the OpenSSL SSL routines adding a BIO &quot;flavour&quot; to SSL I/O.</p>
<p>I/O performed on an SSL BIO communicates using the SSL protocol with the SSLs read and write BIOs. If an SSL connection is not established then an attempt is made to establish one on the first I/O call.</p>
<p>If a BIO is appended to an SSL BIO using BIO_push() it is automatically used as the SSL BIOs read and write BIOs.</p>
<p>Calling BIO_reset() on an SSL BIO closes down any current SSL connection by calling SSL_shutdown(). BIO_reset() is then sent to the next BIO in the chain: this will typically disconnect the underlying transport. The SSL BIO is then reset to the initial accept or connect state.</p>
<p>If the close flag is set when an SSL BIO is freed then the internal SSL structure is also freed using SSL_free().</p>
<p>BIO_set_ssl() sets the internal SSL pointer of SSL BIO <b>b</b> to <b>ssl</b> using the close flag <b>c</b>.</p>
<p>BIO_get_ssl() retrieves the SSL pointer of SSL BIO <b>b</b>, it can then be manipulated using the standard SSL library functions.</p>
<p>BIO_set_ssl_mode() sets the SSL BIO mode to <b>client</b>. If <b>client</b> is 1 client mode is set. If <b>client</b> is 0 server mode is set.</p>
<p>BIO_set_ssl_renegotiate_bytes() sets the renegotiate byte count of SSL BIO <b>b</b> to <b>num</b>. When set after every <b>num</b> bytes of I/O (read and write) the SSL session is automatically renegotiated. <b>num</b> must be at least 512 bytes.</p>
<p>BIO_set_ssl_renegotiate_timeout() sets the renegotiate timeout of SSL BIO <b>b</b> to <b>seconds</b>. When the renegotiate timeout elapses the session is automatically renegotiated.</p>
<p>BIO_get_num_renegotiates() returns the total number of session renegotiations due to I/O or timeout of SSL BIO <b>b</b>.</p>
<p>BIO_new_ssl() allocates an SSL BIO using SSL_CTX <b>ctx</b> and using client mode if <b>client</b> is non zero.</p>
<p>BIO_new_ssl_connect() creates a new BIO chain consisting of an SSL BIO (using <b>ctx</b>) followed by a connect BIO.</p>
<p>BIO_new_buffer_ssl_connect() creates a new BIO chain consisting of a buffering BIO, an SSL BIO (using <b>ctx</b>), and a connect BIO.</p>
<p>BIO_ssl_copy_session_id() copies an SSL session id between BIO chains <b>from</b> and <b>to</b>. It does this by locating the SSL BIOs in each chain and calling SSL_copy_session_id() on the internal SSL pointer.</p>
<p>BIO_ssl_shutdown() closes down an SSL connection on BIO chain <b>bio</b>. It does this by locating the SSL BIO in the chain and calling SSL_shutdown() on its internal SSL pointer.</p>
<p>BIO_do_handshake() attempts to complete an SSL handshake on the supplied BIO and establish the SSL connection. For non-SSL BIOs the connection is done typically at TCP level. If domain name resolution yields multiple IP addresses all of them are tried after connect() failures. The function returns 1 if the connection was established successfully. A zero or negative value is returned if the connection could not be established. The call BIO_should_retry() should be used for nonblocking connect BIOs to determine if the call should be retried. If a connection has already been established this call has no effect.</p>
<h1 id="NOTES">NOTES</h1>
<p>SSL BIOs are exceptional in that if the underlying transport is non blocking they can still request a retry in exceptional circumstances. Specifically this will happen if a session renegotiation takes place during a BIO_read_ex() operation, one case where this happens is when step up occurs.</p>
<p>The SSL flag SSL_AUTO_RETRY can be set to disable this behaviour. That is when this flag is set an SSL BIO using a blocking transport will never request a retry.</p>
<p>Since unknown BIO_ctrl() operations are sent through filter BIOs the servers name and port can be set using BIO_set_host() on the BIO returned by BIO_new_ssl_connect() without having to locate the connect BIO first.</p>
<p>Applications do not have to call BIO_do_handshake() but may wish to do so to separate the handshake process from other I/O processing.</p>
<p>BIO_set_ssl(), BIO_get_ssl(), BIO_set_ssl_mode(), BIO_set_ssl_renegotiate_bytes(), BIO_set_ssl_renegotiate_timeout(), BIO_get_num_renegotiates(), and BIO_do_handshake() are implemented as macros.</p>
<p>BIO_ssl_copy_session_id() is not currently supported on QUIC SSL objects and fails if called on such an object.</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>BIO_f_ssl() returns the SSL <b>BIO_METHOD</b> structure.</p>
<p>BIO_set_ssl(), BIO_get_ssl(), BIO_set_ssl_mode(), BIO_set_ssl_renegotiate_bytes(), BIO_set_ssl_renegotiate_timeout() and BIO_get_num_renegotiates() return 1 on success or a value which is less than or equal to 0 if an error occurred.</p>
<p>BIO_new_ssl(), BIO_new_ssl_connect() and BIO_new_buffer_ssl_connect() return a valid <b>BIO</b> structure on success or <b>NULL</b> if an error occurred.</p>
<p>BIO_ssl_copy_session_id() returns 1 on success or 0 on error, or if called on a QUIC SSL object.</p>
<p>BIO_do_handshake() returns 1 if the connection was established successfully. A zero or negative value is returned if the connection could not be established.</p>
<h1 id="EXAMPLES">EXAMPLES</h1>
<p>This SSL/TLS client example attempts to retrieve a page from an SSL/TLS web server. The I/O routines are identical to those of the unencrypted example in <a href="../man3/BIO_s_connect.html">BIO_s_connect(3)</a>.</p>
<pre><code>BIO *sbio, *out;
int len;
char tmpbuf[1024];
SSL_CTX *ctx;
SSL *ssl;
/* XXX Seed the PRNG if needed. */
ctx = SSL_CTX_new(TLS_client_method());
/* XXX Set verify paths and mode here. */
sbio = BIO_new_ssl_connect(ctx);
BIO_get_ssl(sbio, &amp;ssl);
if (ssl == NULL) {
fprintf(stderr, &quot;Can&#39;t locate SSL pointer\n&quot;);
ERR_print_errors_fp(stderr);
exit(1);
}
/* XXX We might want to do other things with ssl here */
/* An empty host part means the loopback address */
BIO_set_conn_hostname(sbio, &quot;:https&quot;);
out = BIO_new_fp(stdout, BIO_NOCLOSE);
if (BIO_do_connect(sbio) &lt;= 0) {
fprintf(stderr, &quot;Error connecting to server\n&quot;);
ERR_print_errors_fp(stderr);
exit(1);
}
/* XXX Could examine ssl here to get connection info */
BIO_puts(sbio, &quot;GET / HTTP/1.0\n\n&quot;);
for (;;) {
len = BIO_read(sbio, tmpbuf, 1024);
if (len &lt;= 0)
break;
BIO_write(out, tmpbuf, len);
}
BIO_free_all(sbio);
BIO_free(out);</code></pre>
<p>Here is a simple server example. It makes use of a buffering BIO to allow lines to be read from the SSL BIO using BIO_gets. It creates a pseudo web page containing the actual request from a client and also echoes the request to standard output.</p>
<pre><code>BIO *sbio, *bbio, *acpt, *out;
int len;
char tmpbuf[1024];
SSL_CTX *ctx;
SSL *ssl;
/* XXX Seed the PRNG if needed. */
ctx = SSL_CTX_new(TLS_server_method());
if (!SSL_CTX_use_certificate_file(ctx, &quot;server.pem&quot;, SSL_FILETYPE_PEM)
|| !SSL_CTX_use_PrivateKey_file(ctx, &quot;server.pem&quot;, SSL_FILETYPE_PEM)
|| !SSL_CTX_check_private_key(ctx)) {
fprintf(stderr, &quot;Error setting up SSL_CTX\n&quot;);
ERR_print_errors_fp(stderr);
exit(1);
}
/* XXX Other things like set verify locations, EDH temp callbacks. */
/* New SSL BIO setup as server */
sbio = BIO_new_ssl(ctx, 0);
BIO_get_ssl(sbio, &amp;ssl);
if (ssl == NULL) {
fprintf(stderr, &quot;Can&#39;t locate SSL pointer\n&quot;);
ERR_print_errors_fp(stderr);
exit(1);
}
bbio = BIO_new(BIO_f_buffer());
sbio = BIO_push(bbio, sbio);
acpt = BIO_new_accept(&quot;4433&quot;);
/*
* By doing this when a new connection is established
* we automatically have sbio inserted into it. The
* BIO chain is now &#39;swallowed&#39; by the accept BIO and
* will be freed when the accept BIO is freed.
*/
BIO_set_accept_bios(acpt, sbio);
out = BIO_new_fp(stdout, BIO_NOCLOSE);
/* First call to BIO_do_accept() sets up accept BIO */
if (BIO_do_accept(acpt) &lt;= 0) {
fprintf(stderr, &quot;Error setting up accept BIO\n&quot;);
ERR_print_errors_fp(stderr);
exit(1);
}</code></pre>
<p>/* Second call to BIO_do_accept() waits for incoming connection */ if (BIO_do_accept(acpt) &lt;= 0) { fprintf(stderr, &quot;Error accepting connection\n&quot;); ERR_print_errors_fp(stderr); exit(1); }</p>
<pre><code>/* We only want one connection so remove and free accept BIO */
sbio = BIO_pop(acpt);
BIO_free_all(acpt);
if (BIO_do_handshake(sbio) &lt;= 0) {
fprintf(stderr, &quot;Error in SSL handshake\n&quot;);
ERR_print_errors_fp(stderr);
exit(1);
}
BIO_puts(sbio, &quot;HTTP/1.0 200 OK\r\nContent-type: text/plain\r\n\r\n&quot;);
BIO_puts(sbio, &quot;\r\nConnection Established\r\nRequest headers:\r\n&quot;);
BIO_puts(sbio, &quot;--------------------------------------------------\r\n&quot;);
for (;;) {
len = BIO_gets(sbio, tmpbuf, 1024);
if (len &lt;= 0)
break;
BIO_write(sbio, tmpbuf, len);
BIO_write(out, tmpbuf, len);
/* Look for blank line signifying end of headers*/
if (tmpbuf[0] == &#39;\r&#39; || tmpbuf[0] == &#39;\n&#39;)
break;
}
BIO_puts(sbio, &quot;--------------------------------------------------\r\n&quot;);
BIO_puts(sbio, &quot;\r\n&quot;);
BIO_flush(sbio);
BIO_free_all(sbio);</code></pre>
<h1 id="HISTORY">HISTORY</h1>
<p>In OpenSSL before 1.0.0 the BIO_pop() call was handled incorrectly, the I/O BIO reference count was incorrectly incremented (instead of decremented) and dissociated with the SSL BIO even if the SSL BIO was not explicitly being popped (e.g. a pop higher up the chain). Applications which included workarounds for this bug (e.g. freeing BIOs more than once) should be modified to handle this fix or they may free up an already freed BIO.</p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2000-2023 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

83
openssl-3.4.2/doc/html/man3/BIO_find_type.html
View File

@@ -1,83 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>BIO_find_type</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#EXAMPLES">EXAMPLES</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>BIO_find_type, BIO_next, BIO_method_type - BIO chain traversal</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/bio.h&gt;
BIO *BIO_find_type(BIO *b, int bio_type);
BIO *BIO_next(BIO *b);
int BIO_method_type(const BIO *b);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>The BIO_find_type() searches for a <b>BIO</b> of a given type in a chain, starting at <b>BIO</b> <i>b</i>. If <i>type</i> is a specific type (such as <b>BIO_TYPE_MEM</b>) then a search is made for a <b>BIO</b> of that type. If <i>type</i> is a general type (such as <b>BIO_TYPE_SOURCE_SINK</b>) then the next matching <b>BIO</b> of the given general type is searched for. BIO_find_type() returns the next matching <b>BIO</b> or NULL if none is found. If <i>type</i> is <b>BIO_TYPE_NONE</b> it will not find a match.</p>
<p>The following general types are defined: <b>BIO_TYPE_DESCRIPTOR</b>, <b>BIO_TYPE_FILTER</b>, and <b>BIO_TYPE_SOURCE_SINK</b>.</p>
<p>For a list of the specific types, see the <i>&lt;openssl/bio.h&gt;</i> header file.</p>
<p>BIO_next() returns the next BIO in a chain. It can be used to traverse all BIOs in a chain or used in conjunction with BIO_find_type() to find all BIOs of a certain type.</p>
<p>BIO_method_type() returns the type of a BIO.</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>BIO_find_type() returns a matching BIO or NULL for no match.</p>
<p>BIO_next() returns the next BIO in a chain.</p>
<p>BIO_method_type() returns the type of the BIO <i>b</i>.</p>
<h1 id="EXAMPLES">EXAMPLES</h1>
<p>Traverse a chain looking for digest BIOs:</p>
<pre><code>BIO *btmp;
btmp = in_bio; /* in_bio is chain to search through */
do {
btmp = BIO_find_type(btmp, BIO_TYPE_MD);
if (btmp == NULL)
break; /* Not found */
/* btmp is a digest BIO, do something with it ...*/
...
btmp = BIO_next(btmp);
} while (btmp);</code></pre>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2000-2024 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

76
openssl-3.4.2/doc/html/man3/BIO_get_data.html
View File

@@ -1,76 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>BIO_get_data</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#HISTORY">HISTORY</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>BIO_set_data, BIO_get_data, BIO_set_init, BIO_get_init, BIO_set_shutdown, BIO_get_shutdown - functions for managing BIO state information</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/bio.h&gt;
void BIO_set_data(BIO *a, void *ptr);
void *BIO_get_data(BIO *a);
void BIO_set_init(BIO *a, int init);
int BIO_get_init(BIO *a);
void BIO_set_shutdown(BIO *a, int shut);
int BIO_get_shutdown(BIO *a);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>These functions are mainly useful when implementing a custom BIO.</p>
<p>The BIO_set_data() function associates the custom data pointed to by <b>ptr</b> with the BIO. This data can subsequently be retrieved via a call to BIO_get_data(). This can be used by custom BIOs for storing implementation specific information.</p>
<p>The BIO_set_init() function sets the value of the BIO&#39;s &quot;init&quot; flag to indicate whether initialisation has been completed for this BIO or not. A nonzero value indicates that initialisation is complete, whilst zero indicates that it is not. Often initialisation will complete during initial construction of the BIO. For some BIOs however, initialisation may not complete until after additional steps have occurred (for example through calling custom ctrls). The BIO_get_init() function returns the value of the &quot;init&quot; flag.</p>
<p>The BIO_set_shutdown() and BIO_get_shutdown() functions set and get the state of this BIO&#39;s shutdown (i.e. BIO_CLOSE) flag. If set then the underlying resource is also closed when the BIO is freed.</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>BIO_get_data() returns a pointer to the implementation specific custom data associated with this BIO, or NULL if none has been set.</p>
<p>BIO_get_init() returns the state of the BIO&#39;s init flag.</p>
<p>BIO_get_shutdown() returns the stat of the BIO&#39;s shutdown (i.e. BIO_CLOSE) flag.</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man7/bio.html">bio(7)</a>, <a href="../man3/BIO_meth_new.html">BIO_meth_new(3)</a></p>
<h1 id="HISTORY">HISTORY</h1>
<p>The functions described here were added in OpenSSL 1.1.0.</p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

114
openssl-3.4.2/doc/html/man3/BIO_get_ex_new_index.html
View File

@@ -1,114 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>BIO_get_ex_new_index</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#HISTORY">HISTORY</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>BIO_get_ex_new_index, BIO_set_ex_data, BIO_get_ex_data, BIO_set_app_data, BIO_get_app_data, DH_get_ex_new_index, DH_set_ex_data, DH_get_ex_data, DSA_get_ex_new_index, DSA_set_ex_data, DSA_get_ex_data, EC_KEY_get_ex_new_index, EC_KEY_set_ex_data, EC_KEY_get_ex_data, ENGINE_get_ex_new_index, ENGINE_set_ex_data, ENGINE_get_ex_data, EVP_PKEY_get_ex_new_index, EVP_PKEY_set_ex_data, EVP_PKEY_get_ex_data, RSA_get_ex_new_index, RSA_set_ex_data, RSA_get_ex_data, RSA_set_app_data, RSA_get_app_data, SSL_get_ex_new_index, SSL_set_ex_data, SSL_get_ex_data, SSL_set_app_data, SSL_get_app_data, SSL_CTX_get_ex_new_index, SSL_CTX_set_ex_data, SSL_CTX_get_ex_data, SSL_CTX_set_app_data, SSL_CTX_get_app_data, SSL_SESSION_get_ex_new_index, SSL_SESSION_set_ex_data, SSL_SESSION_get_ex_data, SSL_SESSION_set_app_data, SSL_SESSION_get_app_data, UI_get_ex_new_index, UI_set_ex_data, UI_get_ex_data, UI_set_app_data, UI_get_app_data, X509_STORE_CTX_get_ex_new_index, X509_STORE_CTX_set_ex_data, X509_STORE_CTX_get_ex_data, X509_STORE_CTX_set_app_data, X509_STORE_CTX_get_app_data, X509_STORE_get_ex_new_index, X509_STORE_set_ex_data, X509_STORE_get_ex_data, X509_get_ex_new_index, X509_set_ex_data, X509_get_ex_data - application-specific data</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/x509.h&gt;
int TYPE_get_ex_new_index(long argl, void *argp,
CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func,
CRYPTO_EX_free *free_func);
int TYPE_set_ex_data(TYPE *d, int idx, void *arg);
void *TYPE_get_ex_data(const TYPE *d, int idx);
#define TYPE_set_app_data(TYPE *d, void *arg)
#define TYPE_get_app_data(TYPE *d)</code></pre>
<p>The following functions have been deprecated since OpenSSL 3.0, and can be hidden entirely by defining <b>OPENSSL_API_COMPAT</b> with a suitable version value, see <a href="../man7/openssl_user_macros.html">openssl_user_macros(7)</a>:</p>
<pre><code>int DH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
int DH_set_ex_data(DH *type, int idx, void *arg);
void *DH_get_ex_data(DH *type, int idx);
int DSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
int DSA_set_ex_data(DSA *type, int idx, void *arg);
void *DSA_get_ex_data(DSA *type, int idx);
int EC_KEY_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
int EC_KEY_set_ex_data(EC_KEY *type, int idx, void *arg);
void *EC_KEY_get_ex_data(EC_KEY *type, int idx);
int RSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
int RSA_set_ex_data(RSA *type, int idx, void *arg);
void *RSA_get_ex_data(RSA *type, int idx);
int RSA_set_app_data(RSA *type, void *arg);
void *RSA_get_app_data(RSA *type);
int ENGINE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
int ENGINE_set_ex_data(ENGINE *type, int idx, void *arg);
void *ENGINE_get_ex_data(ENGINE *type, int idx);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes listed in <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>.</p>
<p>All functions with a <i>TYPE</i> of <b>DH</b>, <b>DSA</b>, <b>RSA</b> and <b>EC_KEY</b> are deprecated. Applications should instead use EVP_PKEY_set_ex_data(), EVP_PKEY_get_ex_data() and EVP_PKEY_get_ex_new_index().</p>
<p>All functions with a <i>TYPE</i> of <b>ENGINE</b> are deprecated. Applications using engines should be replaced by providers.</p>
<p>These functions handle application-specific data for OpenSSL data structures.</p>
<p>TYPE_get_ex_new_index() is a macro that calls CRYPTO_get_ex_new_index() with the correct <b>index</b> value.</p>
<p>TYPE_set_ex_data() is a function that calls CRYPTO_set_ex_data() with an offset into the opaque exdata part of the TYPE object.</p>
<p>TYPE_get_ex_data() is a function that calls CRYPTO_get_ex_data() with an offset into the opaque exdata part of the TYPE object.</p>
<p>For compatibility with previous releases, the exdata index of zero is reserved for &quot;application data.&quot; There are two convenience functions for this. TYPE_set_app_data() is a macro that invokes TYPE_set_ex_data() with <b>idx</b> set to zero. TYPE_get_app_data() is a macro that invokes TYPE_get_ex_data() with <b>idx</b> set to zero.</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>TYPE_get_ex_new_index() returns a new index on success or -1 on error.</p>
<p>TYPE_set_ex_data() returns 1 on success or 0 on error.</p>
<p>TYPE_get_ex_data() returns the application data or NULL if an error occurred.</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>.</p>
<h1 id="HISTORY">HISTORY</h1>
<p>The functions DH_get_ex_new_index(), DH_set_ex_data(), DH_get_ex_data(), DSA_get_ex_new_index(), DSA_set_ex_data(), DSA_get_ex_data(), EC_KEY_get_ex_new_index(), EC_KEY_set_ex_data(), EC_KEY_get_ex_data(), ENGINE_get_ex_new_index(), ENGINE_set_ex_data(), ENGINE_get_ex_data(), RSA_get_ex_new_index(), RSA_set_ex_data(), RSA_get_ex_data(), RSA_set_app_data() and RSA_get_app_data() were deprecated in OpenSSL 3.0.</p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2015-2021 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

111
openssl-3.4.2/doc/html/man3/BIO_get_rpoll_descriptor.html
View File

@@ -1,111 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>BIO_get_rpoll_descriptor</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#HISTORY">HISTORY</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>BIO_get_rpoll_descriptor, BIO_get_wpoll_descriptor - obtain a structure which can be used to determine when a BIO object can next be read or written</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/bio.h&gt;
typedef struct bio_poll_descriptor_st {
uint32_t type;
union {
int fd;
void *custom;
uintptr_t custom_ui;
} value;
} BIO_POLL_DESCRIPTOR;
int BIO_get_rpoll_descriptor(BIO *b, BIO_POLL_DESCRIPTOR *desc);
int BIO_get_wpoll_descriptor(BIO *b, BIO_POLL_DESCRIPTOR *desc);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>BIO_get_rpoll_descriptor() and BIO_get_wpoll_descriptor(), on success, fill <i>*desc</i> with a poll descriptor. A poll descriptor is a tagged union structure which represents some kind of OS or non-OS resource which can be used to synchronise on I/O availability events.</p>
<p>BIO_get_rpoll_descriptor() outputs a descriptor which can be used to determine when the BIO can (potentially) next be read, and BIO_get_wpoll_descriptor() outputs a descriptor which can be used to determine when the BIO can (potentially) next be written.</p>
<p>It is permissible for BIO_get_rpoll_descriptor() and BIO_get_wpoll_descriptor() to output the same descriptor.</p>
<p>Poll descriptors can represent different kinds of information. A typical kind of resource which might be represented by a poll descriptor is an OS file descriptor which can be used with APIs such as select().</p>
<p>The kinds of poll descriptor defined by OpenSSL are:</p>
<dl>
<dt id="BIO_POLL_DESCRIPTOR_TYPE_NONE">BIO_POLL_DESCRIPTOR_TYPE_NONE</dt>
<dd>
<p>Represents the absence of a valid poll descriptor. It may be used by BIO_get_rpoll_descriptor() or BIO_get_wpoll_descriptor() to indicate that the BIO is not pollable for readability or writeability respectively.</p>
<p>For this type, no field within the <i>value</i> field of the <b>BIO_POLL_DESCRIPTOR</b> is valid.</p>
</dd>
<dt id="BIO_POLL_DESCRIPTOR_TYPE_SOCK_FD">BIO_POLL_DESCRIPTOR_TYPE_SOCK_FD</dt>
<dd>
<p>The poll descriptor represents an OS socket resource. The field <i>value.fd</i> in the <b>BIO_POLL_DESCRIPTOR</b> is valid if it is not set to -1.</p>
<p>The resource is whatever kind of handle is used by a given OS to represent sockets, which may vary by OS. For example, on Windows, the value is a <b>SOCKET</b> for use with the Winsock API. On POSIX-like platforms, it is a file descriptor.</p>
<p>Where a poll descriptor of this type is output by BIO_get_rpoll_descriptor(), it should be polled for readability to determine when the BIO might next be able to successfully complete a BIO_read() operation; likewise, where a poll descriptor of this type is output by BIO_get_wpoll_descriptor(), it should be polled for writeability to determine when the BIO might next be able to successfully complete a BIO_write() operation.</p>
</dd>
<dt id="BIO_POLL_DESCRIPTOR_CUSTOM_START">BIO_POLL_DESCRIPTOR_CUSTOM_START</dt>
<dd>
<p>Type values beginning with this value (inclusive) are reserved for application allocation for custom poll descriptor types. Any of the definitions in the union field <i>value</i> can be used by the application arbitrarily as opaque values.</p>
</dd>
</dl>
<p>Because poll descriptors are a tagged union structure, they can represent different kinds of information. New types of poll descriptor may be defined, including by applications, according to their needs.</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>The functions BIO_get_rpoll_descriptor() and BIO_get_wpoll_descriptor() return 1 on success and 0 on failure.</p>
<p>These functions are permitted to succeed and initialise <i>*desc</i> with a poll descriptor of type <b>BIO_POLL_DESCRIPTOR_TYPE_NONE</b> to indicate that the BIO is not pollable for readability or writeability respectively.</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/SSL_handle_events.html">SSL_handle_events(3)</a>, <a href="../man3/SSL_get_event_timeout.html">SSL_get_event_timeout(3)</a>, <a href="../man3/SSL_get_rpoll_descriptor.html">SSL_get_rpoll_descriptor(3)</a>, <a href="../man3/SSL_get_wpoll_descriptor.html">SSL_get_wpoll_descriptor(3)</a>, <a href="../man7/bio.html">bio(7)</a></p>
<h1 id="HISTORY">HISTORY</h1>
<p>The SSL_get_rpoll_descriptor() and SSL_get_wpoll_descriptor() functions were added in OpenSSL 3.2.</p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2022-2023 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

150
openssl-3.4.2/doc/html/man3/BIO_meth_new.html
View File

@@ -1,150 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>BIO_meth_new</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#HISTORY">HISTORY</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>BIO_get_new_index, BIO_meth_new, BIO_meth_free, BIO_meth_get_read_ex, BIO_meth_set_read_ex, BIO_meth_get_write_ex, BIO_meth_set_write_ex, BIO_meth_get_write, BIO_meth_set_write, BIO_meth_get_read, BIO_meth_set_read, BIO_meth_get_puts, BIO_meth_set_puts, BIO_meth_get_gets, BIO_meth_set_gets, BIO_meth_get_ctrl, BIO_meth_set_ctrl, BIO_meth_get_create, BIO_meth_set_create, BIO_meth_get_destroy, BIO_meth_set_destroy, BIO_meth_get_callback_ctrl, BIO_meth_set_callback_ctrl, BIO_meth_set_sendmmsg, BIO_meth_get_sendmmsg, BIO_meth_set_recvmmsg, BIO_meth_get_recvmmsg - Routines to build up BIO methods</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/bio.h&gt;
int BIO_get_new_index(void);
BIO_METHOD *BIO_meth_new(int type, const char *name);
void BIO_meth_free(BIO_METHOD *biom);
int (*BIO_meth_get_write_ex(const BIO_METHOD *biom))(BIO *, const char *, size_t,
size_t *);
int (*BIO_meth_get_write(const BIO_METHOD *biom))(BIO *, const char *, int);
int BIO_meth_set_write_ex(BIO_METHOD *biom,
int (*bwrite)(BIO *, const char *, size_t, size_t *));
int BIO_meth_set_write(BIO_METHOD *biom,
int (*write)(BIO *, const char *, int));
int (*BIO_meth_get_read_ex(const BIO_METHOD *biom))(BIO *, char *, size_t, size_t *);
int (*BIO_meth_get_read(const BIO_METHOD *biom))(BIO *, char *, int);
int BIO_meth_set_read_ex(BIO_METHOD *biom,
int (*bread)(BIO *, char *, size_t, size_t *));
int BIO_meth_set_read(BIO_METHOD *biom, int (*read)(BIO *, char *, int));
int (*BIO_meth_get_puts(const BIO_METHOD *biom))(BIO *, const char *);
int BIO_meth_set_puts(BIO_METHOD *biom, int (*puts)(BIO *, const char *));
int (*BIO_meth_get_gets(const BIO_METHOD *biom))(BIO *, char *, int);
int BIO_meth_set_gets(BIO_METHOD *biom,
int (*gets)(BIO *, char *, int));
long (*BIO_meth_get_ctrl(const BIO_METHOD *biom))(BIO *, int, long, void *);
int BIO_meth_set_ctrl(BIO_METHOD *biom,
long (*ctrl)(BIO *, int, long, void *));
int (*BIO_meth_get_create(const BIO_METHOD *bion))(BIO *);
int BIO_meth_set_create(BIO_METHOD *biom, int (*create)(BIO *));
int (*BIO_meth_get_destroy(const BIO_METHOD *biom))(BIO *);
int BIO_meth_set_destroy(BIO_METHOD *biom, int (*destroy)(BIO *));
long (*BIO_meth_get_callback_ctrl(const BIO_METHOD *biom))(BIO *, int, BIO_info_cb *);
int BIO_meth_set_callback_ctrl(BIO_METHOD *biom,
long (*callback_ctrl)(BIO *, int, BIO_info_cb *));
ossl_ssize_t (*BIO_meth_get_sendmmsg(const BIO_METHOD *biom))(BIO *,
BIO_MSG *,
size_t,
size_t,
uint64_t);
int BIO_meth_set_sendmmsg(BIO_METHOD *biom,
ossl_ssize_t (*f) (BIO *, BIO_MSG *, size_t,
size_t, uint64_t));
ossl_ssize_t (*BIO_meth_get_recvmmsg(const BIO_METHOD *biom))(BIO *,
BIO_MSG *,
size_t,
size_t,
uint64_t);
int BIO_meth_set_recvmmsg(BIO_METHOD *biom,
ossl_ssize_t (*f) (BIO *, BIO_MSG *, size_t,
size_t, uint64_t));</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>The <b>BIO_METHOD</b> type is a structure used for the implementation of new BIO types. It provides a set of functions used by OpenSSL for the implementation of the various BIO capabilities. See the <a href="../man7/bio.html">bio(7)</a> page for more information.</p>
<p>BIO_meth_new() creates a new <b>BIO_METHOD</b> structure that contains a type identifier <i>type</i> and a string that represents its <b>name</b>. <b>type</b> can be set to either <b>BIO_TYPE_NONE</b> or via BIO_get_new_index() if a unique type is required for searching (See <a href="../man3/BIO_find_type.html">BIO_find_type(3)</a>)</p>
<p>Note that BIO_get_new_index() can only be used 127 times before it returns an error.</p>
<p>The set of standard OpenSSL provided BIO types is provided in <i>&lt;openssl/bio.h&gt;</i>. Some examples include <b>BIO_TYPE_BUFFER</b> and <b>BIO_TYPE_CIPHER</b>. Filter BIOs should have a type which have the &quot;filter&quot; bit set (<b>BIO_TYPE_FILTER</b>). Source/sink BIOs should have the &quot;source/sink&quot; bit set (<b>BIO_TYPE_SOURCE_SINK</b>). File descriptor based BIOs (e.g. socket, fd, connect, accept etc) should additionally have the &quot;descriptor&quot; bit set (<b>BIO_TYPE_DESCRIPTOR</b>). See the <a href="../man3/BIO_find_type.html">BIO_find_type(3)</a> page for more information.</p>
<p>BIO_meth_free() destroys a <b>BIO_METHOD</b> structure and frees up any memory associated with it. If the argument is NULL, nothing is done.</p>
<p>BIO_meth_get_write_ex() and BIO_meth_set_write_ex() get and set the function used for writing arbitrary length data to the BIO respectively. This function will be called in response to the application calling BIO_write_ex() or BIO_write(). The parameters for the function have the same meaning as for BIO_write_ex(). Older code may call BIO_meth_get_write() and BIO_meth_set_write() instead. Applications should not call both BIO_meth_set_write_ex() and BIO_meth_set_write() or call BIO_meth_get_write() when the function was set with BIO_meth_set_write_ex().</p>
<p>BIO_meth_get_read_ex() and BIO_meth_set_read_ex() get and set the function used for reading arbitrary length data from the BIO respectively. This function will be called in response to the application calling BIO_read_ex() or BIO_read(). The parameters for the function have the same meaning as for BIO_read_ex(). Older code may call BIO_meth_get_read() and BIO_meth_set_read() instead. Applications should not call both BIO_meth_set_read_ex() and BIO_meth_set_read() or call BIO_meth_get_read() when the function was set with BIO_meth_set_read_ex().</p>
<p>BIO_meth_get_puts() and BIO_meth_set_puts() get and set the function used for writing a NULL terminated string to the BIO respectively. This function will be called in response to the application calling BIO_puts(). The parameters for the function have the same meaning as for BIO_puts().</p>
<p>BIO_meth_get_gets() and BIO_meth_set_gets() get and set the function typically used for reading a line of data from the BIO respectively (see the <a href="../man3/BIO_gets.html">BIO_gets(3)</a> page for more information). This function will be called in response to the application calling BIO_gets(). The parameters for the function have the same meaning as for BIO_gets().</p>
<p>BIO_meth_get_ctrl() and BIO_meth_set_ctrl() get and set the function used for processing ctrl messages in the BIO respectively. See the <a href="../man3/BIO_ctrl.html">BIO_ctrl(3)</a> page for more information. This function will be called in response to the application calling BIO_ctrl(). The parameters for the function have the same meaning as for BIO_ctrl().</p>
<p>BIO_meth_get_create() and BIO_meth_set_create() get and set the function used for creating a new instance of the BIO respectively. This function will be called in response to the application calling BIO_new() and passing in a pointer to the current BIO_METHOD. The BIO_new() function will allocate the memory for the new BIO, and a pointer to this newly allocated structure will be passed as a parameter to the function. If a create function is set, BIO_new() will not mark the BIO as initialised on allocation. <a href="../man3/BIO_set_init.html">BIO_set_init(3)</a> must then be called either by the create function, or later, by a BIO ctrl function, once BIO initialisation is complete.</p>
<p>BIO_meth_get_destroy() and BIO_meth_set_destroy() get and set the function used for destroying an instance of a BIO respectively. This function will be called in response to the application calling BIO_free(). A pointer to the BIO to be destroyed is passed as a parameter. The destroy function should be used for BIO specific clean up. The memory for the BIO itself should not be freed by this function.</p>
<p>BIO_meth_get_callback_ctrl() and BIO_meth_set_callback_ctrl() get and set the function used for processing callback ctrl messages in the BIO respectively. See the <a href="../man3/BIO_callback_ctrl.html">BIO_callback_ctrl(3)</a> page for more information. This function will be called in response to the application calling BIO_callback_ctrl(). The parameters for the function have the same meaning as for BIO_callback_ctrl().</p>
<p>BIO_meth_get_sendmmsg(), BIO_meth_set_sendmmsg(), BIO_meth_get_recvmmsg() and BIO_meth_set_recvmmsg() get and set the functions used for handling BIO_sendmmsg() and BIO_recvmmsg() calls respectively. See <a href="../man3/BIO_sendmmsg.html">BIO_sendmmsg(3)</a> for more information.</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>BIO_get_new_index() returns the new BIO type value or -1 if an error occurred.</p>
<p>BIO_meth_new(int type, const char *name) returns a valid <b>BIO_METHOD</b> or NULL if an error occurred.</p>
<p>The <b>BIO_meth_set</b> functions return 1 on success or 0 on error.</p>
<p>The <b>BIO_meth_get</b> functions return the corresponding function pointers.</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man7/bio.html">bio(7)</a>, <a href="../man3/BIO_find_type.html">BIO_find_type(3)</a>, <a href="../man3/BIO_ctrl.html">BIO_ctrl(3)</a>, <a href="../man3/BIO_read_ex.html">BIO_read_ex(3)</a>, <a href="../man3/BIO_new.html">BIO_new(3)</a></p>
<h1 id="HISTORY">HISTORY</h1>
<p>The functions described here were added in OpenSSL 1.1.0.</p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2016-2024 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

89
openssl-3.4.2/doc/html/man3/BIO_new.html
View File

@@ -1,89 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>BIO_new</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#HISTORY">HISTORY</a></li>
<li><a href="#EXAMPLES">EXAMPLES</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>BIO_new_ex, BIO_new, BIO_up_ref, BIO_free, BIO_vfree, BIO_free_all - BIO allocation and freeing functions</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/bio.h&gt;
BIO *BIO_new_ex(OSSL_LIB_CTX *libctx, const BIO_METHOD *type);
BIO *BIO_new(const BIO_METHOD *type);
int BIO_up_ref(BIO *a);
int BIO_free(BIO *a);
void BIO_vfree(BIO *a);
void BIO_free_all(BIO *a);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>The BIO_new_ex() function returns a new BIO using method <b>type</b> associated with the library context <i>libctx</i> (see OSSL_LIB_CTX(3)). The library context may be NULL to indicate the default library context.</p>
<p>The BIO_new() is the same as BIO_new_ex() except the default library context is always used.</p>
<p>BIO_up_ref() increments the reference count associated with the BIO object.</p>
<p>BIO_free() frees up a single BIO, BIO_vfree() also frees up a single BIO but it does not return a value. If <b>a</b> is NULL nothing is done. Calling BIO_free() may also have some effect on the underlying I/O structure, for example it may close the file being referred to under certain circumstances. For more details see the individual BIO_METHOD descriptions.</p>
<p>BIO_free_all() frees up an entire BIO chain, it does not halt if an error occurs freeing up an individual BIO in the chain. If <b>a</b> is NULL nothing is done.</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>BIO_new_ex() and BIO_new() return a newly created BIO or NULL if the call fails.</p>
<p>BIO_up_ref() and BIO_free() return 1 for success and 0 for failure.</p>
<p>BIO_free_all() and BIO_vfree() do not return values.</p>
<h1 id="NOTES">NOTES</h1>
<p>If BIO_free() is called on a BIO chain it will only free one BIO resulting in a memory leak.</p>
<p>Calling BIO_free_all() on a single BIO has the same effect as calling BIO_free() on it other than the discarded return value.</p>
<h1 id="HISTORY">HISTORY</h1>
<p>BIO_set() was removed in OpenSSL 1.1.0 as BIO type is now opaque.</p>
<p>BIO_new_ex() was added in OpenSSL 3.0.</p>
<h1 id="EXAMPLES">EXAMPLES</h1>
<p>Create a memory BIO:</p>
<pre><code>BIO *mem = BIO_new(BIO_s_mem());</code></pre>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

81
openssl-3.4.2/doc/html/man3/BIO_new_CMS.html
View File

@@ -1,81 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>BIO_new_CMS</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#BUGS">BUGS</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#HISTORY">HISTORY</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>BIO_new_CMS - CMS streaming filter BIO</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/cms.h&gt;
BIO *BIO_new_CMS(BIO *out, CMS_ContentInfo *cms);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>BIO_new_CMS() returns a streaming filter BIO chain based on <b>cms</b>. The output of the filter is written to <b>out</b>. Any data written to the chain is automatically translated to a BER format CMS structure of the appropriate type.</p>
<h1 id="NOTES">NOTES</h1>
<p>The chain returned by this function behaves like a standard filter BIO. It supports non blocking I/O. Content is processed and streamed on the fly and not all held in memory at once: so it is possible to encode very large structures. After all content has been written through the chain BIO_flush() must be called to finalise the structure.</p>
<p>The <b>CMS_STREAM</b> flag must be included in the corresponding <b>flags</b> parameter of the <b>cms</b> creation function.</p>
<p>If an application wishes to write additional data to <b>out</b> BIOs should be removed from the chain using BIO_pop() and freed with BIO_free() until <b>out</b> is reached. If no additional data needs to be written BIO_free_all() can be called to free up the whole chain.</p>
<p>Any content written through the filter is used verbatim: no canonical translation is performed.</p>
<p>It is possible to chain multiple BIOs to, for example, create a triple wrapped signed, enveloped, signed structure. In this case it is the applications responsibility to set the inner content type of any outer CMS_ContentInfo structures.</p>
<p>Large numbers of small writes through the chain should be avoided as this will produce an output consisting of lots of OCTET STRING structures. Prepending a BIO_f_buffer() buffering BIO will prevent this.</p>
<h1 id="BUGS">BUGS</h1>
<p>There is currently no corresponding inverse BIO: i.e. one which can decode a CMS structure on the fly.</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>BIO_new_CMS() returns a BIO chain when successful or NULL if an error occurred. The error can be obtained from ERR_get_error(3).</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/CMS_sign.html">CMS_sign(3)</a>, <a href="../man3/CMS_encrypt.html">CMS_encrypt(3)</a></p>
<h1 id="HISTORY">HISTORY</h1>
<p>The BIO_new_CMS() function was added in OpenSSL 1.0.0.</p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

91
openssl-3.4.2/doc/html/man3/BIO_parse_hostserv.html
View File

@@ -1,91 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>BIO_parse_hostserv</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>BIO_hostserv_priorities, BIO_parse_hostserv - utility routines to parse a standard host and service string</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/bio.h&gt;
enum BIO_hostserv_priorities {
BIO_PARSE_PRIO_HOST, BIO_PARSE_PRIO_SERV
};
int BIO_parse_hostserv(const char *hostserv, char **host, char **service,
enum BIO_hostserv_priorities hostserv_prio);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>BIO_parse_hostserv() will parse the information given in <b>hostserv</b>, create strings with the hostname and service name and give those back via <b>host</b> and <b>service</b>. Those will need to be freed after they are used. <b>hostserv_prio</b> helps determine if <b>hostserv</b> shall be interpreted primarily as a hostname or a service name in ambiguous cases.</p>
<p>The syntax the BIO_parse_hostserv() recognises is:</p>
<pre><code>host + &#39;:&#39; + service
host + &#39;:&#39; + &#39;*&#39;
host + &#39;:&#39;
&#39;:&#39; + service
&#39;*&#39; + &#39;:&#39; + service
host
service</code></pre>
<p>The host part can be a name or an IP address. If it&#39;s a IPv6 address, it MUST be enclosed in brackets, such as &#39;[::1]&#39;.</p>
<p>The service part can be a service name or its port number. A service name will be mapped to a port number using the system function getservbyname().</p>
<p>The returned values will depend on the given <b>hostserv</b> string and <b>hostserv_prio</b>, as follows:</p>
<pre><code>host + &#39;:&#39; + service =&gt; *host = &quot;host&quot;, *service = &quot;service&quot;
host + &#39;:&#39; + &#39;*&#39; =&gt; *host = &quot;host&quot;, *service = NULL
host + &#39;:&#39; =&gt; *host = &quot;host&quot;, *service = NULL
&#39;:&#39; + service =&gt; *host = NULL, *service = &quot;service&quot;
&#39;*&#39; + &#39;:&#39; + service =&gt; *host = NULL, *service = &quot;service&quot;
in case no &#39;:&#39; is present in the string, the result depends on
hostserv_prio, as follows:
when hostserv_prio == BIO_PARSE_PRIO_HOST
host =&gt; *host = &quot;host&quot;, *service untouched
when hostserv_prio == BIO_PARSE_PRIO_SERV
service =&gt; *host untouched, *service = &quot;service&quot;</code></pre>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>BIO_parse_hostserv() returns 1 on success or 0 on error.</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/BIO_ADDRINFO.html">BIO_ADDRINFO(3)</a></p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

66
openssl-3.4.2/doc/html/man3/BIO_printf.html
View File

@@ -1,66 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>BIO_printf</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>BIO_printf, BIO_vprintf, BIO_snprintf, BIO_vsnprintf - formatted output to a BIO</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/bio.h&gt;
int BIO_printf(BIO *bio, const char *format, ...);
int BIO_vprintf(BIO *bio, const char *format, va_list args);
int BIO_snprintf(char *buf, size_t n, const char *format, ...);
int BIO_vsnprintf(char *buf, size_t n, const char *format, va_list args);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>BIO_printf() is similar to the standard C printf() function, except that the output is sent to the specified BIO, <i>bio</i>, rather than standard output. All common format specifiers are supported.</p>
<p>BIO_vprintf() is similar to the vprintf() function found on many platforms, the output is sent to the specified BIO, <i>bio</i>, rather than standard output. All common format specifiers are supported. The argument list <i>args</i> is a stdarg argument list.</p>
<p>BIO_snprintf() is for platforms that do not have the common snprintf() function. It is like sprintf() except that the size parameter, <i>n</i>, specifies the size of the output buffer.</p>
<p>BIO_vsnprintf() is to BIO_snprintf() as BIO_vprintf() is to BIO_printf().</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>All functions return the number of bytes written, or -1 on error. For BIO_snprintf() and BIO_vsnprintf() this includes when the output buffer is too small.</p>
<h1 id="NOTES">NOTES</h1>
<p>Except when <i>n</i> is 0, both BIO_snprintf() and BIO_vsnprintf() always terminate their output with <code>&#39;\0&#39;</code>. This includes cases where -1 is returned, such as when there is insufficient space to output the whole string.</p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2017-2021 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

100
openssl-3.4.2/doc/html/man3/BIO_push.html
View File

@@ -1,100 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>BIO_push</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#EXAMPLES">EXAMPLES</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#HISTORY">HISTORY</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>BIO_push, BIO_pop, BIO_set_next - add and remove BIOs from a chain</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/bio.h&gt;
BIO *BIO_push(BIO *b, BIO *next);
BIO *BIO_pop(BIO *b);
void BIO_set_next(BIO *b, BIO *next);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>BIO_push() pushes <i>b</i> on <i>next</i>. If <i>b</i> is NULL the function does nothing and returns <i>next</i>. Otherwise it prepends <i>b</i>, which may be a single BIO or a chain of BIOs, to <i>next</i> (unless <i>next</i> is NULL). It then makes a control call on <i>b</i> and returns <i>b</i>.</p>
<p>BIO_pop() removes the BIO <i>b</i> from any chain is is part of. If <i>b</i> is NULL the function does nothing and returns NULL. Otherwise it makes a control call on <i>b</i> and returns the next BIO in the chain, or NULL if there is no next BIO. The removed BIO becomes a single BIO with no association with the original chain, it can thus be freed or be made part of a different chain.</p>
<p>BIO_set_next() replaces the existing next BIO in a chain with the BIO pointed to by <i>next</i>. The new chain may include some of the same BIOs from the old chain or it may be completely different.</p>
<h1 id="NOTES">NOTES</h1>
<p>The names of these functions are perhaps a little misleading. BIO_push() joins two BIO chains whereas BIO_pop() deletes a single BIO from a chain, the deleted BIO does not need to be at the end of a chain.</p>
<p>The process of calling BIO_push() and BIO_pop() on a BIO may have additional consequences (a control call is made to the affected BIOs). Any effects will be noted in the descriptions of individual BIOs.</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>BIO_push() returns the head of the chain, which usually is <i>b</i>, or <i>next</i> if <i>b</i> is NULL.</p>
<p>BIO_pop() returns the next BIO in the chain, or NULL if there is no next BIO.</p>
<h1 id="EXAMPLES">EXAMPLES</h1>
<p>For these examples suppose <i>md1</i> and <i>md2</i> are digest BIOs, <i>b64</i> is a base64 BIO and <i>f</i> is a file BIO.</p>
<p>If the call:</p>
<pre><code>BIO_push(b64, f);</code></pre>
<p>is made then the new chain will be <i>b64-f</i>. After making the calls</p>
<pre><code>BIO_push(md2, b64);
BIO_push(md1, md2);</code></pre>
<p>the new chain is <i>md1-md2-b64-f</i>. Data written to <i>md1</i> will be digested by <i>md1</i> and <i>md2</i>, base64 encoded, and finally written to <i>f</i>.</p>
<p>It should be noted that reading causes data to pass in the reverse direction, that is data is read from <i>f</i>, base64 decoded, and digested by <i>md2</i> and then <i>md1</i>.</p>
<p>The call:</p>
<pre><code>BIO_pop(md2);</code></pre>
<p>will return <i>b64</i> and the new chain will be <i>md1-b64-f</i>. Data can be written to and read from <i>md1</i> as before, except that <i>md2</i> will no more be applied.</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man7/bio.html">bio(7)</a></p>
<h1 id="HISTORY">HISTORY</h1>
<p>The BIO_set_next() function was added in OpenSSL 1.1.0.</p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

103
openssl-3.4.2/doc/html/man3/BIO_read.html
View File

@@ -1,103 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>BIO_read</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#HISTORY">HISTORY</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>BIO_read_ex, BIO_write_ex, BIO_read, BIO_write, BIO_gets, BIO_get_line, BIO_puts - BIO I/O functions</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/bio.h&gt;
int BIO_read_ex(BIO *b, void *data, size_t dlen, size_t *readbytes);
int BIO_write_ex(BIO *b, const void *data, size_t dlen, size_t *written);
int BIO_read(BIO *b, void *data, int dlen);
int BIO_gets(BIO *b, char *buf, int size);
int BIO_get_line(BIO *b, char *buf, int size);
int BIO_write(BIO *b, const void *data, int dlen);
int BIO_puts(BIO *b, const char *buf);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>BIO_read_ex() attempts to read <i>dlen</i> bytes from BIO <i>b</i> and places the data in <i>data</i>. If any bytes were successfully read then the number of bytes read is stored in <i>*readbytes</i>.</p>
<p>BIO_write_ex() attempts to write <i>dlen</i> bytes from <i>data</i> to BIO <i>b</i>. If successful then the number of bytes written is stored in <i>*written</i> unless <i>written</i> is NULL.</p>
<p>BIO_read() attempts to read <i>len</i> bytes from BIO <i>b</i> and places the data in <i>buf</i>.</p>
<p>BIO_gets() performs the BIOs &quot;gets&quot; operation and places the data in <i>buf</i>. Usually this operation will attempt to read a line of data from the BIO of maximum length <i>size-1</i>. There are exceptions to this, however; for example, BIO_gets() on a digest BIO will calculate and return the digest and other BIOs may not support BIO_gets() at all. The returned string is always NUL-terminated and the &#39;\n&#39; is preserved if present in the input data. On binary input there may be NUL characters within the string; in this case the return value (if nonnegative) may give an incorrect length.</p>
<p>BIO_get_line() attempts to read from BIO <i>b</i> a line of data up to the next &#39;\n&#39; or the maximum length <i>size-1</i> is reached and places the data in <i>buf</i>. The returned string is always NUL-terminated and the &#39;\n&#39; is preserved if present in the input data. On binary input there may be NUL characters within the string; in this case the return value (if nonnegative) gives the actual length read. For implementing this, unfortunately the data needs to be read byte-by-byte.</p>
<p>BIO_write() attempts to write <i>len</i> bytes from <i>buf</i> to BIO <i>b</i>.</p>
<p>BIO_puts() attempts to write a NUL-terminated string <i>buf</i> to BIO <i>b</i>.</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>BIO_read_ex() returns 1 if data was successfully read, and 0 otherwise.</p>
<p>BIO_write_ex() returns 1 if no error was encountered writing data, 0 otherwise. Requesting to write 0 bytes is not considered an error.</p>
<p>BIO_write() returns -2 if the &quot;write&quot; operation is not implemented by the BIO or -1 on other errors. Otherwise it returns the number of bytes written. This may be 0 if the BIO <i>b</i> is NULL or <i>dlen &lt;= 0</i>.</p>
<p>BIO_gets() returns -2 if the &quot;gets&quot; operation is not implemented by the BIO or -1 on other errors. Otherwise it typically returns the amount of data read, but depending on the implementation it may return only the length up to the first NUL character contained in the data read. In any case the trailing NUL that is added after the data read is not included in the length returned.</p>
<p>All other functions return either the amount of data successfully read or written (if the return value is positive) or that no data was successfully read or written if the result is 0 or -1. If the return value is -2 then the operation is not implemented in the specific BIO type.</p>
<h1 id="NOTES">NOTES</h1>
<p>A 0 or -1 return is not necessarily an indication of an error. In particular when the source/sink is nonblocking or of a certain type it may merely be an indication that no data is currently available and that the application should retry the operation later.</p>
<p>One technique sometimes used with blocking sockets is to use a system call (such as select(), poll() or equivalent) to determine when data is available and then call read() to read the data. The equivalent with BIOs (that is call select() on the underlying I/O structure and then call BIO_read() to read the data) should <b>not</b> be used because a single call to BIO_read() can cause several reads (and writes in the case of SSL BIOs) on the underlying I/O structure and may block as a result. Instead select() (or equivalent) should be combined with non blocking I/O so successive reads will request a retry instead of blocking.</p>
<p>See <a href="../man3/BIO_should_retry.html">BIO_should_retry(3)</a> for details of how to determine the cause of a retry and other I/O issues.</p>
<p>If the &quot;gets&quot; method is not supported by a BIO then BIO_get_line() can be used. It is also possible to make BIO_gets() usable even if the &quot;gets&quot; method is not supported by adding a buffering BIO <a href="../man3/BIO_f_buffer.html">BIO_f_buffer(3)</a> to the chain.</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/BIO_should_retry.html">BIO_should_retry(3)</a></p>
<h1 id="HISTORY">HISTORY</h1>
<p>BIO_gets() on 1.1.0 and older when called on BIO_fd() based BIO did not keep the &#39;\n&#39; at the end of the line in the buffer.</p>
<p>BIO_get_line() was added in OpenSSL 3.0.</p>
<p>BIO_write_ex() returns 1 if the size of the data to write is 0 and the <i>written</i> parameter of the function can be NULL since OpenSSL 3.0.</p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2000-2023 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

187
openssl-3.4.2/doc/html/man3/BIO_s_accept.html
View File

@@ -1,187 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>BIO_s_accept</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#EXAMPLES">EXAMPLES</a></li>
<li><a href="#HISTORY">HISTORY</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>BIO_s_accept, BIO_set_accept_name, BIO_set_accept_port, BIO_get_accept_name, BIO_get_accept_port, BIO_new_accept, BIO_set_nbio_accept, BIO_set_tfo_accept, BIO_set_accept_bios, BIO_get_peer_name, BIO_get_peer_port, BIO_get_accept_ip_family, BIO_set_accept_ip_family, BIO_set_bind_mode, BIO_get_bind_mode, BIO_do_accept - accept BIO</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/bio.h&gt;
const BIO_METHOD *BIO_s_accept(void);
long BIO_set_accept_name(BIO *b, char *name);
char *BIO_get_accept_name(BIO *b);
long BIO_set_accept_port(BIO *b, char *port);
char *BIO_get_accept_port(BIO *b);
BIO *BIO_new_accept(char *host_port);
long BIO_set_nbio_accept(BIO *b, int n);
long BIO_set_tfo_accept(BIO *b, int n);
long BIO_set_accept_bios(BIO *b, char *bio);
char *BIO_get_peer_name(BIO *b);
char *BIO_get_peer_port(BIO *b);
long BIO_get_accept_ip_family(BIO *b);
long BIO_set_accept_ip_family(BIO *b, long family);
long BIO_set_bind_mode(BIO *b, long mode);
long BIO_get_bind_mode(BIO *b);
int BIO_do_accept(BIO *b);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>BIO_s_accept() returns the accept BIO method. This is a wrapper round the platform&#39;s TCP/IP socket accept routines.</p>
<p>Using accept BIOs, TCP/IP connections can be accepted and data transferred using only BIO routines. In this way any platform specific operations are hidden by the BIO abstraction.</p>
<p>Read and write operations on an accept BIO will perform I/O on the underlying connection. If no connection is established and the port (see below) is set up properly then the BIO waits for an incoming connection.</p>
<p>Accept BIOs support BIO_puts() but not BIO_gets().</p>
<p>If the close flag is set on an accept BIO then any active connection on that chain is shutdown and the socket closed when the BIO is freed.</p>
<p>Calling BIO_reset() on an accept BIO will close any active connection and reset the BIO into a state where it awaits another incoming connection.</p>
<p>BIO_get_fd() and BIO_set_fd() can be called to retrieve or set the accept socket. See <a href="../man3/BIO_s_fd.html">BIO_s_fd(3)</a></p>
<p>BIO_set_accept_name() uses the string <b>name</b> to set the accept name. The name is represented as a string of the form &quot;host:port&quot;, where &quot;host&quot; is the interface to use and &quot;port&quot; is the port. The host can be &quot;*&quot; or empty which is interpreted as meaning any interface. If the host is an IPv6 address, it has to be enclosed in brackets, for example &quot;[::1]:https&quot;. &quot;port&quot; has the same syntax as the port specified in BIO_set_conn_port() for connect BIOs, that is it can be a numerical port string or a string to lookup using getservbyname() and a string table.</p>
<p>BIO_set_accept_port() uses the string <b>port</b> to set the accept port of BIO <i>b</i>. &quot;port&quot; has the same syntax as the port specified in BIO_set_conn_port() for connect BIOs, that is it can be a numerical port string or a string to lookup using getservbyname() and a string table. If the given port is <code>0</code> then a random available port is chosen. It may be queried using BIO_sock_info() and <a href="../man3/BIO_ADDR_service_string.html">BIO_ADDR_service_string(3)</a>.</p>
<p>BIO_new_accept() combines BIO_new() and BIO_set_accept_name() into a single call: that is it creates a new accept BIO with port <b>host_port</b>.</p>
<p>BIO_set_nbio_accept() sets the accept socket to blocking mode (the default) if <b>n</b> is 0 or non blocking mode if <b>n</b> is 1.</p>
<p>BIO_set_tfo_accept() enables TCP Fast Open on the accept socket if <b>n</b> is 1 or disables TCP Fast Open if <b>n</b> is 0 (the default). Setting the value to 1 is equivalent to setting <b>BIO_SOCK_TFO</b> in BIO_set_bind_mode().</p>
<p>BIO_set_accept_bios() can be used to set a chain of BIOs which will be duplicated and prepended to the chain when an incoming connection is received. This is useful if, for example, a buffering or SSL BIO is required for each connection. The chain of BIOs must not be freed after this call, they will be automatically freed when the accept BIO is freed.</p>
<p>BIO_get_accept_ip_family() returns the IP family accepted by the BIO <i>b</i>, which may be <b>BIO_FAMILY_IPV4</b>, <b>BIO_FAMILY_IPV6</b>, or <b>BIO_FAMILY_IPANY</b>.</p>
<p>BIO_set_accept_ip_family() sets the IP family <i>family</i> accepted by BIO <i>b</i>. The default is <b>BIO_FAMILY_IPANY</b>.</p>
<p>BIO_set_bind_mode() and BIO_get_bind_mode() set and retrieve the current bind mode. If <b>BIO_BIND_NORMAL</b> (the default) is set then another socket cannot be bound to the same port. If <b>BIO_BIND_REUSEADDR</b> is set then other sockets can bind to the same port. If <b>BIO_BIND_REUSEADDR_IF_UNUSED</b> is set then and attempt is first made to use BIO_BIN_NORMAL, if this fails and the port is not in use then a second attempt is made using <b>BIO_BIND_REUSEADDR</b>. If <b>BIO_SOCK_TFO</b> is set, then the socket will be configured to accept TCP Fast Open connections.</p>
<p>BIO_do_accept() serves two functions. When it is first called, after the accept BIO has been setup, it will attempt to create the accept socket and bind an address to it. Second and subsequent calls to BIO_do_accept() will await an incoming connection, or request a retry in non blocking mode.</p>
<h1 id="NOTES">NOTES</h1>
<p>When an accept BIO is at the end of a chain it will await an incoming connection before processing I/O calls. When an accept BIO is not at then end of a chain it passes I/O calls to the next BIO in the chain.</p>
<p>When a connection is established a new socket BIO is created for the connection and appended to the chain. That is the chain is now accept-&gt;socket. This effectively means that attempting I/O on an initial accept socket will await an incoming connection then perform I/O on it.</p>
<p>If any additional BIOs have been set using BIO_set_accept_bios() then they are placed between the socket and the accept BIO, that is the chain will be accept-&gt;otherbios-&gt;socket.</p>
<p>If a server wishes to process multiple connections (as is normally the case) then the accept BIO must be made available for further incoming connections. This can be done by waiting for a connection and then calling:</p>
<pre><code>connection = BIO_pop(accept);</code></pre>
<p>After this call <b>connection</b> will contain a BIO for the recently established connection and <b>accept</b> will now be a single BIO again which can be used to await further incoming connections. If no further connections will be accepted the <b>accept</b> can be freed using BIO_free().</p>
<p>If only a single connection will be processed it is possible to perform I/O using the accept BIO itself. This is often undesirable however because the accept BIO will still accept additional incoming connections. This can be resolved by using BIO_pop() (see above) and freeing up the accept BIO after the initial connection.</p>
<p>If the underlying accept socket is nonblocking and BIO_do_accept() is called to await an incoming connection it is possible for BIO_should_io_special() with the reason BIO_RR_ACCEPT. If this happens then it is an indication that an accept attempt would block: the application should take appropriate action to wait until the underlying socket has accepted a connection and retry the call.</p>
<p>BIO_set_accept_name(), BIO_get_accept_name(), BIO_set_accept_port(), BIO_get_accept_port(), BIO_set_nbio_accept(), BIO_set_accept_bios(), BIO_get_peer_name(), BIO_get_peer_port(), BIO_get_accept_ip_family(), BIO_set_accept_ip_family(), BIO_set_bind_mode(), BIO_get_bind_mode() and BIO_do_accept() are macros.</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>BIO_do_accept(), BIO_set_accept_name(), BIO_set_accept_port(), BIO_set_nbio_accept(), BIO_set_accept_bios(), BIO_set_accept_ip_family(), and BIO_set_bind_mode() return 1 for success and &lt;= 0 for failure.</p>
<p>BIO_get_accept_name() returns the accept name or NULL on error. BIO_get_peer_name() returns the peer name or NULL on error.</p>
<p>BIO_get_accept_port() returns the accept port as a string or NULL on error. BIO_get_peer_port() returns the peer port as a string or NULL on error. BIO_get_accept_ip_family() returns the IP family or &lt;= 0 on error.</p>
<p>BIO_get_bind_mode() returns the set of <b>BIO_BIND</b> flags, or &lt;= 0 on failure.</p>
<p>BIO_new_accept() returns a BIO or NULL on error.</p>
<h1 id="EXAMPLES">EXAMPLES</h1>
<p>This example accepts two connections on port 4444, sends messages down each and finally closes both down.</p>
<pre><code>BIO *abio, *cbio, *cbio2;
/* First call to BIO_do_accept() sets up accept BIO */
abio = BIO_new_accept(&quot;4444&quot;);
if (BIO_do_accept(abio) &lt;= 0) {
fprintf(stderr, &quot;Error setting up accept\n&quot;);
ERR_print_errors_fp(stderr);
exit(1);
}
/* Wait for incoming connection */
if (BIO_do_accept(abio) &lt;= 0) {
fprintf(stderr, &quot;Error accepting connection\n&quot;);
ERR_print_errors_fp(stderr);
exit(1);
}
fprintf(stderr, &quot;Connection 1 established\n&quot;);
/* Retrieve BIO for connection */
cbio = BIO_pop(abio);
BIO_puts(cbio, &quot;Connection 1: Sending out Data on initial connection\n&quot;);
fprintf(stderr, &quot;Sent out data on connection 1\n&quot;);
/* Wait for another connection */
if (BIO_do_accept(abio) &lt;= 0) {
fprintf(stderr, &quot;Error accepting connection\n&quot;);
ERR_print_errors_fp(stderr);
exit(1);
}
fprintf(stderr, &quot;Connection 2 established\n&quot;);
/* Close accept BIO to refuse further connections */
cbio2 = BIO_pop(abio);
BIO_free(abio);
BIO_puts(cbio2, &quot;Connection 2: Sending out Data on second\n&quot;);
fprintf(stderr, &quot;Sent out data on connection 2\n&quot;);
BIO_puts(cbio, &quot;Connection 1: Second connection established\n&quot;);
/* Close the two established connections */
BIO_free(cbio);
BIO_free(cbio2);</code></pre>
<h1 id="HISTORY">HISTORY</h1>
<p>BIO_set_tfo_accept() was added in OpenSSL 3.2.</p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2000-2024 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

157
openssl-3.4.2/doc/html/man3/BIO_s_bio.html
View File

@@ -1,157 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>BIO_s_bio</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#EXAMPLES">EXAMPLES</a></li>
<li><a href="#WARNINGS">WARNINGS</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>BIO_s_bio, BIO_make_bio_pair, BIO_destroy_bio_pair, BIO_shutdown_wr, BIO_set_write_buf_size, BIO_get_write_buf_size, BIO_new_bio_pair, BIO_get_write_guarantee, BIO_ctrl_get_write_guarantee, BIO_get_read_request, BIO_ctrl_get_read_request, BIO_ctrl_reset_read_request - BIO pair BIO</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/bio.h&gt;
const BIO_METHOD *BIO_s_bio(void);
int BIO_make_bio_pair(BIO *b1, BIO *b2);
int BIO_destroy_bio_pair(BIO *b);
int BIO_shutdown_wr(BIO *b);
int BIO_set_write_buf_size(BIO *b, long size);
size_t BIO_get_write_buf_size(BIO *b, long size);
int BIO_new_bio_pair(BIO **bio1, size_t writebuf1, BIO **bio2, size_t writebuf2);
int BIO_get_write_guarantee(BIO *b);
size_t BIO_ctrl_get_write_guarantee(BIO *b);
int BIO_get_read_request(BIO *b);
size_t BIO_ctrl_get_read_request(BIO *b);
int BIO_ctrl_reset_read_request(BIO *b);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>BIO_s_bio() returns the method for a BIO pair. A BIO pair is a pair of source/sink BIOs where data written to either half of the pair is buffered and can be read from the other half. Both halves must usually by handled by the same application thread since no locking is done on the internal data structures.</p>
<p>Since BIO chains typically end in a source/sink BIO it is possible to make this one half of a BIO pair and have all the data processed by the chain under application control.</p>
<p>One typical use of BIO pairs is to place TLS/SSL I/O under application control, this can be used when the application wishes to use a non standard transport for TLS/SSL or the normal socket routines are inappropriate.</p>
<p>Calls to BIO_read_ex() will read data from the buffer or request a retry if no data is available.</p>
<p>Calls to BIO_write_ex() will place data in the buffer or request a retry if the buffer is full.</p>
<p>The standard calls BIO_ctrl_pending() and BIO_ctrl_wpending() can be used to determine the amount of pending data in the read or write buffer.</p>
<p>BIO_reset() clears any data in the write buffer.</p>
<p>BIO_make_bio_pair() joins two separate BIOs into a connected pair.</p>
<p>BIO_destroy_pair() destroys the association between two connected BIOs. Freeing up any half of the pair will automatically destroy the association.</p>
<p>BIO_shutdown_wr() is used to close down a BIO <b>b</b>. After this call no further writes on BIO <b>b</b> are allowed (they will return an error). Reads on the other half of the pair will return any pending data or EOF when all pending data has been read.</p>
<p>BIO_set_write_buf_size() sets the write buffer size of BIO <b>b</b> to <b>size</b>. If the size is not initialized a default value is used. This is currently 17K, sufficient for a maximum size TLS record.</p>
<p>BIO_get_write_buf_size() returns the size of the write buffer.</p>
<p>BIO_new_bio_pair() combines the calls to BIO_new(), BIO_make_bio_pair() and BIO_set_write_buf_size() to create a connected pair of BIOs <b>bio1</b>, <b>bio2</b> with write buffer sizes <b>writebuf1</b> and <b>writebuf2</b>. If either size is zero then the default size is used. BIO_new_bio_pair() does not check whether <b>bio1</b> or <b>bio2</b> do point to some other BIO, the values are overwritten, BIO_free() is not called.</p>
<p>BIO_get_write_guarantee() and BIO_ctrl_get_write_guarantee() return the maximum length of data that can be currently written to the BIO. Writes larger than this value will return a value from BIO_write_ex() less than the amount requested or if the buffer is full request a retry. BIO_ctrl_get_write_guarantee() is a function whereas BIO_get_write_guarantee() is a macro.</p>
<p>BIO_get_read_request() and BIO_ctrl_get_read_request() return the amount of data requested, or the buffer size if it is less, if the last read attempt at the other half of the BIO pair failed due to an empty buffer. This can be used to determine how much data should be written to the BIO so the next read will succeed: this is most useful in TLS/SSL applications where the amount of data read is usually meaningful rather than just a buffer size. After a successful read this call will return zero. It also will return zero once new data has been written satisfying the read request or part of it. Note that BIO_get_read_request() never returns an amount larger than that returned by BIO_get_write_guarantee().</p>
<p>BIO_ctrl_reset_read_request() can also be used to reset the value returned by BIO_get_read_request() to zero.</p>
<h1 id="NOTES">NOTES</h1>
<p>Both halves of a BIO pair should be freed. That is even if one half is implicit freed due to a BIO_free_all() or SSL_free() call the other half needs to be freed.</p>
<p>When used in bidirectional applications (such as TLS/SSL) care should be taken to flush any data in the write buffer. This can be done by calling BIO_pending() on the other half of the pair and, if any data is pending, reading it and sending it to the underlying transport. This must be done before any normal processing (such as calling select() ) due to a request and BIO_should_read() being true.</p>
<p>To see why this is important consider a case where a request is sent using BIO_write_ex() and a response read with BIO_read_ex(), this can occur during an TLS/SSL handshake for example. BIO_write_ex() will succeed and place data in the write buffer. BIO_read_ex() will initially fail and BIO_should_read() will be true. If the application then waits for data to be available on the underlying transport before flushing the write buffer it will never succeed because the request was never sent!</p>
<p>BIO_eof() is true if no data is in the peer BIO and the peer BIO has been shutdown.</p>
<p>BIO_make_bio_pair(), BIO_destroy_bio_pair(), BIO_shutdown_wr(), BIO_set_write_buf_size(), BIO_get_write_buf_size(), BIO_get_write_guarantee(), and BIO_get_read_request() are implemented as macros.</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>BIO_new_bio_pair() returns 1 on success, with the new BIOs available in <b>bio1</b> and <b>bio2</b>, or 0 on failure, with NULL pointers stored into the locations for <b>bio1</b> and <b>bio2</b>. Check the error stack for more information.</p>
<p>[XXXXX: More return values need to be added here]</p>
<h1 id="EXAMPLES">EXAMPLES</h1>
<p>The BIO pair can be used to have full control over the network access of an application. The application can call select() on the socket as required without having to go through the SSL-interface.</p>
<pre><code>BIO *internal_bio, *network_bio;
...
BIO_new_bio_pair(&amp;internal_bio, 0, &amp;network_bio, 0);
SSL_set_bio(ssl, internal_bio, internal_bio);
SSL_operations(); /* e.g. SSL_read and SSL_write */
...
application | TLS-engine
| |
+----------&gt; SSL_operations()
| /\ ||
| || \/
| BIO-pair (internal_bio)
| BIO-pair (network_bio)
| || /\
| \/ ||
+-----------&lt; BIO_operations()
| |
| |
socket
...
SSL_free(ssl); /* implicitly frees internal_bio */
BIO_free(network_bio);
...</code></pre>
<p>As the BIO pair will only buffer the data and never directly access the connection, it behaves nonblocking and will return as soon as the write buffer is full or the read buffer is drained. Then the application has to flush the write buffer and/or fill the read buffer.</p>
<p>Use the BIO_ctrl_pending(), to find out whether data is buffered in the BIO and must be transferred to the network. Use BIO_ctrl_get_read_request() to find out, how many bytes must be written into the buffer before the SSL_operation() can successfully be continued.</p>
<h1 id="WARNINGS">WARNINGS</h1>
<p>As the data is buffered, SSL_operation() may return with an ERROR_SSL_WANT_READ condition, but there is still data in the write buffer. An application must not rely on the error value of SSL_operation() but must assure that the write buffer is always flushed first. Otherwise a deadlock may occur as the peer might be waiting for the data before being able to continue.</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/SSL_set_bio.html">SSL_set_bio(3)</a>, <a href="../man7/ssl.html">ssl(7)</a>, <a href="../man7/bio.html">bio(7)</a>, <a href="../man3/BIO_should_retry.html">BIO_should_retry(3)</a>, <a href="../man3/BIO_read_ex.html">BIO_read_ex(3)</a></p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

183
openssl-3.4.2/doc/html/man3/BIO_s_connect.html
View File

@@ -1,183 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>BIO_s_connect</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#EXAMPLES">EXAMPLES</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#HISTORY">HISTORY</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>BIO_s_connect, BIO_new_connect, BIO_set_conn_hostname, BIO_set_conn_port, BIO_set_conn_address, BIO_set_conn_ip_family, BIO_get_conn_hostname, BIO_get_conn_port, BIO_get_conn_address, BIO_get_conn_ip_family, BIO_set_nbio, BIO_set_sock_type, BIO_get_sock_type, BIO_get0_dgram_bio, BIO_do_connect - connect BIO</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/bio.h&gt;
const BIO_METHOD *BIO_s_connect(void);
BIO *BIO_new_connect(const char *name);
long BIO_set_conn_hostname(BIO *b, char *name);
long BIO_set_conn_port(BIO *b, char *port);
long BIO_set_conn_address(BIO *b, BIO_ADDR *addr);
long BIO_set_conn_ip_family(BIO *b, long family);
const char *BIO_get_conn_hostname(BIO *b);
const char *BIO_get_conn_port(BIO *b);
const BIO_ADDR *BIO_get_conn_address(BIO *b);
const long BIO_get_conn_ip_family(BIO *b);
long BIO_set_nbio(BIO *b, long n);
int BIO_set_sock_type(BIO *b, int sock_type);
int BIO_get_sock_type(BIO *b);
int BIO_get0_dgram_bio(BIO *B, BIO **dgram_bio);
long BIO_do_connect(BIO *b);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>BIO_s_connect() returns the connect BIO method. This is a wrapper round the platform&#39;s TCP/IP socket connection routines.</p>
<p>Using connect BIOs, TCP/IP connections can be made and data transferred using only BIO routines. In this way any platform specific operations are hidden by the BIO abstraction.</p>
<p>Read and write operations on a connect BIO will perform I/O on the underlying connection. If no connection is established and the port and hostname (see below) is set up properly then a connection is established first.</p>
<p>Connect BIOs support BIO_puts() and BIO_gets().</p>
<p>If the close flag is set on a connect BIO then any active connection is shutdown and the socket closed when the BIO is freed.</p>
<p>Calling BIO_reset() on a connect BIO will close any active connection and reset the BIO into a state where it can connect to the same host again.</p>
<p>BIO_new_connect() combines BIO_new() and BIO_set_conn_hostname() into a single call: that is it creates a new connect BIO with hostname <b>name</b>.</p>
<p>BIO_set_conn_hostname() uses the string <b>name</b> to set the hostname. The hostname can be an IP address; if the address is an IPv6 one, it must be enclosed in brackets <code>[</code> and <code>]</code>. The hostname can also include the port in the form hostname:port; see <a href="../man3/BIO_parse_hostserv.html">BIO_parse_hostserv(3)</a> and BIO_set_conn_port() for details.</p>
<p>BIO_set_conn_port() sets the port to <b>port</b>. <b>port</b> can be the numerical form or a service string such as &quot;http&quot;, which will be mapped to a port number using the system function getservbyname().</p>
<p>BIO_set_conn_address() sets the address and port information using a BIO_ADDR(3ssl).</p>
<p>BIO_set_conn_ip_family() sets the IP family.</p>
<p>BIO_get_conn_hostname() returns the hostname of the connect BIO or NULL if the BIO is initialized but no hostname is set. This return value is an internal pointer which should not be modified.</p>
<p>BIO_get_conn_port() returns the port as a string. This return value is an internal pointer which should not be modified.</p>
<p>BIO_get_conn_address() returns the address information as a BIO_ADDR. This return value is an internal pointer which should not be modified.</p>
<p>BIO_get_conn_ip_family() returns the IP family of the connect BIO.</p>
<p>BIO_set_nbio() sets the non blocking I/O flag to <b>n</b>. If <b>n</b> is zero then blocking I/O is set. If <b>n</b> is 1 then non blocking I/O is set. Blocking I/O is the default. The call to BIO_set_nbio() should be made before the connection is established because non blocking I/O is set during the connect process.</p>
<p>BIO_do_connect() attempts to connect the supplied BIO. This performs an SSL/TLS handshake as far as supported by the BIO. For non-SSL BIOs the connection is done typically at TCP level. If domain name resolution yields multiple IP addresses all of them are tried after connect() failures. The function returns 1 if the connection was established successfully. A zero or negative value is returned if the connection could not be established. The call BIO_should_retry() should be used for non blocking connect BIOs to determine if the call should be retried. If a connection has already been established this call has no effect.</p>
<p>BIO_set_sock_type() can be used to set a socket type value as would be passed in a call to socket(2). The only currently supported values are <b>SOCK_STREAM</b> (the default) and <b>SOCK_DGRAM</b>. If <b>SOCK_DGRAM</b> is configured, the connection created is a UDP datagram socket handled via <a href="../man3/BIO_s_datagram.html">BIO_s_datagram(3)</a>. I/O calls such as <a href="../man3/BIO_read.html">BIO_read(3)</a> and <a href="../man3/BIO_write.html">BIO_write(3)</a> are forwarded transparently to an internal <a href="../man3/BIO_s_datagram.html">BIO_s_datagram(3)</a> instance. The created <a href="../man3/BIO_s_datagram.html">BIO_s_datagram(3)</a> instance can be retrieved using BIO_get0_dgram_bio() if desired, which writes a pointer to the <a href="../man3/BIO_s_datagram.html">BIO_s_datagram(3)</a> instance to <i>*dgram_bio</i>. The lifetime of the internal <a href="../man3/BIO_s_datagram.html">BIO_s_datagram(3)</a> is managed by BIO_s_connect() and does not need to be freed by the caller.</p>
<p>BIO_get_sock_type() retrieves the value set using BIO_set_sock_type().</p>
<h1 id="NOTES">NOTES</h1>
<p>If blocking I/O is set then a non positive return value from any I/O call is caused by an error condition, although a zero return will normally mean that the connection was closed.</p>
<p>If the port name is supplied as part of the hostname then this will override any value set with BIO_set_conn_port(). This may be undesirable if the application does not wish to allow connection to arbitrary ports. This can be avoided by checking for the presence of the &#39;:&#39; character in the passed hostname and either indicating an error or truncating the string at that point.</p>
<p>The values returned by BIO_get_conn_hostname(), BIO_get_conn_address(), and BIO_get_conn_port() are updated when a connection attempt is made. Before any connection attempt the values returned are those set by the application itself.</p>
<p>Applications do not have to call BIO_do_connect() but may wish to do so to separate the connection process from other I/O processing.</p>
<p>If non blocking I/O is set then retries will be requested as appropriate.</p>
<p>It addition to BIO_should_read() and BIO_should_write() it is also possible for BIO_should_io_special() to be true during the initial connection process with the reason BIO_RR_CONNECT. If this is returned then this is an indication that a connection attempt would block, the application should then take appropriate action to wait until the underlying socket has connected and retry the call.</p>
<p>BIO_set_conn_hostname(), BIO_set_conn_port(), BIO_get_conn_hostname(), BIO_set_conn_address(), BIO_get_conn_port(), BIO_get_conn_address(), BIO_set_conn_ip_family(), BIO_get_conn_ip_family(), BIO_set_nbio(), and BIO_do_connect() are macros.</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>BIO_s_connect() returns the connect BIO method.</p>
<p>BIO_set_conn_address(), BIO_set_conn_port(), and BIO_set_conn_ip_family() return 1 or &lt;=0 if an error occurs.</p>
<p>BIO_set_conn_hostname() returns 1 on success and &lt;=0 on failure.</p>
<p>BIO_get_conn_address() returns the address information or NULL if none was set.</p>
<p>BIO_get_conn_hostname() returns the connected hostname or NULL if none was set.</p>
<p>BIO_get_conn_ip_family() returns the address family or -1 if none was set.</p>
<p>BIO_get_conn_port() returns a string representing the connected port or NULL if not set.</p>
<p>BIO_set_nbio() returns 1 or &lt;=0 if an error occurs.</p>
<p>BIO_do_connect() returns 1 if the connection was successfully established and &lt;=0 if the connection failed.</p>
<p>BIO_set_sock_type() returns 1 on success or 0 on failure.</p>
<p>BIO_get_sock_type() returns a socket type or 0 if the call is not supported.</p>
<p>BIO_get0_dgram_bio() returns 1 on success or 0 on failure.</p>
<h1 id="EXAMPLES">EXAMPLES</h1>
<p>This is example connects to a webserver on the local host and attempts to retrieve a page and copy the result to standard output.</p>
<pre><code>BIO *cbio, *out;
int len;
char tmpbuf[1024];
cbio = BIO_new_connect(&quot;localhost:http&quot;);
out = BIO_new_fp(stdout, BIO_NOCLOSE);
if (BIO_do_connect(cbio) &lt;= 0) {
fprintf(stderr, &quot;Error connecting to server\n&quot;);
ERR_print_errors_fp(stderr);
exit(1);
}
BIO_puts(cbio, &quot;GET / HTTP/1.0\n\n&quot;);
for (;;) {
len = BIO_read(cbio, tmpbuf, 1024);
if (len &lt;= 0)
break;
BIO_write(out, tmpbuf, len);
}
BIO_free(cbio);
BIO_free(out);</code></pre>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/BIO_ADDR.html">BIO_ADDR(3)</a>, <a href="../man3/BIO_parse_hostserv.html">BIO_parse_hostserv(3)</a></p>
<h1 id="HISTORY">HISTORY</h1>
<p>BIO_set_conn_int_port(), BIO_get_conn_int_port(), BIO_set_conn_ip(), and BIO_get_conn_ip() were removed in OpenSSL 1.1.0. Use BIO_set_conn_address() and BIO_get_conn_address() instead.</p>
<p>Connect BIOs support BIO_gets() since OpenSSL 3.2.</p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2000-2024 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

83
openssl-3.4.2/doc/html/man3/BIO_s_core.html
View File

@@ -1,83 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>BIO_s_core</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#HISTORY">HISTORY</a></li>
<li><a href="#EXAMPLES">EXAMPLES</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>BIO_s_core, BIO_new_from_core_bio - OSSL_CORE_BIO functions</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/bio.h&gt;
const BIO_METHOD *BIO_s_core(void);
BIO *BIO_new_from_core_bio(OSSL_LIB_CTX *libctx, OSSL_CORE_BIO *corebio);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>BIO_s_core() returns the core BIO method function.</p>
<p>A core BIO is treated as source/sink BIO which communicates to some external BIO. This is primarily useful to provider authors. A number of calls from libcrypto into a provider supply an OSSL_CORE_BIO parameter. This represents a BIO within libcrypto, but cannot be used directly by a provider. Instead it should be wrapped using a BIO_s_core().</p>
<p>Once a BIO is constructed based on BIO_s_core(), the associated OSSL_CORE_BIO object should be set on it using BIO_set_data(3). Note that the BIO will only operate correctly if it is associated with a library context constructed using OSSL_LIB_CTX_new_from_dispatch(3). To associate the BIO with a library context construct it using BIO_new_ex(3).</p>
<p>BIO_new_from_core_bio() is a convenience function that constructs a new BIO based on BIO_s_core() and that is associated with the given library context. It then also sets the OSSL_CORE_BIO object on the BIO using BIO_set_data(3).</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>BIO_s_core() return a core BIO <b>BIO_METHOD</b> structure.</p>
<p>BIO_new_from_core_bio() returns a BIO structure on success or NULL on failure. A failure will most commonly be because the library context was not constructed using OSSL_LIB_CTX_new_from_dispatch(3).</p>
<h1 id="HISTORY">HISTORY</h1>
<p>BIO_s_core() and BIO_new_from_core_bio() were added in OpenSSL 3.0.</p>
<h1 id="EXAMPLES">EXAMPLES</h1>
<p>Create a core BIO and write some data to it:</p>
<pre><code>int some_function(OSSL_LIB_CTX *libctx, OSSL_CORE_BIO *corebio) {
BIO *cbio = BIO_new_from_core_bio(libctx, corebio);
if (cbio == NULL)
return 0;
BIO_puts(cbio, &quot;Hello World\n&quot;);
BIO_free(cbio);
return 1;
}</code></pre>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2021-2022 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

228
openssl-3.4.2/doc/html/man3/BIO_s_datagram.html
View File

@@ -1,228 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>BIO_s_datagram</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>BIO_s_datagram, BIO_new_dgram, BIO_ctrl_dgram_connect, BIO_ctrl_set_connected, BIO_dgram_recv_timedout, BIO_dgram_send_timedout, BIO_dgram_get_peer, BIO_dgram_set_peer, BIO_dgram_detect_peer_addr, BIO_dgram_get_mtu_overhead - Network BIO with datagram semantics</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/bio.h&gt;
BIO_METHOD *BIO_s_datagram(void);
BIO *BIO_new_dgram(int fd, int close_flag);
int BIO_ctrl_dgram_connect(BIO *bio, const BIO_ADDR *peer);
int BIO_ctrl_set_connected(BIO *bio, const BIO_ADDR *peer);
int BIO_dgram_recv_timedout(BIO *bio);
int BIO_dgram_send_timedout(BIO *bio);
int BIO_dgram_get_peer(BIO *bio, BIO_ADDR *peer);
int BIO_dgram_set_peer(BIO *bio, const BIO_ADDR *peer);
int BIO_dgram_get_mtu_overhead(BIO *bio);
int BIO_dgram_detect_peer_addr(BIO *bio, BIO_ADDR *peer);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>BIO_s_datagram() is a BIO implementation designed for use with network sockets which provide datagram semantics, such as UDP sockets. It is suitable for use with DTLSv1 or QUIC.</p>
<p>Because BIO_s_datagram() has datagram semantics, a single BIO_write() call sends a single datagram and a single BIO_read() call receives a single datagram. If the size of the buffer passed to BIO_read() is inadequate, the datagram is silently truncated.</p>
<p>For a memory-based BIO which provides datagram semantics identical to those of BIO_s_datagram(), see <a href="../man3/BIO_s_dgram_pair.html">BIO_s_dgram_pair(3)</a>.</p>
<p>This BIO supports the <a href="../man3/BIO_sendmmsg.html">BIO_sendmmsg(3)</a> and <a href="../man3/BIO_recvmmsg.html">BIO_recvmmsg(3)</a> functions.</p>
<p>When using BIO_s_datagram(), it is important to note that:</p>
<ul>
<li><p>This BIO can be used with either a connected or unconnected network socket. A connected socket is a network socket which has had <a href="../man3/BIO_connect.html">BIO_connect(3)</a> or a similar OS-specific function called on it. Such a socket can only receive datagrams from the specified peer. Any other socket is an unconnected socket and can receive datagrams from any host.</p>
</li>
<li><p>Despite their naming, neither BIO_ctrl_dgram_connect() nor BIO_ctrl_set_connected() cause a socket to become connected. These controls are provided to indicate to the BIO how the underlying socket is configured and how it is to be used; see below.</p>
</li>
<li><p>Use of BIO_s_datagram() with an unconnected network socket is hazardous hecause any successful call to BIO_read() results in the peer address used for any subsequent call to BIO_write() being set to the source address of the datagram received by that call to BIO_read(). Thus, unless the caller calls BIO_dgram_set_peer() immediately prior to every call to BIO_write(), or never calls BIO_read(), any host on the network may cause future datagrams written to be redirected to that host. Therefore, it is recommended that users either use BIO_s_dgram() only with a connected socket, or, if using BIO_s_dgram() with an unconnected socket, to use the <a href="../man3/BIO_sendmmsg.html">BIO_sendmmsg(3)</a> and <a href="../man3/BIO_recvmmsg.html">BIO_recvmmsg(3)</a> methods only and forego use of <a href="../man3/BIO_read.html">BIO_read(3)</a> and <a href="../man3/BIO_write.html">BIO_write(3)</a>. An exception is where <a href="../man3/DTLSv1_listen.html">DTLSv1_listen(3)</a> must be used; see <a href="../man3/DTLSv1_listen.html">DTLSv1_listen(3)</a> for further discussion.</p>
</li>
<li><p>Unlike <a href="../man3/BIO_read.html">BIO_read(3)</a> and <a href="../man3/BIO_write.html">BIO_write(3)</a>, the <a href="../man3/BIO_sendmmsg.html">BIO_sendmmsg(3)</a> and <a href="../man3/BIO_recvmmsg.html">BIO_recvmmsg(3)</a> methods are stateless and do not cause the internal state of the BIO_s_datagram() to change.</p>
</li>
</ul>
<p>Various controls are available for configuring the BIO_s_datagram() using <a href="../man3/BIO_ctrl.html">BIO_ctrl(3)</a>:</p>
<dl>
<dt id="BIO_ctrl_dgram_connect-BIO_CTRL_DGRAM_CONNECT">BIO_ctrl_dgram_connect (BIO_CTRL_DGRAM_CONNECT)</dt>
<dd>
<p>This is equivalent to calling <a href="../man3/BIO_dgram_set_peer.html">BIO_dgram_set_peer(3)</a>.</p>
<p>Despite its name, this function does not cause the underlying socket to become connected.</p>
</dd>
<dt id="BIO_ctrl_set_connected-BIO_CTRL_SET_CONNECTED">BIO_ctrl_set_connected (BIO_CTRL_SET_CONNECTED)</dt>
<dd>
<p>This informs the BIO_s_datagram() whether the underlying socket has been connected, and therefore how the BIO_s_datagram() should attempt to use the socket.</p>
<p>If the <i>peer</i> argument is non-NULL, BIO_s_datagram() assumes that the underlying socket has been connected and will attempt to use the socket using OS APIs which do not specify peer addresses (for example, send(3) and recv(3) or similar). The <i>peer</i> argument should specify the peer address to which the socket is connected.</p>
<p>If the <i>peer</i> argument is NULL, BIO_s_datagram() assumes that the underlying socket is not connected and will attempt to use the socket using an OS APIs which specify peer addresses (for example, sendto(3) and recvfrom(3)).</p>
<p>This control does not affect the operation of <a href="../man3/BIO_sendmmsg.html">BIO_sendmmsg(3)</a> or <a href="../man3/BIO_recvmmsg.html">BIO_recvmmsg(3)</a>.</p>
</dd>
<dt id="BIO_dgram_get_peer-BIO_CTRL_DGRAM_GET_PEER">BIO_dgram_get_peer (BIO_CTRL_DGRAM_GET_PEER)</dt>
<dd>
<p>This outputs a <b>BIO_ADDR</b> which specifies one of the following values, whichever happened most recently:</p>
<ul>
<li><p>The peer address last passed to BIO_dgram_set_peer(), BIO_ctrl_dgram_connect() or BIO_ctrl_set_connected().</p>
</li>
<li><p>The peer address of the datagram last received by a call to BIO_read().</p>
</li>
</ul>
</dd>
<dt id="BIO_dgram_set_peer-BIO_CTRL_DGRAM_SET_PEER">BIO_dgram_set_peer (BIO_CTRL_DGRAM_SET_PEER)</dt>
<dd>
<p>Sets the peer address to be used for subsequent writes to this BIO.</p>
<p>Warning: When used with an unconnected network socket, the value set may be modified by future calls to <a href="../man3/BIO_read.html">BIO_read(3)</a>, making use of BIO_s_datagram() hazardous when used with unconnected network sockets; see above.</p>
<p>This does not affect the operation of <a href="../man3/BIO_sendmmsg.html">BIO_sendmmsg(3)</a>. <a href="../man3/BIO_recvmmsg.html">BIO_recvmmsg(3)</a> does not affect the value set by BIO_dgram_set_peer().</p>
</dd>
<dt id="BIO_dgram_detect_peer_addr-BIO_CTRL_DGRAM_DETECT_PEER_ADDR">BIO_dgram_detect_peer_addr (BIO_CTRL_DGRAM_DETECT_PEER_ADDR)</dt>
<dd>
<p>This is similar to BIO_dgram_get_peer() except that if the peer address has not been set on the BIO object, an OS call such as getpeername(2) will be attempted to try and autodetect the peer address to which the underlying socket is connected. Other BIOs may also implement this control if they are capable of sensing a peer address, without necessarily also implementing BIO_dgram_set_peer() and BIO_dgram_get_peer().</p>
</dd>
<dt id="BIO_dgram_recv_timeout-BIO_CTRL_DGRAM_GET_RECV_TIMER_EXP">BIO_dgram_recv_timeout (BIO_CTRL_DGRAM_GET_RECV_TIMER_EXP)</dt>
<dd>
<p>Returns 1 if the last I/O operation performed on the BIO (for example, via a call to <a href="../man3/BIO_read.html">BIO_read(3)</a>) may have been caused by a receive timeout.</p>
</dd>
<dt id="BIO_dgram_send_timedout-BIO_CTRL_DGRAM_GET_SEND_TIMER_EXP">BIO_dgram_send_timedout (BIO_CTRL_DGRAM_GET_SEND_TIMER_EXP)</dt>
<dd>
<p>Returns 1 if the last I/O operation performed on the BIO (for example, via a call to <a href="../man3/BIO_write.html">BIO_write(3)</a>) may have been caused by a send timeout.</p>
</dd>
<dt id="BIO_dgram_get_mtu_overhead-BIO_CTRL_DGRAM_GET_MTU_OVERHEAD">BIO_dgram_get_mtu_overhead (BIO_CTRL_DGRAM_GET_MTU_OVERHEAD)</dt>
<dd>
<p>Returns a quantity in bytes which is a rough estimate of the number of bytes of overhead which should typically be added to a datagram payload size in order to estimate the final size of the Layer 3 (e.g. IP) packet which will contain the datagram. In most cases, the maximum datagram payload size which can be transmitted can be determined by determining the link MTU in bytes and subtracting the value returned by this call.</p>
<p>The value returned by this call depends on the network layer protocol being used.</p>
<p>The value returned is not fully reliable because datagram overheads can be higher in atypical network configurations, for example where IPv6 extension headers or IPv4 options are used.</p>
</dd>
<dt id="BIO_CTRL_DGRAM_SET_DONT_FRAG">BIO_CTRL_DGRAM_SET_DONT_FRAG</dt>
<dd>
<p>If <i>num</i> is nonzero, configures the underlying network socket to enable Don&#39;t Fragment mode, in which datagrams will be set with the IP Don&#39;t Fragment (DF) bit set. If <i>num</i> is zero, Don&#39;t Fragment mode is disabled.</p>
</dd>
<dt id="BIO_CTRL_DGRAM_QUERY_MTU">BIO_CTRL_DGRAM_QUERY_MTU</dt>
<dd>
<p>Queries the OS for its assessment of the Path MTU for the destination to which the underlying network socket, and returns that Path MTU in bytes. This control can only be used with a connected socket.</p>
<p>This is not supported on all platforms and depends on OS support being available. Returns 0 on failure.</p>
</dd>
<dt id="BIO_CTRL_DGRAM_MTU_DISCOVER">BIO_CTRL_DGRAM_MTU_DISCOVER</dt>
<dd>
<p>This control requests that Path MTU discovery be enabled on the underlying network socket.</p>
</dd>
<dt id="BIO_CTRL_DGRAM_GET_FALLBACK_MTU">BIO_CTRL_DGRAM_GET_FALLBACK_MTU</dt>
<dd>
<p>Returns the estimated minimum size of datagram payload which should always be supported on the BIO. This size is determined by the minimum MTU required to be supported by the applicable underlying network layer. Use of datagrams of this size may lead to suboptimal performance, but should be routable in all circumstances. The value returned is the datagram payload size in bytes and does not include the size of layer 3 or layer 4 protocol headers.</p>
</dd>
<dt id="BIO_CTRL_DGRAM_MTU_EXCEEDED">BIO_CTRL_DGRAM_MTU_EXCEEDED</dt>
<dd>
<p>Returns 1 if the last attempted write to the BIO failed due to the size of the attempted write exceeding the applicable MTU.</p>
</dd>
<dt id="BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT">BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT</dt>
<dd>
<p>Accepts a pointer to a <b>struct timeval</b>. If the time specified is zero, disables receive timeouts. Otherwise, configures the specified time interval as the receive timeout for the socket for the purposes of future <a href="../man3/BIO_read.html">BIO_read(3)</a> calls.</p>
</dd>
<dt id="BIO_CTRL_DGRAM_SET_PEEK_MODE">BIO_CTRL_DGRAM_SET_PEEK_MODE</dt>
<dd>
<p>If <b>num</b> is nonzero, enables peek mode; otherwise, disables peek mode. Where peek mode is enabled, calls to <a href="../man3/BIO_read.html">BIO_read(3)</a> read datagrams from the underlying network socket in peek mode, meaning that a future call to <a href="../man3/BIO_read.html">BIO_read(3)</a> will yield the same datagram until peek mode is disabled.</p>
<p><a href="../man3/BIO_recvmmsg.html">BIO_recvmmsg(3)</a> is not affected by this control.</p>
</dd>
</dl>
<p>BIO_new_dgram() is a helper function which instantiates a BIO_s_datagram() and sets the BIO to use the socket given in <i>fd</i> by calling BIO_set_fd().</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>BIO_s_datagram() returns a BIO method.</p>
<p>BIO_new_dgram() returns a BIO on success and NULL on failure.</p>
<p>BIO_ctrl_dgram_connect(), BIO_ctrl_set_connected() and BIO_dgram_set_peer() return 1 on success and 0 on failure.</p>
<p>BIO_dgram_get_peer() and BIO_dgram_detect_peer_addr() return 0 on failure and the number of bytes for the outputted address representation (a positive value) on success.</p>
<p>BIO_dgram_recv_timedout() and BIO_dgram_send_timedout() return 0 or 1 depending on the circumstance; see discussion above.</p>
<p>BIO_dgram_get_mtu_overhead() returns a value in bytes.</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/BIO_sendmmsg.html">BIO_sendmmsg(3)</a>, <a href="../man3/BIO_s_dgram_pair.html">BIO_s_dgram_pair(3)</a>, <a href="../man3/DTLSv1_listen.html">DTLSv1_listen(3)</a>, <a href="../man7/bio.html">bio(7)</a></p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2022-2023 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

163
openssl-3.4.2/doc/html/man3/BIO_s_dgram_pair.html
View File

@@ -1,163 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>BIO_s_dgram_pair</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#THREADING">THREADING</a></li>
<li><a href="#CAPABILITY-INDICATION">CAPABILITY INDICATION</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>BIO_s_dgram_pair, BIO_new_bio_dgram_pair, BIO_dgram_set_no_trunc, BIO_dgram_get_no_trunc, BIO_dgram_get_effective_caps, BIO_dgram_get_caps, BIO_dgram_set_caps, BIO_dgram_set_mtu, BIO_dgram_get_mtu - datagram pair BIO</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/bio.h&gt;
const BIO_METHOD *BIO_s_dgram_pair(void);
int BIO_new_bio_dgram_pair(BIO **bio1, size_t writebuf1,
BIO **bio2, size_t writebuf2);
int BIO_dgram_set_no_trunc(BIO *bio, int enable);
int BIO_dgram_get_no_trunc(BIO *bio);
uint32_t BIO_dgram_get_effective_caps(BIO *bio);
uint32_t BIO_dgram_get_caps(BIO *bio);
int BIO_dgram_set_caps(BIO *bio, uint32_t caps);
int BIO_dgram_set_mtu(BIO *bio, unsigned int mtu);
unsigned int BIO_dgram_get_mtu(BIO *bio);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>BIO_s_dgram_pair() returns the method for a BIO datagram pair. A BIO datagram pair is similar to a BIO pair (see <a href="../man3/BIO_s_bio.html">BIO_s_bio(3)</a>) but has datagram semantics. Broadly, this means that the length of the buffer passed to a write call will match that retrieved by a read call. If the buffer passed to a read call is too short, the datagram is truncated or the read fails, depending on how the BIO is configured.</p>
<p>The BIO datagram pair attaches certain metadata to each write, such as source and destination addresses. This information may be retrieved on read.</p>
<p>A typical application of a BIO datagram pair is to allow an application to keep all datagram network I/O requested by libssl under application control.</p>
<p>The BIO datagram pair is designed to support multithreaded use where certain restrictions are observed; see THREADING.</p>
<p>The BIO datagram pair allows each half of a pair to signal to the other half whether they support certain capabilities; see CAPABILITY INDICATION.</p>
<p>BIO_new_bio_dgram_pair() combines the calls to <a href="../man3/BIO_new.html">BIO_new(3)</a>, <a href="../man3/BIO_make_bio_pair.html">BIO_make_bio_pair(3)</a> and <a href="../man3/BIO_set_write_buf_size.html">BIO_set_write_buf_size(3)</a> to create a connected pair of BIOs <b>bio1</b>, <b>bio2</b> with write buffer sizes <b>writebuf1</b> and <b>writebuf2</b>. If either size is zero then the default size is used.</p>
<p><a href="../man3/BIO_make_bio_pair.html">BIO_make_bio_pair(3)</a> may be used to join two datagram pair BIOs into a pair. The two BIOs must both use the method returned by BIO_s_dgram_pair() and neither of the BIOs may currently be associated in a pair.</p>
<p><a href="../man3/BIO_destroy_bio_pair.html">BIO_destroy_bio_pair(3)</a> destroys the association between two connected BIOs. Freeing either half of the pair will automatically destroy the association.</p>
<p><a href="../man3/BIO_reset.html">BIO_reset(3)</a> clears any data in the write buffer of the given BIO. This means that the opposite BIO in the pair will no longer have any data waiting to be read.</p>
<p>The BIO maintains a fixed size internal write buffer. When the buffer is full, further writes will fail until the buffer is drained via calls to <a href="../man3/BIO_read.html">BIO_read(3)</a>. The size of the buffer can be changed using <a href="../man3/BIO_set_write_buf_size.html">BIO_set_write_buf_size(3)</a> and queried using <a href="../man3/BIO_get_write_buf_size.html">BIO_get_write_buf_size(3)</a>.</p>
<p>Note that the write buffer is partially consumed by metadata stored internally which is attached to each datagram, such as source and destination addresses. The size of this overhead is undefined and may change between releases.</p>
<p>The standard <a href="../man3/BIO_ctrl_pending.html">BIO_ctrl_pending(3)</a> call has modified behaviour and returns the size of the next datagram waiting to be read in bytes. An application can use this function to ensure it provides an adequate buffer to a subsequent read call. If no datagram is waiting to be read, zero is returned.</p>
<p>This BIO does not support sending or receiving zero-length datagrams. Passing a zero-length buffer to BIO_write is treated as a no-op.</p>
<p><a href="../man3/BIO_eof.html">BIO_eof(3)</a> returns 1 only if the given BIO datagram pair BIO is not currently connected to a peer BIO.</p>
<p><a href="../man3/BIO_get_write_guarantee.html">BIO_get_write_guarantee(3)</a> and <a href="../man3/BIO_ctrl_get_write_guarantee.html">BIO_ctrl_get_write_guarantee(3)</a> return how large a datagram the next call to <a href="../man3/BIO_write.html">BIO_write(3)</a> can accept. If there is not enough space in the write buffer to accept another datagram equal in size to the configured MTU, zero is returned (see below). This is intended to avoid a situation where an application attempts to read a datagram from a network intending to write it to a BIO datagram pair, but where the received datagram ends up being too large to write to the BIO datagram pair.</p>
<p>BIO_dgram_set_no_trunc() and BIO_ctrl_get_no_trunc() set and retrieve the truncation mode for the given half of a BIO datagram pair. When no-truncate mode is enabled, BIO_read() will fail if the buffer provided is inadequate to hold the next datagram to be read. If no-truncate mode is disabled (the default), the datagram will be silently truncated. This default behaviour maintains compatibility with the semantics of the Berkeley sockets API.</p>
<p>BIO_dgram_set_mtu() and BIO_dgram_get_mtu() may be used to set an informational MTU value on the BIO datagram pair. If BIO_dgram_set_mtu() is used on a BIO which is currently part of a BIO datagram pair, the MTU value is set on both halves of the pair. The value does not affect the operation of the BIO datagram pair (except for BIO_get_write_guarantee(); see above) but may be used by other code to determine a requested MTU. When a BIO datagram pair BIO is created, the MTU is set to an unspecified but valid value.</p>
<p><a href="../man3/BIO_flush.html">BIO_flush(3)</a> is a no-op.</p>
<h1 id="NOTES">NOTES</h1>
<p>The halves of a BIO datagram pair have independent lifetimes and must be separately freed.</p>
<h1 id="THREADING">THREADING</h1>
<p><a href="../man3/BIO_recvmmsg.html">BIO_recvmmsg(3)</a>, <a href="../man3/BIO_sendmmsg.html">BIO_sendmmsg(3)</a>, <a href="../man3/BIO_read.html">BIO_read(3)</a>, <a href="../man3/BIO_write.html">BIO_write(3)</a>, <a href="../man3/BIO_pending.html">BIO_pending(3)</a>, <a href="../man3/BIO_get_write_guarantee.html">BIO_get_write_guarantee(3)</a> and <a href="../man3/BIO_flush.html">BIO_flush(3)</a> may be used by multiple threads simultaneously on the same BIO datagram pair. Specific <a href="../man3/BIO_ctrl.html">BIO_ctrl(3)</a> operations (namely BIO_CTRL_PENDING, BIO_CTRL_FLUSH and BIO_C_GET_WRITE_GUARANTEE) may also be used. Invoking any other BIO call, or any other <a href="../man3/BIO_ctrl.html">BIO_ctrl(3)</a> operation, on either half of a BIO datagram pair while any other BIO call is also in progress to either half of the same BIO datagram pair results in undefined behaviour.</p>
<h1 id="CAPABILITY-INDICATION">CAPABILITY INDICATION</h1>
<p>The BIO datagram pair can be used to enqueue datagrams which have source and destination addresses attached. It is important that the component consuming one side of a BIO datagram pair understand whether the other side of the pair will honour any source and destination addresses it attaches to each datagram. For example, if datagrams are queued with destination addresses set but simply read by simple calls to <a href="../man3/BIO_read.html">BIO_read(3)</a>, the destination addresses will be discarded.</p>
<p>Each half of a BIO datagram pair can have capability flags set on it which indicate whether source and destination addresses will be honoured by the reader and whether they will be provided by the writer. These capability flags should be set via a call to BIO_dgram_set_caps(), and these capabilities will be reflected in the value returned by BIO_dgram_get_effective_caps() on the opposite BIO. If necessary, the capability value previously set can be retrieved using BIO_dgram_get_caps(). Note that BIO_dgram_set_caps() on a given BIO controls the capabilities advertised to the peer, and BIO_dgram_get_effective_caps() on a given BIO determines the capabilities advertised by the peer of that BIO.</p>
<p>The following capabilities are available:</p>
<dl>
<dt id="BIO_DGRAM_CAP_HANDLES_SRC_ADDR"><b>BIO_DGRAM_CAP_HANDLES_SRC_ADDR</b></dt>
<dd>
<p>The user of the datagram pair BIO promises to honour source addresses provided with datagrams written to the BIO pair.</p>
</dd>
<dt id="BIO_DGRAM_CAP_HANDLES_DST_ADDR"><b>BIO_DGRAM_CAP_HANDLES_DST_ADDR</b></dt>
<dd>
<p>The user of the datagram pair BIO promises to honour destination addresses provided with datagrams written to the BIO pair.</p>
</dd>
<dt id="BIO_DGRAM_CAP_PROVIDES_SRC_ADDR"><b>BIO_DGRAM_CAP_PROVIDES_SRC_ADDR</b></dt>
<dd>
<p>The user of the datagram pair BIO advertises the fact that it will provide source addressing information with future writes to the BIO pair, where available.</p>
</dd>
<dt id="BIO_DGRAM_CAP_PROVIDES_DST_ADDR"><b>BIO_DGRAM_CAP_PROVIDES_DST_ADDR</b></dt>
<dd>
<p>The user of the datagram pair BIO advertises the fact that it will provide destination addressing information with future writes to the BIO pair, where available.</p>
</dd>
</dl>
<p>If a caller attempts to specify a destination address (for example, using <a href="../man3/BIO_sendmmsg.html">BIO_sendmmsg(3)</a>) and the peer has not advertised the <b>BIO_DGRAM_CAP_HANDLES_DST_ADDR</b> capability, the operation fails. Thus, capability negotiation is mandatory.</p>
<p>If a caller attempts to specify a source address when writing, or requests a destination address when receiving, and local address support has not been enabled, the operation fails; see <a href="../man3/BIO_dgram_set_local_addr_enable.html">BIO_dgram_set_local_addr_enable(3)</a>.</p>
<p>If a caller attempts to enable local address support using <a href="../man3/BIO_dgram_set_local_addr_enable.html">BIO_dgram_set_local_addr_enable(3)</a> and <a href="../man3/BIO_dgram_get_local_addr_cap.html">BIO_dgram_get_local_addr_cap(3)</a> does not return 1 (meaning that the peer has not advertised both the <b>BIO_DGRAM_CAP_HANDLES_SRC_ADDR</b> and the <b>BIO_DGRAM_CAP_PROVIDES_DST_ADDR</b> capability), the operation fails.</p>
<p><b>BIO_DGRAM_CAP_PROVIDES_SRC_ADDR</b> and <b>BIO_DGRAM_CAP_PROVIDES_DST_ADDR</b> indicate that the application using that half of a BIO datagram pair promises to provide source and destination addresses respectively when writing datagrams to that half of the BIO datagram pair. However, these capability flags do not affect the behaviour of the BIO datagram pair.</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>BIO_new_bio_dgram_pair() returns 1 on success, with the new BIOs available in <b>bio1</b> and <b>bio2</b>, or 0 on failure, with NULL pointers stored into the locations for <b>bio1</b> and <b>bio2</b>. Check the error stack for more information.</p>
<p>BIO_dgram_set_no_trunc(), BIO_dgram_set_caps() and BIO_dgram_set_mtu() return 1 on success and 0 on failure.</p>
<p>BIO_dgram_get_no_trunc() returns 1 if no-truncate mode is enabled on a BIO, or 0 if no-truncate mode is not enabled or not supported on a given BIO.</p>
<p>BIO_dgram_get_effective_caps() and BIO_dgram_get_caps() return zero if no capabilities are supported.</p>
<p>BIO_dgram_get_mtu() returns the MTU value configured on the BIO, or zero if the operation is not supported.</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/BIO_s_bio.html">BIO_s_bio(3)</a>, <a href="../man7/bio.html">bio(7)</a></p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

103
openssl-3.4.2/doc/html/man3/BIO_s_fd.html
View File

@@ -1,103 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>BIO_s_fd</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#EXAMPLES">EXAMPLES</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>BIO_s_fd, BIO_set_fd, BIO_get_fd, BIO_new_fd - file descriptor BIO</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/bio.h&gt;
const BIO_METHOD *BIO_s_fd(void);
int BIO_set_fd(BIO *b, int fd, int c);
int BIO_get_fd(BIO *b, int *c);
BIO *BIO_new_fd(int fd, int close_flag);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>BIO_s_fd() returns the file descriptor BIO method. This is a wrapper round the platforms file descriptor routines such as read() and write().</p>
<p>BIO_read_ex() and BIO_write_ex() read or write the underlying descriptor. BIO_puts() is supported but BIO_gets() is not.</p>
<p>If the close flag is set then close() is called on the underlying file descriptor when the BIO is freed.</p>
<p>BIO_reset() attempts to change the file pointer to the start of file such as by using <b>lseek(fd, 0, 0)</b>.</p>
<p>BIO_seek() sets the file pointer to position <b>ofs</b> from start of file such as by using <b>lseek(fd, ofs, 0)</b>.</p>
<p>BIO_tell() returns the current file position such as by calling <b>lseek(fd, 0, 1)</b>.</p>
<p>BIO_set_fd() sets the file descriptor of BIO <b>b</b> to <b>fd</b> and the close flag to <b>c</b>.</p>
<p>BIO_get_fd() places the file descriptor of BIO <b>b</b> in <b>c</b> if it is not NULL. It also returns the file descriptor.</p>
<p>BIO_new_fd() returns a file descriptor BIO using <b>fd</b> and <b>close_flag</b>.</p>
<h1 id="NOTES">NOTES</h1>
<p>The behaviour of BIO_read_ex() and BIO_write_ex() depends on the behavior of the platforms read() and write() calls on the descriptor. If the underlying file descriptor is in a non blocking mode then the BIO will behave in the manner described in the <a href="../man3/BIO_read_ex.html">BIO_read_ex(3)</a> and <a href="../man3/BIO_should_retry.html">BIO_should_retry(3)</a> manual pages.</p>
<p>File descriptor BIOs should not be used for socket I/O. Use socket BIOs instead.</p>
<p>BIO_set_fd() and BIO_get_fd() are implemented as macros.</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>BIO_s_fd() returns the file descriptor BIO method.</p>
<p>BIO_set_fd() returns 1 on success or &lt;=0 for failure.</p>
<p>BIO_get_fd() returns the file descriptor or -1 if the BIO has not been initialized. It also returns zero and negative values if other error occurs.</p>
<p>BIO_new_fd() returns the newly allocated BIO or NULL is an error occurred.</p>
<h1 id="EXAMPLES">EXAMPLES</h1>
<p>This is a file descriptor BIO version of &quot;Hello World&quot;:</p>
<pre><code>BIO *out;
out = BIO_new_fd(fileno(stdout), BIO_NOCLOSE);
BIO_printf(out, &quot;Hello World\n&quot;);
BIO_free(out);</code></pre>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/BIO_seek.html">BIO_seek(3)</a>, <a href="../man3/BIO_tell.html">BIO_tell(3)</a>, <a href="../man3/BIO_reset.html">BIO_reset(3)</a>, <a href="../man3/BIO_read_ex.html">BIO_read_ex(3)</a>, <a href="../man3/BIO_write_ex.html">BIO_write_ex(3)</a>, <a href="../man3/BIO_puts.html">BIO_puts(3)</a>, <a href="../man3/BIO_gets.html">BIO_gets(3)</a>, <a href="../man3/BIO_printf.html">BIO_printf(3)</a>, <a href="../man3/BIO_set_close.html">BIO_set_close(3)</a>, <a href="../man3/BIO_get_close.html">BIO_get_close(3)</a></p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

159
openssl-3.4.2/doc/html/man3/BIO_s_file.html
View File

@@ -1,159 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>BIO_s_file</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#EXAMPLES">EXAMPLES</a></li>
<li><a href="#BUGS">BUGS</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>BIO_s_file, BIO_new_file, BIO_new_fp, BIO_set_fp, BIO_get_fp, BIO_read_filename, BIO_write_filename, BIO_append_filename, BIO_rw_filename - FILE bio</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/bio.h&gt;
const BIO_METHOD *BIO_s_file(void);
BIO *BIO_new_file(const char *filename, const char *mode);
BIO *BIO_new_fp(FILE *stream, int flags);
BIO_set_fp(BIO *b, FILE *fp, int flags);
BIO_get_fp(BIO *b, FILE **fpp);
int BIO_read_filename(BIO *b, char *name);
int BIO_write_filename(BIO *b, char *name);
int BIO_append_filename(BIO *b, char *name);
int BIO_rw_filename(BIO *b, char *name);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>BIO_s_file() returns the BIO file method. As its name implies it is a wrapper round the stdio FILE structure and it is a source/sink BIO.</p>
<p>Calls to BIO_read_ex() and BIO_write_ex() read and write data to the underlying stream. BIO_gets() and BIO_puts() are supported on file BIOs.</p>
<p>BIO_flush() on a file BIO calls the fflush() function on the wrapped stream.</p>
<p>BIO_reset() attempts to change the file pointer to the start of file using fseek(stream, 0, 0).</p>
<p>BIO_seek() sets the file pointer to position <b>ofs</b> from start of file using fseek(stream, ofs, 0).</p>
<p>BIO_eof() calls feof().</p>
<p>Setting the BIO_CLOSE flag calls fclose() on the stream when the BIO is freed.</p>
<p>BIO_new_file() creates a new file BIO with mode <b>mode</b> the meaning of <b>mode</b> is the same as the stdio function fopen(). The BIO_CLOSE flag is set on the returned BIO.</p>
<p>BIO_new_fp() creates a file BIO wrapping <b>stream</b>. Flags can be: BIO_CLOSE, BIO_NOCLOSE (the close flag) BIO_FP_TEXT (sets the underlying stream to text mode, default is binary: this only has any effect under Win32).</p>
<p>BIO_set_fp() sets the fp of a file BIO to <b>fp</b>. <b>flags</b> has the same meaning as in BIO_new_fp(), it is a macro.</p>
<p>BIO_get_fp() retrieves the fp of a file BIO, it is a macro.</p>
<p>BIO_seek() is a macro that sets the position pointer to <b>offset</b> bytes from the start of file.</p>
<p>BIO_tell() returns the value of the position pointer.</p>
<p>BIO_read_filename(), BIO_write_filename(), BIO_append_filename() and BIO_rw_filename() set the file BIO <b>b</b> to use file <b>name</b> for reading, writing, append or read write respectively.</p>
<h1 id="NOTES">NOTES</h1>
<p>When wrapping stdout, stdin or stderr the underlying stream should not normally be closed so the BIO_NOCLOSE flag should be set.</p>
<p>Because the file BIO calls the underlying stdio functions any quirks in stdio behaviour will be mirrored by the corresponding BIO.</p>
<p>On Windows BIO_new_files reserves for the filename argument to be UTF-8 encoded. In other words if you have to make it work in multi- lingual environment, encode filenames in UTF-8.</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>BIO_s_file() returns the file BIO method.</p>
<p>BIO_new_file() and BIO_new_fp() return a file BIO or NULL if an error occurred.</p>
<p>BIO_set_fp() and BIO_get_fp() return 1 for success or &lt;=0 for failure (although the current implementation never return 0).</p>
<p>BIO_seek() returns 0 for success or negative values for failure.</p>
<p>BIO_tell() returns the current file position or negative values for failure.</p>
<p>BIO_read_filename(), BIO_write_filename(), BIO_append_filename() and BIO_rw_filename() return 1 for success or &lt;=0 for failure.</p>
<h1 id="EXAMPLES">EXAMPLES</h1>
<p>File BIO &quot;hello world&quot;:</p>
<pre><code>BIO *bio_out;
bio_out = BIO_new_fp(stdout, BIO_NOCLOSE);
BIO_printf(bio_out, &quot;Hello World\n&quot;);</code></pre>
<p>Alternative technique:</p>
<pre><code>BIO *bio_out;
bio_out = BIO_new(BIO_s_file());
if (bio_out == NULL)
/* Error */
if (BIO_set_fp(bio_out, stdout, BIO_NOCLOSE) &lt;= 0)
/* Error */
BIO_printf(bio_out, &quot;Hello World\n&quot;);</code></pre>
<p>Write to a file:</p>
<pre><code>BIO *out;
out = BIO_new_file(&quot;filename.txt&quot;, &quot;w&quot;);
if (!out)
/* Error */
BIO_printf(out, &quot;Hello World\n&quot;);
BIO_free(out);</code></pre>
<p>Alternative technique:</p>
<pre><code>BIO *out;
out = BIO_new(BIO_s_file());
if (out == NULL)
/* Error */
if (BIO_write_filename(out, &quot;filename.txt&quot;) &lt;= 0)
/* Error */
BIO_printf(out, &quot;Hello World\n&quot;);
BIO_free(out);</code></pre>
<h1 id="BUGS">BUGS</h1>
<p>BIO_reset() and BIO_seek() are implemented using fseek() on the underlying stream. The return value for fseek() is 0 for success or -1 if an error occurred this differs from other types of BIO which will typically return 1 for success and a non positive value if an error occurred.</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/BIO_seek.html">BIO_seek(3)</a>, <a href="../man3/BIO_tell.html">BIO_tell(3)</a>, <a href="../man3/BIO_reset.html">BIO_reset(3)</a>, <a href="../man3/BIO_flush.html">BIO_flush(3)</a>, <a href="../man3/BIO_read_ex.html">BIO_read_ex(3)</a>, <a href="../man3/BIO_write_ex.html">BIO_write_ex(3)</a>, <a href="../man3/BIO_puts.html">BIO_puts(3)</a>, <a href="../man3/BIO_gets.html">BIO_gets(3)</a>, <a href="../man3/BIO_printf.html">BIO_printf(3)</a>, <a href="../man3/BIO_set_close.html">BIO_set_close(3)</a>, <a href="../man3/BIO_get_close.html">BIO_get_close(3)</a></p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

162
openssl-3.4.2/doc/html/man3/BIO_s_mem.html
View File

@@ -1,162 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>BIO_s_mem</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#EXAMPLES">EXAMPLES</a></li>
<li><a href="#HISTORY">HISTORY</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>BIO_s_secmem, BIO_s_dgram_mem, BIO_s_mem, BIO_set_mem_eof_return, BIO_get_mem_data, BIO_set_mem_buf, BIO_get_mem_ptr, BIO_new_mem_buf - memory BIO</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/bio.h&gt;
const BIO_METHOD *BIO_s_mem(void);
const BIO_METHOD *BIO_s_dgram_mem(void);
const BIO_METHOD *BIO_s_secmem(void);
BIO_set_mem_eof_return(BIO *b, int v);
long BIO_get_mem_data(BIO *b, char **pp);
BIO_set_mem_buf(BIO *b, BUF_MEM *bm, int c);
BIO_get_mem_ptr(BIO *b, BUF_MEM **pp);
BIO *BIO_new_mem_buf(const void *buf, int len);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>BIO_s_mem() returns the memory BIO method function.</p>
<p>A memory BIO is a source/sink BIO which uses memory for its I/O. Data written to a memory BIO is stored in a BUF_MEM structure which is extended as appropriate to accommodate the stored data.</p>
<p>BIO_s_secmem() is like BIO_s_mem() except that the secure heap is used for buffer storage.</p>
<p>BIO_s_dgram_mem() is a memory BIO that respects datagram semantics. A single call to <a href="../man3/BIO_write.html">BIO_write(3)</a> will write a single datagram to the memory BIO. A subsequent call to <a href="../man3/BIO_read.html">BIO_read(3)</a> will read the data in that datagram. The <a href="../man3/BIO_read.html">BIO_read(3)</a> call will never return more data than was written in the original <a href="../man3/BIO_write.html">BIO_write(3)</a> call even if there were subsequent <a href="../man3/BIO_write.html">BIO_write(3)</a> calls that wrote more datagrams. Each successive call to <a href="../man3/BIO_read.html">BIO_read(3)</a> will read the next datagram. If a <a href="../man3/BIO_read.html">BIO_read(3)</a> call supplies a read buffer that is smaller than the size of the datagram, then the read buffer will be completely filled and the remaining data from the datagram will be discarded.</p>
<p>It is not possible to write a zero length datagram. Calling <a href="../man3/BIO_write.html">BIO_write(3)</a> in this case will return 0 and no datagrams will be written. Calling <a href="../man3/BIO_read.html">BIO_read(3)</a> when there are no datagrams in the BIO to read will return a negative result and the &quot;retry&quot; flags will be set (i.e. calling <a href="../man3/BIO_should_retry.html">BIO_should_retry(3)</a> will return true). A datagram mem BIO will never return true from <a href="../man3/BIO_eof.html">BIO_eof(3)</a>.</p>
<p>Any data written to a memory BIO can be recalled by reading from it. Unless the memory BIO is read only any data read from it is deleted from the BIO.</p>
<p>Memory BIOs except BIO_s_dgram_mem() support BIO_gets() and BIO_puts().</p>
<p>BIO_s_dgram_mem() supports <a href="../man3/BIO_sendmmsg.html">BIO_sendmmsg(3)</a> and <a href="../man3/BIO_recvmmsg.html">BIO_recvmmsg(3)</a> calls and calls related to <b>BIO_ADDR</b> and MTU handling similarly to the <a href="../man3/BIO_s_dgram_pair.html">BIO_s_dgram_pair(3)</a>.</p>
<p>If the BIO_CLOSE flag is set when a memory BIO is freed then the underlying BUF_MEM structure is also freed.</p>
<p>Calling BIO_reset() on a read write memory BIO clears any data in it if the flag BIO_FLAGS_NONCLEAR_RST is not set, otherwise it just restores the read pointer to the state it was just after the last write was performed and the data can be read again. On a read only BIO it similarly restores the BIO to its original state and the read only data can be read again.</p>
<p>BIO_eof() is true if no data is in the BIO.</p>
<p>BIO_ctrl_pending() returns the number of bytes currently stored.</p>
<p>BIO_set_mem_eof_return() sets the behaviour of memory BIO <b>b</b> when it is empty. If the <b>v</b> is zero then an empty memory BIO will return EOF (that is it will return zero and BIO_should_retry(b) will be false. If <b>v</b> is non zero then it will return <b>v</b> when it is empty and it will set the read retry flag (that is BIO_read_retry(b) is true). To avoid ambiguity with a normal positive return value <b>v</b> should be set to a negative value, typically -1. Calling this macro will fail for datagram mem BIOs.</p>
<p>BIO_get_mem_data() sets *<b>pp</b> to a pointer to the start of the memory BIOs data and returns the total amount of data available. It is implemented as a macro. Note the pointer returned by this call is informative, no transfer of ownership of this memory is implied. See notes on BIO_set_close().</p>
<p>BIO_set_mem_buf() sets the internal BUF_MEM structure to <b>bm</b> and sets the close flag to <b>c</b>, that is <b>c</b> should be either BIO_CLOSE or BIO_NOCLOSE. It is a macro.</p>
<p>BIO_get_mem_ptr() places the underlying BUF_MEM structure in *<b>pp</b>. It is a macro.</p>
<p>BIO_new_mem_buf() creates a memory BIO using <b>len</b> bytes of data at <b>buf</b>, if <b>len</b> is -1 then the <b>buf</b> is assumed to be nul terminated and its length is determined by <b>strlen</b>. The BIO is set to a read only state and as a result cannot be written to. This is useful when some data needs to be made available from a static area of memory in the form of a BIO. The supplied data is read directly from the supplied buffer: it is <b>not</b> copied first, so the supplied area of memory must be unchanged until the BIO is freed.</p>
<p>All of the five functions described above return an error with BIO_s_dgram_mem().</p>
<h1 id="NOTES">NOTES</h1>
<p>Writes to memory BIOs will always succeed if memory is available: that is their size can grow indefinitely. An exception is BIO_s_dgram_mem() when <a href="../man3/BIO_set_write_buf_size.html">BIO_set_write_buf_size(3)</a> is called on it. In such case the write buffer size will be fixed and any writes that would overflow the buffer will return an error.</p>
<p>Every write after partial read (not all data in the memory buffer was read) to a read write memory BIO will have to move the unread data with an internal copy operation, if a BIO contains a lot of data and it is read in small chunks intertwined with writes the operation can be very slow. Adding a buffering BIO to the chain can speed up the process.</p>
<p>Calling BIO_set_mem_buf() on a secmem or dgram BIO will give undefined results, including perhaps a program crash.</p>
<p>Switching a memory BIO from read write to read only is not supported and can give undefined results including a program crash. There are two notable exceptions to the rule. The first one is to assign a static memory buffer immediately after BIO creation and set the BIO as read only.</p>
<p>The other supported sequence is to start with a read write BIO then temporarily switch it to read only and call BIO_reset() on the read only BIO immediately before switching it back to read write. Before the BIO is freed it must be switched back to the read write mode.</p>
<p>Calling BIO_get_mem_ptr() on read only BIO will return a BUF_MEM that contains only the remaining data to be read. If the close status of the BIO is set to BIO_NOCLOSE, before freeing the BUF_MEM the data pointer in it must be set to NULL as the data pointer does not point to an allocated memory.</p>
<p>Calling BIO_reset() on a read write memory BIO with BIO_FLAGS_NONCLEAR_RST flag set can have unexpected outcome when the reads and writes to the BIO are intertwined. As documented above the BIO will be reset to the state after the last completed write operation. The effects of reads preceding that write operation cannot be undone.</p>
<p>Calling BIO_get_mem_ptr() prior to a BIO_reset() call with BIO_FLAGS_NONCLEAR_RST set has the same effect as a write operation.</p>
<p>Calling BIO_set_close() with BIO_NOCLOSE orphans the BUF_MEM internal to the BIO, _not_ its actual data buffer. See the examples section for the proper method for claiming ownership of the data pointer for a deferred free operation.</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>BIO_s_mem(), BIO_s_dgram_mem() and BIO_s_secmem() return a valid memory <b>BIO_METHOD</b> structure.</p>
<p>BIO_set_mem_eof_return(), BIO_set_mem_buf() and BIO_get_mem_ptr() return 1 on success or a value which is less than or equal to 0 if an error occurred.</p>
<p>BIO_get_mem_data() returns the total number of bytes available on success, 0 if b is NULL, or a negative value in case of other errors.</p>
<p>BIO_new_mem_buf() returns a valid <b>BIO</b> structure on success or NULL on error.</p>
<h1 id="EXAMPLES">EXAMPLES</h1>
<p>Create a memory BIO and write some data to it:</p>
<pre><code>BIO *mem = BIO_new(BIO_s_mem());
BIO_puts(mem, &quot;Hello World\n&quot;);</code></pre>
<p>Create a read only memory BIO:</p>
<pre><code>char data[] = &quot;Hello World&quot;;
BIO *mem = BIO_new_mem_buf(data, -1);</code></pre>
<p>Extract the BUF_MEM structure from a memory BIO and then free up the BIO:</p>
<pre><code>BUF_MEM *bptr;
BIO_get_mem_ptr(mem, &amp;bptr);
BIO_set_close(mem, BIO_NOCLOSE); /* So BIO_free() leaves BUF_MEM alone */
BIO_free(mem);</code></pre>
<p>Extract the BUF_MEM ptr, claim ownership of the internal data and free the BIO and BUF_MEM structure:</p>
<pre><code>BUF_MEM *bptr;
char *data;
BIO_get_mem_data(bio, &amp;data);
BIO_get_mem_ptr(bio, &amp;bptr);
BIO_set_close(mem, BIO_NOCLOSE); /* So BIO_free orphans BUF_MEM */
BIO_free(bio);
bptr-&gt;data = NULL; /* Tell BUF_MEM to orphan data */
BUF_MEM_free(bptr);
...
free(data);</code></pre>
<h1 id="HISTORY">HISTORY</h1>
<p>BIO_s_dgram_mem() was added in OpenSSL 3.2.</p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2000-2023 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

60
openssl-3.4.2/doc/html/man3/BIO_s_null.html
View File

@@ -1,60 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>BIO_s_null</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>BIO_s_null - null data sink</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/bio.h&gt;
const BIO_METHOD *BIO_s_null(void);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>BIO_s_null() returns the null sink BIO method. Data written to the null sink is discarded, reads return EOF.</p>
<h1 id="NOTES">NOTES</h1>
<p>A null sink BIO behaves in a similar manner to the Unix /dev/null device.</p>
<p>A null bio can be placed on the end of a chain to discard any data passed through it.</p>
<p>A null sink is useful if, for example, an application wishes to digest some data by writing through a digest bio but not send the digested data anywhere. Since a BIO chain must normally include a source/sink BIO this can be achieved by adding a null sink BIO to the end of the chain</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>BIO_s_null() returns the null sink BIO method.</p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

68
openssl-3.4.2/doc/html/man3/BIO_s_socket.html
View File

@@ -1,68 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>BIO_s_socket</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>BIO_s_socket, BIO_new_socket - socket BIO</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/bio.h&gt;
const BIO_METHOD *BIO_s_socket(void);
BIO *BIO_new_socket(int sock, int close_flag);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>BIO_s_socket() returns the socket BIO method. This is a wrapper round the platform&#39;s socket routines.</p>
<p>BIO_read_ex() and BIO_write_ex() read or write the underlying socket. BIO_puts() is supported but BIO_gets() is not.</p>
<p>If the close flag is set then the socket is shut down and closed when the BIO is freed.</p>
<p>BIO_new_socket() returns a socket BIO using <b>sock</b> and <b>close_flag</b>.</p>
<h1 id="NOTES">NOTES</h1>
<p>Socket BIOs also support any relevant functionality of file descriptor BIOs.</p>
<p>The reason for having separate file descriptor and socket BIOs is that on some platforms sockets are not file descriptors and use distinct I/O routines, Windows is one such platform. Any code mixing the two will not work on all platforms.</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>BIO_s_socket() returns the socket BIO method.</p>
<p>BIO_new_socket() returns the newly allocated BIO or NULL is an error occurred.</p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

168
openssl-3.4.2/doc/html/man3/BIO_sendmmsg.html
View File

@@ -1,168 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>BIO_sendmmsg</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#HISTORY">HISTORY</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>BIO_sendmmsg, BIO_recvmmsg, BIO_dgram_set_local_addr_enable, BIO_dgram_get_local_addr_enable, BIO_dgram_get_local_addr_cap, BIO_err_is_non_fatal - send and receive multiple datagrams in a single call</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/bio.h&gt;
typedef struct bio_msg_st {
void *data;
size_t data_len;
BIO_ADDR *peer, *local;
uint64_t flags;
} BIO_MSG;
int BIO_sendmmsg(BIO *b, BIO_MSG *msg,
size_t stride, size_t num_msg, uint64_t flags,
size_t *msgs_processed);
int BIO_recvmmsg(BIO *b, BIO_MSG *msg,
size_t stride, size_t num_msg, uint64_t flags,
size_t *msgs_processed);
int BIO_dgram_set_local_addr_enable(BIO *b, int enable);
int BIO_dgram_get_local_addr_enable(BIO *b, int *enable);
int BIO_dgram_get_local_addr_cap(BIO *b);
int BIO_err_is_non_fatal(unsigned int errcode);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>BIO_sendmmsg() and BIO_recvmmsg() functions can be used to send and receive multiple messages in a single call to a BIO. They are analogous to sendmmsg(2) and recvmmsg(2) on operating systems which provide those functions.</p>
<p>The <b>BIO_MSG</b> structure provides a subset of the functionality of the <b>struct msghdr</b> structure defined by POSIX. These functions accept an array of <b>BIO_MSG</b> structures. On any particular invocation, these functions may process all of the passed structures, some of them, or none of them. This is indicated by the value stored in <i>*msgs_processed</i>, which expresses the number of messages processed.</p>
<p>The caller should set the <i>data</i> member of a <b>BIO_MSG</b> to a buffer containing the data to send, or to be filled with a received message. <i>data_len</i> should be set to the size of the buffer in bytes. If the given <b>BIO_MSG</b> is processed (in other words, if the integer returned by the function is greater than or equal to that <b>BIO_MSG</b>&#39;s array index), <i>data_len</i> will be modified to specify the actual amount of data sent or received.</p>
<p>The <i>flags</i> field of a <b>BIO_MSG</b> provides input per-message flags to the invocation. If the invocation processes that <b>BIO_MSG</b>, the <i>flags</i> field is written with output per-message flags, or zero if no such flags are applicable.</p>
<p>Currently, no input or output per-message flags are defined and this field should be set to zero before calling BIO_sendmmsg() or BIO_recvmmsg().</p>
<p>The <i>flags</i> argument to BIO_sendmmsg() and BIO_recvmmsg() provides global flags which affect the entire invocation. No global flags are currently defined and this argument should be set to zero.</p>
<p>When these functions are used to send and receive datagrams, the <i>peer</i> field of a <b>BIO_MSG</b> allows the destination address of sent datagrams to be specified on a per-datagram basis, and the source address of received datagrams to be determined. The <i>peer</i> field should be set to point to a <b>BIO_ADDR</b>, which will be read by BIO_sendmmsg() and used as the destination address for sent datagrams, and written by BIO_recvmmsg() with the source address of received datagrams.</p>
<p>Similarly, the <i>local</i> field of a <b>BIO_MSG</b> allows the source address of sent datagrams to be specified on a per-datagram basis, and the destination address of received datagrams to be determined. Unlike <i>peer</i>, support for <i>local</i> must be explicitly enabled on a <b>BIO</b> before it can be used; see BIO_dgram_set_local_addr_enable(). If <i>local</i> is non-NULL in a <b>BIO_MSG</b> and support for <i>local</i> has not been enabled, processing of that <b>BIO_MSG</b> fails.</p>
<p><i>peer</i> and <i>local</i> should be set to NULL if they are not required. Support for <i>local</i> may not be available on all platforms; on these platforms, these functions always fail if <i>local</i> is non-NULL.</p>
<p>If <i>local</i> is specified and local address support is enabled, but the operating system does not report a local address for a specific received message, the <b>BIO_ADDR</b> it points to will be cleared (address family set to <code>AF_UNSPEC</code>). This is known to happen on Windows when a packet is received which was sent by the local system, regardless of whether the packet&#39;s destination address was the loopback address or the IP address of a local non-loopback interface. This is also known to happen on macOS in some circumstances, such as for packets sent before local address support was enabled for a receiving socket. These are OS-specific limitations. As such, users of this API using local address support should expect to sometimes receive a cleared local <b>BIO_ADDR</b> instead of the correct value.</p>
<p>The <i>stride</i> argument must be set to <code>sizeof(BIO_MSG)</code>. This argument facilitates backwards compatibility if fields are added to <b>BIO_MSG</b>. Callers must zero-initialize <b>BIO_MSG</b>.</p>
<p><i>num_msg</i> should be sent to the maximum number of messages to send or receive, which is also the length of the array pointed to by <i>msg</i>.</p>
<p><i>msgs_processed</i> must be non-NULL and points to an integer written with the number of messages successfully processed; see the RETURN VALUES section for further discussion.</p>
<p>Unlike most BIO functions, these functions explicitly support multi-threaded use. Multiple concurrent writers and multiple concurrent readers of the same BIO are permitted in any combination. As such, these functions do not clear, set, or otherwise modify BIO retry flags. The return value must be used to determine whether an operation should be retried; see below.</p>
<p>The support for concurrent use extends to BIO_sendmmsg() and BIO_recvmmsg() only, and no other function may be called on a given BIO while any call to BIO_sendmmsg() or BIO_recvmmsg() is in progress, or vice versa.</p>
<p>BIO_dgram_set_local_addr_enable() and BIO_dgram_get_local_addr_enable() control whether local address support is enabled. To enable local address support, call BIO_dgram_set_local_addr_enable() with an argument of 1. The call will fail if local address support is not available for the platform. BIO_dgram_get_local_addr_enable() retrieves the value set by BIO_dgram_set_local_addr_enable().</p>
<p>BIO_dgram_get_local_addr_cap() determines if the <b>BIO</b> is capable of supporting local addresses.</p>
<p>BIO_err_is_non_fatal() determines if a packed error code represents an error which is transient in nature.</p>
<h1 id="NOTES">NOTES</h1>
<p>Some implementations of the BIO_sendmmsg() and BIO_recvmmsg() BIO methods might always process at most one message at a time, for example when OS-level functionality to transmit or receive multiple messages at a time is not available.</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>On success, the functions BIO_sendmmsg() and BIO_recvmmsg() return 1 and write the number of messages successfully processed (which need not be nonzero) to <i>msgs_processed</i>. Where a positive value n is written to <i>msgs_processed</i>, all entries in the <b>BIO_MSG</b> array from 0 through n-1 inclusive have their <i>data_len</i> and <i>flags</i> fields updated with the results of the operation on that message. If the call was to BIO_recvmmsg() and the <i>peer</i> or <i>local</i> fields of that message are non-NULL, the <b>BIO_ADDR</b> structures they point to are written with the relevant address.</p>
<p>On failure, the functions BIO_sendmmsg() and BIO_recvmmsg() return 0 and write zero to <i>msgs_processed</i>. Thus <i>msgs_processed</i> is always written regardless of the outcome of the function call.</p>
<p>If BIO_sendmmsg() and BIO_recvmmsg() fail, they always raise an <b>ERR_LIB_BIO</b> error using <a href="../man3/ERR_raise.html">ERR_raise(3)</a>. Any error may be raised, but the following in particular may be noted:</p>
<dl>
<dt id="BIO_R_LOCAL_ADDR_NOT_AVAILABLE"><b>BIO_R_LOCAL_ADDR_NOT_AVAILABLE</b></dt>
<dd>
<p>The <i>local</i> field was set to a non-NULL value, but local address support is not available or not enabled on the BIO.</p>
</dd>
<dt id="BIO_R_PEER_ADDR_NOT_AVAILABLE"><b>BIO_R_PEER_ADDR_NOT_AVAILABLE</b></dt>
<dd>
<p>The <i>peer</i> field was set to a non-NULL value, but peer address support is not available on the BIO.</p>
</dd>
<dt id="BIO_R_UNSUPPORTED_METHOD"><b>BIO_R_UNSUPPORTED_METHOD</b></dt>
<dd>
<p>The BIO_sendmmsg() or BIO_recvmmsg() method is not supported on the BIO.</p>
</dd>
<dt id="BIO_R_NON_FATAL"><b>BIO_R_NON_FATAL</b></dt>
<dd>
<p>The call failed due to a transient, non-fatal error (for example, because the BIO is in nonblocking mode and the call would otherwise have blocked).</p>
<p>Implementations of this interface which do not make system calls and thereby pass through system error codes using <b>ERR_LIB_SYS</b> (for example, memory-based implementations) should issue this reason code to indicate a transient failure. However, users of this interface should not test for this reason code directly, as there are multiple possible packed error codes representing a transient failure; use BIO_err_is_non_fatal() instead (discussed below).</p>
</dd>
<dt id="Socket-errors">Socket errors</dt>
<dd>
<p>OS-level socket errors are reported using an error with library code <b>ERR_LIB_SYS</b>; for a packed error code <b>errcode</b> where <code>ERR_SYSTEM_ERROR(errcode) == 1</code>, the OS-level socket error code can be retrieved using <code>ERR_GET_REASON(errcode)</code>. The packed error code can be retrieved by calling <a href="../man3/ERR_peek_last_error.html">ERR_peek_last_error(3)</a> after the call to BIO_sendmmsg() or BIO_recvmmsg() returns 0.</p>
</dd>
<dt id="Non-fatal-errors">Non-fatal errors</dt>
<dd>
<p>Whether an error is transient can be determined by passing the packed error code to BIO_err_is_non_fatal(). Callers should do this instead of testing the reason code directly, as there are many possible error codes which can indicate a transient error, many of which are system specific.</p>
</dd>
</dl>
<p>Third parties implementing custom BIOs supporting the BIO_sendmmsg() or BIO_recvmmsg() methods should note that it is a required part of the API contract that an error is always raised when either of these functions return 0.</p>
<p>BIO_dgram_set_local_addr_enable() returns 1 if local address support was successfully enabled or disabled and 0 otherwise.</p>
<p>BIO_dgram_get_local_addr_enable() returns 1 if the local address support enable flag was successfully retrieved.</p>
<p>BIO_dgram_get_local_addr_cap() returns 1 if the <b>BIO</b> can support local addresses.</p>
<p>BIO_err_is_non_fatal() returns 1 if the passed packed error code represents an error which is transient in nature.</p>
<h1 id="HISTORY">HISTORY</h1>
<p>These functions were added in OpenSSL 3.2.</p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2000-2023 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

298
openssl-3.4.2/doc/html/man3/BIO_set_callback.html
View File

@@ -1,298 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>BIO_set_callback</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#CALLBACK-OPERATIONS">CALLBACK OPERATIONS</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#EXAMPLES">EXAMPLES</a></li>
<li><a href="#HISTORY">HISTORY</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>BIO_set_callback_ex, BIO_get_callback_ex, BIO_set_callback, BIO_get_callback, BIO_set_callback_arg, BIO_get_callback_arg, BIO_debug_callback, BIO_debug_callback_ex, BIO_callback_fn_ex, BIO_callback_fn - BIO callback functions</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/bio.h&gt;
typedef long (*BIO_callback_fn_ex)(BIO *b, int oper, const char *argp,
size_t len, int argi,
long argl, int ret, size_t *processed);
void BIO_set_callback_ex(BIO *b, BIO_callback_fn_ex callback);
BIO_callback_fn_ex BIO_get_callback_ex(const BIO *b);
void BIO_set_callback_arg(BIO *b, char *arg);
char *BIO_get_callback_arg(const BIO *b);
long BIO_debug_callback_ex(BIO *bio, int oper, const char *argp, size_t len,
int argi, long argl, int ret, size_t *processed);</code></pre>
<p>The following functions have been deprecated since OpenSSL 3.0, and can be hidden entirely by defining <b>OPENSSL_API_COMPAT</b> with a suitable version value, see <a href="../man7/openssl_user_macros.html">openssl_user_macros(7)</a>:</p>
<pre><code>typedef long (*BIO_callback_fn)(BIO *b, int oper, const char *argp, int argi,
long argl, long ret);
void BIO_set_callback(BIO *b, BIO_callback_fn cb);
BIO_callback_fn BIO_get_callback(const BIO *b);
long BIO_debug_callback(BIO *bio, int cmd, const char *argp, int argi,
long argl, long ret);
typedef struct bio_mmsg_cb_args_st {
BIO_MSG *msg;
size_t stride, num_msg;
uint64_t flags;
size_t *msgs_processed;
} BIO_MMSG_CB_ARGS;</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>BIO_set_callback_ex() and BIO_get_callback_ex() set and retrieve the BIO callback. The callback is called during most high-level BIO operations. It can be used for debugging purposes to trace operations on a BIO or to modify its operation.</p>
<p>BIO_set_callback() and BIO_get_callback() set and retrieve the old format BIO callback. New code should not use these functions, but they are retained for backwards compatibility. Any callback set via BIO_set_callback_ex() will get called in preference to any set by BIO_set_callback().</p>
<p>BIO_set_callback_arg() and BIO_get_callback_arg() are macros which can be used to set and retrieve an argument for use in the callback.</p>
<p>BIO_debug_callback_ex() is a standard debugging callback which prints out information relating to each BIO operation. If the callback argument is set it is interpreted as a BIO to send the information to, otherwise stderr is used. The BIO_debug_callback() function is the deprecated version of the same callback for use with the old callback format BIO_set_callback() function.</p>
<p>BIO_callback_fn_ex is the type of the callback function and BIO_callback_fn is the type of the old format callback function. The meaning of each argument is described below:</p>
<dl>
<dt id="b"><b>b</b></dt>
<dd>
<p>The BIO the callback is attached to is passed in <b>b</b>.</p>
</dd>
<dt id="oper"><b>oper</b></dt>
<dd>
<p><b>oper</b> is set to the operation being performed. For some operations the callback is called twice, once before and once after the actual operation, the latter case has <b>oper</b> or&#39;ed with BIO_CB_RETURN.</p>
</dd>
<dt id="len"><b>len</b></dt>
<dd>
<p>The length of the data requested to be read or written. This is only useful if <b>oper</b> is BIO_CB_READ, BIO_CB_WRITE or BIO_CB_GETS.</p>
</dd>
<dt id="argp-argi-argl"><b>argp</b> <b>argi</b> <b>argl</b></dt>
<dd>
<p>The meaning of the arguments <b>argp</b>, <b>argi</b> and <b>argl</b> depends on the value of <b>oper</b>, that is the operation being performed.</p>
</dd>
<dt id="processed"><b>processed</b></dt>
<dd>
<p><b>processed</b> is a pointer to a location which will be updated with the amount of data that was actually read or written. Only used for BIO_CB_READ, BIO_CB_WRITE, BIO_CB_GETS and BIO_CB_PUTS.</p>
</dd>
<dt id="ret"><b>ret</b></dt>
<dd>
<p><b>ret</b> is the return value that would be returned to the application if no callback were present. The actual value returned is the return value of the callback itself. In the case of callbacks called before the actual BIO operation 1 is placed in <b>ret</b>, if the return value is not positive it will be immediately returned to the application and the BIO operation will not be performed.</p>
</dd>
</dl>
<p>The callback should normally simply return <b>ret</b> when it has finished processing, unless it specifically wishes to modify the value returned to the application.</p>
<h1 id="CALLBACK-OPERATIONS">CALLBACK OPERATIONS</h1>
<p>In the notes below, <b>callback</b> defers to the actual callback function that is called.</p>
<dl>
<dt id="BIO_free-b"><b>BIO_free(b)</b></dt>
<dd>
<pre><code>callback_ex(b, BIO_CB_FREE, NULL, 0, 0, 0L, 1L, NULL)</code></pre>
<p>or</p>
<pre><code>callback(b, BIO_CB_FREE, NULL, 0L, 0L, 1L)</code></pre>
<p>is called before the free operation.</p>
</dd>
<dt id="BIO_read_ex-b-data-dlen-readbytes"><b>BIO_read_ex(b, data, dlen, readbytes)</b></dt>
<dd>
<pre><code>callback_ex(b, BIO_CB_READ, data, dlen, 0, 0L, 1L, NULL)</code></pre>
<p>or</p>
<pre><code>callback(b, BIO_CB_READ, data, dlen, 0L, 1L)</code></pre>
<p>is called before the read and</p>
<pre><code>callback_ex(b, BIO_CB_READ | BIO_CB_RETURN, data, dlen, 0, 0L, retvalue,
&amp;readbytes)</code></pre>
<p>or</p>
<pre><code>callback(b, BIO_CB_READ|BIO_CB_RETURN, data, dlen, 0L, retvalue)</code></pre>
<p>after.</p>
</dd>
<dt id="BIO_write-b-data-dlen-written"><b>BIO_write(b, data, dlen, written)</b></dt>
<dd>
<pre><code>callback_ex(b, BIO_CB_WRITE, data, dlen, 0, 0L, 1L, NULL)</code></pre>
<p>or</p>
<pre><code>callback(b, BIO_CB_WRITE, datat, dlen, 0L, 1L)</code></pre>
<p>is called before the write and</p>
<pre><code>callback_ex(b, BIO_CB_WRITE | BIO_CB_RETURN, data, dlen, 0, 0L, retvalue,
&amp;written)</code></pre>
<p>or</p>
<pre><code>callback(b, BIO_CB_WRITE|BIO_CB_RETURN, data, dlen, 0L, retvalue)</code></pre>
<p>after.</p>
</dd>
<dt id="BIO_gets-b-buf-size"><b>BIO_gets(b, buf, size)</b></dt>
<dd>
<pre><code>callback_ex(b, BIO_CB_GETS, buf, size, 0, 0L, 1, NULL, NULL)</code></pre>
<p>or</p>
<pre><code>callback(b, BIO_CB_GETS, buf, size, 0L, 1L)</code></pre>
<p>is called before the operation and</p>
<pre><code>callback_ex(b, BIO_CB_GETS | BIO_CB_RETURN, buf, size, 0, 0L, retvalue,
&amp;readbytes)</code></pre>
<p>or</p>
<pre><code>callback(b, BIO_CB_GETS|BIO_CB_RETURN, buf, size, 0L, retvalue)</code></pre>
<p>after.</p>
</dd>
<dt id="BIO_puts-b-buf"><b>BIO_puts(b, buf)</b></dt>
<dd>
<pre><code>callback_ex(b, BIO_CB_PUTS, buf, 0, 0, 0L, 1L, NULL);</code></pre>
<p>or</p>
<pre><code>callback(b, BIO_CB_PUTS, buf, 0, 0L, 1L)</code></pre>
<p>is called before the operation and</p>
<pre><code>callback_ex(b, BIO_CB_PUTS | BIO_CB_RETURN, buf, 0, 0, 0L, retvalue, &amp;written)</code></pre>
<p>or</p>
<pre><code>callback(b, BIO_CB_PUTS|BIO_CB_RETURN, buf, 0, 0L, retvalue)</code></pre>
<p>after.</p>
</dd>
<dt id="BIO_ctrl-BIO-b-int-cmd-long-larg-void-parg"><b>BIO_ctrl(BIO *b, int cmd, long larg, void *parg)</b></dt>
<dd>
<pre><code>callback_ex(b, BIO_CB_CTRL, parg, 0, cmd, larg, 1L, NULL)</code></pre>
<p>or</p>
<pre><code>callback(b, BIO_CB_CTRL, parg, cmd, larg, 1L)</code></pre>
<p>is called before the call and</p>
<pre><code>callback_ex(b, BIO_CB_CTRL | BIO_CB_RETURN, parg, 0, cmd, larg, ret, NULL)</code></pre>
<p>or</p>
<pre><code>callback(b, BIO_CB_CTRL|BIO_CB_RETURN, parg, cmd, larg, ret)</code></pre>
<p>after.</p>
<p>Note: <b>cmd</b> == <b>BIO_CTRL_SET_CALLBACK</b> is special, because <b>parg</b> is not the argument of type <b>BIO_info_cb</b> itself. In this case <b>parg</b> is a pointer to the actual call parameter, see <b>BIO_callback_ctrl</b>.</p>
</dd>
<dt id="BIO_sendmmsg-BIO-b-BIO_MSG-msg-size_t-stride-size_t-num_msg-uint64_t-flags-size_t-msgs_processed"><b>BIO_sendmmsg(BIO *b, BIO_MSG *msg, size_t stride, size_t num_msg, uint64_t flags, size_t *msgs_processed)</b></dt>
<dd>
<pre><code>callback_ex(b, BIO_CB_SENDMMSG, args, 0, 0, 0, 1, NULL)</code></pre>
<p>or</p>
<pre><code>callback(b, BIO_CB_SENDMMSG, args, 0, 0, 1)</code></pre>
<p>is called before the call and</p>
<pre><code>callback_ex(b, BIO_CB_SENDMMSG | BIO_CB_RETURN, args, ret, 0, 0, ret, NULL)</code></pre>
<p>or</p>
<pre><code>callback(b, BIO_CB_SENDMMSG | BIO_CB_RETURN, args, ret, 0, 0, ret)</code></pre>
<p>after.</p>
<p><b>args</b> is a pointer to a <b>BIO_MMSG_CB_ARGS</b> structure containing the arguments passed to BIO_sendmmsg(). <b>ret</b> is the return value of the BIO_sendmmsg() call. The return value of BIO_sendmmsg() is altered to the value returned by the <b>BIO_CB_SENDMMSG | BIO_CB_RETURN</b> call.</p>
</dd>
<dt id="BIO_recvmmsg-BIO-b-BIO_MSG-msg-size_t-stride-size_t-num_msg-uint64_t-flags-size_t-msgs_processed"><b>BIO_recvmmsg(BIO *b, BIO_MSG *msg, size_t stride, size_t num_msg, uint64_t flags, size_t *msgs_processed)</b></dt>
<dd>
<p>See the documentation for BIO_sendmmsg(). BIO_recvmmsg() works identically except that <b>BIO_CB_RECVMMSG</b> is used instead of <b>BIO_CB_SENDMMSG</b>.</p>
</dd>
</dl>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>BIO_get_callback_ex() and BIO_get_callback() return the callback function previously set by a call to BIO_set_callback_ex() and BIO_set_callback() respectively.</p>
<p>BIO_get_callback_arg() returns a <b>char</b> pointer to the value previously set via a call to BIO_set_callback_arg().</p>
<p>BIO_debug_callback() returns 1 or <b>ret</b> if it&#39;s called after specific BIO operations.</p>
<h1 id="EXAMPLES">EXAMPLES</h1>
<p>The BIO_debug_callback_ex() function is an example, its source is in crypto/bio/bio_cb.c</p>
<h1 id="HISTORY">HISTORY</h1>
<p>The BIO_debug_callback_ex() function was added in OpenSSL 3.0.</p>
<p>BIO_set_callback(), BIO_get_callback(), and BIO_debug_callback() were deprecated in OpenSSL 3.0. Use the non-deprecated _ex functions instead.</p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

115
openssl-3.4.2/doc/html/man3/BIO_should_retry.html
View File

@@ -1,115 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>BIO_should_retry</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#BUGS">BUGS</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#HISTORY">HISTORY</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>BIO_should_read, BIO_should_write, BIO_should_io_special, BIO_retry_type, BIO_should_retry, BIO_get_retry_BIO, BIO_get_retry_reason, BIO_set_retry_reason - BIO retry functions</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/bio.h&gt;
int BIO_should_read(BIO *b);
int BIO_should_write(BIO *b);
int BIO_should_io_special(iBIO *b);
int BIO_retry_type(BIO *b);
int BIO_should_retry(BIO *b);
BIO *BIO_get_retry_BIO(BIO *bio, int *reason);
int BIO_get_retry_reason(BIO *bio);
void BIO_set_retry_reason(BIO *bio, int reason);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>These functions determine why a BIO is not able to read or write data. They will typically be called after a failed BIO_read_ex() or BIO_write_ex() call.</p>
<p>BIO_should_retry() is true if the call that produced this condition should then be retried at a later time.</p>
<p>If BIO_should_retry() is false then the cause is an error condition.</p>
<p>BIO_should_read() is true if the cause of the condition is that the BIO has insufficient data to return. Check for readability and/or retry the last operation.</p>
<p>BIO_should_write() is true if the cause of the condition is that the BIO has pending data to write. Check for writability and/or retry the last operation.</p>
<p>BIO_should_io_special() is true if some &quot;special&quot; condition, that is a reason other than reading or writing is the cause of the condition.</p>
<p>BIO_retry_type() returns a mask of the cause of a retry condition consisting of the values <b>BIO_FLAGS_READ</b>, <b>BIO_FLAGS_WRITE</b>, <b>BIO_FLAGS_IO_SPECIAL</b> though current BIO types will only set one of these.</p>
<p>BIO_get_retry_BIO() determines the precise reason for the special condition, it returns the BIO that caused this condition and if <b>reason</b> is not NULL it contains the reason code. The meaning of the reason code and the action that should be taken depends on the type of BIO that resulted in this condition.</p>
<p>BIO_get_retry_reason() returns the reason for a special condition if passed the relevant BIO, for example as returned by BIO_get_retry_BIO().</p>
<p>BIO_set_retry_reason() sets the retry reason for a special condition for a given BIO. This would usually only be called by BIO implementations.</p>
<h1 id="NOTES">NOTES</h1>
<p>BIO_should_read(), BIO_should_write(), BIO_should_io_special(), BIO_retry_type(), and BIO_should_retry(), are implemented as macros.</p>
<p>If BIO_should_retry() returns false then the precise &quot;error condition&quot; depends on the BIO type that caused it and the return code of the BIO operation. For example if a call to BIO_read_ex() on a socket BIO returns 0 and BIO_should_retry() is false then the cause will be that the connection closed. A similar condition on a file BIO will mean that it has reached EOF. Some BIO types may place additional information on the error queue. For more details see the individual BIO type manual pages.</p>
<p>If the underlying I/O structure is in a blocking mode almost all current BIO types will not request a retry, because the underlying I/O calls will not. If the application knows that the BIO type will never signal a retry then it need not call BIO_should_retry() after a failed BIO I/O call. This is typically done with file BIOs.</p>
<p>SSL BIOs are the only current exception to this rule: they can request a retry even if the underlying I/O structure is blocking, if a handshake occurs during a call to BIO_read(). An application can retry the failed call immediately or avoid this situation by setting SSL_MODE_AUTO_RETRY on the underlying SSL structure.</p>
<p>While an application may retry a failed non blocking call immediately this is likely to be very inefficient because the call will fail repeatedly until data can be processed or is available. An application will normally wait until the necessary condition is satisfied. How this is done depends on the underlying I/O structure.</p>
<p>For example if the cause is ultimately a socket and BIO_should_read() is true then a call to select() may be made to wait until data is available and then retry the BIO operation. By combining the retry conditions of several non blocking BIOs in a single select() call it is possible to service several BIOs in a single thread, though the performance may be poor if SSL BIOs are present because long delays can occur during the initial handshake process.</p>
<p>It is possible for a BIO to block indefinitely if the underlying I/O structure cannot process or return any data. This depends on the behaviour of the platforms I/O functions. This is often not desirable: one solution is to use non blocking I/O and use a timeout on the select() (or equivalent) call.</p>
<h1 id="BUGS">BUGS</h1>
<p>The OpenSSL ASN1 functions cannot gracefully deal with non blocking I/O: that is they cannot retry after a partial read or write. This is usually worked around by only passing the relevant data to ASN1 functions when the entire structure can be read or written.</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>BIO_should_read(), BIO_should_write(), BIO_should_io_special(), and BIO_should_retry() return either 1 or 0 based on the actual conditions of the <b>BIO</b>.</p>
<p>BIO_retry_type() returns a flag combination presenting the cause of a retry condition or false if there is no retry condition.</p>
<p>BIO_get_retry_BIO() returns a valid <b>BIO</b> structure.</p>
<p>BIO_get_retry_reason() returns the reason for a special condition.</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man7/bio.html">bio(7)</a></p>
<h1 id="HISTORY">HISTORY</h1>
<p>The BIO_get_retry_reason() and BIO_set_retry_reason() functions were added in OpenSSL 1.1.0.</p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

69
openssl-3.4.2/doc/html/man3/BIO_socket_wait.html
View File

@@ -1,69 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>BIO_socket_wait</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#HISTORY">HISTORY</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>BIO_socket_wait, BIO_wait, BIO_do_connect_retry - BIO connection utility functions</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/bio.h&gt;
#ifndef OPENSSL_NO_SOCK
int BIO_socket_wait(int fd, int for_read, time_t max_time);
#endif
int BIO_wait(BIO *bio, time_t max_time, unsigned int nap_milliseconds);
int BIO_do_connect_retry(BIO *bio, int timeout, int nap_milliseconds);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>BIO_socket_wait() waits on the socket <b>fd</b> for reading if <b>for_read</b> is not 0, else for writing, at most until <b>max_time</b>. It succeeds immediately if <b>max_time</b> == 0 (which means no timeout given).</p>
<p>BIO_wait() waits at most until <b>max_time</b> on the given (typically socket-based) <b>bio</b>, for reading if <b>bio</b> is supposed to read, else for writing. It is used by BIO_do_connect_retry() and can be used together <a href="../man3/BIO_read.html">BIO_read(3)</a>. It succeeds immediately if <b>max_time</b> == 0 (which means no timeout given). If sockets are not available it supports polling by succeeding after sleeping at most the given <b>nap_milliseconds</b> in order to avoid a tight busy loop. Via <b>nap_milliseconds</b> the caller determines the polling granularity.</p>
<p>BIO_do_connect_retry() connects via the given <b>bio</b>. It retries BIO_do_connect() as far as needed to reach a definite outcome, i.e., connection succeeded, timeout has been reached, or an error occurred. For nonblocking and potentially even non-socket BIOs it polls every <b>nap_milliseconds</b> and sleeps in between using BIO_wait(). If <b>nap_milliseconds</b> is &lt; 0 then a default value of 100 ms is used. If the <b>timeout</b> parameter is &gt; 0 this indicates the maximum number of seconds to wait until the connection is established or a definite error occurred. A value of 0 enables waiting indefinitely (i.e, no timeout), while a value &lt; 0 means that BIO_do_connect() is tried only once. The function may, directly or indirectly, invoke ERR_clear_error().</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>BIO_socket_wait(), BIO_wait(), and BIO_do_connect_retry() return -1 on error, 0 on timeout, and 1 on success.</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/BIO_do_connect.html">BIO_do_connect(3)</a>, <a href="../man3/BIO_read.html">BIO_read(3)</a></p>
<h1 id="HISTORY">HISTORY</h1>
<p>BIO_socket_wait(), BIO_wait(), and BIO_do_connect_retry() were added in OpenSSL 3.0.</p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

112
openssl-3.4.2/doc/html/man3/BN_BLINDING_new.html
View File

@@ -1,112 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>BN_BLINDING_new</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#HISTORY">HISTORY</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>BN_BLINDING_new, BN_BLINDING_free, BN_BLINDING_update, BN_BLINDING_convert, BN_BLINDING_invert, BN_BLINDING_convert_ex, BN_BLINDING_invert_ex, BN_BLINDING_is_current_thread, BN_BLINDING_set_current_thread, BN_BLINDING_lock, BN_BLINDING_unlock, BN_BLINDING_get_flags, BN_BLINDING_set_flags, BN_BLINDING_create_param - blinding related BIGNUM functions</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/bn.h&gt;
BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai,
BIGNUM *mod);
void BN_BLINDING_free(BN_BLINDING *b);
int BN_BLINDING_update(BN_BLINDING *b, BN_CTX *ctx);
int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
int BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b,
BN_CTX *ctx);
int BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b,
BN_CTX *ctx);
int BN_BLINDING_is_current_thread(BN_BLINDING *b);
void BN_BLINDING_set_current_thread(BN_BLINDING *b);
int BN_BLINDING_lock(BN_BLINDING *b);
int BN_BLINDING_unlock(BN_BLINDING *b);
unsigned long BN_BLINDING_get_flags(const BN_BLINDING *b);
void BN_BLINDING_set_flags(BN_BLINDING *b, unsigned long flags);
BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b,
const BIGNUM *e, BIGNUM *m, BN_CTX *ctx,
int (*bn_mod_exp)(BIGNUM *r,
const BIGNUM *a,
const BIGNUM *p,
const BIGNUM *m,
BN_CTX *ctx,
BN_MONT_CTX *m_ctx),
BN_MONT_CTX *m_ctx);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>BN_BLINDING_new() allocates a new <b>BN_BLINDING</b> structure and copies the <b>A</b> and <b>Ai</b> values into the newly created <b>BN_BLINDING</b> object.</p>
<p>BN_BLINDING_free() frees the <b>BN_BLINDING</b> structure. If <b>b</b> is NULL, nothing is done.</p>
<p>BN_BLINDING_update() updates the <b>BN_BLINDING</b> parameters by squaring the <b>A</b> and <b>Ai</b> or, after specific number of uses and if the necessary parameters are set, by re-creating the blinding parameters.</p>
<p>BN_BLINDING_convert_ex() multiplies <b>n</b> with the blinding factor <b>A</b>. If <b>r</b> is not NULL a copy the inverse blinding factor <b>Ai</b> will be returned in <b>r</b> (this is useful if a <b>RSA</b> object is shared among several threads). BN_BLINDING_invert_ex() multiplies <b>n</b> with the inverse blinding factor <b>Ai</b>. If <b>r</b> is not NULL it will be used as the inverse blinding.</p>
<p>BN_BLINDING_convert() and BN_BLINDING_invert() are wrapper functions for BN_BLINDING_convert_ex() and BN_BLINDING_invert_ex() with <b>r</b> set to NULL.</p>
<p>BN_BLINDING_is_current_thread() returns whether the <b>BN_BLINDING</b> structure is owned by the current thread. This is to help users provide proper locking if needed for multi-threaded use.</p>
<p>BN_BLINDING_set_current_thread() sets the current thread as the owner of the <b>BN_BLINDING</b> structure.</p>
<p>BN_BLINDING_lock() locks the <b>BN_BLINDING</b> structure.</p>
<p>BN_BLINDING_unlock() unlocks the <b>BN_BLINDING</b> structure.</p>
<p>BN_BLINDING_get_flags() returns the BN_BLINDING flags. Currently there are two supported flags: <b>BN_BLINDING_NO_UPDATE</b> and <b>BN_BLINDING_NO_RECREATE</b>. <b>BN_BLINDING_NO_UPDATE</b> inhibits the automatic update of the <b>BN_BLINDING</b> parameters after each use and <b>BN_BLINDING_NO_RECREATE</b> inhibits the automatic re-creation of the <b>BN_BLINDING</b> parameters after a fixed number of uses (currently 32). In newly allocated <b>BN_BLINDING</b> objects no flags are set. BN_BLINDING_set_flags() sets the <b>BN_BLINDING</b> parameters flags.</p>
<p>BN_BLINDING_create_param() creates new <b>BN_BLINDING</b> parameters using the exponent <b>e</b> and the modulus <b>m</b>. <b>bn_mod_exp</b> and <b>m_ctx</b> can be used to pass special functions for exponentiation (normally BN_mod_exp_mont() and <b>BN_MONT_CTX</b>).</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>BN_BLINDING_new() returns the newly allocated <b>BN_BLINDING</b> structure or NULL in case of an error.</p>
<p>BN_BLINDING_update(), BN_BLINDING_convert(), BN_BLINDING_invert(), BN_BLINDING_convert_ex() and BN_BLINDING_invert_ex() return 1 on success and 0 if an error occurred.</p>
<p>BN_BLINDING_is_current_thread() returns 1 if the current thread owns the <b>BN_BLINDING</b> object, 0 otherwise.</p>
<p>BN_BLINDING_set_current_thread() doesn&#39;t return anything.</p>
<p>BN_BLINDING_lock(), BN_BLINDING_unlock() return 1 if the operation succeeded or 0 on error.</p>
<p>BN_BLINDING_get_flags() returns the currently set <b>BN_BLINDING</b> flags (a <b>unsigned long</b> value).</p>
<p>BN_BLINDING_create_param() returns the newly created <b>BN_BLINDING</b> parameters or NULL on error.</p>
<h1 id="HISTORY">HISTORY</h1>
<p>BN_BLINDING_thread_id() was first introduced in OpenSSL 1.0.0, and it deprecates BN_BLINDING_set_thread_id() and BN_BLINDING_get_thread_id().</p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2005-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

91
openssl-3.4.2/doc/html/man3/BN_CTX_new.html
View File

@@ -1,91 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>BN_CTX_new</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#REMOVED-FUNCTIONALITY">REMOVED FUNCTIONALITY</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#HISTORY">HISTORY</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>BN_CTX_new_ex, BN_CTX_new, BN_CTX_secure_new_ex, BN_CTX_secure_new, BN_CTX_free - allocate and free BN_CTX structures</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/bn.h&gt;
BN_CTX *BN_CTX_new_ex(OSSL_LIB_CTX *ctx);
BN_CTX *BN_CTX_new(void);
BN_CTX *BN_CTX_secure_new_ex(OSSL_LIB_CTX *ctx);
BN_CTX *BN_CTX_secure_new(void);
void BN_CTX_free(BN_CTX *c);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>A <b>BN_CTX</b> is a structure that holds <b>BIGNUM</b> temporary variables used by library functions. Since dynamic memory allocation to create <b>BIGNUM</b>s is rather expensive when used in conjunction with repeated subroutine calls, the <b>BN_CTX</b> structure is used.</p>
<p>BN_CTX_new_ex() allocates and initializes a <b>BN_CTX</b> structure for the given library context <b>ctx</b>. The &lt;ctx&gt; value may be NULL in which case the default library context will be used. BN_CTX_new() is the same as BN_CTX_new_ex() except that the default library context is always used.</p>
<p>BN_CTX_secure_new_ex() allocates and initializes a <b>BN_CTX</b> structure but uses the secure heap (see <a href="../man3/CRYPTO_secure_malloc.html">CRYPTO_secure_malloc(3)</a>) to hold the <b>BIGNUM</b>s for the given library context <b>ctx</b>. The &lt;ctx&gt; value may be NULL in which case the default library context will be used. BN_CTX_secure_new() is the same as BN_CTX_secure_new_ex() except that the default library context is always used.</p>
<p>BN_CTX_free() frees the components of the <b>BN_CTX</b> and the structure itself. Since BN_CTX_start() is required in order to obtain <b>BIGNUM</b>s from the <b>BN_CTX</b>, in most cases BN_CTX_end() must be called before the <b>BN_CTX</b> may be freed by BN_CTX_free(). If <b>c</b> is NULL, nothing is done.</p>
<p>A given <b>BN_CTX</b> must only be used by a single thread of execution. No locking is performed, and the internal pool allocator will not properly handle multiple threads of execution.</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>BN_CTX_new() and BN_CTX_secure_new() return a pointer to the <b>BN_CTX</b>. If the allocation fails, they return <b>NULL</b> and sets an error code that can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
<p>BN_CTX_free() has no return values.</p>
<h1 id="REMOVED-FUNCTIONALITY">REMOVED FUNCTIONALITY</h1>
<pre><code>void BN_CTX_init(BN_CTX *c);</code></pre>
<p>BN_CTX_init() is no longer available as of OpenSSL 1.1.0. Applications should replace use of BN_CTX_init with BN_CTX_new instead:</p>
<pre><code>BN_CTX *ctx;
ctx = BN_CTX_new();
if (!ctx)
/* error */
...
BN_CTX_free(ctx);</code></pre>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/BN_add.html">BN_add(3)</a>, <a href="../man3/BN_CTX_start.html">BN_CTX_start(3)</a></p>
<h1 id="HISTORY">HISTORY</h1>
<p>BN_CTX_init() was removed in OpenSSL 1.1.0.</p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

66
openssl-3.4.2/doc/html/man3/BN_CTX_start.html
View File

@@ -1,66 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>BN_CTX_start</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>BN_CTX_start, BN_CTX_get, BN_CTX_end - use temporary BIGNUM variables</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/bn.h&gt;
void BN_CTX_start(BN_CTX *ctx);
BIGNUM *BN_CTX_get(BN_CTX *ctx);
void BN_CTX_end(BN_CTX *ctx);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>These functions are used to obtain temporary <b>BIGNUM</b> variables from a <b>BN_CTX</b> (which can been created by using <a href="../man3/BN_CTX_new.html">BN_CTX_new(3)</a>) in order to save the overhead of repeatedly creating and freeing <b>BIGNUM</b>s in functions that are called from inside a loop.</p>
<p>A function must call BN_CTX_start() first. Then, BN_CTX_get() may be called repeatedly to obtain temporary <b>BIGNUM</b>s. All BN_CTX_get() calls must be made before calling any other functions that use the <b>ctx</b> as an argument.</p>
<p>Finally, BN_CTX_end() must be called before returning from the function. If <b>ctx</b> is NULL, nothing is done. When BN_CTX_end() is called, the <b>BIGNUM</b> pointers obtained from BN_CTX_get() become invalid.</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>BN_CTX_start() and BN_CTX_end() return no values.</p>
<p>BN_CTX_get() returns a pointer to the <b>BIGNUM</b>, or <b>NULL</b> on error. Once BN_CTX_get() has failed, the subsequent calls will return <b>NULL</b> as well, so it is sufficient to check the return value of the last BN_CTX_get() call. In case of an error, an error code is set, which can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/BN_CTX_new.html">BN_CTX_new(3)</a></p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

128
openssl-3.4.2/doc/html/man3/BN_add.html
View File

@@ -1,128 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>BN_add</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>BN_add, BN_sub, BN_mul, BN_sqr, BN_div, BN_mod, BN_nnmod, BN_mod_add, BN_mod_sub, BN_mod_mul, BN_mod_sqr, BN_mod_sqrt, BN_exp, BN_mod_exp, BN_gcd - arithmetic operations on BIGNUMs</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/bn.h&gt;
int BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
int BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
int BN_sqr(BIGNUM *r, const BIGNUM *a, BN_CTX *ctx);
int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *a, const BIGNUM *d,
BN_CTX *ctx);
int BN_mod(BIGNUM *rem, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
int BN_nnmod(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
int BN_mod_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m,
BN_CTX *ctx);
int BN_mod_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m,
BN_CTX *ctx);
int BN_mod_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m,
BN_CTX *ctx);
int BN_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
int BN_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
int BN_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
const BIGNUM *m, BN_CTX *ctx);
int BN_gcd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>BN_add() adds <i>a</i> and <i>b</i> and places the result in <i>r</i> (<code>r=a+b</code>). <i>r</i> may be the same <b>BIGNUM</b> as <i>a</i> or <i>b</i>.</p>
<p>BN_sub() subtracts <i>b</i> from <i>a</i> and places the result in <i>r</i> (<code>r=a-b</code>). <i>r</i> may be the same <b>BIGNUM</b> as <i>a</i> or <i>b</i>.</p>
<p>BN_mul() multiplies <i>a</i> and <i>b</i> and places the result in <i>r</i> (<code>r=a*b</code>). <i>r</i> may be the same <b>BIGNUM</b> as <i>a</i> or <i>b</i>. For multiplication by powers of 2, use <a href="../man3/BN_lshift.html">BN_lshift(3)</a>.</p>
<p>BN_sqr() takes the square of <i>a</i> and places the result in <i>r</i> (<code>r=a^2</code>). <i>r</i> and <i>a</i> may be the same <b>BIGNUM</b>. This function is faster than BN_mul(r,a,a).</p>
<p>BN_div() divides <i>a</i> by <i>d</i> and places the result in <i>dv</i> and the remainder in <i>rem</i> (<code>dv=a/d, rem=a%d</code>). Either of <i>dv</i> and <i>rem</i> may be <b>NULL</b>, in which case the respective value is not returned. The result is rounded towards zero; thus if <i>a</i> is negative, the remainder will be zero or negative. For division by powers of 2, use BN_rshift(3).</p>
<p>BN_mod() corresponds to BN_div() with <i>dv</i> set to <b>NULL</b>.</p>
<p>BN_nnmod() reduces <i>a</i> modulo <i>m</i> and places the nonnegative remainder in <i>r</i>.</p>
<p>BN_mod_add() adds <i>a</i> to <i>b</i> modulo <i>m</i> and places the nonnegative result in <i>r</i>.</p>
<p>BN_mod_sub() subtracts <i>b</i> from <i>a</i> modulo <i>m</i> and places the nonnegative result in <i>r</i>.</p>
<p>BN_mod_mul() multiplies <i>a</i> by <i>b</i> and finds the nonnegative remainder respective to modulus <i>m</i> (<code>r=(a*b) mod m</code>). <i>r</i> may be the same <b>BIGNUM</b> as <i>a</i> or <i>b</i>. For more efficient algorithms for repeated computations using the same modulus, see <a href="../man3/BN_mod_mul_montgomery.html">BN_mod_mul_montgomery(3)</a> and <a href="../man3/BN_mod_mul_reciprocal.html">BN_mod_mul_reciprocal(3)</a>.</p>
<p>BN_mod_sqr() takes the square of <i>a</i> modulo <b>m</b> and places the result in <i>r</i>.</p>
<p>BN_mod_sqrt() returns the modular square root of <i>a</i> such that <code>in^2 = a (mod p)</code>. The modulus <i>p</i> must be a prime, otherwise an error or an incorrect &quot;result&quot; will be returned. The result is stored into <i>in</i> which can be NULL. The result will be newly allocated in that case.</p>
<p>BN_exp() raises <i>a</i> to the <i>p</i>-th power and places the result in <i>r</i> (<code>r=a^p</code>). This function is faster than repeated applications of BN_mul().</p>
<p>BN_mod_exp() computes <i>a</i> to the <i>p</i>-th power modulo <i>m</i> (<code>r=a^p % m</code>). This function uses less time and space than BN_exp(). Do not call this function when <b>m</b> is even and any of the parameters have the <b>BN_FLG_CONSTTIME</b> flag set.</p>
<p>BN_gcd() computes the greatest common divisor of <i>a</i> and <i>b</i> and places the result in <i>r</i>. <i>r</i> may be the same <b>BIGNUM</b> as <i>a</i> or <i>b</i>.</p>
<p>For all functions, <i>ctx</i> is a previously allocated <b>BN_CTX</b> used for temporary variables; see <a href="../man3/BN_CTX_new.html">BN_CTX_new(3)</a>.</p>
<p>Unless noted otherwise, the result <b>BIGNUM</b> must be different from the arguments.</p>
<h1 id="NOTES">NOTES</h1>
<p>For modular operations such as BN_nnmod() or BN_mod_exp() it is an error to use the same <b>BIGNUM</b> object for the modulus as for the output.</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>The BN_mod_sqrt() returns the result (possibly incorrect if <i>p</i> is not a prime), or NULL.</p>
<p>For all remaining functions, 1 is returned for success, 0 on error. The return value should always be checked (e.g., <code>if (!BN_add(r,a,b)) goto err;</code>). The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/BN_CTX_new.html">BN_CTX_new(3)</a>, <a href="../man3/BN_add_word.html">BN_add_word(3)</a>, <a href="../man3/BN_set_bit.html">BN_set_bit(3)</a></p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2000-2024 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

78
openssl-3.4.2/doc/html/man3/BN_add_word.html
View File

@@ -1,78 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>BN_add_word</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>BN_add_word, BN_sub_word, BN_mul_word, BN_div_word, BN_mod_word - arithmetic functions on BIGNUMs with integers</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/bn.h&gt;
int BN_add_word(BIGNUM *a, BN_ULONG w);
int BN_sub_word(BIGNUM *a, BN_ULONG w);
int BN_mul_word(BIGNUM *a, BN_ULONG w);
BN_ULONG BN_div_word(BIGNUM *a, BN_ULONG w);
BN_ULONG BN_mod_word(const BIGNUM *a, BN_ULONG w);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>These functions perform arithmetic operations on BIGNUMs with unsigned integers. They are much more efficient than the normal BIGNUM arithmetic operations.</p>
<p>BN_add_word() adds <b>w</b> to <b>a</b> (<code>a+=w</code>).</p>
<p>BN_sub_word() subtracts <b>w</b> from <b>a</b> (<code>a-=w</code>).</p>
<p>BN_mul_word() multiplies <b>a</b> and <b>w</b> (<code>a*=w</code>).</p>
<p>BN_div_word() divides <b>a</b> by <b>w</b> (<code>a/=w</code>) and returns the remainder.</p>
<p>BN_mod_word() returns the remainder of <b>a</b> divided by <b>w</b> (<code>a%w</code>).</p>
<p>For BN_div_word() and BN_mod_word(), <b>w</b> must not be 0.</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>BN_add_word(), BN_sub_word() and BN_mul_word() return 1 for success, 0 on error. The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
<p>BN_mod_word() and BN_div_word() return <b>a</b>%<b>w</b> on success and <b>(BN_ULONG)-1</b> if an error occurred.</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/BN_add.html">BN_add(3)</a></p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

120
openssl-3.4.2/doc/html/man3/BN_bn2bin.html
View File

@@ -1,120 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>BN_bn2bin</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#HISTORY">HISTORY</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>BN_bn2binpad, BN_signed_bn2bin, BN_bn2bin, BN_bin2bn, BN_signed_bin2bn, BN_bn2lebinpad, BN_signed_bn2lebin, BN_lebin2bn, BN_signed_lebin2bn, BN_bn2nativepad, BN_signed_bn2native, BN_native2bn, BN_signed_native2bn, BN_bn2hex, BN_bn2dec, BN_hex2bn, BN_dec2bn, BN_print, BN_print_fp, BN_bn2mpi, BN_mpi2bn - format conversions</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/bn.h&gt;
int BN_bn2bin(const BIGNUM *a, unsigned char *to);
int BN_bn2binpad(const BIGNUM *a, unsigned char *to, int tolen);
int BN_signed_bn2bin(const BIGNUM *a, unsigned char *to, int tolen);
BIGNUM *BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret);
BIGNUM *BN_signed_bin2bn(const unsigned char *s, int len, BIGNUM *ret);
int BN_bn2lebinpad(const BIGNUM *a, unsigned char *to, int tolen);
int BN_signed_bn2lebin(const BIGNUM *a, unsigned char *to, int tolen);
BIGNUM *BN_lebin2bn(const unsigned char *s, int len, BIGNUM *ret);
BIGNUM *BN_signed_lebin2bn(const unsigned char *s, int len, BIGNUM *ret);
int BN_bn2nativepad(const BIGNUM *a, unsigned char *to, int tolen);
int BN_signed_bn2native(const BIGNUM *a, unsigned char *to, int tolen);
BIGNUM *BN_native2bn(const unsigned char *s, int len, BIGNUM *ret);
BIGNUM *BN_signed_native2bn(const unsigned char *s, int len, BIGNUM *ret);
char *BN_bn2hex(const BIGNUM *a);
char *BN_bn2dec(const BIGNUM *a);
int BN_hex2bn(BIGNUM **a, const char *str);
int BN_dec2bn(BIGNUM **a, const char *str);
int BN_print(BIO *fp, const BIGNUM *a);
int BN_print_fp(FILE *fp, const BIGNUM *a);
int BN_bn2mpi(const BIGNUM *a, unsigned char *to);
BIGNUM *BN_mpi2bn(unsigned char *s, int len, BIGNUM *ret);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>BN_bn2bin() converts the absolute value of <b>a</b> into big-endian form and stores it at <b>to</b>. <b>to</b> must point to BN_num_bytes(<b>a</b>) bytes of memory.</p>
<p>BN_bn2binpad() also converts the absolute value of <b>a</b> into big-endian form and stores it at <b>to</b>. <b>tolen</b> indicates the length of the output buffer <b>to</b>. The result is padded with zeros if necessary. If <b>tolen</b> is less than BN_num_bytes(<b>a</b>) an error is returned.</p>
<p>BN_signed_bn2bin() converts the value of <b>a</b> into big-endian signed 2&#39;s complements form and stores it at <b>to</b>. <b>tolen</b> indicates the length of the output buffer <b>to</b>. The result is signed extended (padded with 0x00 for positive numbers or with 0xff for negative numbers) if necessary. If <b>tolen</b> is smaller than the necessary size (which may be <code>&lt;BN_num_bytes(<b>a</b>) + 1</code>&gt;), an error is returned.</p>
<p>BN_bin2bn() converts the positive integer in big-endian form of length <b>len</b> at <b>s</b> into a <b>BIGNUM</b> and places it in <b>ret</b>. If <b>ret</b> is NULL, a new <b>BIGNUM</b> is created.</p>
<p>BN_signed_bin2bn() converts the integer in big-endian signed 2&#39;s complement form of length <b>len</b> at <b>s</b> into a <b>BIGNUM</b> and places it in <b>ret</b>. If <b>ret</b> is NULL, a new <b>BIGNUM</b> is created.</p>
<p>BN_bn2lebinpad(), BN_signed_bn2lebin() and BN_lebin2bn() are identical to BN_bn2binpad(), BN_signed_bn2bin() and BN_bin2bn() except the buffer is in little-endian format.</p>
<p>BN_bn2nativepad(), BN_signed_bn2native() and BN_native2bn() are identical to BN_bn2binpad(), BN_signed_bn2bin() and BN_bin2bn() except the buffer is in native format, i.e. most significant byte first on big-endian platforms, and least significant byte first on little-endian platforms.</p>
<p>BN_bn2hex() and BN_bn2dec() return printable strings containing the hexadecimal and decimal encoding of <b>a</b> respectively. For negative numbers, the string is prefaced with a leading &#39;-&#39;. The string must be freed later using OPENSSL_free().</p>
<p>BN_hex2bn() takes as many characters as possible from the string <b>str</b>, including the leading character &#39;-&#39; which means negative, to form a valid hexadecimal number representation and converts them to a <b>BIGNUM</b> and stores it in **<b>a</b>. If *<b>a</b> is NULL, a new <b>BIGNUM</b> is created. If <b>a</b> is NULL, it only computes the length of valid representation. A &quot;negative zero&quot; is converted to zero. BN_dec2bn() is the same using the decimal system.</p>
<p>BN_print() and BN_print_fp() write the hexadecimal encoding of <b>a</b>, with a leading &#39;-&#39; for negative numbers, to the <b>BIO</b> or <b>FILE</b> <b>fp</b>.</p>
<p>BN_bn2mpi() and BN_mpi2bn() convert <b>BIGNUM</b>s from and to a format that consists of the number&#39;s length in bytes represented as a 4-byte big-endian number, and the number itself in big-endian format, where the most significant bit signals a negative number (the representation of numbers with the MSB set is prefixed with null byte).</p>
<p>BN_bn2mpi() stores the representation of <b>a</b> at <b>to</b>, where <b>to</b> must be large enough to hold the result. The size can be determined by calling BN_bn2mpi(<b>a</b>, NULL).</p>
<p>BN_mpi2bn() converts the <b>len</b> bytes long representation at <b>s</b> to a <b>BIGNUM</b> and stores it at <b>ret</b>, or in a newly allocated <b>BIGNUM</b> if <b>ret</b> is NULL.</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>BN_bn2bin() returns the length of the big-endian number placed at <b>to</b>. BN_bin2bn() returns the <b>BIGNUM</b>, NULL on error.</p>
<p>BN_bn2binpad(), BN_signed_bn2bin(), BN_bn2lebinpad(), BN_signed_bn2lebin(), BN_bn2nativepad(), and_signed BN_bn2native() return the number of bytes written or -1 if the supplied buffer is too small.</p>
<p>BN_bn2hex() and BN_bn2dec() return a NUL-terminated string, or NULL on error. BN_hex2bn() and BN_dec2bn() return the number of characters used in parsing, or 0 on error, in which case no new <b>BIGNUM</b> will be created.</p>
<p>BN_print_fp() and BN_print() return 1 on success, 0 on write errors.</p>
<p>BN_bn2mpi() returns the length of the representation. BN_mpi2bn() returns the <b>BIGNUM</b>, and NULL on error.</p>
<p>The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/BN_zero.html">BN_zero(3)</a>, <a href="../man3/ASN1_INTEGER_to_BN.html">ASN1_INTEGER_to_BN(3)</a>, <a href="../man3/BN_num_bytes.html">BN_num_bytes(3)</a></p>
<h1 id="HISTORY">HISTORY</h1>
<p>The functions BN_signed_bin2bn(), BN_signed_bn2bin(), BN_signed_lebin2bn(), BN_signed_bn2lebin(), BN_signed_native2bn(), BN_signed_bn2native() were added in OpenSSL 3.2.</p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2000-2024 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

75
openssl-3.4.2/doc/html/man3/BN_cmp.html
View File

@@ -1,75 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>BN_cmp</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#HISTORY">HISTORY</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>BN_cmp, BN_ucmp, BN_is_zero, BN_is_one, BN_is_word, BN_abs_is_word, BN_is_odd, BN_are_coprime - BIGNUM comparison and test functions</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/bn.h&gt;
int BN_cmp(const BIGNUM *a, const BIGNUM *b);
int BN_ucmp(const BIGNUM *a, const BIGNUM *b);
int BN_is_zero(const BIGNUM *a);
int BN_is_one(const BIGNUM *a);
int BN_is_word(const BIGNUM *a, const BN_ULONG w);
int BN_abs_is_word(const BIGNUM *a, const BN_ULONG w);
int BN_is_odd(const BIGNUM *a);
int BN_are_coprime(BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>BN_cmp() compares the numbers <i>a</i> and <i>b</i>. BN_ucmp() compares their absolute values.</p>
<p>BN_is_zero(), BN_is_one(), BN_is_word() and BN_abs_is_word() test if <i>a</i> equals 0, 1, <i>w</i>, or |<i>w</i>| respectively. BN_is_odd() tests if <i>a</i> is odd.</p>
<p>BN_are_coprime() determines if <b>a</b> and <b>b</b> are coprime. <b>ctx</b> is used internally for storing temporary variables. The values of <b>a</b> and <b>b</b> and <b>ctx</b> must not be NULL.</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>BN_cmp() returns -1 if <i>a</i> &lt; <i>b</i>, 0 if <i>a</i> == <i>b</i> and 1 if <i>a</i> &gt; <i>b</i>. BN_ucmp() is the same using the absolute values of <i>a</i> and <i>b</i>.</p>
<p>BN_is_zero(), BN_is_one() BN_is_word(), BN_abs_is_word() and BN_is_odd() return 1 if the condition is true, 0 otherwise.</p>
<p>BN_are_coprime() returns 1 if the <b>BIGNUM</b>&#39;s are coprime, otherwise it returns 0.</p>
<h1 id="HISTORY">HISTORY</h1>
<p>Prior to OpenSSL 1.1.0, BN_is_zero(), BN_is_one(), BN_is_word(), BN_abs_is_word() and BN_is_odd() were macros.</p>
<p>The function BN_are_coprime() was added in OpenSSL 3.1.</p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

75
openssl-3.4.2/doc/html/man3/BN_copy.html
View File

@@ -1,75 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>BN_copy</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>BN_copy, BN_dup, BN_with_flags - copy BIGNUMs</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/bn.h&gt;
BIGNUM *BN_copy(BIGNUM *to, const BIGNUM *from);
BIGNUM *BN_dup(const BIGNUM *from);
void BN_with_flags(BIGNUM *dest, const BIGNUM *b, int flags);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>BN_copy() copies <b>from</b> to <b>to</b>. BN_dup() creates a new <b>BIGNUM</b> containing the value <b>from</b>.</p>
<p>BN_with_flags creates a <b>temporary</b> shallow copy of <b>b</b> in <b>dest</b>. It places significant restrictions on the copied data. Applications that do no adhere to these restrictions may encounter unexpected side effects or crashes. For that reason use of this function is discouraged. Any flags provided in <b>flags</b> will be set in <b>dest</b> in addition to any flags already set in <b>b</b>. For example this might commonly be used to create a temporary copy of a BIGNUM with the <b>BN_FLG_CONSTTIME</b> flag set for constant time operations. The temporary copy in <b>dest</b> will share some internal state with <b>b</b>. For this reason the following restrictions apply to the use of <b>dest</b>:</p>
<ul>
<li><p><b>dest</b> should be a newly allocated BIGNUM obtained via a call to BN_new(). It should not have been used for other purposes or initialised in any way.</p>
</li>
<li><p><b>dest</b> must only be used in &quot;read-only&quot; operations, i.e. typically those functions where the relevant parameter is declared &quot;const&quot;.</p>
</li>
<li><p><b>dest</b> must be used and freed before any further subsequent use of <b>b</b></p>
</li>
</ul>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>BN_copy() returns <b>to</b> on success, NULL on error. BN_dup() returns the new <b>BIGNUM</b>, and NULL on error. The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

200
openssl-3.4.2/doc/html/man3/BN_generate_prime.html
View File

@@ -1,200 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>BN_generate_prime</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#REMOVED-FUNCTIONALITY">REMOVED FUNCTIONALITY</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#HISTORY">HISTORY</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>BN_generate_prime_ex2, BN_generate_prime_ex, BN_is_prime_ex, BN_check_prime, BN_is_prime_fasttest_ex, BN_GENCB_call, BN_GENCB_new, BN_GENCB_free, BN_GENCB_set_old, BN_GENCB_set, BN_GENCB_get_arg, BN_generate_prime, BN_is_prime, BN_is_prime_fasttest - generate primes and test for primality</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/bn.h&gt;
int BN_generate_prime_ex2(BIGNUM *ret, int bits, int safe,
const BIGNUM *add, const BIGNUM *rem, BN_GENCB *cb,
BN_CTX *ctx);
int BN_generate_prime_ex(BIGNUM *ret, int bits, int safe, const BIGNUM *add,
const BIGNUM *rem, BN_GENCB *cb);
int BN_check_prime(const BIGNUM *p, BN_CTX *ctx, BN_GENCB *cb);
int BN_GENCB_call(BN_GENCB *cb, int a, int b);
BN_GENCB *BN_GENCB_new(void);
void BN_GENCB_free(BN_GENCB *cb);
void BN_GENCB_set_old(BN_GENCB *gencb,
void (*callback)(int, int, void *), void *cb_arg);
void BN_GENCB_set(BN_GENCB *gencb,
int (*callback)(int, int, BN_GENCB *), void *cb_arg);
void *BN_GENCB_get_arg(BN_GENCB *cb);</code></pre>
<p>The following functions have been deprecated since OpenSSL 0.9.8, and can be hidden entirely by defining <b>OPENSSL_API_COMPAT</b> with a suitable version value, see <a href="../man7/openssl_user_macros.html">openssl_user_macros(7)</a>:</p>
<pre><code>BIGNUM *BN_generate_prime(BIGNUM *ret, int num, int safe, BIGNUM *add,
BIGNUM *rem, void (*callback)(int, int, void *),
void *cb_arg);
int BN_is_prime(const BIGNUM *p, int nchecks,
void (*callback)(int, int, void *), BN_CTX *ctx, void *cb_arg);
int BN_is_prime_fasttest(const BIGNUM *p, int nchecks,
void (*callback)(int, int, void *), BN_CTX *ctx,
void *cb_arg, int do_trial_division);</code></pre>
<p>The following functions have been deprecated since OpenSSL 3.0, and can be hidden entirely by defining <b>OPENSSL_API_COMPAT</b> with a suitable version value, see <a href="../man7/openssl_user_macros.html">openssl_user_macros(7)</a>:</p>
<pre><code>int BN_is_prime_ex(const BIGNUM *p, int nchecks, BN_CTX *ctx, BN_GENCB *cb);
int BN_is_prime_fasttest_ex(const BIGNUM *p, int nchecks, BN_CTX *ctx,
int do_trial_division, BN_GENCB *cb);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>BN_generate_prime_ex2() generates a pseudo-random prime number of at least bit length <b>bits</b> using the BN_CTX provided in <b>ctx</b>. The value of <b>ctx</b> must not be NULL.</p>
<p>The returned number is probably prime with a negligible error. The maximum error rate is 2^-128. It&#39;s 2^-287 for a 512 bit prime, 2^-435 for a 1024 bit prime, 2^-648 for a 2048 bit prime, and lower than 2^-882 for primes larger than 2048 bit.</p>
<p>If <b>add</b> is <b>NULL</b> the returned prime number will have exact bit length <b>bits</b> with the top most two bits set.</p>
<p>If <b>ret</b> is not <b>NULL</b>, it will be used to store the number.</p>
<p>If <b>cb</b> is not <b>NULL</b>, it is used as follows:</p>
<ul>
<li><p><b>BN_GENCB_call(cb, 0, i)</b> is called after generating the i-th potential prime number.</p>
</li>
<li><p>While the number is being tested for primality, <b>BN_GENCB_call(cb, 1, j)</b> is called as described below.</p>
</li>
<li><p>When a prime has been found, <b>BN_GENCB_call(cb, 2, i)</b> is called.</p>
</li>
<li><p>The callers of BN_generate_prime_ex() may call <b>BN_GENCB_call(cb, i, j)</b> with other values as described in their respective man pages; see <a href="#SEE-ALSO">&quot;SEE ALSO&quot;</a>.</p>
</li>
</ul>
<p>The prime may have to fulfill additional requirements for use in Diffie-Hellman key exchange:</p>
<p>If <b>add</b> is not <b>NULL</b>, the prime will fulfill the condition p % <b>add</b> == <b>rem</b> (p % <b>add</b> == 1 if <b>rem</b> == <b>NULL</b>) in order to suit a given generator.</p>
<p>If <b>safe</b> is true, it will be a safe prime (i.e. a prime p so that (p-1)/2 is also prime). If <b>safe</b> is true, and <b>rem</b> == <b>NULL</b> the condition will be p % <b>add</b> == 3. It is recommended that <b>add</b> is a multiple of 4.</p>
<p>The random generator must be seeded prior to calling BN_generate_prime_ex(). If the automatic seeding or reseeding of the OpenSSL CSPRNG fails due to external circumstances (see <a href="../man7/RAND.html">RAND(7)</a>), the operation will fail. The random number generator configured for the OSSL_LIB_CTX associated with <b>ctx</b> will be used.</p>
<p>BN_generate_prime_ex() is the same as BN_generate_prime_ex2() except that no <b>ctx</b> parameter is passed. In this case the random number generator associated with the default OSSL_LIB_CTX will be used.</p>
<p>BN_check_prime(), BN_is_prime_ex(), BN_is_prime_fasttest_ex(), BN_is_prime() and BN_is_prime_fasttest() test if the number <b>p</b> is prime. The functions tests until one of the tests shows that <b>p</b> is composite, or all the tests passed. If <b>p</b> passes all these tests, it is considered a probable prime.</p>
<p>The test performed on <b>p</b> are trial division by a number of small primes and rounds of the of the Miller-Rabin probabilistic primality test.</p>
<p>The functions do at least 64 rounds of the Miller-Rabin test giving a maximum false positive rate of 2^-128. If the size of <b>p</b> is more than 2048 bits, they do at least 128 rounds giving a maximum false positive rate of 2^-256.</p>
<p>If <b>nchecks</b> is larger than the minimum above (64 or 128), <b>nchecks</b> rounds of the Miller-Rabin test will be done.</p>
<p>If <b>do_trial_division</b> set to <b>0</b>, the trial division will be skipped. BN_is_prime_ex() and BN_is_prime() always skip the trial division.</p>
<p>BN_is_prime_ex(), BN_is_prime_fasttest_ex(), BN_is_prime() and BN_is_prime_fasttest() are deprecated.</p>
<p>BN_is_prime_fasttest() and BN_is_prime() behave just like BN_is_prime_fasttest_ex() and BN_is_prime_ex() respectively, but with the old style call back.</p>
<p><b>ctx</b> is a preallocated <b>BN_CTX</b> (to save the overhead of allocating and freeing the structure in a loop), or <b>NULL</b>.</p>
<p>If the trial division is done, and no divisors are found and <b>cb</b> is not <b>NULL</b>, <b>BN_GENCB_call(cb, 1, -1)</b> is called.</p>
<p>After each round of the Miller-Rabin probabilistic primality test, if <b>cb</b> is not <b>NULL</b>, <b>BN_GENCB_call(cb, 1, j)</b> is called with <b>j</b> the iteration (j = 0, 1, ...).</p>
<p>BN_GENCB_call() calls the callback function held in the <b>BN_GENCB</b> structure and passes the ints <b>a</b> and <b>b</b> as arguments. There are two types of <b>BN_GENCB</b> structure that are supported: &quot;new&quot; style and &quot;old&quot; style. New programs should prefer the &quot;new&quot; style, whilst the &quot;old&quot; style is provided for backwards compatibility purposes.</p>
<p>A <b>BN_GENCB</b> structure should be created through a call to BN_GENCB_new(), and freed through a call to BN_GENCB_free(). If the argument is NULL, nothing is done.</p>
<p>For &quot;new&quot; style callbacks a BN_GENCB structure should be initialised with a call to BN_GENCB_set(), where <b>gencb</b> is a <b>BN_GENCB *</b>, <b>callback</b> is of type <b>int (*callback)(int, int, BN_GENCB *)</b> and <b>cb_arg</b> is a <b>void *</b>. &quot;Old&quot; style callbacks are the same except they are initialised with a call to BN_GENCB_set_old() and <b>callback</b> is of type <b>void (*callback)(int, int, void *)</b>.</p>
<p>A callback is invoked through a call to <b>BN_GENCB_call</b>. This will check the type of the callback and will invoke <b>callback(a, b, gencb)</b> for new style callbacks or <b>callback(a, b, cb_arg)</b> for old style.</p>
<p>It is possible to obtain the argument associated with a BN_GENCB structure (set via a call to BN_GENCB_set or BN_GENCB_set_old) using BN_GENCB_get_arg.</p>
<p>BN_generate_prime() (deprecated) works in the same way as BN_generate_prime_ex() but expects an old-style callback function directly in the <b>callback</b> parameter, and an argument to pass to it in the <b>cb_arg</b>. BN_is_prime() and BN_is_prime_fasttest() can similarly be compared to BN_is_prime_ex() and BN_is_prime_fasttest_ex(), respectively.</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>BN_generate_prime_ex() return 1 on success or 0 on error.</p>
<p>BN_is_prime_ex(), BN_is_prime_fasttest_ex(), BN_is_prime(), BN_is_prime_fasttest() and BN_check_prime return 0 if the number is composite, 1 if it is prime with an error probability of less than 0.25^<b>nchecks</b>, and -1 on error.</p>
<p>BN_generate_prime() returns the prime number on success, <b>NULL</b> otherwise.</p>
<p>BN_GENCB_new returns a pointer to a BN_GENCB structure on success, or <b>NULL</b> otherwise.</p>
<p>BN_GENCB_get_arg returns the argument previously associated with a BN_GENCB structure.</p>
<p>Callback functions should return 1 on success or 0 on error.</p>
<p>The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
<h1 id="REMOVED-FUNCTIONALITY">REMOVED FUNCTIONALITY</h1>
<p>As of OpenSSL 1.1.0 it is no longer possible to create a BN_GENCB structure directly, as in:</p>
<pre><code>BN_GENCB callback;</code></pre>
<p>Instead applications should create a BN_GENCB structure using BN_GENCB_new:</p>
<pre><code>BN_GENCB *callback;
callback = BN_GENCB_new();
if (!callback)
/* error */
...
BN_GENCB_free(callback);</code></pre>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/DH_generate_parameters.html">DH_generate_parameters(3)</a>, <a href="../man3/DSA_generate_parameters.html">DSA_generate_parameters(3)</a>, <a href="../man3/RSA_generate_key.html">RSA_generate_key(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man7/RAND.html">RAND(7)</a></p>
<h1 id="HISTORY">HISTORY</h1>
<p>The BN_is_prime_ex() and BN_is_prime_fasttest_ex() functions were deprecated in OpenSSL 3.0.</p>
<p>The BN_GENCB_new(), BN_GENCB_free(), and BN_GENCB_get_arg() functions were added in OpenSSL 1.1.0.</p>
<p>BN_check_prime() was added in OpenSSL 3.0.</p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2000-2024 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

72
openssl-3.4.2/doc/html/man3/BN_mod_exp_mont.html
View File

@@ -1,72 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>BN_mod_exp_mont</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>BN_mod_exp_mont, BN_mod_exp_mont_consttime, BN_mod_exp_mont_consttime_x2 - Montgomery exponentiation</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/bn.h&gt;
int BN_mod_exp_mont(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont);
int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
const BIGNUM *m, BN_CTX *ctx,
BN_MONT_CTX *in_mont);
int BN_mod_exp_mont_consttime_x2(BIGNUM *rr1, const BIGNUM *a1,
const BIGNUM *p1, const BIGNUM *m1,
BN_MONT_CTX *in_mont1, BIGNUM *rr2,
const BIGNUM *a2, const BIGNUM *p2,
const BIGNUM *m2, BN_MONT_CTX *in_mont2,
BN_CTX *ctx);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>BN_mod_exp_mont() computes <i>a</i> to the <i>p</i>-th power modulo <i>m</i> (<code>rr=a^p % m</code>) using Montgomery multiplication. <i>in_mont</i> is a Montgomery context and can be NULL. In the case <i>in_mont</i> is NULL, it will be initialized within the function, so you can save time on initialization if you provide it in advance.</p>
<p>BN_mod_exp_mont_consttime() computes <i>a</i> to the <i>p</i>-th power modulo <i>m</i> (<code>rr=a^p % m</code>) using Montgomery multiplication. It is a variant of <a href="../man3/BN_mod_exp_mont.html">BN_mod_exp_mont(3)</a> that uses fixed windows and the special precomputation memory layout to limit data-dependency to a minimum to protect secret exponents. It is called automatically when <a href="../man3/BN_mod_exp_mont.html">BN_mod_exp_mont(3)</a> is called with parameters <i>a</i>, <i>p</i>, <i>m</i>, any of which have <b>BN_FLG_CONSTTIME</b> flag.</p>
<p>BN_mod_exp_mont_consttime_x2() computes two independent exponentiations <i>a1</i> to the <i>p1</i>-th power modulo <i>m1</i> (<code>rr1=a1^p1 % m1</code>) and <i>a2</i> to the <i>p2</i>-th power modulo <i>m2</i> (<code>rr2=a2^p2 % m2</code>) using Montgomery multiplication. For some fixed and equal modulus sizes <i>m1</i> and <i>m2</i> it uses optimizations that allow to speedup two exponentiations. In all other cases the function reduces to two calls of <a href="../man3/BN_mod_exp_mont_consttime.html">BN_mod_exp_mont_consttime(3)</a>.</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>For all functions 1 is returned for success, 0 on error. The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/BN_mod_exp_mont.html">BN_mod_exp_mont(3)</a></p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

64
openssl-3.4.2/doc/html/man3/BN_mod_inverse.html
View File

@@ -1,64 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>BN_mod_inverse</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>BN_mod_inverse - compute inverse modulo n</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/bn.h&gt;
BIGNUM *BN_mod_inverse(BIGNUM *r, BIGNUM *a, const BIGNUM *n,
BN_CTX *ctx);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>BN_mod_inverse() computes the inverse of <b>a</b> modulo <b>n</b> places the result in <b>r</b> (<code>(a*r)%n==1</code>). If <b>r</b> is NULL, a new <b>BIGNUM</b> is created.</p>
<p><b>ctx</b> is a previously allocated <b>BN_CTX</b> used for temporary variables. <b>r</b> may be the same <b>BIGNUM</b> as <b>a</b>.</p>
<h1 id="NOTES">NOTES</h1>
<p>It is an error to use the same <b>BIGNUM</b> as <b>n</b>.</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>BN_mod_inverse() returns the <b>BIGNUM</b> containing the inverse, and NULL on error. The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/BN_add.html">BN_add(3)</a></p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

99
openssl-3.4.2/doc/html/man3/BN_mod_mul_montgomery.html
View File

@@ -1,99 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>BN_mod_mul_montgomery</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#WARNINGS">WARNINGS</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#HISTORY">HISTORY</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>BN_mod_mul_montgomery, BN_MONT_CTX_new, BN_MONT_CTX_free, BN_MONT_CTX_set, BN_MONT_CTX_copy, BN_from_montgomery, BN_to_montgomery - Montgomery multiplication</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/bn.h&gt;
BN_MONT_CTX *BN_MONT_CTX_new(void);
void BN_MONT_CTX_free(BN_MONT_CTX *mont);
int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *m, BN_CTX *ctx);
BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to, BN_MONT_CTX *from);
int BN_mod_mul_montgomery(BIGNUM *r, BIGNUM *a, BIGNUM *b,
BN_MONT_CTX *mont, BN_CTX *ctx);
int BN_from_montgomery(BIGNUM *r, BIGNUM *a, BN_MONT_CTX *mont,
BN_CTX *ctx);
int BN_to_montgomery(BIGNUM *r, BIGNUM *a, BN_MONT_CTX *mont,
BN_CTX *ctx);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>These functions implement Montgomery multiplication. They are used automatically when <a href="../man3/BN_mod_exp.html">BN_mod_exp(3)</a> is called with suitable input, but they may be useful when several operations are to be performed using the same modulus.</p>
<p>BN_MONT_CTX_new() allocates and initializes a <b>BN_MONT_CTX</b> structure.</p>
<p>BN_MONT_CTX_set() sets up the <i>mont</i> structure from the modulus <i>m</i> by precomputing its inverse and a value R.</p>
<p>BN_MONT_CTX_copy() copies the <b>BN_MONT_CTX</b> <i>from</i> to <i>to</i>.</p>
<p>BN_MONT_CTX_free() frees the components of the <b>BN_MONT_CTX</b>, and, if it was created by BN_MONT_CTX_new(), also the structure itself. If <b>mont</b> is NULL, nothing is done.</p>
<p>BN_mod_mul_montgomery() computes Mont(<i>a</i>,<i>b</i>):=<i>a</i>*<i>b</i>*R^-1 and places the result in <i>r</i>.</p>
<p>BN_from_montgomery() performs the Montgomery reduction <i>r</i> = <i>a</i>*R^-1.</p>
<p>BN_to_montgomery() computes Mont(<i>a</i>,R^2), i.e. <i>a</i>*R. Note that <i>a</i> must be nonnegative and smaller than the modulus.</p>
<p>For all functions, <i>ctx</i> is a previously allocated <b>BN_CTX</b> used for temporary variables.</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>BN_MONT_CTX_new() returns the newly allocated <b>BN_MONT_CTX</b>, and NULL on error.</p>
<p>BN_MONT_CTX_free() has no return value.</p>
<p>For the other functions, 1 is returned for success, 0 on error. The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
<h1 id="WARNINGS">WARNINGS</h1>
<p>The inputs must be reduced modulo <b>m</b>, otherwise the result will be outside the expected range.</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/BN_add.html">BN_add(3)</a>, <a href="../man3/BN_CTX_new.html">BN_CTX_new(3)</a></p>
<h1 id="HISTORY">HISTORY</h1>
<p>BN_MONT_CTX_init() was removed in OpenSSL 1.1.0</p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

84
openssl-3.4.2/doc/html/man3/BN_mod_mul_reciprocal.html
View File

@@ -1,84 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>BN_mod_mul_reciprocal</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#HISTORY">HISTORY</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>BN_mod_mul_reciprocal, BN_div_recp, BN_RECP_CTX_new, BN_RECP_CTX_free, BN_RECP_CTX_set - modular multiplication using reciprocal</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/bn.h&gt;
BN_RECP_CTX *BN_RECP_CTX_new(void);
void BN_RECP_CTX_free(BN_RECP_CTX *recp);
int BN_RECP_CTX_set(BN_RECP_CTX *recp, const BIGNUM *m, BN_CTX *ctx);
int BN_div_recp(BIGNUM *dv, BIGNUM *rem, const BIGNUM *a, BN_RECP_CTX *recp,
BN_CTX *ctx);
int BN_mod_mul_reciprocal(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
BN_RECP_CTX *recp, BN_CTX *ctx);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>BN_mod_mul_reciprocal() can be used to perform an efficient <a href="../man3/BN_mod_mul.html">BN_mod_mul(3)</a> operation when the operation will be performed repeatedly with the same modulus. It computes <b>r</b>=(<b>a</b>*<b>b</b>)%<b>m</b> using <b>recp</b>=1/<b>m</b>, which is set as described below. <b>ctx</b> is a previously allocated <b>BN_CTX</b> used for temporary variables.</p>
<p>BN_RECP_CTX_new() allocates and initializes a <b>BN_RECP</b> structure.</p>
<p>BN_RECP_CTX_free() frees the components of the <b>BN_RECP</b>, and, if it was created by BN_RECP_CTX_new(), also the structure itself. If <b>recp</b> is NULL, nothing is done.</p>
<p>BN_RECP_CTX_set() stores <b>m</b> in <b>recp</b> and sets it up for computing 1/<b>m</b> and shifting it left by BN_num_bits(<b>m</b>)+1 to make it an integer. The result and the number of bits it was shifted left will later be stored in <b>recp</b>.</p>
<p>BN_div_recp() divides <b>a</b> by <b>m</b> using <b>recp</b>. It places the quotient in <b>dv</b> and the remainder in <b>rem</b>.</p>
<p>The <b>BN_RECP_CTX</b> structure cannot be shared between threads.</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>BN_RECP_CTX_new() returns the newly allocated <b>BN_RECP_CTX</b>, and NULL on error.</p>
<p>BN_RECP_CTX_free() has no return value.</p>
<p>For the other functions, 1 is returned for success, 0 on error. The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/BN_add.html">BN_add(3)</a>, <a href="../man3/BN_CTX_new.html">BN_CTX_new(3)</a></p>
<h1 id="HISTORY">HISTORY</h1>
<p>BN_RECP_CTX_init() was removed in OpenSSL 1.1.0</p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

75
openssl-3.4.2/doc/html/man3/BN_new.html
View File

@@ -1,75 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>BN_new</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#HISTORY">HISTORY</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>BN_new, BN_secure_new, BN_clear, BN_free, BN_clear_free - allocate and free BIGNUMs</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/bn.h&gt;
BIGNUM *BN_new(void);
BIGNUM *BN_secure_new(void);
void BN_clear(BIGNUM *a);
void BN_free(BIGNUM *a);
void BN_clear_free(BIGNUM *a);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>BN_new() allocates and initializes a <b>BIGNUM</b> structure. BN_secure_new() does the same except that the secure heap <a href="../man3/OPENSSL_secure_malloc.html">OPENSSL_secure_malloc(3)</a> is used to store the value.</p>
<p>BN_clear() is used to destroy sensitive data such as keys when they are no longer needed. It erases the memory used by <b>a</b> and sets it to the value 0. If <b>a</b> is NULL, nothing is done.</p>
<p>BN_free() frees the components of the <b>BIGNUM</b>, and if it was created by BN_new(), also the structure itself. BN_clear_free() additionally overwrites the data before the memory is returned to the system. If <b>a</b> is NULL, nothing is done.</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>BN_new() and BN_secure_new() return a pointer to the <b>BIGNUM</b> initialised to the value 0. If the allocation fails, they return <b>NULL</b> and set an error code that can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
<p>BN_clear(), BN_free() and BN_clear_free() have no return values.</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/OPENSSL_secure_malloc.html">OPENSSL_secure_malloc(3)</a></p>
<h1 id="HISTORY">HISTORY</h1>
<p>BN_init() was removed in OpenSSL 1.1.0; use BN_new() instead.</p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

71
openssl-3.4.2/doc/html/man3/BN_num_bytes.html
View File

@@ -1,71 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>BN_num_bytes</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>BN_num_bits, BN_num_bytes, BN_num_bits_word - get BIGNUM size</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/bn.h&gt;
int BN_num_bytes(const BIGNUM *a);
int BN_num_bits(const BIGNUM *a);
int BN_num_bits_word(BN_ULONG w);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>BN_num_bytes() returns the size of a <b>BIGNUM</b> in bytes.</p>
<p>BN_num_bits_word() returns the number of significant bits in a word. If we take 0x00000432 as an example, it returns 11, not 16, not 32. Basically, except for a zero, it returns <i>floor(log2(w))+1</i>.</p>
<p>BN_num_bits() returns the number of significant bits in a <b>BIGNUM</b>, following the same principle as BN_num_bits_word().</p>
<p>BN_num_bytes() is a macro.</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>The size.</p>
<h1 id="NOTES">NOTES</h1>
<p>Some have tried using BN_num_bits() on individual numbers in RSA keys, DH keys and DSA keys, and found that they don&#39;t always come up with the number of bits they expected (something like 512, 1024, 2048, ...). This is because generating a number with some specific number of bits doesn&#39;t always set the highest bits, thereby making the number of <i>significant</i> bits a little lower. If you want to know the &quot;key size&quot; of such a key, either use functions like RSA_size(), DH_size() and DSA_size(), or use BN_num_bytes() and multiply with 8 (although there&#39;s no real guarantee that will match the &quot;key size&quot;, just a lot more probability).</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/DH_size.html">DH_size(3)</a>, <a href="../man3/DSA_size.html">DSA_size(3)</a>, <a href="../man3/RSA_size.html">RSA_size(3)</a></p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

104
openssl-3.4.2/doc/html/man3/BN_rand.html
View File

@@ -1,104 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>BN_rand</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#HISTORY">HISTORY</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>BN_rand_ex, BN_rand, BN_priv_rand_ex, BN_priv_rand, BN_pseudo_rand, BN_rand_range_ex, BN_rand_range, BN_priv_rand_range_ex, BN_priv_rand_range, BN_pseudo_rand_range - generate pseudo-random number</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/bn.h&gt;
int BN_rand_ex(BIGNUM *rnd, int bits, int top, int bottom,
unsigned int strength, BN_CTX *ctx);
int BN_rand(BIGNUM *rnd, int bits, int top, int bottom);
int BN_priv_rand_ex(BIGNUM *rnd, int bits, int top, int bottom,
unsigned int strength, BN_CTX *ctx);
int BN_priv_rand(BIGNUM *rnd, int bits, int top, int bottom);
int BN_rand_range_ex(BIGNUM *rnd, const BIGNUM *range, unsigned int strength,
BN_CTX *ctx);
int BN_rand_range(BIGNUM *rnd, const BIGNUM *range);
int BN_priv_rand_range_ex(BIGNUM *rnd, const BIGNUM *range, unsigned int strength,
BN_CTX *ctx);
int BN_priv_rand_range(BIGNUM *rnd, const BIGNUM *range);</code></pre>
<p>The following functions have been deprecated since OpenSSL 3.0, and can be hidden entirely by defining <b>OPENSSL_API_COMPAT</b> with a suitable version value, see <a href="../man7/openssl_user_macros.html">openssl_user_macros(7)</a>:</p>
<pre><code>int BN_pseudo_rand(BIGNUM *rnd, int bits, int top, int bottom);
int BN_pseudo_rand_range(BIGNUM *rnd, const BIGNUM *range);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>BN_rand_ex() generates a cryptographically strong pseudo-random number of <i>bits</i> in length and security strength at least <i>strength</i> bits using the random number generator for the library context associated with <i>ctx</i>. The function stores the generated data in <i>rnd</i>. The parameter <i>ctx</i> may be NULL in which case the default library context is used. If <i>bits</i> is less than zero, or too small to accommodate the requirements specified by the <i>top</i> and <i>bottom</i> parameters, an error is returned. The <i>top</i> parameters specifies requirements on the most significant bit of the generated number. If it is <b>BN_RAND_TOP_ANY</b>, there is no constraint. If it is <b>BN_RAND_TOP_ONE</b>, the top bit must be one. If it is <b>BN_RAND_TOP_TWO</b>, the two most significant bits of the number will be set to 1, so that the product of two such random numbers will always have 2*<i>bits</i> length. If <i>bottom</i> is <b>BN_RAND_BOTTOM_ODD</b>, the number will be odd; if it is <b>BN_RAND_BOTTOM_ANY</b> it can be odd or even. If <i>bits</i> is 1 then <i>top</i> cannot also be <b>BN_RAND_TOP_TWO</b>.</p>
<p>BN_rand() is the same as BN_rand_ex() except that the default library context is always used.</p>
<p>BN_rand_range_ex() generates a cryptographically strong pseudo-random number <i>rnd</i>, of security strength at least <i>strength</i> bits, in the range 0 &lt;= <i>rnd</i> &lt; <i>range</i> using the random number generator for the library context associated with <i>ctx</i>. The parameter <i>ctx</i> may be NULL in which case the default library context is used.</p>
<p>BN_rand_range() is the same as BN_rand_range_ex() except that the default library context is always used.</p>
<p>BN_priv_rand_ex(), BN_priv_rand(), BN_priv_rand_rand_ex() and BN_priv_rand_range() have the same semantics as BN_rand_ex(), BN_rand(), BN_rand_range_ex() and BN_rand_range() respectively. They are intended to be used for generating values that should remain private, and mirror the same difference between <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a> and <a href="../man3/RAND_priv_bytes.html">RAND_priv_bytes(3)</a>.</p>
<h1 id="NOTES">NOTES</h1>
<p>Always check the error return value of these functions and do not take randomness for granted: an error occurs if the CSPRNG has not been seeded with enough randomness to ensure an unpredictable byte sequence.</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>The functions return 1 on success, 0 on error. The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/RAND_add.html">RAND_add(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man3/RAND_priv_bytes.html">RAND_priv_bytes(3)</a>, <a href="../man7/RAND.html">RAND(7)</a>, <a href="../man7/EVP_RAND.html">EVP_RAND(7)</a></p>
<h1 id="HISTORY">HISTORY</h1>
<ul>
<li><p>Starting with OpenSSL release 1.1.0, BN_pseudo_rand() has been identical to BN_rand() and BN_pseudo_rand_range() has been identical to BN_rand_range(). The BN_pseudo_rand() and BN_pseudo_rand_range() functions were deprecated in OpenSSL 3.0.</p>
</li>
<li><p>The BN_priv_rand() and BN_priv_rand_range() functions were added in OpenSSL 1.1.1.</p>
</li>
<li><p>The BN_rand_ex(), BN_priv_rand_ex(), BN_rand_range_ex() and BN_priv_rand_range_ex() functions were added in OpenSSL 3.0.</p>
</li>
</ul>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2000-2022 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

66
openssl-3.4.2/doc/html/man3/BN_security_bits.html
View File

@@ -1,66 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>BN_security_bits</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#HISTORY">HISTORY</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>BN_security_bits - returns bits of security based on given numbers</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/bn.h&gt;
int BN_security_bits(int L, int N);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>BN_security_bits() returns the number of bits of security provided by a specific algorithm and a particular key size. The bits of security is defined in NIST SP800-57. Currently, BN_security_bits() support two types of asymmetric algorithms: the FFC (Finite Field Cryptography) and IFC (Integer Factorization Cryptography). For FFC, e.g., DSA and DH, both parameters <b>L</b> and <b>N</b> are used to decide the bits of security, where <b>L</b> is the size of the public key and <b>N</b> is the size of the private key. For IFC, e.g., RSA, only <b>L</b> is used and it&#39;s commonly considered to be the key size (modulus).</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>Number of security bits.</p>
<h1 id="NOTES">NOTES</h1>
<p>ECC (Elliptic Curve Cryptography) is not covered by the BN_security_bits() function. The symmetric algorithms are not covered neither.</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/DH_security_bits.html">DH_security_bits(3)</a>, <a href="../man3/DSA_security_bits.html">DSA_security_bits(3)</a>, <a href="../man3/RSA_security_bits.html">RSA_security_bits(3)</a></p>
<h1 id="HISTORY">HISTORY</h1>
<p>The BN_security_bits() function was added in OpenSSL 1.1.0.</p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

81
openssl-3.4.2/doc/html/man3/BN_set_bit.html
View File

@@ -1,81 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>BN_set_bit</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>BN_set_bit, BN_clear_bit, BN_is_bit_set, BN_mask_bits, BN_lshift, BN_lshift1, BN_rshift, BN_rshift1 - bit operations on BIGNUMs</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/bn.h&gt;
int BN_set_bit(BIGNUM *a, int n);
int BN_clear_bit(BIGNUM *a, int n);
int BN_is_bit_set(const BIGNUM *a, int n);
int BN_mask_bits(BIGNUM *a, int n);
int BN_lshift(BIGNUM *r, const BIGNUM *a, int n);
int BN_lshift1(BIGNUM *r, BIGNUM *a);
int BN_rshift(BIGNUM *r, BIGNUM *a, int n);
int BN_rshift1(BIGNUM *r, BIGNUM *a);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>BN_set_bit() sets bit <b>n</b> in <b>a</b> to 1 (<code>a|=(1&lt;&lt;n)</code>). The number is expanded if necessary.</p>
<p>BN_clear_bit() sets bit <b>n</b> in <b>a</b> to 0 (<code>a&amp;=~(1&lt;&lt;n)</code>). An error occurs if <b>a</b> is shorter than <b>n</b> bits.</p>
<p>BN_is_bit_set() tests if bit <b>n</b> in <b>a</b> is set.</p>
<p>BN_mask_bits() truncates <b>a</b> to an <b>n</b> bit number (<code>a&amp;=~((~0)&lt;&lt;n)</code>). An error occurs if <b>n</b> is negative. An error is also returned if the internal representation of <b>a</b> is already shorter than <b>n</b> bits. The internal representation depends on the platform&#39;s word size, and this error can be safely ignored. Use <a href="../man3/BN_num_bits.html">BN_num_bits(3)</a> to determine the exact number of bits if needed.</p>
<p>BN_lshift() shifts <b>a</b> left by <b>n</b> bits and places the result in <b>r</b> (<code>r=a*2^n</code>). Note that <b>n</b> must be nonnegative. BN_lshift1() shifts <b>a</b> left by one and places the result in <b>r</b> (<code>r=2*a</code>).</p>
<p>BN_rshift() shifts <b>a</b> right by <b>n</b> bits and places the result in <b>r</b> (<code>r=a/2^n</code>). Note that <b>n</b> must be nonnegative. BN_rshift1() shifts <b>a</b> right by one and places the result in <b>r</b> (<code>r=a/2</code>).</p>
<p>For the shift functions, <b>r</b> and <b>a</b> may be the same variable.</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>BN_is_bit_set() returns 1 if the bit is set, 0 otherwise.</p>
<p>All other functions return 1 for success, 0 on error. The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/BN_num_bytes.html">BN_num_bytes(3)</a>, <a href="../man3/BN_add.html">BN_add(3)</a></p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2000-2024 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

51
openssl-3.4.2/doc/html/man3/BN_swap.html
View File

@@ -1,51 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>BN_swap</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>BN_swap - exchange BIGNUMs</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/bn.h&gt;
void BN_swap(BIGNUM *a, BIGNUM *b);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>BN_swap() exchanges the values of <i>a</i> and <i>b</i>.</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>BN_swap() does not return a value.</p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

82
openssl-3.4.2/doc/html/man3/BN_zero.html
View File

@@ -1,82 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>BN_zero</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#BUGS">BUGS</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#HISTORY">HISTORY</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>BN_zero, BN_one, BN_value_one, BN_set_word, BN_get_word - BIGNUM assignment operations</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/bn.h&gt;
void BN_zero(BIGNUM *a);
int BN_one(BIGNUM *a);
const BIGNUM *BN_value_one(void);
int BN_set_word(BIGNUM *a, BN_ULONG w);
unsigned BN_ULONG BN_get_word(BIGNUM *a);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p><b>BN_ULONG</b> is a macro that will be an unsigned integral type optimized for the most efficient implementation on the local platform.</p>
<p>BN_zero(), BN_one() and BN_set_word() set <b>a</b> to the values 0, 1 and <b>w</b> respectively. BN_zero() and BN_one() are macros.</p>
<p>BN_value_one() returns a <b>BIGNUM</b> constant of value 1. This constant is useful for use in comparisons and assignment.</p>
<p>BN_get_word() returns <b>a</b>, if it can be represented as a <b>BN_ULONG</b>.</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>BN_get_word() returns the value <b>a</b>, or all-bits-set if <b>a</b> cannot be represented as a single integer.</p>
<p>BN_one() and BN_set_word() return 1 on success, 0 otherwise. BN_value_one() returns the constant. BN_zero() never fails and returns no value.</p>
<h1 id="BUGS">BUGS</h1>
<p>If a <b>BIGNUM</b> is equal to the value of all-bits-set, it will collide with the error condition returned by BN_get_word() which uses that as an error value.</p>
<p><b>BN_ULONG</b> should probably be a typedef.</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/BN_bn2bin.html">BN_bn2bin(3)</a></p>
<h1 id="HISTORY">HISTORY</h1>
<p>In OpenSSL 0.9.8, BN_zero() was changed to not return a value; previous versions returned an int.</p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

86
openssl-3.4.2/doc/html/man3/BUF_MEM_new.html
View File

@@ -1,86 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>BUF_MEM_new</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#HISTORY">HISTORY</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>BUF_MEM_new, BUF_MEM_new_ex, BUF_MEM_free, BUF_MEM_grow, BUF_MEM_grow_clean, BUF_reverse - simple character array structure</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/buffer.h&gt;
BUF_MEM *BUF_MEM_new(void);
BUF_MEM *BUF_MEM_new_ex(unsigned long flags);
void BUF_MEM_free(BUF_MEM *a);
int BUF_MEM_grow(BUF_MEM *str, int len);
size_t BUF_MEM_grow_clean(BUF_MEM *str, size_t len);
void BUF_reverse(unsigned char *out, const unsigned char *in, size_t size);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>The buffer library handles simple character arrays. Buffers are used for various purposes in the library, most notably memory BIOs.</p>
<p>BUF_MEM_new() allocates a new buffer of zero size.</p>
<p>BUF_MEM_new_ex() allocates a buffer with the specified flags. The flag <b>BUF_MEM_FLAG_SECURE</b> specifies that the <b>data</b> pointer should be allocated on the secure heap; see <a href="../man3/CRYPTO_secure_malloc.html">CRYPTO_secure_malloc(3)</a>.</p>
<p>BUF_MEM_free() frees up an already existing buffer. The data is zeroed before freeing up in case the buffer contains sensitive data. If the argument is NULL, nothing is done.</p>
<p>BUF_MEM_grow() changes the size of an already existing buffer to <b>len</b>. Any data already in the buffer is preserved if it increases in size.</p>
<p>BUF_MEM_grow_clean() is similar to BUF_MEM_grow() but it sets any free&#39;d or additionally-allocated memory to zero.</p>
<p>BUF_reverse() reverses <b>size</b> bytes at <b>in</b> into <b>out</b>. If <b>in</b> is NULL, the array is reversed in-place.</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>BUF_MEM_new() returns the buffer or NULL on error.</p>
<p>BUF_MEM_free() has no return value.</p>
<p>BUF_MEM_grow() and BUF_MEM_grow_clean() return zero on error or the new size (i.e., <b>len</b>).</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man7/bio.html">bio(7)</a>, <a href="../man3/CRYPTO_secure_malloc.html">CRYPTO_secure_malloc(3)</a>.</p>
<h1 id="HISTORY">HISTORY</h1>
<p>The BUF_MEM_new_ex() function was added in OpenSSL 1.1.0.</p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2000-2024 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

119
openssl-3.4.2/doc/html/man3/CMAC_CTX.html
View File

@@ -1,119 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>CMAC_CTX</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#HISTORY">HISTORY</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>CMAC_CTX, CMAC_CTX_new, CMAC_CTX_cleanup, CMAC_CTX_free, CMAC_CTX_get0_cipher_ctx, CMAC_CTX_copy, CMAC_Init, CMAC_Update, CMAC_Final, CMAC_resume - create cipher-based message authentication codes</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/cmac.h&gt;</code></pre>
<p>The following functions have been deprecated since OpenSSL 3.0, and can be disabled entirely by defining <b>OPENSSL_API_COMPAT</b> with a suitable version value, see <a href="../man7/openssl_user_macros.html">openssl_user_macros(7)</a>.</p>
<pre><code>typedef struct CMAC_CTX_st CMAC_CTX;
CMAC_CTX *CMAC_CTX_new(void);
void CMAC_CTX_cleanup(CMAC_CTX *ctx);
void CMAC_CTX_free(CMAC_CTX *ctx);
EVP_CIPHER_CTX *CMAC_CTX_get0_cipher_ctx(CMAC_CTX *ctx);
int CMAC_CTX_copy(CMAC_CTX *out, const CMAC_CTX *in);
int CMAC_Init(CMAC_CTX *ctx, const void *key, size_t keylen,
const EVP_CIPHER *cipher, ENGINE *impl);
int CMAC_Update(CMAC_CTX *ctx, const void *data, size_t dlen);
int CMAC_Final(CMAC_CTX *ctx, unsigned char *out, size_t *poutlen);
int CMAC_resume(CMAC_CTX *ctx);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>The low-level MAC functions documented on this page are deprecated. Applications should use the new <a href="../man3/EVP_MAC.html">EVP_MAC(3)</a> interface. Specifically, utilize the following functions for MAC operations:</p>
<dl>
<dt id="EVP_MAC_CTX_new-3-to-create-a-new-MAC-context"><a href="../man3/EVP_MAC_CTX_new.html">EVP_MAC_CTX_new(3)</a> to create a new MAC context.</dt>
<dd>
</dd>
<dt id="EVP_MAC_CTX_free-3-to-free-the-MAC-context"><a href="../man3/EVP_MAC_CTX_free.html">EVP_MAC_CTX_free(3)</a> to free the MAC context.</dt>
<dd>
</dd>
<dt id="EVP_MAC_init-3-to-initialize-the-MAC-context"><a href="../man3/EVP_MAC_init.html">EVP_MAC_init(3)</a> to initialize the MAC context.</dt>
<dd>
</dd>
<dt id="EVP_MAC_update-3-to-update-the-MAC-with-data"><a href="../man3/EVP_MAC_update.html">EVP_MAC_update(3)</a> to update the MAC with data.</dt>
<dd>
</dd>
<dt id="EVP_MAC_final-3-to-finalize-the-MAC-and-retrieve-the-output"><a href="../man3/EVP_MAC_final.html">EVP_MAC_final(3)</a> to finalize the MAC and retrieve the output.</dt>
<dd>
</dd>
</dl>
<p>Alternatively, for a single-step MAC computation, use the <a href="../man3/EVP_Q_mac.html">EVP_Q_mac(3)</a> function.</p>
<p>The <b>CMAC_CTX</b> type is a structure used for the provision of CMAC (Cipher-based Message Authentication Code) operations.</p>
<p>CMAC_CTX_new() creates a new <b>CMAC_CTX</b> structure and returns a pointer to it.</p>
<p>CMAC_CTX_cleanup() resets the <b>CMAC_CTX</b> structure, clearing any internal data but not freeing the structure itself.</p>
<p>CMAC_CTX_free() frees the <b>CMAC_CTX</b> structure and any associated resources. If the argument is NULL, no action is taken.</p>
<p>CMAC_CTX_get0_cipher_ctx() returns a pointer to the internal <b>EVP_CIPHER_CTX</b> structure within the <b>CMAC_CTX</b>.</p>
<p>CMAC_CTX_copy() copies the state from one <b>CMAC_CTX</b> structure to another.</p>
<p>CMAC_Init() initializes the <b>CMAC_CTX</b> structure for a new CMAC calculation with the specified key, key length, and cipher type. Optionally, an <b>ENGINE</b> can be provided.</p>
<p>CMAC_Update() processes data to be included in the CMAC calculation. This function can be called multiple times to update the context with additional data.</p>
<p>CMAC_Final() finalizes the CMAC calculation and retrieves the resulting MAC value. The output is stored in the provided buffer, and the length is stored in the variable pointed to by <i>poutlen</i>. To determine the required buffer size, call with <i>out</i> set to NULL, which stores only the length in <i>poutlen</i>. Allocate a buffer of this size and call CMAC_Final() again with the allocated buffer to retrieve the MAC.</p>
<p>CMAC_resume() resumes a previously finalized CMAC calculation, allowing additional data to be processed and a new MAC to be generated.</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>CMAC_CTX_new() returns a pointer to a new <b>CMAC_CTX</b> structure or NULL if an error occurs.</p>
<p>CMAC_CTX_get0_cipher_ctx() returns a pointer to the internal <b>EVP_CIPHER_CTX</b> structure, or NULL if an error occurs.</p>
<p>CMAC_CTX_copy(), CMAC_Init(), CMAC_Update(), CMAC_Final() and CMAC_resume() return 1 for success or 0 if an error occurs.</p>
<h1 id="HISTORY">HISTORY</h1>
<p>All functions described here were deprecated in OpenSSL 3.0. For replacements, see <a href="../man3/EVP_MAC_CTX_new.html">EVP_MAC_CTX_new(3)</a>, <a href="../man3/EVP_MAC_CTX_free.html">EVP_MAC_CTX_free(3)</a>, <a href="../man3/EVP_MAC_init.html">EVP_MAC_init(3)</a>, <a href="../man3/EVP_MAC_update.html">EVP_MAC_update(3)</a>, and <a href="../man3/EVP_MAC_final.html">EVP_MAC_final(3)</a>.</p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2024 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

76
openssl-3.4.2/doc/html/man3/CMS_EncryptedData_decrypt.html
View File

@@ -1,76 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>CMS_EncryptedData_decrypt</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#HISTORY">HISTORY</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>CMS_EncryptedData_decrypt, CMS_EnvelopedData_decrypt - Decrypt CMS EncryptedData or EnvelopedData</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/cms.h&gt;
int CMS_EncryptedData_decrypt(CMS_ContentInfo *cms,
const unsigned char *key, size_t keylen,
BIO *dcont, BIO *out, unsigned int flags);
BIO *CMS_EnvelopedData_decrypt(CMS_EnvelopedData *env, BIO *detached_data,
EVP_PKEY *pkey, X509 *cert,
ASN1_OCTET_STRING *secret, unsigned int flags,
OSSL_LIB_CTX *libctx, const char *propq);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>CMS_EncryptedData_decrypt() decrypts a <i>cms</i> EncryptedData object using the symmetric <i>key</i> of size <i>keylen</i> bytes. <i>out</i> is a BIO to write the content to and <i>flags</i> is an optional set of flags. <i>dcont</i> is used in the rare case where the encrypted content is detached. It will normally be set to NULL.</p>
<p>The following flags can be passed in the <i>flags</i> parameter.</p>
<p>If the <b>CMS_TEXT</b> flag is set MIME headers for type <code>text/plain</code> are deleted from the content. If the content is not of type <code>text/plain</code> then an error is returned.</p>
<p>CMS_EnvelopedData_decrypt() decrypts, similarly to CMS_decrypt(3), a CMS EnvelopedData object <i>env</i> using the symmetric key <i>secret</i> if it is not NULL, otherwise the private key of the recipient <i>pkey</i>. If <i>pkey</i> is given, it is recommended to provide also the associated certificate in <i>cert</i> - see <a href="../man3/CMS_decrypt.html">CMS_decrypt(3)</a> and the NOTES on <i>cert</i> there. The optional parameters <i>flags</i> and <i>dcont</i> are used as described above. The optional parameters library context <i>libctx</i> and property query <i>propq</i> are used when retrieving algorithms from providers.</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>CMS_EncryptedData_decrypt() returns 0 if an error occurred otherwise returns 1.</p>
<p>CMS_EnvelopedData_decrypt() returns NULL if an error occurred, otherwise a BIO containing the decypted content.</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/CMS_EncryptedData_encrypt.html">CMS_EncryptedData_encrypt(3)</a>, <a href="../man3/CMS_decrypt.html">CMS_decrypt(3)</a></p>
<h1 id="HISTORY">HISTORY</h1>
<p>CMS_EnvelopedData_decrypt() was added in OpenSSL 3.2.</p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

79
openssl-3.4.2/doc/html/man3/CMS_EncryptedData_encrypt.html
View File

@@ -1,79 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>CMS_EncryptedData_encrypt</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#HISTORY">HISTORY</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>CMS_EncryptedData_encrypt_ex, CMS_EncryptedData_encrypt - Create CMS EncryptedData</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/cms.h&gt;
CMS_ContentInfo *CMS_EncryptedData_encrypt_ex(BIO *in,
const EVP_CIPHER *cipher,
const unsigned char *key,
size_t keylen,
unsigned int flags,
OSSL_LIB_CTX *ctx,
const char *propq);
CMS_ContentInfo *CMS_EncryptedData_encrypt(BIO *in,
const EVP_CIPHER *cipher, const unsigned char *key, size_t keylen,
unsigned int flags);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>CMS_EncryptedData_encrypt_ex() creates a <b>CMS_ContentInfo</b> structure with a type <b>NID_pkcs7_encrypted</b>. <i>in</i> is a BIO containing the data to encrypt using <i>cipher</i> and the encryption key <i>key</i> of size <i>keylen</i> bytes. The library context <i>libctx</i> and the property query <i>propq</i> are used when retrieving algorithms from providers. <i>flags</i> is a set of optional flags.</p>
<p>The <i>flags</i> field supports the options <b>CMS_DETACHED</b>, <b>CMS_STREAM</b> and <b>CMS_PARTIAL</b>. Internally CMS_final() is called unless <b>CMS_STREAM</b> and/or <b>CMS_PARTIAL</b> is specified.</p>
<p>The algorithm passed in the <i>cipher</i> parameter must support ASN1 encoding of its parameters.</p>
<p>The <b>CMS_ContentInfo</b> structure can be freed using <a href="../man3/CMS_ContentInfo_free.html">CMS_ContentInfo_free(3)</a>.</p>
<p>CMS_EncryptedData_encrypt() is similar to CMS_EncryptedData_encrypt_ex() but uses default values of NULL for the library context <i>libctx</i> and the property query <i>propq</i>.</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>If the allocation fails, CMS_EncryptedData_encrypt_ex() and CMS_EncryptedData_encrypt() return NULL and set an error code that can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>. Otherwise they return a pointer to the newly allocated structure.</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/CMS_final.html">CMS_final(3)</a>, <a href="../man3/CMS_EncryptedData_decrypt.html">CMS_EncryptedData_decrypt(3)</a></p>
<h1 id="HISTORY">HISTORY</h1>
<p>The CMS_EncryptedData_encrypt_ex() method was added in OpenSSL 3.0.</p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

84
openssl-3.4.2/doc/html/man3/CMS_EnvelopedData_create.html
View File

@@ -1,84 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>CMS_EnvelopedData_create</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#HISTORY">HISTORY</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>CMS_EnvelopedData_create_ex, CMS_EnvelopedData_create, CMS_AuthEnvelopedData_create, CMS_AuthEnvelopedData_create_ex - Create CMS envelope</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/cms.h&gt;
CMS_ContentInfo *
CMS_EnvelopedData_create_ex(const EVP_CIPHER *cipher, OSSL_LIB_CTX *libctx,
const char *propq);
CMS_ContentInfo *CMS_EnvelopedData_create(const EVP_CIPHER *cipher);
CMS_ContentInfo *
CMS_AuthEnvelopedData_create_ex(const EVP_CIPHER *cipher, OSSL_LIB_CTX *libctx,
const char *propq);
CMS_ContentInfo *CMS_AuthEnvelopedData_create(const EVP_CIPHER *cipher);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>CMS_EnvelopedData_create_ex() creates a <b>CMS_ContentInfo</b> structure with a type <b>NID_pkcs7_enveloped</b>. <i>cipher</i> is the symmetric cipher to use. The library context <i>libctx</i> and the property query <i>propq</i> are used when retrieving algorithms from providers.</p>
<p>CMS_AuthEnvelopedData_create_ex() creates a <b>CMS_ContentInfo</b> structure with a type <b>NID_id_smime_ct_authEnvelopedData</b>. <b>cipher</b> is the symmetric AEAD cipher to use. Currently only AES variants with GCM mode are supported. The library context <i>libctx</i> and the property query <i>propq</i> are used when retrieving algorithms from providers.</p>
<p>The algorithm passed in the <i>cipher</i> parameter must support ASN1 encoding of its parameters.</p>
<p>The recipients can be added later using <a href="../man3/CMS_add1_recipient_cert.html">CMS_add1_recipient_cert(3)</a> or <a href="../man3/CMS_add0_recipient_key.html">CMS_add0_recipient_key(3)</a>.</p>
<p>The <b>CMS_ContentInfo</b> structure needs to be finalized using <a href="../man3/CMS_final.html">CMS_final(3)</a> and then freed using <a href="../man3/CMS_ContentInfo_free.html">CMS_ContentInfo_free(3)</a>.</p>
<p>CMS_EnvelopedData_create() and CMS_AuthEnvelopedData_create() are similar to CMS_EnvelopedData_create_ex() and CMS_AuthEnvelopedData_create_ex() but use default values of NULL for the library context <i>libctx</i> and the property query <i>propq</i>.</p>
<h1 id="NOTES">NOTES</h1>
<p>Although CMS_EnvelopedData_create_ex(), and CMS_EnvelopedData_create(), CMS_AuthEnvelopedData_create_ex(), and CMS_AuthEnvelopedData_create() allocate a new <b>CMS_ContentInfo</b> structure, they are not usually used in applications. The wrappers <a href="../man3/CMS_encrypt.html">CMS_encrypt(3)</a> and <a href="../man3/CMS_decrypt.html">CMS_decrypt(3)</a> are often used instead.</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>If the allocation fails, CMS_EnvelopedData_create_ex(), CMS_EnvelopedData_create(), CMS_AuthEnvelopedData_create_ex(), and CMS_AuthEnvelopedData_create() return NULL and set an error code that can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>. Otherwise they return a pointer to the newly allocated structure.</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/CMS_encrypt.html">CMS_encrypt(3)</a>, <a href="../man3/CMS_decrypt.html">CMS_decrypt(3)</a>, <a href="../man3/CMS_final.html">CMS_final(3)</a></p>
<h1 id="HISTORY">HISTORY</h1>
<p>The CMS_EnvelopedData_create_ex() method was added in OpenSSL 3.0.</p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

82
openssl-3.4.2/doc/html/man3/CMS_add0_cert.html
View File

@@ -1,82 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>CMS_add0_cert</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#HISTORY">HISTORY</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>CMS_add0_cert, CMS_add1_cert, CMS_get1_certs, CMS_add0_crl, CMS_add1_crl, CMS_get1_crls - CMS certificate and CRL utility functions</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/cms.h&gt;
int CMS_add0_cert(CMS_ContentInfo *cms, X509 *cert);
int CMS_add1_cert(CMS_ContentInfo *cms, X509 *cert);
STACK_OF(X509) *CMS_get1_certs(CMS_ContentInfo *cms);
int CMS_add0_crl(CMS_ContentInfo *cms, X509_CRL *crl);
int CMS_add1_crl(CMS_ContentInfo *cms, X509_CRL *crl);
STACK_OF(X509_CRL) *CMS_get1_crls(CMS_ContentInfo *cms);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>CMS_add0_cert() and CMS_add1_cert() add certificate <i>cert</i> to <i>cms</i> unless it is already present. This is used by <a href="../man3/CMS_sign_ex.html">CMS_sign_ex(3)</a> and <a href="../man3/CMS_sign.html">CMS_sign(3)</a> and may be used before calling <a href="../man3/CMS_verify.html">CMS_verify(3)</a> to help chain building in certificate validation. As the 0 implies, CMS_add0_cert() adds <i>cert</i> internally to <i>cms</i> and on success it must not be freed up by the caller. In contrast, the caller of CMS_add1_cert() must free <i>cert</i>. <i>cms</i> must be of type signed data or (authenticated) enveloped data. For signed data, such a certificate can be used when signing or verifying to fill in the signer certificate or to provide an extra CA certificate that may be needed for chain building in certificate validation.</p>
<p>CMS_get1_certs() returns all certificates in <i>cms</i>.</p>
<p>CMS_add0_crl() and CMS_add1_crl() add CRL <i>crl</i> to <i>cms</i>. <i>cms</i> must be of type signed data or (authenticated) enveloped data. For signed data, such a CRL may be used in certificate validation with <a href="../man3/CMS_verify.html">CMS_verify(3)</a>. It may be given both for inclusion when signing a CMS message and when verifying a signed CMS message.</p>
<p>CMS_get1_crls() returns all CRLs in <i>cms</i>.</p>
<h1 id="NOTES">NOTES</h1>
<p>The CMS_ContentInfo structure <i>cms</i> must be of type signed data or enveloped data or authenticated enveloped data or an error will be returned.</p>
<p>For signed data, certificates and CRLs are added to the <i>certificates</i> and <i>crls</i> fields of SignedData structure. For enveloped data they are added to <b>OriginatorInfo</b>.</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>CMS_add0_cert(), CMS_add1_cert() and CMS_add0_crl() and CMS_add1_crl() return 1 for success and 0 for failure.</p>
<p>CMS_get1_certs() and CMS_get1_crls() return the STACK of certificates or CRLs or NULL if there are none or an error occurs. Besides out-of-memory, the only error which will occur in practice is if the <i>cms</i> type is invalid.</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/CMS_sign.html">CMS_sign(3)</a>, <a href="../man3/CMS_sign_ex.html">CMS_sign_ex(3)</a>, <a href="../man3/CMS_verify.html">CMS_verify(3)</a>, <a href="../man3/CMS_encrypt.html">CMS_encrypt(3)</a></p>
<h1 id="HISTORY">HISTORY</h1>
<p>CMS_add0_cert() and CMS_add1_cert() have been changed in OpenSSL 3.2 not to throw an error if a certificate to be added is already present.</p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2008-2024 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

88
openssl-3.4.2/doc/html/man3/CMS_add1_recipient_cert.html
View File

@@ -1,88 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>CMS_add1_recipient_cert</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#HISTORY">HISTORY</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>CMS_add1_recipient, CMS_add1_recipient_cert, CMS_add0_recipient_key - add recipients to a CMS enveloped data structure</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/cms.h&gt;
CMS_RecipientInfo *CMS_add1_recipient(CMS_ContentInfo *cms, X509 *recip,
EVP_PKEY *originatorPrivKey,
X509 *originator, unsigned int flags);
CMS_RecipientInfo *CMS_add1_recipient_cert(CMS_ContentInfo *cms,
X509 *recip, unsigned int flags);
CMS_RecipientInfo *CMS_add0_recipient_key(CMS_ContentInfo *cms, int nid,
unsigned char *key, size_t keylen,
unsigned char *id, size_t idlen,
ASN1_GENERALIZEDTIME *date,
ASN1_OBJECT *otherTypeId,
ASN1_TYPE *otherType);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>CMS_add1_recipient() adds recipient <b>recip</b> and provides the originator pkey <b>originatorPrivKey</b> and originator certificate <b>originator</b> to CMS_ContentInfo. The originator-related fields are relevant only in case when the keyAgreement method of providing of the shared key is in use.</p>
<p>CMS_add1_recipient_cert() adds recipient <b>recip</b> to CMS_ContentInfo enveloped data structure <b>cms</b> as a KeyTransRecipientInfo structure.</p>
<p>CMS_add0_recipient_key() adds symmetric key <b>key</b> of length <b>keylen</b> using wrapping algorithm <b>nid</b>, identifier <b>id</b> of length <b>idlen</b> and optional values <b>date</b>, <b>otherTypeId</b> and <b>otherType</b> to CMS_ContentInfo enveloped data structure <b>cms</b> as a KEKRecipientInfo structure.</p>
<p>The CMS_ContentInfo structure should be obtained from an initial call to CMS_encrypt() with the flag <b>CMS_PARTIAL</b> set.</p>
<h1 id="NOTES">NOTES</h1>
<p>The main purpose of this function is to provide finer control over a CMS enveloped data structure where the simpler CMS_encrypt() function defaults are not appropriate. For example if one or more KEKRecipientInfo structures need to be added. New attributes can also be added using the returned CMS_RecipientInfo structure and the CMS attribute utility functions.</p>
<p>OpenSSL will by default identify recipient certificates using issuer name and serial number. If <b>CMS_USE_KEYID</b> is set it will use the subject key identifier value instead. An error occurs if all recipient certificates do not have a subject key identifier extension.</p>
<p>Currently only AES based key wrapping algorithms are supported for <b>nid</b>, specifically: NID_id_aes128_wrap, NID_id_aes192_wrap and NID_id_aes256_wrap. If <b>nid</b> is set to <b>NID_undef</b> then an AES wrap algorithm will be used consistent with <b>keylen</b>.</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>CMS_add1_recipient_cert() and CMS_add0_recipient_key() return an internal pointer to the CMS_RecipientInfo structure just added or NULL if an error occurs.</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/CMS_decrypt.html">CMS_decrypt(3)</a>, <a href="../man3/CMS_final.html">CMS_final(3)</a>,</p>
<h1 id="HISTORY">HISTORY</h1>
<p><b>CMS_add1_recipient_cert</b> and <b>CMS_add0_recipient_key</b> were added in OpenSSL 3.0.</p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2008-2020 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

91
openssl-3.4.2/doc/html/man3/CMS_add1_signer.html
View File

@@ -1,91 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>CMS_add1_signer</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>CMS_add1_signer, CMS_SignerInfo_sign - add a signer to a CMS_ContentInfo signed data structure</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/cms.h&gt;
CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms, X509 *signcert,
EVP_PKEY *pkey, const EVP_MD *md,
unsigned int flags);
int CMS_SignerInfo_sign(CMS_SignerInfo *si);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>CMS_add1_signer() adds a signer with certificate <b>signcert</b> and private key <b>pkey</b> using message digest <b>md</b> to CMS_ContentInfo SignedData structure <b>cms</b>.</p>
<p>The CMS_ContentInfo structure should be obtained from an initial call to CMS_sign() with the flag <b>CMS_PARTIAL</b> set or in the case or re-signing a valid CMS_ContentInfo SignedData structure.</p>
<p>If the <b>md</b> parameter is <b>NULL</b> then the default digest for the public key algorithm will be used.</p>
<p>Unless the <b>CMS_REUSE_DIGEST</b> flag is set the returned CMS_ContentInfo structure is not complete and must be finalized either by streaming (if applicable) or a call to CMS_final().</p>
<p>The CMS_SignerInfo_sign() function explicitly signs a CMS_SignerInfo structure, its main use is when the <b>CMS_REUSE_DIGEST</b> and <b>CMS_PARTIAL</b> flags are both set.</p>
<h1 id="NOTES">NOTES</h1>
<p>The main purpose of CMS_add1_signer() is to provide finer control over a CMS signed data structure where the simpler CMS_sign() function defaults are not appropriate. For example if multiple signers or non default digest algorithms are needed. New attributes can also be added using the returned CMS_SignerInfo structure and the CMS attribute utility functions or the CMS signed receipt request functions.</p>
<p>Any of the following flags (ored together) can be passed in the <b>flags</b> parameter.</p>
<p>If <b>CMS_REUSE_DIGEST</b> is set then an attempt is made to copy the content digest value from the CMS_ContentInfo structure: to add a signer to an existing structure. An error occurs if a matching digest value cannot be found to copy. The returned CMS_ContentInfo structure will be valid and finalized when this flag is set.</p>
<p>If <b>CMS_PARTIAL</b> is set in addition to <b>CMS_REUSE_DIGEST</b> then the CMS_SignerInfo structure will not be finalized so additional attributes can be added. In this case an explicit call to CMS_SignerInfo_sign() is needed to finalize it.</p>
<p>If <b>CMS_NOCERTS</b> is set the signer&#39;s certificate will not be included in the CMS_ContentInfo structure, the signer&#39;s certificate must still be supplied in the <b>signcert</b> parameter though. This can reduce the size of the signature if the signers certificate can be obtained by other means: for example a previously signed message.</p>
<p>The SignedData structure includes several CMS signedAttributes including the signing time, the CMS content type and the supported list of ciphers in an SMIMECapabilities attribute. If <b>CMS_NOATTR</b> is set then no signedAttributes will be used. If <b>CMS_NOSMIMECAP</b> is set then just the SMIMECapabilities are omitted.</p>
<p>OpenSSL will by default identify signing certificates using issuer name and serial number. If <b>CMS_USE_KEYID</b> is set it will use the subject key identifier value instead. An error occurs if the signing certificate does not have a subject key identifier extension.</p>
<p>If present the SMIMECapabilities attribute indicates support for the following algorithms in preference order: 256 bit AES, Gost R3411-94, Gost 28147-89, 192 bit AES, 128 bit AES, triple DES, 128 bit RC2, 64 bit RC2, DES and 40 bit RC2. If any of these algorithms is not available then it will not be included: for example the GOST algorithms will not be included if the GOST ENGINE is not loaded.</p>
<p>CMS_add1_signer() returns an internal pointer to the CMS_SignerInfo structure just added, this can be used to set additional attributes before it is finalized.</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>CMS_add1_signer() returns an internal pointer to the CMS_SignerInfo structure just added or NULL if an error occurs.</p>
<p>CMS_SignerInfo_sign() returns 1 on success, 0 on failure.</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/CMS_sign.html">CMS_sign(3)</a>, <a href="../man3/CMS_final.html">CMS_final(3)</a>,</p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2014-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

79
openssl-3.4.2/doc/html/man3/CMS_compress.html
View File

@@ -1,79 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>CMS_compress</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#HISTORY">HISTORY</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>CMS_compress - create a CMS CompressedData structure</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/cms.h&gt;
CMS_ContentInfo *CMS_compress(BIO *in, int comp_nid, unsigned int flags);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>CMS_compress() creates and returns a CMS CompressedData structure. <b>comp_nid</b> is the compression algorithm to use or <b>NID_undef</b> to use the default algorithm (zlib compression). <b>in</b> is the content to be compressed. <b>flags</b> is an optional set of flags.</p>
<p>The only currently supported compression algorithm is zlib using the NID NID_zlib_compression.</p>
<p>If zlib support is not compiled into OpenSSL then CMS_compress() will return an error.</p>
<p>If the <b>CMS_TEXT</b> flag is set MIME headers for type <b>text/plain</b> are prepended to the data.</p>
<p>Normally the supplied content is translated into MIME canonical format (as required by the S/MIME specifications) if <b>CMS_BINARY</b> is set no translation occurs. This option should be used if the supplied data is in binary format otherwise the translation will corrupt it. If <b>CMS_BINARY</b> is set then <b>CMS_TEXT</b> is ignored.</p>
<p>If the <b>CMS_STREAM</b> flag is set a partial <b>CMS_ContentInfo</b> structure is returned suitable for streaming I/O: no data is read from the BIO <b>in</b>.</p>
<p>The compressed data is included in the CMS_ContentInfo structure, unless <b>CMS_DETACHED</b> is set in which case it is omitted. This is rarely used in practice and is not supported by SMIME_write_CMS().</p>
<p>If the flag <b>CMS_STREAM</b> is set the returned <b>CMS_ContentInfo</b> structure is <b>not</b> complete and outputting its contents via a function that does not properly finalize the <b>CMS_ContentInfo</b> structure will give unpredictable results.</p>
<p>Several functions including SMIME_write_CMS(), i2d_CMS_bio_stream(), PEM_write_bio_CMS_stream() finalize the structure. Alternatively finalization can be performed by obtaining the streaming ASN1 <b>BIO</b> directly using BIO_new_CMS().</p>
<p>Additional compression parameters such as the zlib compression level cannot currently be set.</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>CMS_compress() returns either a CMS_ContentInfo structure or NULL if an error occurred. The error can be obtained from ERR_get_error(3).</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/CMS_uncompress.html">CMS_uncompress(3)</a></p>
<h1 id="HISTORY">HISTORY</h1>
<p>The <b>CMS_STREAM</b> flag was added in OpenSSL 1.0.0.</p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

67
openssl-3.4.2/doc/html/man3/CMS_data_create.html
View File

@@ -1,67 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>CMS_data_create</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#HISTORY">HISTORY</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>CMS_data_create_ex, CMS_data_create - Create CMS Data object</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/cms.h&gt;
CMS_ContentInfo *CMS_data_create_ex(BIO *in, unsigned int flags,
OSSL_LIB_CTX *libctx, const char *propq);
CMS_ContentInfo *CMS_data_create(BIO *in, unsigned int flags);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>CMS_data_create_ex() creates a <b>CMS_ContentInfo</b> structure with a type <b>NID_pkcs7_data</b>. The data is supplied via the <i>in</i> BIO. The library context <i>libctx</i> and the property query <i>propq</i> are used when retrieving algorithms from providers. The <i>flags</i> field supports the <b>CMS_STREAM</b> flag. Internally CMS_final() is called unless <b>CMS_STREAM</b> is specified.</p>
<p>The <b>CMS_ContentInfo</b> structure can be freed using <a href="../man3/CMS_ContentInfo_free.html">CMS_ContentInfo_free(3)</a>.</p>
<p>CMS_data_create() is similar to CMS_data_create_ex() but uses default values of NULL for the library context <i>libctx</i> and the property query <i>propq</i>.</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>If the allocation fails, CMS_data_create_ex() and CMS_data_create() return NULL and set an error code that can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>. Otherwise they return a pointer to the newly allocated structure.</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/CMS_final.html">CMS_final(3)</a></p>
<h1 id="HISTORY">HISTORY</h1>
<p>The CMS_data_create_ex() method was added in OpenSSL 3.0.</p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

95
openssl-3.4.2/doc/html/man3/CMS_decrypt.html
View File

@@ -1,95 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>CMS_decrypt</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#BUGS">BUGS</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#HISTORY">HISTORY</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>CMS_decrypt, CMS_decrypt_set1_pkey_and_peer, CMS_decrypt_set1_pkey, CMS_decrypt_set1_password - decrypt content from a CMS envelopedData structure</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/cms.h&gt;
int CMS_decrypt(CMS_ContentInfo *cms, EVP_PKEY *pkey, X509 *cert,
BIO *dcont, BIO *out, unsigned int flags);
int CMS_decrypt_set1_pkey_and_peer(CMS_ContentInfo *cms,
EVP_PKEY *pk, X509 *cert, X509 *peer);
int CMS_decrypt_set1_pkey(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert);
int CMS_decrypt_set1_password(CMS_ContentInfo *cms,
unsigned char *pass, ossl_ssize_t passlen);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>CMS_decrypt() extracts the decrypted content from a CMS EnvelopedData or AuthEnvelopedData structure. It uses CMS_decrypt_set1_pkey() to decrypt the content with the recipient private key <i>pkey</i> if <i>pkey</i> is not NULL. In this case, the associated certificate is recommended to provide in <i>cert</i> - see the NOTES below. <i>out</i> is a BIO to write the content to and <i>flags</i> is an optional set of flags. If <i>pkey</i> is NULL the function assumes that decryption was already done (e.g., using CMS_decrypt_set1_pkey() or CMS_decrypt_set1_password()) and just provides the content unless <i>cert</i>, <i>dcont</i>, and <i>out</i> are NULL as well. The <i>dcont</i> parameter is used in the rare case where the encrypted content is detached. It will normally be set to NULL.</p>
<p>CMS_decrypt_set1_pkey_and_peer() decrypts the CMS_ContentInfo structure <i>cms</i> using the private key <i>pkey</i>, the corresponding certificate <i>cert</i>, which is recommended but may be NULL, and the (optional) originator certificate <i>peer</i>. On success, it also records in <i>cms</i> the decryption key <i>pkey</i>, and then should be followed by <code>CMS_decrypt(cms, NULL, NULL, dcont, out, flags)</code>. This call deallocates any decryption key stored in <i>cms</i>.</p>
<p>CMS_decrypt_set1_pkey() is the same as CMS_decrypt_set1_pkey_and_peer() with <i>peer</i> being NULL.</p>
<p>CMS_decrypt_set1_password() decrypts the CMS_ContentInfo structure <i>cms</i> using the secret <i>pass</i> of length <i>passlen</i>. On success, it also records in <i>cms</i> the decryption key used, and then should be followed by <code>CMS_decrypt(cms, NULL, NULL, dcont, out, flags)</code>. This call deallocates any decryption key stored in <i>cms</i>.</p>
<h1 id="NOTES">NOTES</h1>
<p>Although the recipients certificate is not needed to decrypt the data it is needed to locate the appropriate (of possible several) recipients in the CMS structure.</p>
<p>If <i>cert</i> is set to NULL all possible recipients are tried. This case however is problematic. To thwart the MMA attack (Bleichenbacher&#39;s attack on PKCS #1 v1.5 RSA padding) all recipients are tried whether they succeed or not. If no recipient succeeds then a random symmetric key is used to decrypt the content: this will typically output garbage and may (but is not guaranteed to) ultimately return a padding error only. If CMS_decrypt() just returned an error when all recipient encrypted keys failed to decrypt an attacker could use this in a timing attack. If the special flag <b>CMS_DEBUG_DECRYPT</b> is set then the above behaviour is modified and an error <b>is</b> returned if no recipient encrypted key can be decrypted <b>without</b> generating a random content encryption key. Applications should use this flag with <b>extreme caution</b> especially in automated gateways as it can leave them open to attack.</p>
<p>It is possible to determine the correct recipient key by other means (for example looking them up in a database) and setting them in the CMS structure in advance using the CMS utility functions such as CMS_set1_pkey(), or use CMS_decrypt_set1_password() if the recipient has a symmetric key. In these cases both <i>cert</i> and <i>pkey</i> should be set to NULL.</p>
<p>To process KEKRecipientInfo types CMS_set1_key() or CMS_RecipientInfo_set0_key() and CMS_RecipientInfo_decrypt() should be called before CMS_decrypt() and <i>cert</i> and <i>pkey</i> set to NULL.</p>
<p>The following flags can be passed in the <i>flags</i> parameter.</p>
<p>If the <b>CMS_TEXT</b> flag is set MIME headers for type <code>text/plain</code> are deleted from the content. If the content is not of type <code>text/plain</code> then an error is returned.</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>CMS_decrypt(), CMS_decrypt_set1_pkey_and_peer(), CMS_decrypt_set1_pkey(), and CMS_decrypt_set1_password() return either 1 for success or 0 for failure. The error can be obtained from ERR_get_error(3).</p>
<h1 id="BUGS">BUGS</h1>
<p>The <b>set1_</b> part of these function names is misleading and should better read: <b>with_</b>.</p>
<p>The lack of single pass processing and the need to hold all data in memory as mentioned in CMS_verify() also applies to CMS_decrypt().</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/CMS_encrypt.html">CMS_encrypt(3)</a></p>
<h1 id="HISTORY">HISTORY</h1>
<p>CMS_decrypt_set1_pkey_and_peer() and CMS_decrypt_set1_password() were added in OpenSSL 3.0.</p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2008-2020 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

70
openssl-3.4.2/doc/html/man3/CMS_digest_create.html
View File

@@ -1,70 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>CMS_digest_create</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#HISTORY">HISTORY</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>CMS_digest_create_ex, CMS_digest_create - Create CMS DigestedData object</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/cms.h&gt;
CMS_ContentInfo *CMS_digest_create_ex(BIO *in, const EVP_MD *md,
unsigned int flags, OSSL_LIB_CTX *ctx,
const char *propq);
CMS_ContentInfo *CMS_digest_create(BIO *in, const EVP_MD *md,
unsigned int flags);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>CMS_digest_create_ex() creates a <b>CMS_ContentInfo</b> structure with a type <b>NID_pkcs7_digest</b>. The data supplied via the <i>in</i> BIO is digested using <i>md</i>. The library context <i>libctx</i> and the property query <i>propq</i> are used when retrieving algorithms from providers. The <i>flags</i> field supports the <b>CMS_DETACHED</b> and <b>CMS_STREAM</b> flags, Internally CMS_final() is called unless <b>CMS_STREAM</b> is specified.</p>
<p>The <b>CMS_ContentInfo</b> structure can be freed using <a href="../man3/CMS_ContentInfo_free.html">CMS_ContentInfo_free(3)</a>.</p>
<p>CMS_digest_create() is similar to CMS_digest_create_ex() but uses default values of NULL for the library context <i>libctx</i> and the property query <i>propq</i>.</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>If the allocation fails, CMS_digest_create_ex() and CMS_digest_create() return NULL and set an error code that can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>. Otherwise they return a pointer to the newly allocated structure.</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/CMS_final.html">CMS_final(3)</a>&gt;</p>
<h1 id="HISTORY">HISTORY</h1>
<p>The CMS_digest_create_ex() method was added in OpenSSL 3.0.</p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

99
openssl-3.4.2/doc/html/man3/CMS_encrypt.html
View File

@@ -1,99 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>CMS_encrypt</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#HISTORY">HISTORY</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>CMS_encrypt_ex, CMS_encrypt - create a CMS envelopedData structure</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/cms.h&gt;
CMS_ContentInfo *CMS_encrypt_ex(STACK_OF(X509) *certs, BIO *in,
const EVP_CIPHER *cipher, unsigned int flags,
OSSL_LIB_CTX *libctx, const char *propq);
CMS_ContentInfo *CMS_encrypt(STACK_OF(X509) *certs, BIO *in,
const EVP_CIPHER *cipher, unsigned int flags);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>CMS_encrypt_ex() creates and returns a CMS EnvelopedData or AuthEnvelopedData structure. <i>certs</i> is a list of recipient certificates. <i>in</i> is the content to be encrypted. <i>cipher</i> is the symmetric cipher to use. <i>flags</i> is an optional set of flags. The library context <i>libctx</i> and the property query <i>propq</i> are used internally when retrieving algorithms from providers.</p>
<p>Only certificates carrying RSA, Diffie-Hellman or EC keys are supported by this function.</p>
<p>EVP_des_ede3_cbc() (triple DES) is the algorithm of choice for S/MIME use because most clients will support it.</p>
<p>The algorithm passed in the <b>cipher</b> parameter must support ASN1 encoding of its parameters. If the cipher mode is GCM, then an AuthEnvelopedData structure containing MAC is used. Otherwise an EnvelopedData structure is used. Currently the AES variants with GCM mode are the only supported AEAD algorithms.</p>
<p>Many browsers implement a &quot;sign and encrypt&quot; option which is simply an S/MIME envelopedData containing an S/MIME signed message. This can be readily produced by storing the S/MIME signed message in a memory BIO and passing it to CMS_encrypt().</p>
<p>The following flags can be passed in the <b>flags</b> parameter.</p>
<p>If the <b>CMS_TEXT</b> flag is set MIME headers for type <b>text/plain</b> are prepended to the data.</p>
<p>Normally the supplied content is translated into MIME canonical format (as required by the S/MIME specifications) if <b>CMS_BINARY</b> is set no translation occurs. This option should be used if the supplied data is in binary format otherwise the translation will corrupt it. If <b>CMS_BINARY</b> is set then <b>CMS_TEXT</b> is ignored.</p>
<p>OpenSSL will by default identify recipient certificates using issuer name and serial number. If <b>CMS_USE_KEYID</b> is set it will use the subject key identifier value instead. An error occurs if all recipient certificates do not have a subject key identifier extension.</p>
<p>If the <b>CMS_STREAM</b> flag is set a partial <b>CMS_ContentInfo</b> structure is returned suitable for streaming I/O: no data is read from the BIO <b>in</b>.</p>
<p>If the <b>CMS_PARTIAL</b> flag is set a partial <b>CMS_ContentInfo</b> structure is returned to which additional recipients and attributes can be added before finalization.</p>
<p>The data being encrypted is included in the CMS_ContentInfo structure, unless <b>CMS_DETACHED</b> is set in which case it is omitted. This is rarely used in practice and is not supported by SMIME_write_CMS().</p>
<p>If the flag <b>CMS_STREAM</b> is set the returned <b>CMS_ContentInfo</b> structure is <b>not</b> complete and outputting its contents via a function that does not properly finalize the <b>CMS_ContentInfo</b> structure will give unpredictable results.</p>
<p>Several functions including SMIME_write_CMS(), i2d_CMS_bio_stream(), PEM_write_bio_CMS_stream() finalize the structure. Alternatively finalization can be performed by obtaining the streaming ASN1 <b>BIO</b> directly using BIO_new_CMS().</p>
<p>The recipients specified in <b>certs</b> use a CMS KeyTransRecipientInfo info structure. KEKRecipientInfo is also supported using the flag <b>CMS_PARTIAL</b> and CMS_add0_recipient_key().</p>
<p>The parameter <b>certs</b> may be NULL if <b>CMS_PARTIAL</b> is set and recipients added later using CMS_add1_recipient_cert() or CMS_add0_recipient_key().</p>
<p>CMS_encrypt() is similar to CMS_encrypt_ex() but uses default values of NULL for the library context <i>libctx</i> and the property query <i>propq</i>.</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>CMS_encrypt_ex() and CMS_encrypt() return either a CMS_ContentInfo structure or NULL if an error occurred. The error can be obtained from ERR_get_error(3).</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/CMS_decrypt.html">CMS_decrypt(3)</a></p>
<h1 id="HISTORY">HISTORY</h1>
<p>The function CMS_encrypt_ex() was added in OpenSSL 3.0.</p>
<p>The <b>CMS_STREAM</b> flag was first supported in OpenSSL 1.0.0.</p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2008-2020 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

72
openssl-3.4.2/doc/html/man3/CMS_final.html
View File

@@ -1,72 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>CMS_final</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#HISTORY">HISTORY</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>CMS_final, CMS_final_digest - finalise a CMS_ContentInfo structure</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/cms.h&gt;
int CMS_final(CMS_ContentInfo *cms, BIO *data, BIO *dcont, unsigned int flags);
int CMS_final_digest(CMS_ContentInfo *cms, const unsigned char *md,
unsigned int mdlen, BIO *dcont, unsigned int flags);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>CMS_final() finalises the structure <b>cms</b>. Its purpose is to perform any operations necessary on <b>cms</b> (digest computation for example) and set the appropriate fields. The parameter <b>data</b> contains the content to be processed. The <b>dcont</b> parameter contains a BIO to write content to after processing: this is only used with detached data and will usually be set to NULL.</p>
<p>CMS_final_digest() finalises the structure <b>cms</b> using a pre-computed digest, rather than computing the digest from the original data.</p>
<h1 id="NOTES">NOTES</h1>
<p>These functions will normally be called when the <b>CMS_PARTIAL</b> flag is used. It should only be used when streaming is not performed because the streaming I/O functions perform finalisation operations internally.</p>
<p>To sign a pre-computed digest, <a href="../man3/CMS_sign.html">CMS_sign(3)</a> or CMS_sign_ex() is called with the <b>data</b> parameter set to NULL before the CMS structure is finalised with the digest provided to CMS_final_digest() in binary form. When signing a pre-computed digest, the security relies on the digest and its computation from the original message being trusted.</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>CMS_final() and CMS_final_digest() return 1 for success or 0 for failure.</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/CMS_sign.html">CMS_sign(3)</a>, <a href="../man3/CMS_encrypt.html">CMS_encrypt(3)</a></p>
<h1 id="HISTORY">HISTORY</h1>
<p>CMS_final_digest() was added in OpenSSL 3.2.</p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2008-2022 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

121
openssl-3.4.2/doc/html/man3/CMS_get0_RecipientInfos.html
View File

@@ -1,121 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>CMS_get0_RecipientInfos</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#HISTORY">HISTORY</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>CMS_get0_RecipientInfos, CMS_RecipientInfo_type, CMS_RecipientInfo_ktri_get0_signer_id, CMS_RecipientInfo_ktri_cert_cmp, CMS_RecipientInfo_set0_pkey, CMS_RecipientInfo_kekri_get0_id, CMS_RecipientInfo_kari_set0_pkey_and_peer, CMS_RecipientInfo_kari_set0_pkey, CMS_RecipientInfo_kekri_id_cmp, CMS_RecipientInfo_set0_key, CMS_RecipientInfo_decrypt, CMS_RecipientInfo_encrypt - CMS envelopedData RecipientInfo routines</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/cms.h&gt;
STACK_OF(CMS_RecipientInfo) *CMS_get0_RecipientInfos(CMS_ContentInfo *cms);
int CMS_RecipientInfo_type(CMS_RecipientInfo *ri);
int CMS_RecipientInfo_ktri_get0_signer_id(CMS_RecipientInfo *ri,
ASN1_OCTET_STRING **keyid,
X509_NAME **issuer,
ASN1_INTEGER **sno);
int CMS_RecipientInfo_ktri_cert_cmp(CMS_RecipientInfo *ri, X509 *cert);
int CMS_RecipientInfo_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pkey);
int CMS_RecipientInfo_kari_set0_pkey_and_peer(CMS_RecipientInfo *ri,
EVP_PKEY *pk, X509 *peer);
int CMS_RecipientInfo_kari_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pk);
int CMS_RecipientInfo_kekri_get0_id(CMS_RecipientInfo *ri, X509_ALGOR **palg,
ASN1_OCTET_STRING **pid,
ASN1_GENERALIZEDTIME **pdate,
ASN1_OBJECT **potherid,
ASN1_TYPE **pothertype);
int CMS_RecipientInfo_kekri_id_cmp(CMS_RecipientInfo *ri,
const unsigned char *id, size_t idlen);
int CMS_RecipientInfo_set0_key(CMS_RecipientInfo *ri,
unsigned char *key, size_t keylen);
int CMS_RecipientInfo_decrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri);
int CMS_RecipientInfo_encrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>The function CMS_get0_RecipientInfos() returns all the CMS_RecipientInfo structures associated with a CMS EnvelopedData structure.</p>
<p>CMS_RecipientInfo_type() returns the type of CMS_RecipientInfo structure <b>ri</b>. It will currently return CMS_RECIPINFO_TRANS, CMS_RECIPINFO_AGREE, CMS_RECIPINFO_KEK, CMS_RECIPINFO_PASS, or CMS_RECIPINFO_OTHER.</p>
<p>CMS_RecipientInfo_ktri_get0_signer_id() retrieves the certificate recipient identifier associated with a specific CMS_RecipientInfo structure <b>ri</b>, which must be of type CMS_RECIPINFO_TRANS. Either the keyidentifier will be set in <b>keyid</b> or <b>both</b> issuer name and serial number in <b>issuer</b> and <b>sno</b>.</p>
<p>CMS_RecipientInfo_ktri_cert_cmp() compares the certificate <b>cert</b> against the CMS_RecipientInfo structure <b>ri</b>, which must be of type CMS_RECIPINFO_TRANS. It returns zero if the comparison is successful and non zero if not.</p>
<p>CMS_RecipientInfo_set0_pkey() associates the private key <b>pkey</b> with the CMS_RecipientInfo structure <b>ri</b>, which must be of type CMS_RECIPINFO_TRANS.</p>
<p>CMS_RecipientInfo_kari_set0_pkey_and_peer() associates the private key <b>pkey</b> and peer certificate <b>peer</b> with the CMS_RecipientInfo structure <b>ri</b>, which must be of type CMS_RECIPINFO_AGREE.</p>
<p>CMS_RecipientInfo_kari_set0_pkey() associates the private key <b>pkey</b> with the CMS_RecipientInfo structure <b>ri</b>, which must be of type CMS_RECIPINFO_AGREE.</p>
<p>CMS_RecipientInfo_kekri_get0_id() retrieves the key information from the CMS_RecipientInfo structure <b>ri</b> which must be of type CMS_RECIPINFO_KEK. Any of the remaining parameters can be NULL if the application is not interested in the value of a field. Where a field is optional and absent NULL will be written to the corresponding parameter. The keyEncryptionAlgorithm field is written to <b>palg</b>, the <b>keyIdentifier</b> field is written to <b>pid</b>, the <b>date</b> field if present is written to <b>pdate</b>, if the <b>other</b> field is present the components <b>keyAttrId</b> and <b>keyAttr</b> are written to parameters <b>potherid</b> and <b>pothertype</b>.</p>
<p>CMS_RecipientInfo_kekri_id_cmp() compares the ID in the <b>id</b> and <b>idlen</b> parameters against the <b>keyIdentifier</b> CMS_RecipientInfo structure <b>ri</b>, which must be of type CMS_RECIPINFO_KEK. It returns zero if the comparison is successful and non zero if not.</p>
<p>CMS_RecipientInfo_set0_key() associates the symmetric key <b>key</b> of length <b>keylen</b> with the CMS_RecipientInfo structure <b>ri</b>, which must be of type CMS_RECIPINFO_KEK.</p>
<p>CMS_RecipientInfo_decrypt() attempts to decrypt CMS_RecipientInfo structure <b>ri</b> in structure <b>cms</b>. A key must have been associated with the structure first.</p>
<p>CMS_RecipientInfo_encrypt() attempts to encrypt CMS_RecipientInfo structure <b>ri</b> in structure <b>cms</b>. A key must have been associated with the structure first and the content encryption key must be available: for example by a previous call to CMS_RecipientInfo_decrypt().</p>
<h1 id="NOTES">NOTES</h1>
<p>The main purpose of these functions is to enable an application to lookup recipient keys using any appropriate technique when the simpler method of CMS_decrypt() is not appropriate.</p>
<p>In typical usage and application will retrieve all CMS_RecipientInfo structures using CMS_get0_RecipientInfos() and check the type of each using CMS_RecipientInfo_type(). Depending on the type the CMS_RecipientInfo structure can be ignored or its key identifier data retrieved using an appropriate function. Then if the corresponding secret or private key can be obtained by any appropriate means it can then associated with the structure and CMS_RecipientInfo_decrypt() called. If successful CMS_decrypt() can be called with a NULL key to decrypt the enveloped content.</p>
<p>The CMS_RecipientInfo_encrypt() can be used to add a new recipient to an existing enveloped data structure. Typically an application will first decrypt an appropriate CMS_RecipientInfo structure to make the content encrypt key available, it will then add a new recipient using a function such as CMS_add1_recipient_cert() and finally encrypt the content encryption key using CMS_RecipientInfo_encrypt().</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>CMS_get0_RecipientInfos() returns all CMS_RecipientInfo structures, or NULL if an error occurs.</p>
<p>CMS_RecipientInfo_ktri_get0_signer_id(), CMS_RecipientInfo_set0_pkey(), CMS_RecipientInfo_kekri_get0_id(), CMS_RecipientInfo_set0_key() and CMS_RecipientInfo_decrypt() return 1 for success or 0 if an error occurs. CMS_RecipientInfo_encrypt() return 1 for success or 0 if an error occurs.</p>
<p>CMS_RecipientInfo_ktri_cert_cmp() and CMS_RecipientInfo_kekri_cmp() return 0 for a successful comparison and non zero otherwise.</p>
<p>Any error can be obtained from <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/CMS_decrypt.html">CMS_decrypt(3)</a></p>
<h1 id="HISTORY">HISTORY</h1>
<p><b>CMS_RecipientInfo_kari_set0_pkey_and_peer</b> and <b>CMS_RecipientInfo_kari_set0_pkey</b> were added in OpenSSL 3.0.</p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2008-2020 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

89
openssl-3.4.2/doc/html/man3/CMS_get0_SignerInfos.html
View File

@@ -1,89 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>CMS_get0_SignerInfos</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>CMS_SignerInfo_set1_signer_cert, CMS_get0_SignerInfos, CMS_SignerInfo_get0_signer_id, CMS_SignerInfo_get0_signature, CMS_SignerInfo_cert_cmp - CMS signedData signer functions</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/cms.h&gt;
STACK_OF(CMS_SignerInfo) *CMS_get0_SignerInfos(CMS_ContentInfo *cms);
int CMS_SignerInfo_get0_signer_id(CMS_SignerInfo *si, ASN1_OCTET_STRING **keyid,
X509_NAME **issuer, ASN1_INTEGER **sno);
ASN1_OCTET_STRING *CMS_SignerInfo_get0_signature(CMS_SignerInfo *si);
int CMS_SignerInfo_cert_cmp(CMS_SignerInfo *si, X509 *cert);
void CMS_SignerInfo_set1_signer_cert(CMS_SignerInfo *si, X509 *signer);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>The function CMS_get0_SignerInfos() returns all the CMS_SignerInfo structures associated with a CMS signedData structure.</p>
<p>CMS_SignerInfo_get0_signer_id() retrieves the certificate signer identifier associated with a specific CMS_SignerInfo structure <b>si</b>. Either the keyidentifier will be set in <b>keyid</b> or <b>both</b> issuer name and serial number in <b>issuer</b> and <b>sno</b>.</p>
<p>CMS_SignerInfo_get0_signature() retrieves the signature associated with <b>si</b> in a pointer to an ASN1_OCTET_STRING structure. This pointer returned corresponds to the internal signature value if <b>si</b> so it may be read or modified.</p>
<p>CMS_SignerInfo_cert_cmp() compares the certificate <b>cert</b> against the signer identifier <b>si</b>. It returns zero if the comparison is successful and non zero if not.</p>
<p>CMS_SignerInfo_set1_signer_cert() sets the signers certificate of <b>si</b> to <b>signer</b>.</p>
<h1 id="NOTES">NOTES</h1>
<p>The main purpose of these functions is to enable an application to lookup signers certificates using any appropriate technique when the simpler method of CMS_verify() is not appropriate.</p>
<p>In typical usage and application will retrieve all CMS_SignerInfo structures using CMS_get0_SignerInfo() and retrieve the identifier information using CMS. It will then obtain the signer certificate by some unspecified means (or return and error if it cannot be found) and set it using CMS_SignerInfo_set1_signer_cert().</p>
<p>Once all signer certificates have been set CMS_verify() can be used.</p>
<p>Although CMS_get0_SignerInfos() can return NULL if an error occurs <b>or</b> if there are no signers this is not a problem in practice because the only error which can occur is if the <b>cms</b> structure is not of type signedData due to application error.</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>CMS_get0_SignerInfos() returns all CMS_SignerInfo structures, or NULL there are no signers or an error occurs.</p>
<p>CMS_SignerInfo_get0_signer_id() returns 1 for success and 0 for failure.</p>
<p>CMS_SignerInfo_cert_cmp() returns 0 for a successful comparison and non zero otherwise.</p>
<p>CMS_SignerInfo_set1_signer_cert() does not return a value.</p>
<p>Any error can be obtained from <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/CMS_verify.html">CMS_verify(3)</a></p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2008-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

87
openssl-3.4.2/doc/html/man3/CMS_get0_type.html
View File

@@ -1,87 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>CMS_get0_type</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>CMS_get0_type, CMS_set1_eContentType, CMS_get0_eContentType, CMS_get0_content - get and set CMS content types and content</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/cms.h&gt;
const ASN1_OBJECT *CMS_get0_type(const CMS_ContentInfo *cms);
int CMS_set1_eContentType(CMS_ContentInfo *cms, const ASN1_OBJECT *oid);
const ASN1_OBJECT *CMS_get0_eContentType(CMS_ContentInfo *cms);
ASN1_OCTET_STRING **CMS_get0_content(CMS_ContentInfo *cms);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>CMS_get0_type() returns the content type of a CMS_ContentInfo structure as an ASN1_OBJECT pointer. An application can then decide how to process the CMS_ContentInfo structure based on this value.</p>
<p>CMS_set1_eContentType() sets the embedded content type of a CMS_ContentInfo structure. It should be called with CMS functions (such as <a href="../man3/CMS_sign.html">CMS_sign(3)</a>, <a href="../man3/CMS_encrypt.html">CMS_encrypt(3)</a>) with the <b>CMS_PARTIAL</b> flag and <b>before</b> the structure is finalised, otherwise the results are undefined.</p>
<p>ASN1_OBJECT *CMS_get0_eContentType() returns a pointer to the embedded content type.</p>
<p>CMS_get0_content() returns a pointer to the <b>ASN1_OCTET_STRING</b> pointer containing the embedded content.</p>
<h1 id="NOTES">NOTES</h1>
<p>As the <b>0</b> implies CMS_get0_type(), CMS_get0_eContentType() and CMS_get0_content() return internal pointers which should <b>not</b> be freed up. CMS_set1_eContentType() copies the supplied OID and it <b>should</b> be freed up after use.</p>
<p>The <b>ASN1_OBJECT</b> values returned can be converted to an integer <b>NID</b> value using OBJ_obj2nid(). For the currently supported content types the following values are returned:</p>
<pre><code>NID_pkcs7_data
NID_pkcs7_signed
NID_pkcs7_digest
NID_id_smime_ct_compressedData:
NID_pkcs7_encrypted
NID_pkcs7_enveloped</code></pre>
<p>The return value of CMS_get0_content() is a pointer to the <b>ASN1_OCTET_STRING</b> content pointer. That means that for example:</p>
<pre><code>ASN1_OCTET_STRING **pconf = CMS_get0_content(cms);</code></pre>
<p><b>*pconf</b> could be NULL if there is no embedded content. Applications can access, modify or create the embedded content in a <b>CMS_ContentInfo</b> structure using this function. Applications usually will not need to modify the embedded content as it is normally set by higher level functions.</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>CMS_get0_type() and CMS_get0_eContentType() return an ASN1_OBJECT structure.</p>
<p>CMS_set1_eContentType() returns 1 for success or 0 if an error occurred. The error can be obtained from ERR_get_error(3).</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

92
openssl-3.4.2/doc/html/man3/CMS_get1_ReceiptRequest.html
View File

@@ -1,92 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>CMS_get1_ReceiptRequest</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#HISTORY">HISTORY</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>CMS_ReceiptRequest_create0_ex, CMS_ReceiptRequest_create0, CMS_add1_ReceiptRequest, CMS_get1_ReceiptRequest, CMS_ReceiptRequest_get0_values - CMS signed receipt request functions</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/cms.h&gt;
CMS_ReceiptRequest *CMS_ReceiptRequest_create0_ex(
unsigned char *id, int idlen, int allorfirst,
STACK_OF(GENERAL_NAMES) *receiptList, STACK_OF(GENERAL_NAMES) *receiptsTo,
OSSL_LIB_CTX *libctx);
CMS_ReceiptRequest *CMS_ReceiptRequest_create0(
unsigned char *id, int idlen, int allorfirst,
STACK_OF(GENERAL_NAMES) *receiptList, STACK_OF(GENERAL_NAMES) *receiptsTo);
int CMS_add1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest *rr);
int CMS_get1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest **prr);
void CMS_ReceiptRequest_get0_values(CMS_ReceiptRequest *rr, ASN1_STRING **pcid,
int *pallorfirst,
STACK_OF(GENERAL_NAMES) **plist,
STACK_OF(GENERAL_NAMES) **prto);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>CMS_ReceiptRequest_create0_ex() creates a signed receipt request structure. The <b>signedContentIdentifier</b> field is set using <i>id</i> and <i>idlen</i>, or it is set to 32 bytes of pseudo random data if <i>id</i> is NULL. If <i>receiptList</i> is NULL the allOrFirstTier option in <i>receiptsFrom</i> is used and set to the value of the <i>allorfirst</i> parameter. If <i>receiptList</i> is not NULL the <i>receiptList</i> option in <i>receiptsFrom</i> is used. The <i>receiptsTo</i> parameter specifies the <i>receiptsTo</i> field value. The library context <i>libctx</i> is used to find the public random generator.</p>
<p>CMS_ReceiptRequest_create0() is similar to CMS_ReceiptRequest_create0_ex() but uses default values of NULL for the library context <i>libctx</i>.</p>
<p>The CMS_add1_ReceiptRequest() function adds a signed receipt request <b>rr</b> to SignerInfo structure <b>si</b>.</p>
<p>int CMS_get1_ReceiptRequest() looks for a signed receipt request in <b>si</b>, if any is found it is decoded and written to <b>prr</b>.</p>
<p>CMS_ReceiptRequest_get0_values() retrieves the values of a receipt request. The signedContentIdentifier is copied to <b>pcid</b>. If the <b>allOrFirstTier</b> option of <b>receiptsFrom</b> is used its value is copied to <b>pallorfirst</b> otherwise the <b>receiptList</b> field is copied to <b>plist</b>. The <b>receiptsTo</b> parameter is copied to <b>prto</b>.</p>
<h1 id="NOTES">NOTES</h1>
<p>For more details of the meaning of the fields see RFC2634.</p>
<p>The contents of a signed receipt should only be considered meaningful if the corresponding CMS_ContentInfo structure can be successfully verified using CMS_verify().</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>CMS_ReceiptRequest_create0_ex() and CMS_ReceiptRequest_create0() return a signed receipt request structure or NULL if an error occurred.</p>
<p>CMS_add1_ReceiptRequest() returns 1 for success or 0 if an error occurred.</p>
<p>CMS_get1_ReceiptRequest() returns 1 is a signed receipt request is found and decoded. It returns 0 if a signed receipt request is not present and -1 if it is present but malformed.</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/CMS_sign.html">CMS_sign(3)</a>, <a href="../man3/CMS_sign_receipt.html">CMS_sign_receipt(3)</a>, <a href="../man3/CMS_verify.html">CMS_verify(3)</a> <a href="../man3/CMS_verify_receipt.html">CMS_verify_receipt(3)</a></p>
<h1 id="HISTORY">HISTORY</h1>
<p>The function CMS_ReceiptRequest_create0_ex() was added in OpenSSL 3.0.</p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2008-2021 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

114
openssl-3.4.2/doc/html/man3/CMS_sign.html
View File

@@ -1,114 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>CMS_sign</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#BUGS">BUGS</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#HISTORY">HISTORY</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>CMS_sign, CMS_sign_ex - create a CMS SignedData structure</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/cms.h&gt;
CMS_ContentInfo *CMS_sign_ex(X509 *signcert, EVP_PKEY *pkey,
STACK_OF(X509) *certs, BIO *data,
unsigned int flags, OSSL_LIB_CTX *ctx,
const char *propq);
CMS_ContentInfo *CMS_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs,
BIO *data, unsigned int flags);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>CMS_sign_ex() creates and returns a CMS SignedData structure. <i>signcert</i> is the certificate to sign with, <i>pkey</i> is the corresponding private key. <i>certs</i> is an optional additional set of certificates to include in the CMS structure (for example any intermediate CAs in the chain). The library context <i>libctx</i> and the property query <i>propq</i> are used when retrieving algorithms from providers. Any or all of these parameters can be <b>NULL</b>, see <b>NOTES</b> below.</p>
<p>The data to be signed is read from BIO <b>data</b>.</p>
<p><b>flags</b> is an optional set of flags.</p>
<p>CMS_sign() is similar to CMS_sign_ex() but uses default values of NULL for the library context <i>libctx</i> and the property query <i>propq</i>.</p>
<h1 id="NOTES">NOTES</h1>
<p>Any of the following flags (ored together) can be passed in the <b>flags</b> parameter.</p>
<p>Many S/MIME clients expect the signed content to include valid MIME headers. If the <b>CMS_TEXT</b> flag is set MIME headers for type <b>text/plain</b> are prepended to the data.</p>
<p>If <b>CMS_NOCERTS</b> is set the signer&#39;s certificate will not be included in the CMS_ContentInfo structure, the signer&#39;s certificate must still be supplied in the <b>signcert</b> parameter though. This can reduce the size of the signature if the signers certificate can be obtained by other means: for example a previously signed message.</p>
<p>The data being signed is included in the CMS_ContentInfo structure, unless <b>CMS_DETACHED</b> is set in which case it is omitted. This is used for CMS_ContentInfo detached signatures which are used in S/MIME plaintext signed messages for example.</p>
<p>Normally the supplied content is translated into MIME canonical format (as required by the S/MIME specifications) if <b>CMS_BINARY</b> is set no translation occurs. This option should be used if the supplied data is in binary format otherwise the translation will corrupt it.</p>
<p>The SignedData structure includes several CMS signedAttributes including the signing time, the CMS content type and the supported list of ciphers in an SMIMECapabilities attribute. If <b>CMS_NOATTR</b> is set then no signedAttributes will be used. If <b>CMS_NOSMIMECAP</b> is set then just the SMIMECapabilities are omitted.</p>
<p>If present the SMIMECapabilities attribute indicates support for the following algorithms in preference order: 256 bit AES, Gost R3411-94, Gost 28147-89, 192 bit AES, 128 bit AES, triple DES, 128 bit RC2, 64 bit RC2, DES and 40 bit RC2. If any of these algorithms is not available then it will not be included: for example the GOST algorithms will not be included if the GOST ENGINE is not loaded.</p>
<p>OpenSSL will by default identify signing certificates using issuer name and serial number. If <b>CMS_USE_KEYID</b> is set it will use the subject key identifier value instead. An error occurs if the signing certificate does not have a subject key identifier extension.</p>
<p>If the flags <b>CMS_STREAM</b> is set then the returned <b>CMS_ContentInfo</b> structure is just initialized ready to perform the signing operation. The signing is however <b>not</b> performed and the data to be signed is not read from the <b>data</b> parameter. Signing is deferred until after the data has been written. In this way data can be signed in a single pass.</p>
<p>If the <b>CMS_PARTIAL</b> flag is set a partial <b>CMS_ContentInfo</b> structure is output to which additional signers and capabilities can be added before finalization.</p>
<p>If the flag <b>CMS_STREAM</b> is set the returned <b>CMS_ContentInfo</b> structure is <b>not</b> complete and outputting its contents via a function that does not properly finalize the <b>CMS_ContentInfo</b> structure will give unpredictable results.</p>
<p>Several functions including SMIME_write_CMS(), i2d_CMS_bio_stream(), PEM_write_bio_CMS_stream() finalize the structure. Alternatively finalization can be performed by obtaining the streaming ASN1 <b>BIO</b> directly using BIO_new_CMS().</p>
<p>If a signer is specified it will use the default digest for the signing algorithm. This is <b>SHA256</b> for both RSA and DSA keys.</p>
<p>If <b>signcert</b> and <b>pkey</b> are NULL then a certificates only CMS structure is output.</p>
<p>The function CMS_sign() is a basic CMS signing function whose output will be suitable for many purposes. For finer control of the output format the <b>certs</b>, <b>signcert</b> and <b>pkey</b> parameters can all be <b>NULL</b> and the <b>CMS_PARTIAL</b> flag set. Then one or more signers can be added using the function CMS_add1_signer(), non default digests can be used and custom attributes added. CMS_final() must then be called to finalize the structure if streaming is not enabled.</p>
<h1 id="BUGS">BUGS</h1>
<p>Some attributes such as counter signatures are not supported.</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>CMS_sign_ex() and CMS_sign() return either a valid CMS_ContentInfo structure or NULL if an error occurred. The error can be obtained from ERR_get_error(3).</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/CMS_verify.html">CMS_verify(3)</a></p>
<h1 id="HISTORY">HISTORY</h1>
<p>The <b>CMS_STREAM</b> flag is only supported for detached data in OpenSSL 0.9.8, it is supported for embedded data in OpenSSL 1.0.0 and later.</p>
<p>The CMS_sign_ex() method was added in OpenSSL 3.0.</p>
<p>Since OpenSSL 3.2, CMS_sign_ex() and CMS_sign() ignore any duplicate certificates in their <i>certs</i> argument and no longer throw an error for them.</p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2008-2025 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

65
openssl-3.4.2/doc/html/man3/CMS_sign_receipt.html
View File

@@ -1,65 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>CMS_sign_receipt</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>CMS_sign_receipt - create a CMS signed receipt</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/cms.h&gt;
CMS_ContentInfo *CMS_sign_receipt(CMS_SignerInfo *si, X509 *signcert,
EVP_PKEY *pkey, STACK_OF(X509) *certs,
unsigned int flags);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>CMS_sign_receipt() creates and returns a CMS signed receipt structure. <b>si</b> is the <b>CMS_SignerInfo</b> structure containing the signed receipt request. <b>signcert</b> is the certificate to sign with, <b>pkey</b> is the corresponding private key. <b>certs</b> is an optional additional set of certificates to include in the CMS structure (for example any intermediate CAs in the chain).</p>
<p><b>flags</b> is an optional set of flags.</p>
<h1 id="NOTES">NOTES</h1>
<p>This functions behaves in a similar way to CMS_sign() except the flag values <b>CMS_DETACHED</b>, <b>CMS_BINARY</b>, <b>CMS_NOATTR</b>, <b>CMS_TEXT</b> and <b>CMS_STREAM</b> are not supported since they do not make sense in the context of signed receipts.</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>CMS_sign_receipt() returns either a valid CMS_ContentInfo structure or NULL if an error occurred. The error can be obtained from ERR_get_error(3).</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/CMS_verify_receipt.html">CMS_verify_receipt(3)</a>, <a href="../man3/CMS_sign.html">CMS_sign(3)</a></p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

170
openssl-3.4.2/doc/html/man3/CMS_signed_get_attr.html
View File

@@ -1,170 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>CMS_signed_get_attr</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>CMS_signed_get_attr_count, CMS_signed_get_attr_by_NID, CMS_signed_get_attr_by_OBJ, CMS_signed_get_attr, CMS_signed_delete_attr, CMS_signed_add1_attr, CMS_signed_add1_attr_by_OBJ, CMS_signed_add1_attr_by_NID, CMS_signed_add1_attr_by_txt, CMS_signed_get0_data_by_OBJ, CMS_unsigned_get_attr_count, CMS_unsigned_get_attr_by_NID, CMS_unsigned_get_attr_by_OBJ, CMS_unsigned_get_attr, CMS_unsigned_delete_attr, CMS_unsigned_add1_attr, CMS_unsigned_add1_attr_by_OBJ, CMS_unsigned_add1_attr_by_NID, CMS_unsigned_add1_attr_by_txt, CMS_unsigned_get0_data_by_OBJ - CMS signed and unsigned attribute functions</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/cms.h&gt;
int CMS_signed_get_attr_count(const CMS_SignerInfo *si);
int CMS_signed_get_attr_by_NID(const CMS_SignerInfo *si, int nid,
int lastpos);
int CMS_signed_get_attr_by_OBJ(const CMS_SignerInfo *si, const ASN1_OBJECT *obj,
int lastpos);
X509_ATTRIBUTE *CMS_signed_get_attr(const CMS_SignerInfo *si, int loc);
X509_ATTRIBUTE *CMS_signed_delete_attr(CMS_SignerInfo *si, int loc);
int CMS_signed_add1_attr(CMS_SignerInfo *si, X509_ATTRIBUTE *attr);
int CMS_signed_add1_attr_by_OBJ(CMS_SignerInfo *si,
const ASN1_OBJECT *obj, int type,
const void *bytes, int len);
int CMS_signed_add1_attr_by_NID(CMS_SignerInfo *si,
int nid, int type,
const void *bytes, int len);
int CMS_signed_add1_attr_by_txt(CMS_SignerInfo *si,
const char *attrname, int type,
const void *bytes, int len);
void *CMS_signed_get0_data_by_OBJ(const CMS_SignerInfo *si,
const ASN1_OBJECT *oid,
int lastpos, int type);
int CMS_unsigned_get_attr_count(const CMS_SignerInfo *si);
int CMS_unsigned_get_attr_by_NID(const CMS_SignerInfo *si, int nid,
int lastpos);
int CMS_unsigned_get_attr_by_OBJ(const CMS_SignerInfo *si,
const ASN1_OBJECT *obj, int lastpos);
X509_ATTRIBUTE *CMS_unsigned_get_attr(const CMS_SignerInfo *si, int loc);
X509_ATTRIBUTE *CMS_unsigned_delete_attr(CMS_SignerInfo *si, int loc);
int CMS_unsigned_add1_attr(CMS_SignerInfo *si, X509_ATTRIBUTE *attr);
int CMS_unsigned_add1_attr_by_OBJ(CMS_SignerInfo *si,
const ASN1_OBJECT *obj, int type,
const void *bytes, int len);
int CMS_unsigned_add1_attr_by_NID(CMS_SignerInfo *si,
int nid, int type,
const void *bytes, int len);
int CMS_unsigned_add1_attr_by_txt(CMS_SignerInfo *si,
const char *attrname, int type,
const void *bytes, int len);
void *CMS_unsigned_get0_data_by_OBJ(CMS_SignerInfo *si, ASN1_OBJECT *oid,
int lastpos, int type);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>CMS_signerInfo contains separate attribute lists for signed and unsigned attributes. Each CMS_signed_XXX() function is used for signed attributes, and each CMS_unsigned_XXX() function is used for unsigned attributes. Since the CMS_unsigned_XXX() functions work in the same way as the CMS_signed_XXX() equivalents, only the CMS_signed_XXX() functions are described below.</p>
<p>CMS_signed_get_attr_by_OBJ() finds the location of the first matching object <i>obj</i> in the SignerInfo&#39;s <i>si</i> signed attribute list. The search starts at the position after <i>lastpos</i>. If the returned value is positive then it can be used on the next call to CMS_signed_get_attr_by_OBJ() as the value of <i>lastpos</i> in order to iterate through the remaining attributes. <i>lastpos</i> can be set to any negative value on the first call, in order to start searching from the start of the signed attribute list.</p>
<p>CMS_signed_get_attr_by_NID() is similar to CMS_signed_get_attr_by_OBJ() except that it passes the numerical identifier (NID) <i>nid</i> associated with the object. See &lt;openssl/obj_mac.h&gt; for a list of NID_*.</p>
<p>CMS_signed_get_attr() returns the <b>X509_ATTRIBUTE</b> object at index <i>loc</i> in the <i>si</i> signed attribute list. <i>loc</i> should be in the range from 0 to CMS_signed_get_attr_count() - 1.</p>
<p>CMS_signed_delete_attr() removes the <b>X509_ATTRIBUTE</b> object at index <i>loc</i> in the <i>si</i> signed attribute list. An error occurs if the <i>si</i> attribute list is NULL.</p>
<p>CMS_signed_add1_attr() pushes a copy of the passed in <b>X509_ATTRIBUTE</b> object to the <i>si</i> signed attribute list. A new signed attribute list is created if required. An error occurs if <i>attr</i> is NULL.</p>
<p>CMS_signed_add1_attr_by_OBJ() creates a new signed <b>X509_ATTRIBUTE</b> using X509_ATTRIBUTE_set1_object() and X509_ATTRIBUTE_set1_data() to assign a new <i>obj</i> with type <i>type</i> and data <i>bytes</i> of length <i>len</i> and then pushes it to the <i>key</i> object&#39;s attribute list.</p>
<p>CMS_signed_add1_attr_by_NID() is similar to CMS_signed_add1_attr_by_OBJ() except that it passes the numerical identifier (NID) <i>nid</i> associated with the object. See &lt;openssl/obj_mac.h&gt; for a list of NID_*.</p>
<p>CMS_signed_add1_attr_by_txt() is similar to CMS_signed_add1_attr_by_OBJ() except that it passes a name <i>attrname</i> associated with the object. See &lt;openssl/obj_mac.h&gt; for a list of SN_* names.</p>
<p>CMS_signed_get0_data_by_OBJ() finds the first attribute in a <i>si</i> signed attributes list that matches the <i>obj</i> starting at index <i>lastpos</i> and returns the data retrieved from the found attributes first <b>ASN1_TYPE</b> object. An error will occur if the attribute type <i>type</i> does not match the type of the <b>ASN1_TYPE</b> object OR if <i>type</i> is either <b>V_ASN1_BOOLEAN</b> or <b>V_ASN1_NULL</b> OR the attribute is not found. If <i>lastpos</i> is less than -1 then an error will occur if there are multiple objects in the signed attribute list that match <i>obj</i>. If <i>lastpos</i> is less than -2 then an error will occur if there is more than one <b>ASN1_TYPE</b> object in the found signed attribute.</p>
<p>Refer to <a href="../man3/X509_ATTRIBUTE.html">X509_ATTRIBUTE(3)</a> for information related to attributes.</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>The CMS_unsigned_XXX() functions return values are similar to those of the equivalent CMS_signed_XXX() functions.</p>
<p>CMS_signed_get_attr_count() returns the number of signed attributes in the SignerInfo <i>si</i>, or -1 if the signed attribute list is NULL.</p>
<p>CMS_signed_get_attr_by_OBJ() returns -1 if either the signed attribute list of <i>si</i> is empty OR if <i>obj</i> is not found, otherwise it returns the location of the <i>obj</i> in the SignerInfo&#39;s <i>si</i> signed attribute list.</p>
<p>CMS_signed_get_attr_by_NID() is similar to CMS_signed_get_attr_by_OBJ() except that it returns -2 if the <i>nid</i> is not known by OpenSSL.</p>
<p>CMS_signed_get_attr() returns either a signed <b>X509_ATTRIBUTE</b> or NULL on error.</p>
<p>CMS_signed_delete_attr() returns either the removed signed <b>X509_ATTRIBUTE</b> or NULL if there is a error.</p>
<p>CMS_signed_add1_attr(), CMS_signed_add1_attr_by_OBJ(), CMS_signed_add1_attr_by_NID(), CMS_signed_add1_attr_by_txt(), return 1 on success or 0 on error.</p>
<p>CMS_signed_get0_data_by_OBJ() returns the data retrieved from the found signed attributes first <b>ASN1_TYPE</b> object, or NULL if an error occurs.</p>
<h1 id="NOTES">NOTES</h1>
<p>Some attributes are added automatically during the signing process.</p>
<p>Calling CMS_SignerInfo_sign() adds the NID_pkcs9_signingTime signed attribute.</p>
<p>Calling CMS_final(), CMS_final_digest() or CMS_dataFinal() adds the NID_pkcs9_messageDigest signed attribute.</p>
<p>The NID_pkcs9_contentType signed attribute is always added if the NID_pkcs9_signingTime attribute is added.</p>
<p>Calling CMS_sign_ex(), CMS_sign_receipt() or CMS_add1_signer() may add attributes depending on the flags parameter. See <a href="../man3/CMS_add1_signer.html">CMS_add1_signer(3)</a> for more information.</p>
<p>OpenSSL applies special rules for the following attribute NIDs:</p>
<dl>
<dt id="CMS-Signed-Attributes">CMS Signed Attributes</dt>
<dd>
<p>NID_pkcs9_contentType NID_pkcs9_messageDigest NID_pkcs9_signingTime</p>
</dd>
<dt id="ESS-Signed-Attributes">ESS Signed Attributes</dt>
<dd>
<p>NID_id_smime_aa_signingCertificate NID_id_smime_aa_signingCertificateV2 NID_id_smime_aa_receiptRequest</p>
</dd>
<dt id="CMS-Unsigned-Attributes">CMS Unsigned Attributes</dt>
<dd>
<p>NID_pkcs9_countersignature</p>
</dd>
</dl>
<p>CMS_signed_add1_attr(), CMS_signed_add1_attr_by_OBJ(), CMS_signed_add1_attr_by_NID(), CMS_signed_add1_attr_by_txt() and the equivalent CMS_unsigned_add1_attrXXX() functions allow duplicate attributes to be added. The attribute rules are not checked during these function calls, and are deferred until the sign or verify process (i.e. during calls to any of CMS_sign_ex(), CMS_sign(), CMS_sign_receipt(), CMS_add1_signer(), CMS_Final(), CMS_dataFinal(), CMS_final_digest(), CMS_verify(), CMS_verify_receipt() or CMS_SignedData_verify()).</p>
<p>For CMS attribute rules see RFC 5652 Section 11. For ESS attribute rules see RFC 2634 Section 1.3.4 and RFC 5035 Section 5.4.</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/X509_ATTRIBUTE.html">X509_ATTRIBUTE(3)</a></p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2023-2024 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

74
openssl-3.4.2/doc/html/man3/CMS_uncompress.html
View File

@@ -1,74 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>CMS_uncompress</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#BUGS">BUGS</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>CMS_uncompress - uncompress a CMS CompressedData structure</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code>#include &lt;openssl/cms.h&gt;
int CMS_uncompress(CMS_ContentInfo *cms, BIO *dcont, BIO *out, unsigned int flags);</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>CMS_uncompress() extracts and uncompresses the content from a CMS CompressedData structure <b>cms</b>. <b>data</b> is a BIO to write the content to and <b>flags</b> is an optional set of flags.</p>
<p>The <b>dcont</b> parameter is used in the rare case where the compressed content is detached. It will normally be set to NULL.</p>
<h1 id="NOTES">NOTES</h1>
<p>The only currently supported compression algorithm is zlib: if the structure indicates the use of any other algorithm an error is returned.</p>
<p>If zlib support is not compiled into OpenSSL then CMS_uncompress() will always return an error.</p>
<p>The following flags can be passed in the <b>flags</b> parameter.</p>
<p>If the <b>CMS_TEXT</b> flag is set MIME headers for type <b>text/plain</b> are deleted from the content. If the content is not of type <b>text/plain</b> then an error is returned.</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>CMS_uncompress() returns either 1 for success or 0 for failure. The error can be obtained from ERR_get_error(3)</p>
<h1 id="BUGS">BUGS</h1>
<p>The lack of single pass processing and the need to hold all data in memory as mentioned in CMS_verify() also applies to CMS_decompress().</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/CMS_compress.html">CMS_compress(3)</a></p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

Some files were not shown because too many files have changed in this diff Show More