Loading doc/crypto/EVP_EncryptInit.pod +3 −3 Original line number Diff line number Diff line Loading @@ -384,13 +384,13 @@ bits and 12 rounds. AES Galois Counter Mode (GCM) for 128, 192 and 256 bit keys respectively. These ciphers require additional control operations to function correctly: see the L<GCM and OCB modes> section below for details. the L</GCM and OCB modes> section below for details. =item EVP_aes_128_ocb(void), EVP_aes_192_ocb(void), EVP_aes_256_ocb(void) Offest Codebook Mode (OCB) for 128, 192 and 256 bit keys respectively. These ciphers require additional control operations to function correctly: see the L<GCM and OCB modes> section below for details. the L</GCM and OCB modes> section below for details. =item EVP_aes_128_ccm(), EVP_aes_192_ccm(), EVP_aes_256_ccm() Loading Loading @@ -441,7 +441,7 @@ length can only be set before specifying an IV. If not called a default tag length is used. For OCB AES the default is 16 (i.e. 128 bits). This is also the maximum tag length for OCB. See L<EXAMPLES> below for an example of the use of GCM mode. See L</EXAMPLES> below for an example of the use of GCM mode. =head1 CCM Mode Loading doc/crypto/X509_LOOKUP_hash_dir.pod +1 −1 Original line number Diff line number Diff line Loading @@ -47,7 +47,7 @@ B<X509_load_cert_file>. Constant B<FILETYPE_DEFAULT> with NULL filename causes these functions to load default certificate store file (see L<X509_STORE_set_default_paths>. L<X509_STORE_set_default_paths(3)>. Functions return number of objects loaded from file or 0 in case of Loading doc/ssl/SSL_CTX_set_read_ahead.pod +1 −1 Original line number Diff line number Diff line Loading @@ -39,7 +39,7 @@ ahead has been set or not. These functions have no impact when used with DTLS. The return values for SSL_CTX_get_read_head() and SSL_get_read_ahead() are undefined for DTLS. Setting B<read_ahead> can impact the behaviour of the SSL_pending() function (see L<SSL_pending()>). (see L<SSL_pending(3)>). =head1 RETURN VALUES Loading doc/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod +5 −4 Original line number Diff line number Diff line Loading @@ -49,11 +49,12 @@ I<iv>, and set the cipher context I<ctx> and the hash context I<hctx>. The I<name> is 16 characters long and is used as a key identifier. The I<iv> length is the length of the IV of the corresponding cipher. The maximum IV length is L<EVP_MAX_IV_LENGTH> bytes defined in B<evp.h>. maximum IV length is B<EVP_MAX_IV_LENGTH> bytes defined in B<evp.h>. The initialization vector I<iv> should be a random value. The cipher context I<ctx> should use the initialisation vector I<iv>. The cipher context can be set using L<EVP_EncryptInit_ex>. The hmac context can be set using L<HMAC_Init_ex>. set using L<EVP_EncryptInit_ex(3)>. The hmac context can be set using L<HMAC_Init_ex(3)>. When the client presents a session ticket, the callback function with be called with I<enc> set to 0 indicating that the I<cb> function should retrieve a set Loading @@ -61,8 +62,8 @@ of parameters. In this case I<name> and I<iv> have already been parsed out of the session ticket. The OpenSSL library expects that the I<name> will be used to retrieve a cryptographic parameters and that the cryptographic context I<ctx> will be set with the retrieved parameters and the initialization vector I<iv>. using a function like L<EVP_DecryptInit_ex>. The I<hctx> needs to be set using L<HMAC_Init_ex>. I<iv>. using a function like L<EVP_DecryptInit_ex(3)>. The I<hctx> needs to be set using L<HMAC_Init_ex(3)>. If the I<name> is still valid but a renewal of the ticket is required the callback function should return 2. The library will call the callback again Loading Loading
doc/crypto/EVP_EncryptInit.pod +3 −3 Original line number Diff line number Diff line Loading @@ -384,13 +384,13 @@ bits and 12 rounds. AES Galois Counter Mode (GCM) for 128, 192 and 256 bit keys respectively. These ciphers require additional control operations to function correctly: see the L<GCM and OCB modes> section below for details. the L</GCM and OCB modes> section below for details. =item EVP_aes_128_ocb(void), EVP_aes_192_ocb(void), EVP_aes_256_ocb(void) Offest Codebook Mode (OCB) for 128, 192 and 256 bit keys respectively. These ciphers require additional control operations to function correctly: see the L<GCM and OCB modes> section below for details. the L</GCM and OCB modes> section below for details. =item EVP_aes_128_ccm(), EVP_aes_192_ccm(), EVP_aes_256_ccm() Loading Loading @@ -441,7 +441,7 @@ length can only be set before specifying an IV. If not called a default tag length is used. For OCB AES the default is 16 (i.e. 128 bits). This is also the maximum tag length for OCB. See L<EXAMPLES> below for an example of the use of GCM mode. See L</EXAMPLES> below for an example of the use of GCM mode. =head1 CCM Mode Loading
doc/crypto/X509_LOOKUP_hash_dir.pod +1 −1 Original line number Diff line number Diff line Loading @@ -47,7 +47,7 @@ B<X509_load_cert_file>. Constant B<FILETYPE_DEFAULT> with NULL filename causes these functions to load default certificate store file (see L<X509_STORE_set_default_paths>. L<X509_STORE_set_default_paths(3)>. Functions return number of objects loaded from file or 0 in case of Loading
doc/ssl/SSL_CTX_set_read_ahead.pod +1 −1 Original line number Diff line number Diff line Loading @@ -39,7 +39,7 @@ ahead has been set or not. These functions have no impact when used with DTLS. The return values for SSL_CTX_get_read_head() and SSL_get_read_ahead() are undefined for DTLS. Setting B<read_ahead> can impact the behaviour of the SSL_pending() function (see L<SSL_pending()>). (see L<SSL_pending(3)>). =head1 RETURN VALUES Loading
doc/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod +5 −4 Original line number Diff line number Diff line Loading @@ -49,11 +49,12 @@ I<iv>, and set the cipher context I<ctx> and the hash context I<hctx>. The I<name> is 16 characters long and is used as a key identifier. The I<iv> length is the length of the IV of the corresponding cipher. The maximum IV length is L<EVP_MAX_IV_LENGTH> bytes defined in B<evp.h>. maximum IV length is B<EVP_MAX_IV_LENGTH> bytes defined in B<evp.h>. The initialization vector I<iv> should be a random value. The cipher context I<ctx> should use the initialisation vector I<iv>. The cipher context can be set using L<EVP_EncryptInit_ex>. The hmac context can be set using L<HMAC_Init_ex>. set using L<EVP_EncryptInit_ex(3)>. The hmac context can be set using L<HMAC_Init_ex(3)>. When the client presents a session ticket, the callback function with be called with I<enc> set to 0 indicating that the I<cb> function should retrieve a set Loading @@ -61,8 +62,8 @@ of parameters. In this case I<name> and I<iv> have already been parsed out of the session ticket. The OpenSSL library expects that the I<name> will be used to retrieve a cryptographic parameters and that the cryptographic context I<ctx> will be set with the retrieved parameters and the initialization vector I<iv>. using a function like L<EVP_DecryptInit_ex>. The I<hctx> needs to be set using L<HMAC_Init_ex>. I<iv>. using a function like L<EVP_DecryptInit_ex(3)>. The I<hctx> needs to be set using L<HMAC_Init_ex(3)>. If the I<name> is still valid but a renewal of the ticket is required the callback function should return 2. The library will call the callback again Loading
Rich Salz <rsalz@openssl.org>