github/ProxSpace
1
0
Fork 0
mirror of https://github.com/Gator96100/ProxSpace.git synced 2025-07-30 11:38:41 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

Updated msys2

Browse source
This commit is contained in:
gator96100 2019-08-16 02:06:21 +02:00
parent 6a85995508
commit f0dc1ea8b0
13308 changed files with 689276 additions and 46605 deletions
Download patch file Download diff file Expand all files Collapse all files

84
msys2/usr/share/doc/openssl/html/man7/Ed25519.html Normal file
View file

@ -0,0 +1,84 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Ed25519</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#EXAMPLE">EXAMPLE</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>Ed25519, Ed448 - EVP_PKEY Ed25519 and Ed448 support</p>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>The <b>Ed25519</b> and <b>Ed448</b> EVP_PKEY implementation supports key generation, one-shot digest sign and digest verify using PureEdDSA and <b>Ed25519</b> or <b>Ed448</b> (see RFC8032). It has associated private and public key formats compatible with draft-ietf-curdle-pkix-04.</p>
<p>No additional parameters can be set during key generation, one-shot signing or verification. In particular, because PureEdDSA is used, a digest must <b>NOT</b> be specified when signing or verifying.</p>
<h1 id="NOTES">NOTES</h1>
<p>The PureEdDSA algorithm does not support the streaming mechanism of other signature algorithms using, for example, EVP_DigestUpdate(). The message to sign or verify must be passed using the one-shot EVP_DigestSign() and EVP_DigestVerify() functions.</p>
<p>When calling EVP_DigestSignInit() or EVP_DigestVerifyInit(), the digest <b>type</b> parameter <b>MUST</b> be set to <b>NULL</b>.</p>
<p>Applications wishing to sign certificates (or other structures such as CRLs or certificate requests) using Ed25519 or Ed448 can either use X509_sign() or X509_sign_ctx() in the usual way.</p>
<p>A context for the <b>Ed25519</b> algorithm can be obtained by calling:</p>
<pre><code> EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_ED25519, NULL);</code></pre>
<p>For the <b>Ed448</b> algorithm a context can be obtained by calling:</p>
<pre><code> EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_ED448, NULL);</code></pre>
<p>Ed25519 or Ed448 private keys can be set directly using <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> or loaded from a PKCS#8 private key file using <a href="../man3/PEM_read_bio_PrivateKey.html">PEM_read_bio_PrivateKey(3)</a> (or similar function). Completely new keys can also be generated (see the example below). Setting a private key also sets the associated public key.</p>
<p>Ed25519 or Ed448 public keys can be set directly using <a href="../man3/EVP_PKEY_new_raw_public_key.html">EVP_PKEY_new_raw_public_key(3)</a> or loaded from a SubjectPublicKeyInfo structure in a PEM file using <a href="../man3/PEM_read_bio_PUBKEY.html">PEM_read_bio_PUBKEY(3)</a> (or similar function).</p>
<p>Ed25519 and Ed448 can be tested within <a href="../man1/speed.html">speed(1)</a> application since version 1.1.1. Valid algorithm names are <b>ed25519</b>, <b>ed448</b> and <b>eddsa</b>. If <b>eddsa</b> is specified, then both Ed25519 and Ed448 are benchmarked.</p>
<h1 id="EXAMPLE">EXAMPLE</h1>
<p>This example generates an <b>ED25519</b> private key and writes it to standard output in PEM format:</p>
<pre><code> #include &lt;openssl/evp.h&gt;
#include &lt;openssl/pem.h&gt;
...
EVP_PKEY *pkey = NULL;
EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_ED25519, NULL);
EVP_PKEY_keygen_init(pctx);
EVP_PKEY_keygen(pctx, &amp;pkey);
EVP_PKEY_CTX_free(pctx);
PEM_write_PrivateKey(stdout, pkey, NULL, NULL, 0, NULL, NULL);</code></pre>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a>, <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a>, <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>,</p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

84
msys2/usr/share/doc/openssl/html/man7/Ed448.html Normal file
View file

@ -0,0 +1,84 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Ed25519</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#EXAMPLE">EXAMPLE</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>Ed25519, Ed448 - EVP_PKEY Ed25519 and Ed448 support</p>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>The <b>Ed25519</b> and <b>Ed448</b> EVP_PKEY implementation supports key generation, one-shot digest sign and digest verify using PureEdDSA and <b>Ed25519</b> or <b>Ed448</b> (see RFC8032). It has associated private and public key formats compatible with draft-ietf-curdle-pkix-04.</p>
<p>No additional parameters can be set during key generation, one-shot signing or verification. In particular, because PureEdDSA is used, a digest must <b>NOT</b> be specified when signing or verifying.</p>
<h1 id="NOTES">NOTES</h1>
<p>The PureEdDSA algorithm does not support the streaming mechanism of other signature algorithms using, for example, EVP_DigestUpdate(). The message to sign or verify must be passed using the one-shot EVP_DigestSign() and EVP_DigestVerify() functions.</p>
<p>When calling EVP_DigestSignInit() or EVP_DigestVerifyInit(), the digest <b>type</b> parameter <b>MUST</b> be set to <b>NULL</b>.</p>
<p>Applications wishing to sign certificates (or other structures such as CRLs or certificate requests) using Ed25519 or Ed448 can either use X509_sign() or X509_sign_ctx() in the usual way.</p>
<p>A context for the <b>Ed25519</b> algorithm can be obtained by calling:</p>
<pre><code> EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_ED25519, NULL);</code></pre>
<p>For the <b>Ed448</b> algorithm a context can be obtained by calling:</p>
<pre><code> EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_ED448, NULL);</code></pre>
<p>Ed25519 or Ed448 private keys can be set directly using <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> or loaded from a PKCS#8 private key file using <a href="../man3/PEM_read_bio_PrivateKey.html">PEM_read_bio_PrivateKey(3)</a> (or similar function). Completely new keys can also be generated (see the example below). Setting a private key also sets the associated public key.</p>
<p>Ed25519 or Ed448 public keys can be set directly using <a href="../man3/EVP_PKEY_new_raw_public_key.html">EVP_PKEY_new_raw_public_key(3)</a> or loaded from a SubjectPublicKeyInfo structure in a PEM file using <a href="../man3/PEM_read_bio_PUBKEY.html">PEM_read_bio_PUBKEY(3)</a> (or similar function).</p>
<p>Ed25519 and Ed448 can be tested within <a href="../man1/speed.html">speed(1)</a> application since version 1.1.1. Valid algorithm names are <b>ed25519</b>, <b>ed448</b> and <b>eddsa</b>. If <b>eddsa</b> is specified, then both Ed25519 and Ed448 are benchmarked.</p>
<h1 id="EXAMPLE">EXAMPLE</h1>
<p>This example generates an <b>ED25519</b> private key and writes it to standard output in PEM format:</p>
<pre><code> #include &lt;openssl/evp.h&gt;
#include &lt;openssl/pem.h&gt;
...
EVP_PKEY *pkey = NULL;
EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_ED25519, NULL);
EVP_PKEY_keygen_init(pctx);
EVP_PKEY_keygen(pctx, &amp;pkey);
EVP_PKEY_CTX_free(pctx);
PEM_write_PrivateKey(stdout, pkey, NULL, NULL, 0, NULL, NULL);</code></pre>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a>, <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a>, <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>,</p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

64
msys2/usr/share/doc/openssl/html/man7/RAND.html Normal file
View file

@ -0,0 +1,64 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>RAND</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>RAND - the OpenSSL random generator</p>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>Random numbers are a vital part of cryptography, they are needed to provide unpredictability for tasks like key generation, creating salts, and many more. Software-based generators must be seeded with external randomness before they can be used as a cryptographically-secure pseudo-random number generator (CSPRNG). The availability of common hardware with special instructions and modern operating systems, which may use items such as interrupt jitter and network packet timings, can be reasonable sources of seeding material.</p>
<p>OpenSSL comes with a default implementation of the RAND API which is based on the deterministic random bit generator (DRBG) model as described in [NIST SP 800-90A Rev. 1]. The default random generator will initialize automatically on first use and will be fully functional without having to be initialized (&#39;seeded&#39;) explicitly. It seeds and reseeds itself automatically using trusted random sources provided by the operating system.</p>
<p>As a normal application developer, you do not have to worry about any details, just use <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a> to obtain random data. Having said that, there is one important rule to obey: Always check the error return value of <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a> and do not take randomness for granted.</p>
<p>For values that should remain secret, you can use <a href="../man3/RAND_priv_bytes.html">RAND_priv_bytes(3)</a> instead. This method does not provide &#39;better&#39; randomness, it uses the same type of CSPRNG. The intention behind using a dedicated CSPRNG exclusively for private values is that none of its output should be visible to an attacker (e.g., used as salt value), in order to reveal as little information as possible about its internal state, and that a compromise of the &quot;public&quot; CSPRNG instance will not affect the secrecy of these private values.</p>
<p>In the rare case where the default implementation does not satisfy your special requirements, there are two options:</p>
<ul>
<li><p>Replace the default RAND method by your own RAND method using <a href="../man3/RAND_set_rand_method.html">RAND_set_rand_method(3)</a>.</p>
</li>
<li><p>Modify the default settings of the OpenSSL RAND method by modifying the security parameters of the underlying DRBG, which is described in detail in <a href="../man7/RAND_DRBG.html">RAND_DRBG(7)</a>.</p>
</li>
</ul>
<p>Changing the default random generator or its default parameters should be necessary only in exceptional cases and is not recommended, unless you have a profound knowledge of cryptographic principles and understand the implications of your changes.</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/RAND_add.html">RAND_add(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man3/RAND_priv_bytes.html">RAND_priv_bytes(3)</a>, <a href="../man3/RAND_get_rand_method.html">RAND_get_rand_method(3)</a>, <a href="../man3/RAND_set_rand_method.html">RAND_set_rand_method(3)</a>, <a href="../man3/RAND_OpenSSL.html">RAND_OpenSSL(3)</a>, <a href="../man7/RAND_DRBG.html">RAND_DRBG(7)</a></p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

224
msys2/usr/share/doc/openssl/html/man7/RAND_DRBG.html Normal file
View file

@ -0,0 +1,224 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>RAND_DRBG</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a>
<ul>
<li><a href="#Disclaimer">Disclaimer</a></li>
<li><a href="#Typical-Use-Cases">Typical Use Cases</a></li>
</ul>
</li>
<li><a href="#CHAINING">CHAINING</a></li>
<li><a href="#THE-THREE-SHARED-DRBG-INSTANCES">THE THREE SHARED DRBG INSTANCES</a>
<ul>
<li><a href="#The-master-DRBG-instance">The &lt;master&gt; DRBG instance</a></li>
<li><a href="#The-public-DRBG-instance">The &lt;public&gt; DRBG instance</a></li>
<li><a href="#The-private-DRBG-instance">The &lt;private&gt; DRBG instance</a></li>
</ul>
</li>
<li><a href="#LOCKING">LOCKING</a></li>
<li><a href="#THE-OVERALL-PICTURE">THE OVERALL PICTURE</a></li>
<li><a href="#RESEEDING">RESEEDING</a>
<ul>
<li><a href="#Automatic-Reseeding">Automatic Reseeding</a></li>
<li><a href="#Manual-Reseeding">Manual Reseeding</a></li>
<li><a href="#Entropy-Input-vs.-Additional-Data">Entropy Input vs. Additional Data</a></li>
<li><a href="#Configuring-the-Random-Seed-Source">Configuring the Random Seed Source</a></li>
<li><a href="#Reseeding-the-master-DRBG-with-automatic-seeding-enabled">Reseeding the master DRBG with automatic seeding enabled</a></li>
<li><a href="#Reseeding-the-master-DRBG-with-automatic-seeding-disabled">Reseeding the master DRBG with automatic seeding disabled</a></li>
</ul>
</li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>RAND_DRBG - the deterministic random bit generator</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code> #include &lt;openssl/rand_drbg.h&gt;</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>The default OpenSSL RAND method is based on the RAND_DRBG class, which implements a deterministic random bit generator (DRBG). A DRBG is a certain type of cryptographically-secure pseudo-random number generator (CSPRNG), which is described in [NIST SP 800-90A Rev. 1].</p>
<p>While the RAND API is the &#39;frontend&#39; which is intended to be used by application developers for obtaining random bytes, the RAND_DRBG API serves as the &#39;backend&#39;, connecting the former with the operating systems&#39;s entropy sources and providing access to the DRBG&#39;s configuration parameters.</p>
<h2 id="Disclaimer">Disclaimer</h2>
<p>Unless you have very specific requirements for your random generator, it is in general not necessary to utilize the RAND_DRBG API directly. The usual way to obtain random bytes is to use <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a> or <a href="../man3/RAND_priv_bytes.html">RAND_priv_bytes(3)</a>, see also <a href="../man7/RAND.html">RAND(7)</a>.</p>
<h2 id="Typical-Use-Cases">Typical Use Cases</h2>
<p>Typical examples for such special use cases are the following:</p>
<ul>
<li><p>You want to use your own private DRBG instances. Multiple DRBG instances which are accessed only by a single thread provide additional security (because their internal states are independent) and better scalability in multithreaded applications (because they don&#39;t need to be locked).</p>
</li>
<li><p>You need to integrate a previously unsupported entropy source.</p>
</li>
<li><p>You need to change the default settings of the standard OpenSSL RAND implementation to meet specific requirements.</p>
</li>
</ul>
<h1 id="CHAINING">CHAINING</h1>
<p>A DRBG instance can be used as the entropy source of another DRBG instance, provided it has itself access to a valid entropy source. The DRBG instance which acts as entropy source is called the <i>parent</i> DRBG, the other instance the <i>child</i> DRBG.</p>
<p>This is called chaining. A chained DRBG instance is created by passing a pointer to the parent DRBG as argument to the RAND_DRBG_new() call. It is possible to create chains of more than two DRBG in a row.</p>
<h1 id="THE-THREE-SHARED-DRBG-INSTANCES">THE THREE SHARED DRBG INSTANCES</h1>
<p>Currently, there are three shared DRBG instances, the &lt;master&gt;, &lt;public&gt;, and &lt;private&gt; DRBG. While the &lt;master&gt; DRBG is a single global instance, the &lt;public&gt; and &lt;private&gt; DRBG are created per thread and accessed through thread-local storage.</p>
<p>By default, the functions <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a> and <a href="../man3/RAND_priv_bytes.html">RAND_priv_bytes(3)</a> use the thread-local &lt;public&gt; and &lt;private&gt; DRBG instance, respectively.</p>
<h2 id="The-master-DRBG-instance">The &lt;master&gt; DRBG instance</h2>
<p>The &lt;master&gt; DRBG is not used directly by the application, only for reseeding the two other two DRBG instances. It reseeds itself by obtaining randomness either from os entropy sources or by consuming randomness which was added previously by <a href="../man3/RAND_add.html">RAND_add(3)</a>.</p>
<h2 id="The-public-DRBG-instance">The &lt;public&gt; DRBG instance</h2>
<p>This instance is used per default by <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>.</p>
<h2 id="The-private-DRBG-instance">The &lt;private&gt; DRBG instance</h2>
<p>This instance is used per default by <a href="../man3/RAND_priv_bytes.html">RAND_priv_bytes(3)</a></p>
<h1 id="LOCKING">LOCKING</h1>
<p>The &lt;master&gt; DRBG is intended to be accessed concurrently for reseeding by its child DRBG instances. The necessary locking is done internally. It is <i>not</i> thread-safe to access the &lt;master&gt; DRBG directly via the RAND_DRBG interface. The &lt;public&gt; and &lt;private&gt; DRBG are thread-local, i.e. there is an instance of each per thread. So they can safely be accessed without locking via the RAND_DRBG interface.</p>
<p>Pointers to these DRBG instances can be obtained using RAND_DRBG_get0_master(), RAND_DRBG_get0_public(), and RAND_DRBG_get0_private(), respectively. Note that it is not allowed to store a pointer to one of the thread-local DRBG instances in a variable or other memory location where it will be accessed and used by multiple threads.</p>
<p>All other DRBG instances created by an application don&#39;t support locking, because they are intended to be used by a single thread. Instead of accessing a single DRBG instance concurrently from different threads, it is recommended to instantiate a separate DRBG instance per thread. Using the &lt;master&gt; DRBG as entropy source for multiple DRBG instances on different threads is thread-safe, because the DRBG instance will lock the &lt;master&gt; DRBG automatically for obtaining random input.</p>
<h1 id="THE-OVERALL-PICTURE">THE OVERALL PICTURE</h1>
<p>The following picture gives an overview over how the DRBG instances work together and are being used.</p>
<pre><code> +--------------------+
| os entropy sources |
+--------------------+
|
v +-----------------------------+
RAND_add() ==&gt; &lt;master&gt; &lt;-| shared DRBG (with locking) |
/ \ +-----------------------------+
/ \ +---------------------------+
&lt;public&gt; &lt;private&gt; &lt;- | per-thread DRBG instances |
| | +---------------------------+
v v
RAND_bytes() RAND_priv_bytes()
| ^
| |
+------------------+ +------------------------------------+
| general purpose | | used for secrets like session keys |
| random generator | | and private keys for certificates |
+------------------+ +------------------------------------+</code></pre>
<p>The usual way to obtain random bytes is to call RAND_bytes(...) or RAND_priv_bytes(...). These calls are roughly equivalent to calling RAND_DRBG_bytes(&lt;public&gt;, ...) and RAND_DRBG_bytes(&lt;private&gt;, ...), respectively. The method <a href="../man3/RAND_DRBG_bytes.html">RAND_DRBG_bytes(3)</a> is a convenience method wrapping the <a href="../man3/RAND_DRBG_generate.html">RAND_DRBG_generate(3)</a> function, which serves the actual request for random data.</p>
<h1 id="RESEEDING">RESEEDING</h1>
<p>A DRBG instance seeds itself automatically, pulling random input from its entropy source. The entropy source can be either a trusted operating system entropy source, or another DRBG with access to such a source.</p>
<p>Automatic reseeding occurs after a predefined number of generate requests. The selection of the trusted entropy sources is configured at build time using the --with-rand-seed option. The following sections explain the reseeding process in more detail.</p>
<h2 id="Automatic-Reseeding">Automatic Reseeding</h2>
<p>Before satisfying a generate request (<a href="../man3/RAND_DRBG_generate.html">RAND_DRBG_generate(3)</a>), the DRBG reseeds itself automatically, if one of the following conditions holds:</p>
<p>- the DRBG was not instantiated (=seeded) yet or has been uninstantiated.</p>
<p>- the number of generate requests since the last reseeding exceeds a certain threshold, the so called <i>reseed_interval</i>. This behaviour can be disabled by setting the <i>reseed_interval</i> to 0.</p>
<p>- the time elapsed since the last reseeding exceeds a certain time interval, the so called <i>reseed_time_interval</i>. This can be disabled by setting the <i>reseed_time_interval</i> to 0.</p>
<p>- the DRBG is in an error state.</p>
<p><b>Note</b>: An error state is entered if the entropy source fails while the DRBG is seeding or reseeding. The last case ensures that the DRBG automatically recovers from the error as soon as the entropy source is available again.</p>
<h2 id="Manual-Reseeding">Manual Reseeding</h2>
<p>In addition to automatic reseeding, the caller can request an immediate reseeding of the DRBG with fresh entropy by setting the <i>prediction resistance</i> parameter to 1 when calling <a href="../man3/RAND_DRBG_generate.html">RAND_DRBG_generate(3)</a>.</p>
<p>The document [NIST SP 800-90C] describes prediction resistance requests in detail and imposes strict conditions on the entropy sources that are approved for providing prediction resistance. Since the default DRBG implementation does not have access to such an approved entropy source, a request for prediction resistance will currently always fail. In other words, prediction resistance is currently not supported yet by the DRBG.</p>
<p>For the three shared DRBGs (and only for these) there is another way to reseed them manually: If <a href="../man3/RAND_add.html">RAND_add(3)</a> is called with a positive <i>randomness</i> argument (or <a href="../man3/RAND_seed.html">RAND_seed(3)</a>), then this will immediately reseed the &lt;master&gt; DRBG. The &lt;public&gt; and &lt;private&gt; DRBG will detect this on their next generate call and reseed, pulling randomness from &lt;master&gt;.</p>
<p>The last feature has been added to support the common practice used with previous OpenSSL versions to call RAND_add() before calling RAND_bytes().</p>
<h2 id="Entropy-Input-vs.-Additional-Data">Entropy Input vs. Additional Data</h2>
<p>The DRBG distinguishes two different types of random input: <i>entropy</i>, which comes from a trusted source, and <i>additional input</i>&#39;, which can optionally be added by the user and is considered untrusted. It is possible to add <i>additional input</i> not only during reseeding, but also for every generate request. This is in fact done automatically by <a href="../man3/RAND_DRBG_bytes.html">RAND_DRBG_bytes(3)</a>.</p>
<h2 id="Configuring-the-Random-Seed-Source">Configuring the Random Seed Source</h2>
<p>In most cases OpenSSL will automatically choose a suitable seed source for automatically seeding and reseeding its &lt;master&gt; DRBG. In some cases however, it will be necessary to explicitly specify a seed source during configuration, using the --with-rand-seed option. For more information, see the INSTALL instructions. There are also operating systems where no seed source is available and automatic reseeding is disabled by default.</p>
<p>The following two sections describe the reseeding process of the master DRBG, depending on whether automatic reseeding is available or not.</p>
<h2 id="Reseeding-the-master-DRBG-with-automatic-seeding-enabled">Reseeding the master DRBG with automatic seeding enabled</h2>
<p>Calling RAND_poll() or RAND_add() is not necessary, because the DRBG pulls the necessary entropy from its source automatically. However, both calls are permitted, and do reseed the RNG.</p>
<p>RAND_add() can be used to add both kinds of random input, depending on the value of the <b>randomness</b> argument:</p>
<dl>
<dt id="randomness-0">randomness == 0:</dt>
<dd>
<p>The random bytes are mixed as additional input into the current state of the DRBG. Mixing in additional input is not considered a full reseeding, hence the reseed counter is not reset.</p>
</dd>
<dt id="randomness-01">randomness &gt; 0:</dt>
<dd>
<p>The random bytes are used as entropy input for a full reseeding (resp. reinstantiation) if the DRBG is instantiated (resp. uninstantiated or in an error state). The number of random bits required for reseeding is determined by the security strength of the DRBG. Currently it defaults to 256 bits (32 bytes). It is possible to provide less randomness than required. In this case the missing randomness will be obtained by pulling random input from the trusted entropy sources.</p>
</dd>
</dl>
<h2 id="Reseeding-the-master-DRBG-with-automatic-seeding-disabled">Reseeding the master DRBG with automatic seeding disabled</h2>
<p>Calling RAND_poll() will always fail.</p>
<p>RAND_add() needs to be called for initial seeding and periodic reseeding. At least 48 bytes (384 bits) of randomness have to be provided, otherwise the (re-)seeding of the DRBG will fail. This corresponds to one and a half times the security strength of the DRBG. The extra half is used for the nonce during instantiation.</p>
<p>More precisely, the number of bytes needed for seeding depend on the <i>security strength</i> of the DRBG, which is set to 256 by default.</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/RAND_DRBG_bytes.html">RAND_DRBG_bytes(3)</a>, <a href="../man3/RAND_DRBG_generate.html">RAND_DRBG_generate(3)</a>, <a href="../man3/RAND_DRBG_reseed.html">RAND_DRBG_reseed(3)</a>, <a href="../man3/RAND_DRBG_get0_master.html">RAND_DRBG_get0_master(3)</a>, <a href="../man3/RAND_DRBG_get0_public.html">RAND_DRBG_get0_public(3)</a>, <a href="../man3/RAND_DRBG_get0_private.html">RAND_DRBG_get0_private(3)</a>, <a href="../man3/RAND_DRBG_set_reseed_interval.html">RAND_DRBG_set_reseed_interval(3)</a>, <a href="../man3/RAND_DRBG_set_reseed_time_interval.html">RAND_DRBG_set_reseed_time_interval(3)</a>, <a href="../man3/RAND_DRBG_set_reseed_defaults.html">RAND_DRBG_set_reseed_defaults(3)</a>, <a href="../man7/RAND.html">RAND(7)</a>,</p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

73
msys2/usr/share/doc/openssl/html/man7/RSA-PSS.html Normal file
View file

@ -0,0 +1,73 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>RSA-PSS</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a>
<ul>
<li><a href="#Signing-and-Verification">Signing and Verification</a></li>
<li><a href="#Key-Generation">Key Generation</a></li>
</ul>
</li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>RSA-PSS - EVP_PKEY RSA-PSS algorithm support</p>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>The <b>RSA-PSS</b> EVP_PKEY implementation is a restricted version of the RSA algorithm which only supports signing, verification and key generation using PSS padding modes with optional parameter restrictions.</p>
<p>It has associated private key and public key formats.</p>
<p>This algorithm shares several control operations with the <b>RSA</b> algorithm but with some restrictions described below.</p>
<h2 id="Signing-and-Verification">Signing and Verification</h2>
<p>Signing and verification is similar to the <b>RSA</b> algorithm except the padding mode is always PSS. If the key in use has parameter restrictions then the corresponding signature parameters are set to the restrictions: for example, if the key can only be used with digest SHA256, MGF1 SHA256 and minimum salt length 32 then the digest, MGF1 digest and salt length will be set to SHA256, SHA256 and 32 respectively.</p>
<h2 id="Key-Generation">Key Generation</h2>
<p>By default no parameter restrictions are placed on the generated key.</p>
<h1 id="NOTES">NOTES</h1>
<p>The public key format is documented in RFC4055.</p>
<p>The PKCS#8 private key format used for RSA-PSS keys is similar to the RSA format except it uses the <b>id-RSASSA-PSS</b> OID and the parameters field, if present, restricts the key parameters in the same way as the public key.</p>
<h1 id="CONFORMING-TO">CONFORMING TO</h1>
<p>RFC 4055</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/EVP_PKEY_CTX_set_rsa_pss_keygen_md.html">EVP_PKEY_CTX_set_rsa_pss_keygen_md(3)</a>, <a href="../man3/EVP_PKEY_CTX_set_rsa_pss_keygen_mgf1_md.html">EVP_PKEY_CTX_set_rsa_pss_keygen_mgf1_md(3)</a>, <a href="../man3/EVP_PKEY_CTX_set_rsa_pss_keygen_saltlen.html">EVP_PKEY_CTX_set_rsa_pss_keygen_saltlen(3)</a>, <a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_CTX_ctrl_str.html">EVP_PKEY_CTX_ctrl_str(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a></p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

84
msys2/usr/share/doc/openssl/html/man7/SM2.html Normal file
View file

@ -0,0 +1,84 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>SM2</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#EXAMPLE">EXAMPLE</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>SM2 - Chinese SM2 signature and encryption algorithm support</p>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>The <b>SM2</b> algorithm was first defined by the Chinese national standard GM/T 0003-2012 and was later standardized by ISO as ISO/IEC 14888. <b>SM2</b> is actually an elliptic curve based algorithm. The current implementation in OpenSSL supports both signature and encryption schemes via the EVP interface.</p>
<p>When doing the <b>SM2</b> signature algorithm, it requires a distinguishing identifier to form the message prefix which is hashed before the real message is hashed.</p>
<h1 id="NOTES">NOTES</h1>
<p><b>SM2</b> signatures can be generated by using the &#39;DigestSign&#39; series of APIs, for instance, EVP_DigestSignInit(), EVP_DigestSignUpdate() and EVP_DigestSignFinal(). Ditto for the verification process by calling the &#39;DigestVerify&#39; series of APIs.</p>
<p>There are several special steps that need to be done before computing an <b>SM2</b> signature.</p>
<p>The <b>EVP_PKEY</b> structure will default to using ECDSA for signatures when it is created. It should be set to <b>EVP_PKEY_SM2</b> by calling:</p>
<pre><code> EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2);</code></pre>
<p>Then an ID should be set by calling:</p>
<pre><code> EVP_PKEY_CTX_set1_id(pctx, id, id_len);</code></pre>
<p>When calling the EVP_DigestSignInit() or EVP_DigestVerifyInit() functions, a pre-allocated <b>EVP_PKEY_CTX</b> should be assigned to the <b>EVP_MD_CTX</b>. This is done by calling:</p>
<pre><code> EVP_MD_CTX_set_pkey_ctx(mctx, pctx);</code></pre>
<p>And normally there is no need to pass a <b>pctx</b> parameter to EVP_DigestSignInit() or EVP_DigestVerifyInit() in such a scenario.</p>
<h1 id="EXAMPLE">EXAMPLE</h1>
<p>This example demonstrates the calling sequence for using an <b>EVP_PKEY</b> to verify a message with the SM2 signature algorithm and the SM3 hash algorithm:</p>
<pre><code> #include &lt;openssl/evp.h&gt;
/* obtain an EVP_PKEY using whatever methods... */
EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2);
mctx = EVP_MD_CTX_new();
pctx = EVP_PKEY_CTX_new(pkey, NULL);
EVP_PKEY_CTX_set1_id(pctx, id, id_len);
EVP_MD_CTX_set_pkey_ctx(mctx, pctx);;
EVP_DigestVerifyInit(mctx, NULL, EVP_sm3(), NULL, pkey);
EVP_DigestVerifyUpdate(mctx, msg, msg_len);
EVP_DigestVerifyFinal(mctx, sig, sig_len)</code></pre>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_set_alias_type.html">EVP_PKEY_set_alias_type(3)</a>, <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a>, <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>, <a href="../man3/EVP_PKEY_CTX_set1_id.html">EVP_PKEY_CTX_set1_id(3)</a>, <a href="../man3/EVP_MD_CTX_set_pkey_ctx.html">EVP_MD_CTX_set_pkey_ctx(3)</a></p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

80
msys2/usr/share/doc/openssl/html/man7/X25519.html Normal file
View file

@ -0,0 +1,80 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>X25519</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#EXAMPLE">EXAMPLE</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>X25519, X448 - EVP_PKEY X25519 and X448 support</p>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>The <b>X25519</b> and <b>X448</b> EVP_PKEY implementation supports key generation and key derivation using <b>X25519</b> and <b>X448</b>. It has associated private and public key formats compatible with draft-ietf-curdle-pkix-03.</p>
<p>No additional parameters can be set during key generation.</p>
<p>The peer public key must be set using EVP_PKEY_derive_set_peer() when performing key derivation.</p>
<h1 id="NOTES">NOTES</h1>
<p>A context for the <b>X25519</b> algorithm can be obtained by calling:</p>
<pre><code> EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_X25519, NULL);</code></pre>
<p>For the <b>X448</b> algorithm a context can be obtained by calling:</p>
<pre><code> EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_X448, NULL);</code></pre>
<p>X25519 or X448 private keys can be set directly using <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> or loaded from a PKCS#8 private key file using <a href="../man3/PEM_read_bio_PrivateKey.html">PEM_read_bio_PrivateKey(3)</a> (or similar function). Completely new keys can also be generated (see the example below). Setting a private key also sets the associated public key.</p>
<p>X25519 or X448 public keys can be set directly using <a href="../man3/EVP_PKEY_new_raw_public_key.html">EVP_PKEY_new_raw_public_key(3)</a> or loaded from a SubjectPublicKeyInfo structure in a PEM file using <a href="../man3/PEM_read_bio_PUBKEY.html">PEM_read_bio_PUBKEY(3)</a> (or similar function).</p>
<h1 id="EXAMPLE">EXAMPLE</h1>
<p>This example generates an <b>X25519</b> private key and writes it to standard output in PEM format:</p>
<pre><code> #include &lt;openssl/evp.h&gt;
#include &lt;openssl/pem.h&gt;
...
EVP_PKEY *pkey = NULL;
EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_X25519, NULL);
EVP_PKEY_keygen_init(pctx);
EVP_PKEY_keygen(pctx, &amp;pkey);
EVP_PKEY_CTX_free(pctx);
PEM_write_PrivateKey(stdout, pkey, NULL, NULL, 0, NULL, NULL);</code></pre>
<p>The key derivation example in <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a> can be used with <b>X25519</b> and <b>X448</b>.</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>, <a href="../man3/EVP_PKEY_derive_set_peer.html">EVP_PKEY_derive_set_peer(3)</a></p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

80
msys2/usr/share/doc/openssl/html/man7/X448.html Normal file
View file

@ -0,0 +1,80 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>X25519</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#EXAMPLE">EXAMPLE</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>X25519, X448 - EVP_PKEY X25519 and X448 support</p>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>The <b>X25519</b> and <b>X448</b> EVP_PKEY implementation supports key generation and key derivation using <b>X25519</b> and <b>X448</b>. It has associated private and public key formats compatible with draft-ietf-curdle-pkix-03.</p>
<p>No additional parameters can be set during key generation.</p>
<p>The peer public key must be set using EVP_PKEY_derive_set_peer() when performing key derivation.</p>
<h1 id="NOTES">NOTES</h1>
<p>A context for the <b>X25519</b> algorithm can be obtained by calling:</p>
<pre><code> EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_X25519, NULL);</code></pre>
<p>For the <b>X448</b> algorithm a context can be obtained by calling:</p>
<pre><code> EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_X448, NULL);</code></pre>
<p>X25519 or X448 private keys can be set directly using <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> or loaded from a PKCS#8 private key file using <a href="../man3/PEM_read_bio_PrivateKey.html">PEM_read_bio_PrivateKey(3)</a> (or similar function). Completely new keys can also be generated (see the example below). Setting a private key also sets the associated public key.</p>
<p>X25519 or X448 public keys can be set directly using <a href="../man3/EVP_PKEY_new_raw_public_key.html">EVP_PKEY_new_raw_public_key(3)</a> or loaded from a SubjectPublicKeyInfo structure in a PEM file using <a href="../man3/PEM_read_bio_PUBKEY.html">PEM_read_bio_PUBKEY(3)</a> (or similar function).</p>
<h1 id="EXAMPLE">EXAMPLE</h1>
<p>This example generates an <b>X25519</b> private key and writes it to standard output in PEM format:</p>
<pre><code> #include &lt;openssl/evp.h&gt;
#include &lt;openssl/pem.h&gt;
...
EVP_PKEY *pkey = NULL;
EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_X25519, NULL);
EVP_PKEY_keygen_init(pctx);
EVP_PKEY_keygen(pctx, &amp;pkey);
EVP_PKEY_CTX_free(pctx);
PEM_write_PrivateKey(stdout, pkey, NULL, NULL, 0, NULL, NULL);</code></pre>
<p>The key derivation example in <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a> can be used with <b>X25519</b> and <b>X448</b>.</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>, <a href="../man3/EVP_PKEY_derive_set_peer.html">EVP_PKEY_derive_set_peer(3)</a></p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

72
msys2/usr/share/doc/openssl/html/man7/bio.html Normal file
View file

@ -0,0 +1,72 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>bio</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#EXAMPLE">EXAMPLE</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>bio - Basic I/O abstraction</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code> #include &lt;openssl/bio.h&gt;</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>A BIO is an I/O abstraction, it hides many of the underlying I/O details from an application. If an application uses a BIO for its I/O it can transparently handle SSL connections, unencrypted network connections and file I/O.</p>
<p>There are two type of BIO, a source/sink BIO and a filter BIO.</p>
<p>As its name implies a source/sink BIO is a source and/or sink of data, examples include a socket BIO and a file BIO.</p>
<p>A filter BIO takes data from one BIO and passes it through to another, or the application. The data may be left unmodified (for example a message digest BIO) or translated (for example an encryption BIO). The effect of a filter BIO may change according to the I/O operation it is performing: for example an encryption BIO will encrypt data if it is being written to and decrypt data if it is being read from.</p>
<p>BIOs can be joined together to form a chain (a single BIO is a chain with one component). A chain normally consist of one source/sink BIO and one or more filter BIOs. Data read from or written to the first BIO then traverses the chain to the end (normally a source/sink BIO).</p>
<p>Some BIOs (such as memory BIOs) can be used immediately after calling BIO_new(). Others (such as file BIOs) need some additional initialization, and frequently a utility function exists to create and initialize such BIOs.</p>
<p>If BIO_free() is called on a BIO chain it will only free one BIO resulting in a memory leak.</p>
<p>Calling BIO_free_all() on a single BIO has the same effect as calling BIO_free() on it other than the discarded return value.</p>
<p>Normally the <b>type</b> argument is supplied by a function which returns a pointer to a BIO_METHOD. There is a naming convention for such functions: a source/sink BIO is normally called BIO_s_*() and a filter BIO BIO_f_*();</p>
<h1 id="EXAMPLE">EXAMPLE</h1>
<p>Create a memory BIO:</p>
<pre><code> BIO *mem = BIO_new(BIO_s_mem());</code></pre>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/BIO_ctrl.html">BIO_ctrl(3)</a>, <a href="../man3/BIO_f_base64.html">BIO_f_base64(3)</a>, <a href="../man3/BIO_f_buffer.html">BIO_f_buffer(3)</a>, <a href="../man3/BIO_f_cipher.html">BIO_f_cipher(3)</a>, <a href="../man3/BIO_f_md.html">BIO_f_md(3)</a>, <a href="../man3/BIO_f_null.html">BIO_f_null(3)</a>, <a href="../man3/BIO_f_ssl.html">BIO_f_ssl(3)</a>, <a href="../man3/BIO_find_type.html">BIO_find_type(3)</a>, <a href="../man3/BIO_new.html">BIO_new(3)</a>, <a href="../man3/BIO_new_bio_pair.html">BIO_new_bio_pair(3)</a>, <a href="../man3/BIO_push.html">BIO_push(3)</a>, <a href="../man3/BIO_read_ex.html">BIO_read_ex(3)</a>, <a href="../man3/BIO_s_accept.html">BIO_s_accept(3)</a>, <a href="../man3/BIO_s_bio.html">BIO_s_bio(3)</a>, <a href="../man3/BIO_s_connect.html">BIO_s_connect(3)</a>, <a href="../man3/BIO_s_fd.html">BIO_s_fd(3)</a>, <a href="../man3/BIO_s_file.html">BIO_s_file(3)</a>, <a href="../man3/BIO_s_mem.html">BIO_s_mem(3)</a>, <a href="../man3/BIO_s_null.html">BIO_s_null(3)</a>, <a href="../man3/BIO_s_socket.html">BIO_s_socket(3)</a>, <a href="../man3/BIO_set_callback.html">BIO_set_callback(3)</a>, <a href="../man3/BIO_should_retry.html">BIO_should_retry(3)</a></p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

70
msys2/usr/share/doc/openssl/html/man7/crypto.html Normal file
View file

@ -0,0 +1,70 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>crypto</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>crypto - OpenSSL cryptographic library</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<p>See the individual manual pages for details.</p>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>The OpenSSL <b>crypto</b> library implements a wide range of cryptographic algorithms used in various Internet standards. The services provided by this library are used by the OpenSSL implementations of SSL, TLS and S/MIME, and they have also been used to implement SSH, OpenPGP, and other cryptographic standards.</p>
<p><b>libcrypto</b> consists of a number of sub-libraries that implement the individual algorithms.</p>
<p>The functionality includes symmetric encryption, public key cryptography and key agreement, certificate handling, cryptographic hash functions, cryptographic pseudo-random number generator, and various utilities.</p>
<h1 id="NOTES">NOTES</h1>
<p>Some of the newer functions follow a naming convention using the numbers <b>0</b> and <b>1</b>. For example the functions:</p>
<pre><code> int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev);
int X509_add1_trust_object(X509 *x, const ASN1_OBJECT *obj);</code></pre>
<p>The <b>0</b> version uses the supplied structure pointer directly in the parent and it will be freed up when the parent is freed. In the above example <b>crl</b> would be freed but <b>rev</b> would not.</p>
<p>The <b>1</b> function uses a copy of the supplied structure pointer (or in some cases increases its link count) in the parent and so both (<b>x</b> and <b>obj</b> above) should be freed up.</p>
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
<p>See the individual manual pages for details.</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man1/openssl.html">openssl(1)</a>, <a href="../man7/ssl.html">ssl(7)</a></p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

58
msys2/usr/share/doc/openssl/html/man7/ct.html Normal file
View file

@ -0,0 +1,58 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>ct</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#HISTORY">HISTORY</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>ct - Certificate Transparency</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code> #include &lt;openssl/ct.h&gt;</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>This library implements Certificate Transparency (CT) verification for TLS clients, as defined in RFC 6962. This verification can provide some confidence that a certificate has been publicly logged in a set of CT logs.</p>
<p>By default, these checks are disabled. They can be enabled using <a href="../man3/SSL_CTX_enable_ct.html">SSL_CTX_enable_ct(3)</a> or <a href="../man3/SSL_enable_ct.html">SSL_enable_ct(3)</a>.</p>
<p>This library can also be used to parse and examine CT data structures, such as Signed Certificate Timestamps (SCTs), or to read a list of CT logs. There are functions for: - decoding and encoding SCTs in DER and TLS wire format. - printing SCTs. - verifying the authenticity of SCTs. - loading a CT log list from a CONF file.</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/d2i_SCT_LIST.html">d2i_SCT_LIST(3)</a>, <a href="../man3/CTLOG_STORE_new.html">CTLOG_STORE_new(3)</a>, <a href="../man3/CTLOG_STORE_get0_log_by_id.html">CTLOG_STORE_get0_log_by_id(3)</a>, <a href="../man3/SCT_new.html">SCT_new(3)</a>, <a href="../man3/SCT_print.html">SCT_print(3)</a>, <a href="../man3/SCT_validate.html">SCT_validate(3)</a>, <a href="../man3/SCT_validate.html">SCT_validate(3)</a>, <a href="../man3/CT_POLICY_EVAL_CTX_new.html">CT_POLICY_EVAL_CTX_new(3)</a>, <a href="../man3/SSL_CTX_set_ct_validation_callback.html">SSL_CTX_set_ct_validation_callback(3)</a></p>
<h1 id="HISTORY">HISTORY</h1>
<p>The ct library was added in OpenSSL 1.1.0.</p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

214
msys2/usr/share/doc/openssl/html/man7/des_modes.html Normal file
View file

@ -0,0 +1,214 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>des_modes</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#OVERVIEW">OVERVIEW</a>
<ul>
<li><a href="#Electronic-Codebook-Mode-ECB">Electronic Codebook Mode (ECB)</a></li>
<li><a href="#Cipher-Block-Chaining-Mode-CBC">Cipher Block Chaining Mode (CBC)</a></li>
<li><a href="#Cipher-Feedback-Mode-CFB">Cipher Feedback Mode (CFB)</a></li>
<li><a href="#Output-Feedback-Mode-OFB">Output Feedback Mode (OFB)</a></li>
<li><a href="#Triple-ECB-Mode">Triple ECB Mode</a></li>
<li><a href="#Triple-CBC-Mode">Triple CBC Mode</a></li>
</ul>
</li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>des_modes - the variants of DES and other crypto algorithms of OpenSSL</p>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>Several crypto algorithms for OpenSSL can be used in a number of modes. Those are used for using block ciphers in a way similar to stream ciphers, among other things.</p>
<h1 id="OVERVIEW">OVERVIEW</h1>
<h2 id="Electronic-Codebook-Mode-ECB">Electronic Codebook Mode (ECB)</h2>
<p>Normally, this is found as the function <i>algorithm</i>_ecb_encrypt().</p>
<ul>
<li><p>64 bits are enciphered at a time.</p>
</li>
<li><p>The order of the blocks can be rearranged without detection.</p>
</li>
<li><p>The same plaintext block always produces the same ciphertext block (for the same key) making it vulnerable to a &#39;dictionary attack&#39;.</p>
</li>
<li><p>An error will only affect one ciphertext block.</p>
</li>
</ul>
<h2 id="Cipher-Block-Chaining-Mode-CBC">Cipher Block Chaining Mode (CBC)</h2>
<p>Normally, this is found as the function <i>algorithm</i>_cbc_encrypt(). Be aware that des_cbc_encrypt() is not really DES CBC (it does not update the IV); use des_ncbc_encrypt() instead.</p>
<ul>
<li><p>a multiple of 64 bits are enciphered at a time.</p>
</li>
<li><p>The CBC mode produces the same ciphertext whenever the same plaintext is encrypted using the same key and starting variable.</p>
</li>
<li><p>The chaining operation makes the ciphertext blocks dependent on the current and all preceding plaintext blocks and therefore blocks can not be rearranged.</p>
</li>
<li><p>The use of different starting variables prevents the same plaintext enciphering to the same ciphertext.</p>
</li>
<li><p>An error will affect the current and the following ciphertext blocks.</p>
</li>
</ul>
<h2 id="Cipher-Feedback-Mode-CFB">Cipher Feedback Mode (CFB)</h2>
<p>Normally, this is found as the function <i>algorithm</i>_cfb_encrypt().</p>
<ul>
<li><p>a number of bits (j) &lt;= 64 are enciphered at a time.</p>
</li>
<li><p>The CFB mode produces the same ciphertext whenever the same plaintext is encrypted using the same key and starting variable.</p>
</li>
<li><p>The chaining operation makes the ciphertext variables dependent on the current and all preceding variables and therefore j-bit variables are chained together and can not be rearranged.</p>
</li>
<li><p>The use of different starting variables prevents the same plaintext enciphering to the same ciphertext.</p>
</li>
<li><p>The strength of the CFB mode depends on the size of k (maximal if j == k). In my implementation this is always the case.</p>
</li>
<li><p>Selection of a small value for j will require more cycles through the encipherment algorithm per unit of plaintext and thus cause greater processing overheads.</p>
</li>
<li><p>Only multiples of j bits can be enciphered.</p>
</li>
<li><p>An error will affect the current and the following ciphertext variables.</p>
</li>
</ul>
<h2 id="Output-Feedback-Mode-OFB">Output Feedback Mode (OFB)</h2>
<p>Normally, this is found as the function <i>algorithm</i>_ofb_encrypt().</p>
<ul>
<li><p>a number of bits (j) &lt;= 64 are enciphered at a time.</p>
</li>
<li><p>The OFB mode produces the same ciphertext whenever the same plaintext enciphered using the same key and starting variable. More over, in the OFB mode the same key stream is produced when the same key and start variable are used. Consequently, for security reasons a specific start variable should be used only once for a given key.</p>
</li>
<li><p>The absence of chaining makes the OFB more vulnerable to specific attacks.</p>
</li>
<li><p>The use of different start variables values prevents the same plaintext enciphering to the same ciphertext, by producing different key streams.</p>
</li>
<li><p>Selection of a small value for j will require more cycles through the encipherment algorithm per unit of plaintext and thus cause greater processing overheads.</p>
</li>
<li><p>Only multiples of j bits can be enciphered.</p>
</li>
<li><p>OFB mode of operation does not extend ciphertext errors in the resultant plaintext output. Every bit error in the ciphertext causes only one bit to be in error in the deciphered plaintext.</p>
</li>
<li><p>OFB mode is not self-synchronizing. If the two operation of encipherment and decipherment get out of synchronism, the system needs to be re-initialized.</p>
</li>
<li><p>Each re-initialization should use a value of the start variable different from the start variable values used before with the same key. The reason for this is that an identical bit stream would be produced each time from the same parameters. This would be susceptible to a &#39;known plaintext&#39; attack.</p>
</li>
</ul>
<h2 id="Triple-ECB-Mode">Triple ECB Mode</h2>
<p>Normally, this is found as the function <i>algorithm</i>_ecb3_encrypt().</p>
<ul>
<li><p>Encrypt with key1, decrypt with key2 and encrypt with key3 again.</p>
</li>
<li><p>As for ECB encryption but increases the key length to 168 bits. There are theoretic attacks that can be used that make the effective key length 112 bits, but this attack also requires 2^56 blocks of memory, not very likely, even for the NSA.</p>
</li>
<li><p>If both keys are the same it is equivalent to encrypting once with just one key.</p>
</li>
<li><p>If the first and last key are the same, the key length is 112 bits. There are attacks that could reduce the effective key strength to only slightly more than 56 bits, but these require a lot of memory.</p>
</li>
<li><p>If all 3 keys are the same, this is effectively the same as normal ecb mode.</p>
</li>
</ul>
<h2 id="Triple-CBC-Mode">Triple CBC Mode</h2>
<p>Normally, this is found as the function <i>algorithm</i>_ede3_cbc_encrypt().</p>
<ul>
<li><p>Encrypt with key1, decrypt with key2 and then encrypt with key3.</p>
</li>
<li><p>As for CBC encryption but increases the key length to 168 bits with the same restrictions as for triple ecb mode.</p>
</li>
</ul>
<h1 id="NOTES">NOTES</h1>
<p>This text was been written in large parts by Eric Young in his original documentation for SSLeay, the predecessor of OpenSSL. In turn, he attributed it to:</p>
<pre><code> AS 2805.5.2
Australian Standard
Electronic funds transfer - Requirements for interfaces,
Part 5.2: Modes of operation for an n-bit block cipher algorithm
Appendix A</code></pre>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/BF_encrypt.html">BF_encrypt(3)</a>, <a href="../man3/DES_crypt.html">DES_crypt(3)</a></p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

83
msys2/usr/share/doc/openssl/html/man7/evp.html Normal file
View file

@ -0,0 +1,83 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>evp</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>evp - high-level cryptographic functions</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code> #include &lt;openssl/evp.h&gt;</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>The EVP library provides a high-level interface to cryptographic functions.</p>
<p>The <a href="../man3/EVP_SealInit.html"><b>EVP_Seal</b><i>XXX</i></a> and <a href="../man3/EVP_OpenInit.html"><b>EVP_Open</b><i>XXX</i></a> functions provide public key encryption and decryption to implement digital &quot;envelopes&quot;.</p>
<p>The <a href="../man3/EVP_DigestSignInit.html"><b>EVP_DigestSign</b><i>XXX</i></a> and <a href="../man3/EVP_DigestVerifyInit.html"><b>EVP_DigestVerify</b><i>XXX</i></a> functions implement digital signatures and Message Authentication Codes (MACs). Also see the older <a href="../man3/EVP_SignInit.html"><b>EVP_Sign</b><i>XXX</i></a> and <a href="../man3/EVP_VerifyInit.html"><b>EVP_Verify</b><i>XXX</i></a> functions.</p>
<p>Symmetric encryption is available with the <a href="../man3/EVP_EncryptInit.html"><b>EVP_Encrypt</b><i>XXX</i></a> functions. The <a href="../man3/EVP_DigestInit.html"><b>EVP_Digest</b><i>XXX</i></a> functions provide message digests.</p>
<p>The <b>EVP_PKEY</b><i>XXX</i> functions provide a high level interface to asymmetric algorithms. To create a new EVP_PKEY see <a href="../man3/EVP_PKEY_new.html">EVP_PKEY_new(3)</a>. EVP_PKEYs can be associated with a private key of a particular algorithm by using the functions described on the <a href="../man3/EVP_PKEY_set1_RSA.html">EVP_PKEY_set1_RSA(3)</a> page, or new keys can be generated using <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a>. EVP_PKEYs can be compared using <a href="../man3/EVP_PKEY_cmp.html">EVP_PKEY_cmp(3)</a>, or printed using <a href="../man3/EVP_PKEY_print_private.html">EVP_PKEY_print_private(3)</a>.</p>
<p>The EVP_PKEY functions support the full range of asymmetric algorithm operations:</p>
<dl>
<dt id="For-key-agreement-see-EVP_PKEY_derive-3">For key agreement see <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a></dt>
<dd>
</dd>
<dt id="For-signing-and-verifying-see-EVP_PKEY_sign-3-EVP_PKEY_verify-3-and-EVP_PKEY_verify_recover-3-.-However-note-that-these-functions-do-not-perform-a-digest-of-the-data-to-be-signed.-Therefore-normally-you-would-use-the-EVP_DigestSignInit-3-functions-for-this-purpose">For signing and verifying see <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a> and <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>. However, note that these functions do not perform a digest of the data to be signed. Therefore normally you would use the <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> functions for this purpose.</dt>
<dd>
</dd>
<dt id="For-encryption-and-decryption-see-EVP_PKEY_encrypt-3-and-EVP_PKEY_decrypt-3-respectively.-However-note-that-these-functions-perform-encryption-and-decryption-only.-As-public-key-encryption-is-an-expensive-operation-normally-you-would-wrap-an-encrypted-message-in-a-digital-envelope-using-the-EVP_SealInit-3-and-EVP_OpenInit-3-functions">For encryption and decryption see <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a> and <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a> respectively. However, note that these functions perform encryption and decryption only. As public key encryption is an expensive operation, normally you would wrap an encrypted message in a &quot;digital envelope&quot; using the <a href="../man3/EVP_SealInit.html">EVP_SealInit(3)</a> and <a href="../man3/EVP_OpenInit.html">EVP_OpenInit(3)</a> functions.</dt>
<dd>
</dd>
</dl>
<p>The <a href="../man3/EVP_BytesToKey.html">EVP_BytesToKey(3)</a> function provides some limited support for password based encryption. Careful selection of the parameters will provide a PKCS#5 PBKDF1 compatible implementation. However, new applications should not typically use this (preferring, for example, PBKDF2 from PCKS#5).</p>
<p>The <a href="../man3/EVP_EncodeInit.html"><b>EVP_Encode</b><i>XXX</i></a> and <a href="../man3/EVP_EncodeInit.html"><b>EVP_Decode</b><i>XXX</i></a> functions implement base 64 encoding and decoding.</p>
<p>All the symmetric algorithms (ciphers), digests and asymmetric algorithms (public key algorithms) can be replaced by ENGINE modules providing alternative implementations. If ENGINE implementations of ciphers or digests are registered as defaults, then the various EVP functions will automatically use those implementations automatically in preference to built in software implementations. For more information, consult the engine(3) man page.</p>
<p>Although low level algorithm specific functions exist for many algorithms their use is discouraged. They cannot be used with an ENGINE and ENGINE versions of new algorithms cannot be accessed using the low level functions. Also makes code harder to adapt to new algorithms and some options are not cleanly supported at the low level and some operations are more efficient using the high level interface.</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_OpenInit.html">EVP_OpenInit(3)</a>, <a href="../man3/EVP_SealInit.html">EVP_SealInit(3)</a>, <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a>, <a href="../man3/EVP_SignInit.html">EVP_SignInit(3)</a>, <a href="../man3/EVP_VerifyInit.html">EVP_VerifyInit(3)</a>, <a href="../man3/EVP_EncodeInit.html">EVP_EncodeInit(3)</a>, <a href="../man3/EVP_PKEY_new.html">EVP_PKEY_new(3)</a>, <a href="../man3/EVP_PKEY_set1_RSA.html">EVP_PKEY_set1_RSA(3)</a>, <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a>, <a href="../man3/EVP_PKEY_print_private.html">EVP_PKEY_print_private(3)</a>, <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>, <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>, <a href="../man3/EVP_BytesToKey.html">EVP_BytesToKey(3)</a>, <a href="../man3/ENGINE_by_id.html">ENGINE_by_id(3)</a></p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

60
msys2/usr/share/doc/openssl/html/man7/ossl_store-file.html Normal file
View file

@ -0,0 +1,60 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>ossl_store-file</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>ossl_store-file - The store &#39;file&#39; scheme loader</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<p>#include &lt;openssl/store.h&gt;</p>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>Support for the &#39;file&#39; scheme is built into <code>libcrypto</code>. Since files come in all kinds of formats and content types, the &#39;file&#39; scheme has its own layer of functionality called &quot;file handlers&quot;, which are used to try to decode diverse types of file contents.</p>
<p>In case a file is formatted as PEM, each called file handler receives the PEM name (everything following any &#39;<code>-----BEGIN </code>&#39;) as well as possible PEM headers, together with the decoded PEM body. Since PEM formatted files can contain more than one object, the file handlers are called upon for each such object.</p>
<p>If the file isn&#39;t determined to be formatted as PEM, the content is loaded in raw form in its entirety and passed to the available file handlers as is, with no PEM name or headers.</p>
<p>Each file handler is expected to handle PEM and non-PEM content as appropriate. Some may refuse non-PEM content for the sake of determinism (for example, there are keys out in the wild that are represented as an ASN.1 OCTET STRING. In raw form, it&#39;s not easily possible to distinguish those from any other data coming as an ASN.1 OCTET STRING, so such keys would naturally be accepted as PEM files only).</p>
<h1 id="NOTES">NOTES</h1>
<p>When needed, the &#39;file&#39; scheme loader will require a pass phrase by using the <code>UI_METHOD</code> that was passed via OSSL_STORE_open(). This pass phrase is expected to be UTF-8 encoded, anything else will give an undefined result. The files made accessible through this loader are expected to be standard compliant with regards to pass phrase encoding. Files that aren&#39;t should be re-generated with a correctly encoded pass phrase. See <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a> for more information.</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man7/ossl_store.html">ossl_store(7)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

105
msys2/usr/share/doc/openssl/html/man7/ossl_store.html Normal file
View file

@ -0,0 +1,105 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>ossl_store</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a>
<ul>
<li><a href="#General">General</a></li>
<li><a href="#URI-schemes-and-loaders">URI schemes and loaders</a></li>
<li><a href="#UI_METHOD-and-pass-phrases">UI_METHOD and pass phrases</a></li>
</ul>
</li>
<li><a href="#EXAMPLES">EXAMPLES</a>
<ul>
<li><a href="#A-generic-call">A generic call</a></li>
</ul>
</li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>ossl_store - Store retrieval functions</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<p>#include &lt;openssl/store.h&gt;</p>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<h2 id="General">General</h2>
<p>A STORE is a layer of functionality to retrieve a number of supported objects from a repository of any kind, addressable as a file name or as a URI.</p>
<p>The functionality supports the pattern &quot;open a channel to the repository&quot;, &quot;loop and retrieve one object at a time&quot;, and &quot;finish up by closing the channel&quot;.</p>
<p>The retrieved objects are returned as a wrapper type <b>OSSL_STORE_INFO</b>, from which an OpenSSL type can be retrieved.</p>
<h2 id="URI-schemes-and-loaders">URI schemes and loaders</h2>
<p>Support for a URI scheme is called a STORE &quot;loader&quot;, and can be added dynamically from the calling application or from a loadable engine.</p>
<p>Support for the &#39;file&#39; scheme is built into <code>libcrypto</code>. See <a href="../man7/ossl_store-file.html">ossl_store-file(7)</a> for more information.</p>
<h2 id="UI_METHOD-and-pass-phrases">UI_METHOD and pass phrases</h2>
<p>The <b>OSS_STORE</b> API does nothing to enforce any specific format or encoding on the pass phrase that the <b>UI_METHOD</b> provides. However, the pass phrase is expected to be UTF-8 encoded. The result of any other encoding is undefined.</p>
<h1 id="EXAMPLES">EXAMPLES</h1>
<h2 id="A-generic-call">A generic call</h2>
<pre><code> OSSL_STORE_CTX *ctx = OSSL_STORE_open(&quot;file:/foo/bar/data.pem&quot;);
/*
* OSSL_STORE_eof() simulates file semantics for any repository to signal
* that no more data can be expected
*/
while (!OSSL_STORE_eof(ctx)) {
OSSL_STORE_INFO *info = OSSL_STORE_load(ctx);
/*
* Do whatever is necessary with the OSSL_STORE_INFO,
* here just one example
*/
switch (OSSL_STORE_INFO_get_type(info)) {
case OSSL_STORE_INFO_X509:
/* Print the X.509 certificate text */
X509_print_fp(stdout, OSSL_STORE_INFO_get0_CERT(info));
/* Print the X.509 certificate PEM output */
PEM_write_X509(stdout, OSSL_STORE_INFO_get0_CERT(info));
break;
}
}
OSSL_STORE_close(ctx);</code></pre>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/OSSL_STORE_INFO.html">OSSL_STORE_INFO(3)</a>, <a href="../man3/OSSL_STORE_LOADER.html">OSSL_STORE_LOADER(3)</a>, <a href="../man3/OSSL_STORE_open.html">OSSL_STORE_open(3)</a>, <a href="../man3/OSSL_STORE_expect.html">OSSL_STORE_expect(3)</a>, <a href="../man3/OSSL_STORE_SEARCH.html">OSSL_STORE_SEARCH(3)</a></p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

124
msys2/usr/share/doc/openssl/html/man7/passphrase-encoding.html Normal file
View file

@ -0,0 +1,124 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>passphrase-encoding</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a>
<ul>
<li><a href="#The-general-case">The general case</a></li>
<li><a href="#PKCS-12">PKCS#12</a></li>
<li><a href="#OSSL_STORE">OSSL_STORE</a></li>
</ul>
</li>
<li><a href="#RECOMMENDATIONS">RECOMMENDATIONS</a>
<ul>
<li><a href="#Creating-new-objects">Creating new objects</a></li>
<li><a href="#Opening-existing-objects">Opening existing objects</a></li>
</ul>
</li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>passphrase-encoding - How diverse parts of OpenSSL treat pass phrases character encoding</p>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>In a modern world with all sorts of character encodings, the treatment of pass phrases has become increasingly complex. This manual page attempts to give an overview over how this problem is currently addressed in different parts of the OpenSSL library.</p>
<h2 id="The-general-case">The general case</h2>
<p>The OpenSSL library doesn&#39;t treat pass phrases in any special way as a general rule, and trusts the application or user to choose a suitable character set and stick to that throughout the lifetime of affected objects. This means that for an object that was encrypted using a pass phrase encoded in ISO-8859-1, that object needs to be decrypted using a pass phrase encoded in ISO-8859-1. Using the wrong encoding is expected to cause a decryption failure.</p>
<h2 id="PKCS-12">PKCS#12</h2>
<p>PKCS#12 is a bit different regarding pass phrase encoding. The standard stipulates that the pass phrase shall be encoded as an ASN.1 BMPString, which consists of the code points of the basic multilingual plane, encoded in big endian (UCS-2 BE).</p>
<p>OpenSSL tries to adapt to this requirements in one of the following manners:</p>
<ol>
<li><p>Treats the received pass phrase as UTF-8 encoded and tries to re-encode it to UTF-16 (which is the same as UCS-2 for characters U+0000 to U+D7FF and U+E000 to U+FFFF, but becomes an expansion for any other character), or failing that, proceeds with step 2.</p>
</li>
<li><p>Assumes that the pass phrase is encoded in ASCII or ISO-8859-1 and opportunistically prepends each byte with a zero byte to obtain the UCS-2 encoding of the characters, which it stores as a BMPString.</p>
<p>Note that since there is no check of your locale, this may produce UCS-2 / UTF-16 characters that do not correspond to the original pass phrase characters for other character sets, such as any ISO-8859-X encoding other than ISO-8859-1 (or for Windows, CP 1252 with exception for the extra &quot;graphical&quot; characters in the 0x80-0x9F range).</p>
</li>
</ol>
<p>OpenSSL versions older than 1.1.0 do variant 2 only, and that is the reason why OpenSSL still does this, to be able to read files produced with older versions.</p>
<p>It should be noted that this approach isn&#39;t entirely fault free.</p>
<p>A pass phrase encoded in ISO-8859-2 could very well have a sequence such as 0xC3 0xAF (which is the two characters &quot;LATIN CAPITAL LETTER A WITH BREVE&quot; and &quot;LATIN CAPITAL LETTER Z WITH DOT ABOVE&quot; in ISO-8859-2 encoding), but would be misinterpreted as the perfectly valid UTF-8 encoded code point U+00EF (LATIN SMALL LETTER I WITH DIARESIS) <i>if the pass phrase doesn&#39;t contain anything that would be invalid UTF-8</i>. A pass phrase that contains this kind of byte sequence will give a different outcome in OpenSSL 1.1.0 and newer than in OpenSSL older than 1.1.0.</p>
<pre><code> 0x00 0xC3 0x00 0xAF # OpenSSL older than 1.1.0
0x00 0xEF # OpenSSL 1.1.0 and newer</code></pre>
<p>On the same accord, anything encoded in UTF-8 that was given to OpenSSL older than 1.1.0 was misinterpreted as ISO-8859-1 sequences.</p>
<h2 id="OSSL_STORE">OSSL_STORE</h2>
<p><a href="../man7/ossl_store.html">ossl_store(7)</a> acts as a general interface to access all kinds of objects, potentially protected with a pass phrase, a PIN or something else. This API stipulates that pass phrases should be UTF-8 encoded, and that any other pass phrase encoding may give undefined results. This API relies on the application to ensure UTF-8 encoding, and doesn&#39;t check that this is the case, so what it gets, it will also pass to the underlying loader.</p>
<h1 id="RECOMMENDATIONS">RECOMMENDATIONS</h1>
<p>This section assumes that you know what pass phrase was used for encryption, but that it may have been encoded in a different character encoding than the one used by your current input method. For example, the pass phrase may have been used at a time when your default encoding was ISO-8859-1 (i.e. &quot;na&iuml;ve&quot; resulting in the byte sequence 0x6E 0x61 0xEF 0x76 0x65), and you&#39;re now in an environment where your default encoding is UTF-8 (i.e. &quot;na&iuml;ve&quot; resulting in the byte sequence 0x6E 0x61 0xC3 0xAF 0x76 0x65). Whenever it&#39;s mentioned that you should use a certain character encoding, it should be understood that you either change the input method to use the mentioned encoding when you type in your pass phrase, or use some suitable tool to convert your pass phrase from your default encoding to the target encoding.</p>
<p>Also note that the sub-sections below discuss human readable pass phrases. This is particularly relevant for PKCS#12 objects, where human readable pass phrases are assumed. For other objects, it&#39;s as legitimate to use any byte sequence (such as a sequence of bytes from `/dev/urandom` that&#39;s been saved away), which makes any character encoding discussion irrelevant; in such cases, simply use the same byte sequence as it is.</p>
<h2 id="Creating-new-objects">Creating new objects</h2>
<p>For creating new pass phrase protected objects, make sure the pass phrase is encoded using UTF-8. This is default on most modern Unixes, but may involve an effort on other platforms. Specifically for Windows, setting the environment variable <code>OPENSSL_WIN32_UTF8</code> will have anything entered on [Windows] console prompt converted to UTF-8 (command line and separately prompted pass phrases alike).</p>
<h2 id="Opening-existing-objects">Opening existing objects</h2>
<p>For opening pass phrase protected objects where you know what character encoding was used for the encryption pass phrase, make sure to use the same encoding again.</p>
<p>For opening pass phrase protected objects where the character encoding that was used is unknown, or where the producing application is unknown, try one of the following:</p>
<ol>
<li><p>Try the pass phrase that you have as it is in the character encoding of your environment. It&#39;s possible that its byte sequence is exactly right.</p>
</li>
<li><p>Convert the pass phrase to UTF-8 and try with the result. Specifically with PKCS#12, this should open up any object that was created according to the specification.</p>
</li>
<li><p>Do a na&iuml;ve (i.e. purely mathematical) ISO-8859-1 to UTF-8 conversion and try with the result. This differs from the previous attempt because ISO-8859-1 maps directly to U+0000 to U+00FF, which other non-UTF-8 character sets do not.</p>
<p>This also takes care of the case when a UTF-8 encoded string was used with OpenSSL older than 1.1.0. (for example, <code>&iuml;</code>, which is 0xC3 0xAF when encoded in UTF-8, would become 0xC3 0x83 0xC2 0xAF when re-encoded in the na&iuml;ve manner. The conversion to BMPString would then yield 0x00 0xC3 0x00 0xA4 0x00 0x00, the erroneous/non-compliant encoding used by OpenSSL older than 1.1.0)</p>
</li>
</ol>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man7/ossl_store.html">ossl_store(7)</a>, <a href="../man3/EVP_BytesToKey.html">EVP_BytesToKey(3)</a>, <a href="../man3/EVP_DecryptInit.html">EVP_DecryptInit(3)</a>, <a href="../man3/PEM_do_header.html">PEM_do_header(3)</a>, <a href="../man3/PKCS12_parse.html">PKCS12_parse(3)</a>, <a href="../man3/PKCS12_newpass.html">PKCS12_newpass(3)</a>, <a href="../man3/d2i_PKCS8PrivateKey_bio.html">d2i_PKCS8PrivateKey_bio(3)</a></p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

112
msys2/usr/share/doc/openssl/html/man7/scrypt.html Normal file
View file

@ -0,0 +1,112 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>scrypt</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#EXAMPLE">EXAMPLE</a></li>
<li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>scrypt - EVP_PKEY scrypt KDF support</p>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>The EVP_PKEY_SCRYPT algorithm implements the scrypt password based key derivation function, as described in RFC 7914. It is memory-hard in the sense that it deliberately requires a significant amount of RAM for efficient computation. The intention of this is to render brute forcing of passwords on systems that lack large amounts of main memory (such as GPUs or ASICs) computationally infeasible.</p>
<p>scrypt provides three work factors that can be customized: N, r and p. N, which has to be a positive power of two, is the general work factor and scales CPU time in an approximately linear fashion. r is the block size of the internally used hash function and p is the parallelization factor. Both r and p need to be greater than zero. The amount of RAM that scrypt requires for its computation is roughly (128 * N * r * p) bytes.</p>
<p>In the original paper of Colin Percival (&quot;Stronger Key Derivation via Sequential Memory-Hard Functions&quot;, 2009), the suggested values that give a computation time of less than 5 seconds on a 2.5 GHz Intel Core 2 Duo are N = 2^20 = 1048576, r = 8, p = 1. Consequently, the required amount of memory for this computation is roughly 1 GiB. On a more recent CPU (Intel i7-5930K at 3.5 GHz), this computation takes about 3 seconds. When N, r or p are not specified, they default to 1048576, 8, and 1, respectively. The default amount of RAM that may be used by scrypt defaults to 1025 MiB.</p>
<h1 id="NOTES">NOTES</h1>
<p>A context for scrypt can be obtained by calling:</p>
<pre><code> EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_SCRYPT, NULL);</code></pre>
<p>The output length of an scrypt key derivation is specified via the length parameter to the <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a> function.</p>
<h1 id="EXAMPLE">EXAMPLE</h1>
<p>This example derives a 64-byte long test vector using scrypt using the password &quot;password&quot;, salt &quot;NaCl&quot; and N = 1024, r = 8, p = 16.</p>
<pre><code> EVP_PKEY_CTX *pctx;
unsigned char out[64];
size_t outlen = sizeof(out);
pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_SCRYPT, NULL);
if (EVP_PKEY_derive_init(pctx) &lt;= 0) {
error(&quot;EVP_PKEY_derive_init&quot;);
}
if (EVP_PKEY_CTX_set1_pbe_pass(pctx, &quot;password&quot;, 8) &lt;= 0) {
error(&quot;EVP_PKEY_CTX_set1_pbe_pass&quot;);
}
if (EVP_PKEY_CTX_set1_scrypt_salt(pctx, &quot;NaCl&quot;, 4) &lt;= 0) {
error(&quot;EVP_PKEY_CTX_set1_scrypt_salt&quot;);
}
if (EVP_PKEY_CTX_set_scrypt_N(pctx, 1024) &lt;= 0) {
error(&quot;EVP_PKEY_CTX_set_scrypt_N&quot;);
}
if (EVP_PKEY_CTX_set_scrypt_r(pctx, 8) &lt;= 0) {
error(&quot;EVP_PKEY_CTX_set_scrypt_r&quot;);
}
if (EVP_PKEY_CTX_set_scrypt_p(pctx, 16) &lt;= 0) {
error(&quot;EVP_PKEY_CTX_set_scrypt_p&quot;);
}
if (EVP_PKEY_derive(pctx, out, &amp;outlen) &lt;= 0) {
error(&quot;EVP_PKEY_derive&quot;);
}
{
const unsigned char expected[sizeof(out)] = {
0xfd, 0xba, 0xbe, 0x1c, 0x9d, 0x34, 0x72, 0x00,
0x78, 0x56, 0xe7, 0x19, 0x0d, 0x01, 0xe9, 0xfe,
0x7c, 0x6a, 0xd7, 0xcb, 0xc8, 0x23, 0x78, 0x30,
0xe7, 0x73, 0x76, 0x63, 0x4b, 0x37, 0x31, 0x62,
0x2e, 0xaf, 0x30, 0xd9, 0x2e, 0x22, 0xa3, 0x88,
0x6f, 0xf1, 0x09, 0x27, 0x9d, 0x98, 0x30, 0xda,
0xc7, 0x27, 0xaf, 0xb9, 0x4a, 0x83, 0xee, 0x6d,
0x83, 0x60, 0xcb, 0xdf, 0xa2, 0xcc, 0x06, 0x40
};
assert(!memcmp(out, expected, sizeof(out)));
}
EVP_PKEY_CTX_free(pctx);</code></pre>
<h1 id="CONFORMING-TO">CONFORMING TO</h1>
<p>RFC 7914</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/EVP_PKEY_CTX_set1_scrypt_salt.html">EVP_PKEY_CTX_set1_scrypt_salt(3)</a>, <a href="../man3/EVP_PKEY_CTX_set_scrypt_N.html">EVP_PKEY_CTX_set_scrypt_N(3)</a>, <a href="../man3/EVP_PKEY_CTX_set_scrypt_r.html">EVP_PKEY_CTX_set_scrypt_r(3)</a>, <a href="../man3/EVP_PKEY_CTX_set_scrypt_p.html">EVP_PKEY_CTX_set_scrypt_p(3)</a>, <a href="../man3/EVP_PKEY_CTX_set_scrypt_maxmem_bytes.html">EVP_PKEY_CTX_set_scrypt_maxmem_bytes(3)</a>, <a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_CTX_ctrl_str.html">EVP_PKEY_CTX_ctrl_str(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a></p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

1248
msys2/usr/share/doc/openssl/html/man7/ssl.html Normal file
View file

File diff suppressed because one or more lines are too long

67
msys2/usr/share/doc/openssl/html/man7/x509.html Normal file
View file

@ -0,0 +1,67 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>x509</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>x509 - X.509 certificate handling</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<pre><code> #include &lt;openssl/x509.h&gt;</code></pre>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>An X.509 certificate is a structured grouping of information about an individual, a device, or anything one can imagine. A X.509 CRL (certificate revocation list) is a tool to help determine if a certificate is still valid. The exact definition of those can be found in the X.509 document from ITU-T, or in RFC3280 from PKIX. In OpenSSL, the type X509 is used to express such a certificate, and the type X509_CRL is used to express a CRL.</p>
<p>A related structure is a certificate request, defined in PKCS#10 from RSA Security, Inc, also reflected in RFC2896. In OpenSSL, the type X509_REQ is used to express such a certificate request.</p>
<p>To handle some complex parts of a certificate, there are the types X509_NAME (to express a certificate name), X509_ATTRIBUTE (to express a certificate attributes), X509_EXTENSION (to express a certificate extension) and a few more.</p>
<p>Finally, there&#39;s the supertype X509_INFO, which can contain a CRL, a certificate and a corresponding private key.</p>
<p><b>X509_</b><i>XXX</i>, <b>d2i_X509_</b><i>XXX</i>, and <b>i2d_X509_</b><i>XXX</i> functions handle X.509 certificates, with some exceptions, shown below.</p>
<p><b>X509_CRL_</b><i>XXX</i>, <b>d2i_X509_CRL_</b><i>XXX</i>, and <b>i2d_X509_CRL_</b><i>XXX</i> functions handle X.509 CRLs.</p>
<p><b>X509_REQ_</b><i>XXX</i>, <b>d2i_X509_REQ_</b><i>XXX</i>, and <b>i2d_X509_REQ_</b><i>XXX</i> functions handle PKCS#10 certificate requests.</p>
<p><b>X509_NAME_</b><i>XXX</i> functions handle certificate names.</p>
<p><b>X509_ATTRIBUTE_</b><i>XXX</i> functions handle certificate attributes.</p>
<p><b>X509_EXTENSION_</b><i>XXX</i> functions handle certificate extensions.</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_add_entry_by_NID.html">X509_NAME_add_entry_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_NAME_new.html">X509_NAME_new(3)</a>, <a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/d2i_X509_ALGOR.html">d2i_X509_ALGOR(3)</a>, <a href="../man3/d2i_X509_CRL.html">d2i_X509_CRL(3)</a>, <a href="../man3/d2i_X509_NAME.html">d2i_X509_NAME(3)</a>, <a href="../man3/d2i_X509_REQ.html">d2i_X509_REQ(3)</a>, <a href="../man3/d2i_X509_SIG.html">d2i_X509_SIG(3)</a>, <a href="../man3/X509v3.html">X509v3(3)</a>, <a href="../man7/crypto.html">crypto(7)</a></p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2003-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>