Commit graph

2397 commits

Author SHA1 Message Date
Lutz Jänicke
d300bcca7f Typo. 2001-09-13 15:18:51 +00:00
Lutz Jänicke
d59c3e5046 One more manual page. 2001-09-13 15:05:42 +00:00
Lutz Jänicke
6d8566f2eb Rework section about return values another time (based on hints from
Bodo Moeller).
2001-09-13 13:21:38 +00:00
Lutz Jänicke
c0f5dd070b Make maximum certifcate chain size accepted from the peer application
settable (proposed by "Douglas E. Engert" <deengert@anl.gov>).
2001-09-11 13:08:51 +00:00
Ulf Möller
3b80e3aa9e ispell 2001-09-07 06:13:40 +00:00
Bodo Möller
983495c4b2 Use uniformly chosen witnesses for Miller-Rabin test
(by using new BN_pseudo_rand_range function)
2001-09-03 12:58:16 +00:00
Lutz Jänicke
f1b2807478 More docs. 2001-08-24 14:29:48 +00:00
Lutz Jänicke
bfd7bb3eb6 Typo. 2001-08-23 17:41:20 +00:00
Lutz Jänicke
11c8f0b79d More manual pages. Constify. 2001-08-23 17:22:43 +00:00
Lutz Jänicke
c4068186ac As discussed recently on openssl-users. 2001-08-23 15:00:11 +00:00
Lutz Jänicke
0a93a68020 Make clear, that using the compression layer is currently not recommended. 2001-08-23 09:42:12 +00:00
Ulf Möller
f2ab7d1392 typo. 2001-08-22 18:35:17 +00:00
Lutz Jänicke
141e584998 One more manual page... 2001-08-21 14:54:54 +00:00
Lutz Jänicke
336736ef35 Documentation on how to handle compression methods.
Hopefully it is clear enough, that it is currently not recommended.
2001-08-21 13:02:58 +00:00
Lutz Jänicke
d93eb21c7c More interdependencies with respect to shutdown behaviour. 2001-08-20 14:34:16 +00:00
Lutz Jänicke
a403188f92 Alert description strings for TLSv1 and documentation. 2001-08-19 16:20:42 +00:00
Lutz Jänicke
52129c0b0b More details about session timeout settings. 2001-08-17 16:36:51 +00:00
Lutz Jänicke
a52877a2f1 One more function documented. 2001-08-17 15:54:50 +00:00
Lutz Jänicke
cdd7c3ce92 SSL_shutdown() has even more properties... 2001-08-17 15:09:31 +00:00
Lutz Jänicke
c1497b4d19 One more step on the way for complete documentation... 2001-08-17 14:32:38 +00:00
Lutz Jänicke
b2ed462934 Unidirectional shutdown is allowed according to the RFC. 2001-08-17 09:08:32 +00:00
Lutz Jänicke
9e09eebf94 Better description of the behaviour of SSL_shutdown() as it is now, broken
or not.
2001-08-16 14:27:55 +00:00
Bodo Möller
3f1c4e49a3 add missing link 2001-08-08 15:09:06 +00:00
Lutz Jänicke
06da6e4977 Don't disable rollback attack detection as a recommended bug workaround. 2001-08-03 08:45:13 +00:00
Lutz Jänicke
37f599bcec Reworked manual pages with a lot of input from Bodo Moeller. 2001-07-31 15:04:50 +00:00
Ben Laurie
8408f4fbc7 Document DES changes better. 2001-07-31 13:33:58 +00:00
Bodo Möller
924875e53b Undo DH_generate_key() change: s3_srvr.c was using it correctly 2001-07-27 22:34:25 +00:00
Bodo Möller
6aecef815c Don't preserve existing keys in DH_generate_key. 2001-07-25 17:20:34 +00:00
Lutz Jänicke
7abe76e1bd Fix wrong information about SSL_set_connect_state()... 2001-07-25 12:12:51 +00:00
Lutz Jänicke
3e3dac9f97 Additional inline reference. 2001-07-23 12:57:37 +00:00
Lutz Jänicke
397ba0f08a Add missing reference. 2001-07-23 12:52:05 +00:00
Lutz Jänicke
4db48ec0bd Documentation about ephemeral key exchange 2001-07-21 11:02:17 +00:00
Lutz Jänicke
6d3dec92fb Updated explanation. 2001-07-20 19:23:43 +00:00
Lutz Jänicke
2d3b6a5be7 Some more documentation bits. 2001-07-20 18:57:15 +00:00
Dr. Stephen Henson
534a1ed0cb Allow OCSP server to handle multiple requests.
Document new OCSP options.
2001-07-13 13:13:44 +00:00
Lutz Jänicke
a1a63a4239 Clarify! (based on recent mailing-list discussions) 2001-07-11 15:10:28 +00:00
Bodo Möller
e9ad0d2c31 Fix PRNG. 2001-07-10 10:49:34 +00:00
Lutz Jänicke
43f9391bcc When only the key is given to "enc", the IV is undefined
(found by Andy Brown <logic@warthog.com>).
2001-07-03 10:31:11 +00:00
Dr. Stephen Henson
181355616e Add examples to EVP_EncryptInit manual page. 2001-05-17 13:03:20 +00:00
Lutz Jänicke
74daa124c2 Add missing item(s) SSL_ERROR_WANT_CONNECT, SSL_ERROR_WANT_ACCEPT. 2001-05-16 09:43:51 +00:00
Lutz Jänicke
5892855c5f Typos. 2001-05-14 09:52:44 +00:00
Lutz Jänicke
a6e859e9ec One more point to clarify, pointed out by "Greg Stark" <ghstark@pobox.com> 2001-05-14 09:02:38 +00:00
Lutz Jänicke
33ab4699ba Clarify behaviour with respect to SSL/TLS records. 2001-05-12 09:49:02 +00:00
Lutz Jänicke
4b3270f78e Clarify behaviour of SSL_write() by mentioning SSL_MODE_ENABLE_PARTIAL_WRITE
flag as discussed on the mailing list.
2001-05-11 09:53:10 +00:00
Lutz Jänicke
0ea659475c Typo (reported by Petr Lancaric <Petr.Lancaric@ips-ag.cz>) 2001-04-25 15:24:47 +00:00
Lutz Jänicke
197322455d Clarify request of client certificates. This is a FAQ. 2001-04-17 13:18:56 +00:00
Lutz Jänicke
cb2a0e1319 Missing link ("Greg Stark" <gstark@ethentica.com>) 2001-04-12 21:11:31 +00:00
Lutz Jänicke
638b0d4277 Fix wrong information with respect to CAs listed to the client
(follows from technical discussion with Amit Chopra <amitc@pspl.co.in>).
2001-04-12 16:02:34 +00:00
Lutz Jänicke
f7181a9179 Typo (Jun-ichiro itojun Hagino <itojun@iijlab.net>) 2001-04-12 11:45:42 +00:00
Bodo Möller
fba9046490 Update docs. 2001-03-21 15:25:56 +00:00
Dr. Stephen Henson
02ee8626fb Fix PKCS#12 key generation bug. 2001-03-18 02:11:42 +00:00
Dr. Stephen Henson
791bd0cd2b Add copy_extensions option to 'ca' utility. 2001-03-16 02:04:17 +00:00
Dr. Stephen Henson
e890dcdb19 Add 'align' option to nameopt.
Add default values for display by the 'ca' utility
to openssl.cnf

Update docs.
2001-03-15 22:45:20 +00:00
Lutz Jänicke
eb272ac0b0 Forgot "cvs add", so only the surrounding changes made it... sigh. 2001-03-15 12:42:04 +00:00
Dr. Stephen Henson
0a3ea5d34a Document the -certopt option to the x509 utility.
Add no_issuer option.

Fix X509_print_ex() so it prints out newlines when
certain fields are omitted.
2001-03-15 01:15:54 +00:00
Dr. Stephen Henson
a29d78e90b Initial docs for PEM routines. 2001-03-11 20:29:28 +00:00
Richard Levitte
7b8250053b Document the change. 2001-03-10 16:28:49 +00:00
Dr. Stephen Henson
cc5ba6a7b6 Update docs. 2001-03-09 13:57:14 +00:00
Bodo Möller
e34cfcf7e1 Consistently use 'void *' for SSL read, peek and write functions. 2001-03-09 10:09:20 +00:00
Dr. Stephen Henson
1358835050 Change the EVP_somecipher() and EVP_somedigest()
functions to return constant EVP_MD and EVP_CIPHER
pointers.

Update docs.
2001-03-09 02:51:02 +00:00
Lutz Jänicke
b72ff47037 Add newly learned knowledge from yesterday's discussion. 2001-03-08 17:24:02 +00:00
Bodo Möller
98499135d7 Constify BN_value_one. 2001-03-08 13:58:09 +00:00
Bodo Möller
bad4058574 New option '-subj arg' for 'openssl req' and 'openssl ca'. This
sets the subject name for a new request or supersedes the
subject name in a given request.

Add options '-batch' and '-verbose' to 'openssl req'.

Submitted by: Massimiliano Pala <madwolf@hackmasters.net>
Reviewed by: Bodo Moeller
2001-03-05 11:09:43 +00:00
Lutz Jänicke
45ecfb1973 Typo, spotted by "Greg Stark" <gstark@ethentica.com>. 2001-03-01 16:50:11 +00:00
Lutz Jänicke
3cdc8ad07a Describe new callback for session id generation. 2001-02-23 21:38:42 +00:00
Lutz Jänicke
2c1571b4ff SSL_get_version() was an easy one :-) 2001-02-23 21:05:56 +00:00
Ulf Möller
335c4f0966 BN_rand_range() needs a BN_rand() variant that doesn't set the MSB. 2001-02-20 00:23:07 +00:00
Richard Levitte
cf1b7d9664 Make all configuration macros available for application by making
sure they are available in opensslconf.h, by giving them names starting
with "OPENSSL_" to avoid conflicts with other packages and by making
sure e_os2.h will cover all platform-specific cases together with
opensslconf.h.

I've checked fairly well that nothing breaks with this (apart from
external software that will adapt if they have used something like
NO_KRB5), but I can't guarantee it completely, so a review of this
change would be a good thing.
2001-02-19 16:06:34 +00:00
Ulf Möller
52d160d85d ispell 2001-02-16 02:09:53 +00:00
Ulf Möller
54ff1e6ae5 pod format error 2001-02-16 01:44:24 +00:00
Lutz Jänicke
52b621db88 Add "-rand" option to s_client and s_server. 2001-02-15 10:22:07 +00:00
Dr. Stephen Henson
f2e5ca84d4 Option to disable standard block padding with EVP API.
Add -nopad option to enc command.

Update docs.
2001-02-14 02:11:52 +00:00
Lutz Jänicke
8e495e4ac7 Finish first round of session cache documentation. 2001-02-13 14:00:09 +00:00
Lutz Jänicke
f282ca7413 New manual page: SSL_CTX_set_mode. 2001-02-13 11:43:11 +00:00
Lutz Jänicke
41ecaba97e More about session caching. 2001-02-11 17:01:36 +00:00
Lutz Jänicke
96dfab9e0e Include information that automatic query is a new feature. 2001-02-10 19:10:36 +00:00
Lutz Jänicke
1b65ce7db3 Update for 0.9.7 with SSL_OP_CIPHER_SERVER_PREFERENCE. 2001-02-10 16:21:38 +00:00
Lutz Jänicke
7b9cb4a224 Manual page for SSL_CTX_set_options(). Unfortunately for some of the
options someone much longer working with OpenSSL/SSLeay is needed.
2001-02-10 16:18:35 +00:00
Bodo Möller
e306892994 Simplify BN_rand_range 2001-02-10 00:34:02 +00:00
Lutz Jänicke
b5f6d9dc6e Fix "wierd" typo as submitted by Jeroen Ruigrok/Asmodai <asmodai@wxs.nl>. 2001-02-09 19:03:53 +00:00
Ulf Möller
466e4249ab Note that EGD is used automatically. 2001-02-08 17:16:44 +00:00
Ulf Möller
9fbc45b159 cleanup 2001-02-08 17:14:07 +00:00
Bodo Möller
35ed8cb8b6 Integrate my implementation of a countermeasure against
Bleichenbacher's DSA attack.  With this implementation, the expected
number of iterations never exceeds 2.

New semantics for BN_rand_range():
BN_rand_range(r, min, range) now generates r such that
     min <= r < min+range.
(Previously, BN_rand_range(r, min, max) generated r such that
     min <= r < max.
It is more convenient to have the range; also the previous
prototype was misleading because max was larger than
the actual maximum.)
2001-02-08 12:14:51 +00:00
Lutz Jänicke
420125f996 Update documentation to match the state at 0.9.6 _and_ the recent changes. 2001-02-08 10:42:01 +00:00
Ulf Möller
57e7d3ce15 Bleichenbacher's DSA attack 2001-02-07 22:24:35 +00:00
Lutz Jänicke
0bc6597d4d Documenting session caching, 2nd step. 2001-02-04 18:05:27 +00:00
Lutz Jänicke
7403c34b0b Clarify why SSL_CTX_use_certificate_chain_file() should be preferred. 2001-02-03 15:15:00 +00:00
Lutz Jänicke
9022f2403b Typo: on my screen it nicely wrapped around at 80 :-) 2001-02-03 11:02:02 +00:00
Lutz Jänicke
8cbceba610 Document session caching, first step. 2001-02-02 14:40:52 +00:00
Lutz Jänicke
cd6aa710b5 New manual page for a hardly known but important item :-) 2001-01-31 14:14:20 +00:00
Geoff Thorpe
67c3cf0675 Insert a missing space to stop pod2man giving stroppy "malformed" warnings. 2001-01-25 02:26:58 +00:00
Lutz Jänicke
e58d808a4c Copy over just written manpage to the ones still missing. 2001-01-23 11:04:52 +00:00
Lutz Jänicke
751b5e8ff2 Add entries for new manpages... 2001-01-23 10:47:41 +00:00
Ulf Möller
9756da13dd Use the correct number of arguments in the example. 2001-01-21 19:46:50 +00:00
Lutz Jänicke
b5a6f0a92d Documentation about SSL_get_ex_data_X509_STORE_CTX_idx and
SSL_get_ex_new_index() functionality. Extended verify_callback()
example to show the usage.
2001-01-20 16:22:43 +00:00
Dr. Stephen Henson
bfcec27d61 Update ocsp utility documentation. 2001-01-20 01:26:28 +00:00
Ulf Möller
a068630a20 link to the new manpage. 2001-01-15 22:19:30 +00:00
Bodo Möller
dfebac32c0 New '-extfile' option for 'openssl ca'.
This allows keeping extensions in a separate configuration file.

Submitted by: Massimiliano Pala <madwolf@comune.modena.it>
2001-01-15 11:35:24 +00:00
Geoff Thorpe
ab5db00717 Update the LHASH man page.
* Correct some prototypes and macros with respect to "const"ness.

* Add the extra macros and examples due to the lh_doall[_arg] modifications
  made recently. The existing example is also reworked for consistency.

* Rewrite, tweak, and supplement bits of the existing comments that seemed
  (IMHO) to be a little convoluted and misleading.

* Add a NOTE section that explains the use of macros and avoiding function
  casts (ie. generate a wrapper as with the macros, or prototype any
  callback functions exactly to not require casting). Also, explain the
  "const" approach taken in LHASH for the purposes of API comprehensibility
  and also application code auditing.
2001-01-14 23:37:42 +00:00
Dr. Stephen Henson
b4b1bdd5d3 Preliminary ocsp utility documentation.
Fix ocsp usage message.
2001-01-14 00:52:19 +00:00
Bodo Möller
d199858e89 New -newreq-nodes option to CA.pl.
Submitted by: Damien Miller <djm@mindrot.org>
2001-01-11 13:23:19 +00:00
Bodo Möller
b62a0c4cab Add a pointer to digest options in the description of -fingerprint. 2001-01-10 14:35:20 +00:00
Bodo Möller
a0aae68cf6 Fix SSL_peek and SSL_pending. 2000-12-25 18:40:46 +00:00
Ulf Möller
4ce7894c4a c&p error spotted by Martin Forssen 2000-12-13 23:00:33 +00:00
Lutz Jänicke
cc93ae3ef4 Add description of SSL_[CTX_]_check_private_key(). 2000-12-12 21:06:29 +00:00
Lutz Jänicke
66ebbb6a56 Add manual pages for certficate/key loading and friends. 2000-12-08 14:29:13 +00:00
Richard Levitte
1435ccfba1 Update the internal docs. 2000-12-05 19:18:51 +00:00
Lutz Jänicke
d766a23deb Typo and additional information about cert-chain building. 2000-12-05 16:47:22 +00:00
Lutz Jänicke
b1e21f8fac Add EXAMPLES for SSL_CIPHER_description() output. 2000-12-05 16:45:26 +00:00
Geoff Thorpe
ebff44b83a Sync up with a minor change in lhash.h 2000-12-04 04:54:59 +00:00
Geoff Thorpe
733777275b Update the documentation to the current state of the LHASH changes. There
will probably be more when the lh_doall[_arg] callbacks are similarly
tidied up, but this 'pod' should now be current.
2000-12-04 04:35:04 +00:00
Richard Levitte
862e973b50 Write a first HOWTO on how to create certificates. This is currently
a draft.
2000-12-01 17:44:33 +00:00
Ulf Möller
06676624fc Add a warning about the usage of the montgomery functions (if the inputs
are not reduced modulo m, the outputs won't be either).
2000-11-29 22:37:14 +00:00
Bodo Möller
5acaa49504 More BN_mod_... functions. 2000-11-26 18:31:32 +00:00
Bodo Möller
535b9b5724 Add bn_mod.c (should have happend in the previous commit ...).
BN_swap manual page.
2000-11-26 16:46:57 +00:00
Bodo Möller
78a0c1f18d modular arithmetics
"make update"
2000-11-26 16:42:38 +00:00
Bodo Möller
b1d6e3f551 Documentation on using the SSL library with non-blocking I/O. 2000-11-17 10:25:46 +00:00
Bodo Möller
db70a3fd6e Improve usability of 'openssl passwd' by including
password verification where it makes sense.
2000-11-17 09:03:02 +00:00
Lutz Jänicke
803e4e93d4 Fill in missing information about the string returned from
SSL_CIPHER_description(), as there is no other API function to find
out details about the cipher used besides the number of bits or protocol used.
2000-11-15 18:42:41 +00:00
Bodo Möller
2984b0ae24 Additional explanations for SSL_ERROR_WANT_READ/WRITE. 2000-11-12 19:17:22 +00:00
Bodo Möller
cb4ae6c0d3 Point to SSL_set_bio(3) early because that manpage provides
information that is essential for using BIO pairs.
2000-11-10 07:50:18 +00:00
Bodo Möller
359fd02fec add missing word 2000-11-10 07:46:11 +00:00
Richard Levitte
ccb9643f02 Remove references to RSAref. The glue library is but a memory to fade
away now...
2000-11-08 17:51:37 +00:00
Ulf Möller
458d356db9 looks like a cut&paste error 2000-11-06 21:28:38 +00:00
Richard Levitte
1d833a9910 Update the standards list to the current status 2000-11-02 22:55:14 +00:00
Richard Levitte
5270e7025e Merge the engine branch into the main trunk. All conflicts resolved.
At the same time, add VMS support for Rijndael.
2000-10-26 21:07:28 +00:00
Ulf Möller
a2bbe59401 s_server not s_client 2000-10-23 19:13:35 +00:00
Ulf Möller
0fa504b68d Correction from Tani Hosokawa <unknown@riverstyx.net> 2000-10-23 14:02:02 +00:00
Ulf Möller
bbdc9c98a8 give pseudo prototypes instead of macro definitions for better clarity 2000-10-19 22:02:21 +00:00
Ulf Möller
11b62699a1 "DESCRIPTION" is required. 2000-10-19 19:40:35 +00:00
Ulf Möller
14a74a21f0 correction from Lutz 2000-10-19 15:19:41 +00:00
Ulf Möller
9bd3bd227f Add short overview, move header files section further down. 2000-10-18 23:08:55 +00:00
Ulf Möller
d0ef53bd2d cosmetic changes 2000-10-18 22:51:34 +00:00
Ulf Möller
8d3f155a66 cosmetic change 2000-10-18 22:01:47 +00:00
Richard Levitte
553615f500 New docs and new facts in older docs.
Submitted by Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>
2000-10-12 09:56:36 +00:00
Dr. Stephen Henson
924046ce75 Make non blocking I/O work for accept BIOs. 2000-10-12 01:50:33 +00:00
Richard Levitte
53fe8d5be5 A few small corrections to the SSL documentation.
Submitted by Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>
2000-10-10 09:15:47 +00:00
Richard Levitte
356c06c776 More SSL functions documented. Submitted by Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE> 2000-10-03 22:02:28 +00:00
Ulf Möller
a87aa87bcc The des_modes manpage is in section 7. 2000-09-27 21:45:20 +00:00
Bodo Möller
b7af080fb1 Add BUGS section. 2000-09-26 12:15:53 +00:00
Ulf Möller
393e826ec3 typo 2000-09-25 05:55:19 +00:00
Ulf Möller
8fdec3e558 stop perlpod from complaining. 2000-09-23 07:30:28 +00:00
Ulf Möller
69431c2998 more manpage links. 2000-09-23 07:16:17 +00:00
Dr. Stephen Henson
dbba890cf1 Only use the new informational verify codes if we
specifically ask for them.

Fix typo in docs.
2000-09-22 21:32:08 +00:00
Richard Levitte
4aa4f333ed Change IMPORTANT to WARNING for greater emphasis. 2000-09-21 17:21:15 +00:00
Richard Levitte
c19b6c922a Clarifications and new documents.
Submitted by Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>
2000-09-21 06:46:15 +00:00
Richard Levitte
4759abc5f2 New documents. Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE> 2000-09-20 16:55:26 +00:00
Richard Levitte
e31e385ce3 Mistakes corrected. Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE> 2000-09-20 16:52:05 +00:00
Ulf Möller
18edda0f92 Malloc() -> OPENSSL_malloc() etc. 2000-09-20 03:28:54 +00:00
Ulf Möller
89681b183d The RSA patent will have expired when the next version is released... 2000-09-20 03:25:33 +00:00
Ulf Möller
c8973693ab ispell. 2000-09-20 03:24:36 +00:00
Dr. Stephen Henson
4e87e05b25 Add docs for X509_get_ext_d2i() function.
Add some major changes to NEWS...
2000-09-20 00:50:25 +00:00
Richard Levitte
933f32cc4d Document SSL_library_init() and it's aliases. Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE> 2000-09-19 23:12:57 +00:00
Richard Levitte
c6def253b4 Type correction. Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE> 2000-09-19 23:11:42 +00:00
Richard Levitte
dd3430a6e9 Extend the docs on setting the cipher list. Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE> 2000-09-19 23:10:32 +00:00
Richard Levitte
c15602f48e Reorder the Blowfish documentation so the low-level routines do not get so prominent, and make sure to say out loud what they expect. 2000-09-19 06:15:33 +00:00
Dr. Stephen Henson
3b2cbbcb9a Clarify the BIO_seek() mess and related issues.
Buffering BIO docs.
2000-09-18 23:05:33 +00:00
Ulf Möller
c69c47b9fe ispell 2000-09-18 22:58:02 +00:00
Richard Levitte
615513ba52 New documentation about things related to SSL_CIPHER. Submitted by Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE> 2000-09-18 16:42:30 +00:00
Richard Levitte
e17b712894 Restore the descriptions to conform with the rest of the
documentation.  We'll work on better documents after the release of
0.9.6.
2000-09-17 19:20:17 +00:00
Bodo Möller
07fcf422a1 Rename new BIO_set_shutdown_wr macro to just BIO_shutdown_wr
(it's similar to the shutdown(..., SHUT_WR) system call
for sockets).
2000-09-17 01:23:53 +00:00
Richard Levitte
da542e1bf7 Move text that isn't really descriptions of the functions in the page
to the NOTES section, and add references to the functions mentioned
(and perhaps a few more).
2000-09-16 23:32:33 +00:00
Richard Levitte
93fe6e13a3 Add BIO_seek() and BIO_tell() to the BIO control functions manual. 2000-09-16 23:31:03 +00:00
Dr. Stephen Henson
2c281ebb6c New macro BIO_set_shutdown_wr().
Update docs.
2000-09-16 21:21:01 +00:00
Bodo Möller
37b08e8365 SSL => TLS/SSL 2000-09-16 16:05:34 +00:00
Bodo Möller
318f962928 TLS => TLS/SSL 2000-09-16 16:02:35 +00:00
Bodo Möller
acb5b34328 Change spelling back to "behaviour" and "flavour" instead of the
American variants.
2000-09-16 16:00:38 +00:00
Bodo Möller
c1629c9ea2 Clarification. 2000-09-16 15:55:57 +00:00
Ulf Möller
1e4e549296 ispell and some other nit-picking 2000-09-16 15:39:28 +00:00
Dr. Stephen Henson
439fb8e1e0 Remove redundant manpages and references to them. 2000-09-16 12:01:38 +00:00
Ulf Möller
53e44d90c7 add links to the new BIO and SSL manpages to make them visible on the web. 2000-09-16 06:04:43 +00:00
Dr. Stephen Henson
32751b8ab1 BIO_f_ssl() docs. 2000-09-16 01:32:42 +00:00
Dr. Stephen Henson
68a1c6b0d9 Accept BIO docs. 2000-09-15 17:31:47 +00:00
Dr. Stephen Henson
2273d6b657 Update BIO_s_connect(). 2000-09-15 00:28:47 +00:00
Bodo Möller
e39c194387 Some small clarifications. 2000-09-14 22:09:55 +00:00
Richard Levitte
e1b78bc64d In the name section, all the functions described shoud be enumerated.
This will also make it much simpler to generate softlinks name like
each function to man-pages containing the info.
2000-09-14 21:23:28 +00:00
Richard Levitte
e65c84abb0 Update the info on version numbering 2000-09-14 21:22:19 +00:00
Richard Levitte
8eec1389fb BIO_seed() and BIO_tell() were documented in two other documents,
which is redundant.  They are now in their own document.

Also, in the name section, all the functions described shoud be
enumerated.  This will also make it much simpler to generate softlinks
name like each function to man-pages containing the info.
2000-09-14 20:24:56 +00:00
Richard Levitte
e38dabbc0c BIO_seed() and BIO_tell() were documented in two other documents,
which is redundant.  Instead, move them to their own page.
2000-09-14 20:23:17 +00:00
Richard Levitte
54731d75d7 Items without a =over and a =back are ignored. 2000-09-14 20:22:14 +00:00
Dr. Stephen Henson
18f2259499 BIO_s_bio() manual page detailing BIO pair.
This combines several manual pages provided by
Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>,
various comments by Bodo to the lists and a bit
of source examination by me.
2000-09-14 18:55:39 +00:00
Richard Levitte
7fcc8326e3 Remove indentation in the NAME section. There's really no need to
indent there, especially since the pod2* scripts will regard that as
preformated text.  In one case, indent a code section one step.
2000-09-14 13:17:55 +00:00
Richard Levitte
cc99526db1 Add a number of documentation files, mostly for SSL routines, but also
for a few BIO routines.
Submitted by Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>
2000-09-14 13:11:56 +00:00
Dr. Stephen Henson
bace212474 Initial connect BIO docs. 2000-09-14 12:44:34 +00:00
Richard Levitte
e117a890ca Remove indentation in the NAME section. There's really no need to
indent there, especially since the pod2* scripts will regard that as
preformated text.  In one case, indent a code section one step.
2000-09-14 12:14:41 +00:00
Dr. Stephen Henson
6dcbaf5857 Docs for socket BIO. 2000-09-14 00:05:50 +00:00
Dr. Stephen Henson
02ef611ef3 BIO_s_fd() manual page. 2000-09-13 17:27:42 +00:00
Dr. Stephen Henson
4041156461 Clarify some of the I/O issues.
Add case of using select() and blocking I/O with
BIOs and why you shouldn't (thanks Bodo!).
2000-09-13 00:20:24 +00:00
Dr. Stephen Henson
d572cb6c1c More BIO docs. 2000-09-12 01:56:56 +00:00
Dr. Stephen Henson
b1ccd57b18 Docs for cipher and base64 BIOs. 2000-09-11 01:04:09 +00:00
Dr. Stephen Henson
5fd0cd9a9b More new BIO docs, correct some old ones. 2000-09-10 17:36:15 +00:00
Dr. Stephen Henson
d7b9c76c72 More preliminary BIO docs...
Incomplete and possibly inaccurate. Hope somone is
checking these :-)
2000-09-10 01:52:26 +00:00
Dr. Stephen Henson
b144a5e907 Really add BIO_read this time... 2000-09-09 01:01:35 +00:00
Dr. Stephen Henson
c5a3b7e790 Add BIO_read() (etc.) docs.
Add an ASN1 FAQ because I'm sick of answering it :-)
2000-09-09 00:59:37 +00:00
Dr. Stephen Henson
709e85953d Update verify docs.
New option to verify program to print out diagnostics.
2000-09-08 00:53:58 +00:00
Dr. Stephen Henson
84b65340e1 Two new PKCS#12 demo programs.
Update PKCS12_parse().

Make the keyid in certificate aux info more usable.
2000-09-07 23:14:26 +00:00
Dr. Stephen Henson
f50c11ca40 Ugh, BIO_find_type() cannot be passed a NULL.
Fix doc example, and fix BIO_find_type().

Fix PKCS7_verify(). It was using 'i' for both the
loop variable and the verify return value.
2000-09-07 17:42:25 +00:00
Dr. Stephen Henson
cfd3bb1785 Add docs for BIO_find_type() and friends.
Added function BIO_next() otherwise you can't
traverse a chain without accessing BIO internals.
2000-09-07 13:04:27 +00:00
Bodo Möller
1974a58fe0 clarification (source/sink BIOs are usually *both* source and sink) 2000-09-07 08:07:55 +00:00
Dr. Stephen Henson
47770c4dfb Some BIO docs, incomplete, more to follow.
Hmmm I didn't realise BIO_pop() did that:
isn't source wonderful?
2000-09-07 00:22:31 +00:00
Bodo Möller
2b40660ec1 Add OAEP. Seed the PRNG. 2000-09-06 11:49:43 +00:00
Bodo Möller
34417732fa Add rsautl. 2000-09-06 07:58:27 +00:00
Bodo Möller
b894b13059 Clarification for SSL_ERROR_ZERO_RETURN 2000-09-06 07:56:03 +00:00
Dr. Stephen Henson
bbb720034a Fix typo in rsautl.
Add support for settable verify time in X509_verify_cert().

Document rsautl utility.
2000-09-05 22:30:38 +00:00
Bodo Möller
4ed601b172 Include MD4 in documentation. 2000-09-04 15:28:21 +00:00
Dr. Stephen Henson
bd08a2bd0c Add 'rsautl' low level RSA utility.
Add DER public key routines.

Add -passin argument to 'ca' utility.

Document sign and verify options to dgst.
2000-09-03 23:13:48 +00:00
Dr. Stephen Henson
d428bf8c56 New option to CA.pl to sign request using CA extensions.
This allows intermediate CAs to be created more easily.

PKCS12_create() now checks private key matches certificate.

Fix typo in x509 app.

Update docs.

New function ASN1_STRING_to_UTF8() converts any ASN1_STRING
type to UTF8.
2000-08-24 23:24:18 +00:00
Richard Levitte
fa1194d30a Correct the title. This also fooled the automatic documentation builder
that this was actually the pkcs7 document...
2000-08-15 17:35:10 +00:00
Richard Levitte
3009458e2f MD4 implemented. Assar Westerlund provided the digest code itself and the test utility, I added the bits to get a EVP interface, the command line utility and the speed test 2000-08-14 14:05:53 +00:00
Bodo Möller
cc244b371d Update 'openssl passwd' documentation on selection of algorithms. 2000-07-31 12:27:44 +00:00
Dr. Stephen Henson
bd4e152791 Document the new DN printing options.
Change a few names to be more meaningful.

Fix typos in CA.pl docs.
2000-07-30 01:27:59 +00:00
Richard Levitte
c4558f8291 We do PKCS8 as well 2000-07-21 12:50:06 +00:00
Dr. Stephen Henson
fd13f0ee52 Make req seed the PRNG if signing with
an already existing DSA key.

Document the new smime options.
2000-07-12 23:55:30 +00:00
Bodo Möller
16ece03a2e Add an early reference to BN_CTX_new so that the usage of BN_CTX_start
is easier to grasp.
2000-07-11 20:35:45 +00:00
Ulf Möller
e0b0dc11df Add PRNGD link. 2000-07-03 17:26:51 +00:00
Richard Levitte
adbd4ed16d Added references to RFCs 1421 to 1424, that describe PEM.
Suggested by Randolph Bentson <bentson@grieg.holmsjoen.com>
2000-06-26 16:12:01 +00:00
Richard Levitte
fb0b844a7d Document the change in req. 2000-06-22 09:19:59 +00:00
Richard Levitte
3b21161922 The dynamic thread API changed, and so does the documentation. 2000-06-19 15:28:36 +00:00
Richard Levitte
c79223040d Add support for dynamically created and destroyed mutexes. This will
be needed in some ENGINE code, and might serve elsewhere as well.
Note that it's implemented in such a way that the locking itself is
done through the same CRYPTO_lock function as the static locks.

WARNING: This is currently experimental and untested code (it will get
tested soon, though :-)).
2000-06-18 15:59:04 +00:00
Dr. Stephen Henson
d3ed8ceb3d Add support for the modified SGC key format used in IIS. 2000-06-15 23:48:05 +00:00
Richard Levitte
569e7f6ef2 This seems to work better with enums... 2000-06-15 20:57:25 +00:00
Ulf Möller
b7b40c3120 typo 2000-06-12 18:50:59 +00:00
Dr. Stephen Henson
e366f2b876 Fix evp_locl.h macros.
Documentation correction.
2000-06-11 15:43:17 +00:00
Dr. Stephen Henson
fd75eb50c0 Make EVP_SealInit() and EVP_OpenInit() check EVP_EncryptInit() and
EVP_DecryptInit() return values.

Update docs.
2000-06-11 12:27:58 +00:00
Dr. Stephen Henson
a91dedca48 Document EVP routines. Change EVP_SealInit() and EVP_OpenInit()
to support multiple calls.

New function to retrieve email address from certificates and
requests.
2000-06-11 12:18:15 +00:00
Richard Levitte
b194041adf Small documentation bug, probably a cut'n'paste, corrected. 2000-06-01 17:40:34 +00:00
Bodo Möller
cbb6ad9d10 typo 2000-05-31 23:20:10 +00:00
Bodo Möller
727daea783 dh and gendh have been obsoleted by dhparam. 2000-05-31 23:07:48 +00:00
Richard Levitte
fbecbc8cfb You must have an empty line between =item's 2000-05-30 08:01:24 +00:00
Geoff Thorpe
4c0aee5a75 Minor corrections to documentation.
* speed processes any/all options passed to it, not just one.
* DH and DSA have no "_get_method()" functions, only RSA does.
* typos.
2000-05-29 15:52:21 +00:00
Ralf S. Engelschall
447a9638b7 Fix Blowfish URL.
Submitted by: Arnaud De Timmerman <Arnaud.De.Timmerman@branchur.fr>
2000-05-23 18:33:44 +00:00
Bodo Möller
608c31c60d typo 2000-05-19 07:54:42 +00:00
Richard Levitte
6d52cf2149 Add a new file where all the standards and other documents that we try
to adhere to are listed.  It should be regarded as a complement to
whatever is out on the web, including the docs in http://www.openssl.org/
2000-05-18 21:22:50 +00:00
Bodo Möller
2c8c4ce2e0 Correction. 2000-04-15 00:04:30 +00:00
Bodo Möller
e5c84d5152 New function ERR_error_string_n. 2000-04-14 23:36:15 +00:00
Bodo Möller
d49f3797a5 Minor corrections. 2000-04-12 23:04:13 +00:00
Richard Levitte
b87ef9460b OpenVMS, not OpenVSM... 2000-04-12 16:48:20 +00:00
Bodo Möller
8acdd759b9 Clarifications. 2000-04-06 22:30:57 +00:00
Dr. Stephen Henson
afee764c4a Update docs. 2000-03-25 02:38:28 +00:00
Richard Levitte
1bb30673f9 Corrected. It said before that ivec had to be initialised to zero,
which isn't true.  What is true, however, is that SSH assumes it is.
2000-03-23 11:08:49 +00:00
Dr. Stephen Henson
555b22cfca Update docs and remove old PKCS#7 README file. 2000-03-23 02:35:47 +00:00
Ulf Möller
513393f8d4 RAND_event() 2000-03-22 15:30:03 +00:00
Bodo Möller
88220dcb21 Document pseudo-commands. 2000-03-20 13:39:06 +00:00
Ulf Möller
395df2fe30 libdes manpage.
This may still contain a few errors from the old documentation,
but most of it should make sense.
2000-03-19 02:09:37 +00:00
Ulf Möller
369782ac50 add =cut 2000-03-18 22:00:26 +00:00
Richard Levitte
ce301b6b0b Add the possibility (with -ign_eof) to ignore end of file on input but
still not be quiet.  Also make it clear that -quiet implicitely means
-ign_eof as well.
2000-03-10 12:18:28 +00:00
Ulf Möller
e4947bfec7 clarify. 2000-03-09 17:07:55 +00:00
Dr. Stephen Henson
9886f42014 Manual pages for EVP_Open* and EVP_Seal* 2000-03-08 01:48:12 +00:00
Dr. Stephen Henson
f71732627a Manual pages for EVP signing and verifying. 2000-03-07 17:35:25 +00:00
Ulf Möller
7f1120994e new component 2000-03-04 00:22:04 +00:00
Bodo Möller
41918458c0 New '-dsaparam' option for 'openssl dhparam', and related fixes. 2000-03-03 22:18:19 +00:00
Ulf Möller
410243f197 add RAND_status() to title 2000-03-01 17:08:27 +00:00
Bodo Möller
afbd0746cf 'rand'/'-rand' documentation. 2000-03-01 11:45:53 +00:00
Bodo Möller
55f7d65db0 Document the 'rand' application. 2000-03-01 07:57:25 +00:00
Ulf Möller
3aefe30469 corrections 2000-02-27 18:35:29 +00:00
Ulf Möller
47f87f536a remove obsolete BN_CTX info 2000-02-27 12:30:07 +00:00
Ulf Möller
5ee6cc1162 put function names in the title. 2000-02-27 02:38:41 +00:00
Ulf Möller
775c63fc02 Reorganize bn_mul.c (no bugfix yet), remove obsolete files in BN library. 2000-02-26 22:16:47 +00:00
Andy Polyakov
e0b8b39f3a Linux is almost the only one where getpid() == thread-id. IRIX is
another one, but only if you stick to sproc(2).
2000-02-25 17:59:42 +00:00
Ulf Möller
d52c973498 links 2000-02-25 16:00:24 +00:00
Andy Polyakov
dbe7113308 There're two (incompatible) ways to write multi-threaded programs under
IRIX, one is to call sproc(2) when every thread does get own pid and
POSIX threads when all the threads share same pid.
2000-02-25 15:44:03 +00:00
Ulf Möller
1c890fa864 mention RAND_egd() 2000-02-25 15:43:33 +00:00
Ulf Möller
4101054ab5 *** empty log message *** 2000-02-25 14:19:17 +00:00
Ulf Möller
a610374cb2 mention that EGD is used in non-blocking mode. 2000-02-24 19:33:58 +00:00
Bodo Möller
a7b991bd68 Don't define platform-dependent preprocessor symbols for OPENSSL_THREAD_DEFINES.
"make update".
2000-02-24 18:19:50 +00:00
Ulf Möller
a4cfd178f9 EGD socket info. 2000-02-24 17:18:51 +00:00
Ulf Möller
4d524e10b4 nicer manpages 2000-02-24 11:55:57 +00:00
Ulf Möller
390ead1e9a EGD info, as requested. 2000-02-24 03:36:01 +00:00
Ulf Möller
4ec2d4d2b3 Support EGD. 2000-02-24 02:51:47 +00:00
Richard Levitte
9f7f1ff75e Correct a couple of command errors. 2000-02-24 01:20:31 +00:00
Ulf Möller
b6891e9c35 CRYPTO_num_locks() 2000-02-24 00:22:17 +00:00
Ulf Möller
be7ae17560 threads mapage. 2000-02-23 18:10:42 +00:00
Ulf Möller
c1ce32f1bf minor docs changes (added links is the openssl(1) text) 2000-02-23 17:09:50 +00:00
Dr. Stephen Henson
41e68ef25f Add PBE algorithms with ciphers, not digests. 2000-02-23 14:27:47 +00:00
Dr. Stephen Henson
3142c86d65 Allow ADH to be used but not present in the default cipher
list.

Allow CERTIFICATE to be used in PEM headers for PKCS#7 structures:
some CAs do this.
2000-02-23 01:11:01 +00:00
Dr. Stephen Henson
3f2b5a88ad Update docs. 2000-02-22 14:16:23 +00:00
Ulf Möller
de4b598946 Don't list prototypes for internal functions. 2000-02-22 12:01:50 +00:00
Ulf Möller
261b5d96ad Correction to RSA_padding_check_xxx() docs (this time for real). 2000-02-22 11:16:41 +00:00
Ulf Möller
fc6d523f0a Correction for RSA_padding_check_xxx() documentation. 2000-02-22 11:11:41 +00:00
Dr. Stephen Henson
72b60351f1 Change EVP_MD_CTX_type so it is more logical and add EVP_MD_CTX_md for
the old functionality.

Various warning fixes.

Initial EVP symmetric cipher docs.
2000-02-22 02:59:26 +00:00
Richard Levitte
9dd2b2a940 Blowfish docs. 2000-02-21 03:01:23 +00:00
Ulf Möller
9f7b1b24e2 Document OPENSSL_VERSION_NUMBER 2000-02-20 21:00:22 +00:00
Ulf Möller
4ec19e203c Fix gcc warnings. 2000-02-20 20:59:21 +00:00
Bodo Möller
853f757ece Allow for higher granularity of entropy estimates by using 'double'
instead of 'unsigned' counters.
Seed PRNG in MacOS/GetHTTPS.src/GetHTTPS.cpp.

Partially submitted by Yoram Meroz <yoram@mail.idrive.com>.
2000-02-19 15:22:53 +00:00
Bodo Möller
ad86060357 Change the example to show apr1 with an 8-character salt. 2000-02-18 11:51:58 +00:00
Dr. Stephen Henson
8a208cba97 New functions and option to use NEW in certificate requests. 2000-02-18 00:54:21 +00:00
Ben Laurie
671cf7f54a Reflect API changes. 2000-02-17 09:39:01 +00:00
Dr. Stephen Henson
cd3c54e50f Add -pass argument to 'enc'.
Fix to make Win32 compile work again.
2000-02-17 00:41:43 +00:00
Dr. Stephen Henson
a3fe382e2d Pass phrase reorganisation. 2000-02-16 23:16:01 +00:00
Dr. Stephen Henson
d13e4eb0b5 Make pkcs12 and smime applications seed random number
generator (otherwise they don't work) and add -rand
option. Update docs.
2000-02-12 03:03:04 +00:00
Bodo Möller
e6e7b5f3df Implement MD5-based "apr1" password hash. 2000-02-11 16:25:44 +00:00
Richard Levitte
5160448b98 Add references to the new passwd utility. 2000-02-11 11:21:01 +00:00
Bodo Möller
bb325c7d6a 'passwd' tool. 2000-02-10 21:50:52 +00:00
Richard Levitte
a5d9c6e4fe Move down the attributions 2000-02-08 23:40:20 +00:00
Bodo Möller
8ce288a881 Note about des_ncbc_encrypt. 2000-02-08 21:50:52 +00:00
Dr. Stephen Henson
0cd4498b8f Update docs. 2000-02-08 13:37:08 +00:00
Dr. Stephen Henson
f07fb9b24b Add command line password options to the reamining utilities,
amend docs.
2000-02-08 01:34:59 +00:00
Richard Levitte
7948febeca First try at documenting the DES (and other algorithms) modes 2000-02-07 18:15:06 +00:00
Ulf Möller
4facdbb5fa Refer to EVP_DigestInit() in the hash function descriptions. 2000-02-06 23:26:31 +00:00
Dr. Stephen Henson
3cbe1980fd Document EVP digest operations. 2000-02-06 17:44:54 +00:00
Ulf Möller
cae55bfc68 Improve bntest slightly, and fix another bug in the BN library. 2000-02-06 15:56:59 +00:00
Richard Levitte
7cf6e2a35b Typo corrected... 2000-02-06 10:07:32 +00:00
Dr. Stephen Henson
66430207a4 Add support for some broken PKCS#8 formats. 2000-02-05 21:07:56 +00:00
Bodo Möller
37e48b88ad Generate just one error code if iterated SSL_CTX_get() fails.
Avoid enabled 'assert()' in production library.
2000-02-05 19:29:00 +00:00
Ulf Möller
6535eb1728 Use MONT_WORD macro to control if the word-based or the bignum
algorithm is used.
2000-02-05 18:23:05 +00:00
Ulf Möller
9b141126d4 New functions BN_CTX_start(), BN_CTX_get(), BN_CTX_end() to access
temporary BIGNUMs. BN_CTX still uses a fixed number of BIGNUMs, but
the BN_CTX implementation could now easily be changed.
2000-02-05 14:17:32 +00:00
Ulf Möller
7e708ebee0 md2 is documented in the md5 page. lets see if this works... 2000-02-05 10:43:03 +00:00
Ulf Möller
c236e66d62 Document RC4. 2000-02-05 10:41:05 +00:00
Ulf Möller
b20b78b720 a short page for "speed" 2000-02-03 23:23:57 +00:00
Ulf Möller
657e60fa00 ispell (and minor modifications) 2000-02-03 23:23:24 +00:00
Ulf Möller
9dbc41d7ee Document hash functions. 2000-02-03 18:22:01 +00:00
Dr. Stephen Henson
82fc1d9c28 Add new -notext option to 'ca', -pubkey option to spkac.
Remove some "WTF??" casts from applications.

Fixes to keep VC++ happy and avoid warnings.

Docs tidy.
2000-02-03 02:56:48 +00:00
Bodo Möller
7999c65c9b Some 'const's for BNs. 2000-02-03 01:26:07 +00:00
Bodo Möller
aff0825c61 Tolerate negative numbers in BN_is_prime. 2000-02-02 22:18:01 +00:00
Bodo Möller
e74231ed9e rndsort{Miller, Rabin} primality test. 2000-02-02 21:20:44 +00:00
Dr. Stephen Henson
54a34aecc3 Update docs. 2000-02-02 01:33:28 +00:00
Ulf Möller
cf802b983f Remove an =over that never ends 2000-02-01 15:33:15 +00:00
Ulf Möller
20ead2c6f7 link to SSL_get_error(3) 2000-02-01 15:05:11 +00:00
Ulf Möller
fef47a1d1e dhgen is gone. 2000-02-01 15:00:37 +00:00
Richard Levitte
ee25d40bea Correct one link. 2000-02-01 12:03:47 +00:00
Bodo Möller
1c8337abe3 Pointer to important manual page that should be written. 2000-02-01 08:48:05 +00:00
Ulf Möller
388f2f56f2 Document ERR library. 2000-02-01 01:37:00 +00:00
Ulf Möller
f5a8d67872 spelling 2000-02-01 01:35:52 +00:00
Bodo Möller
6671fe16ee Reference for SHA-1. 2000-01-31 09:02:30 +00:00
Ulf Möller
1749d8a039 Typos. 2000-01-30 23:31:01 +00:00
Ulf Möller
74235cc9ec Update docs: corrections, turn buffer docs into manpage, fold SHA1
pages into one for improved readability, add lhash manpage
2000-01-30 22:16:47 +00:00
Bodo Möller
cdd43b5ba5 Documentation for BN_is_prime_fasttest. 2000-01-30 11:05:39 +00:00
Bodo Möller
1baa94907c Make output of "openssl dsaparam 1024" more interesting :-) 2000-01-30 03:32:28 +00:00
Bodo Möller
a87030a1ed Make DSA_generate_parameters, and fix a couple of bug
(including another problem in the s3_srvr.c state machine).
2000-01-30 02:23:03 +00:00
Dr. Stephen Henson
15701211b5 Update docs. 2000-01-30 01:39:40 +00:00
Richard Levitte
aa3353fda2 Put config in section 5, where it belongs. 2000-01-28 11:35:44 +00:00
Dr. Stephen Henson
2af9fd006d Add CA.pl man page this time... 2000-01-28 01:37:08 +00:00
Ulf Möller
75b0edaafa fix link 2000-01-27 23:07:50 +00:00
Bodo Möller
953aa79040 A couple of things were reversed for BN_pseudo_rand ... 2000-01-27 21:09:25 +00:00
Richard Levitte
6c2c3e9ba9 Update all links so they will be rendered better. 2000-01-27 20:11:26 +00:00
Ulf Möller
5d6e31dbe6 Update comment from bn.h 2000-01-27 19:36:52 +00:00
Ulf Möller
38e33cef15 Document DSA and SHA.
New function BN_pseudo_rand().
Use BN_prime_checks_size(BN_num_bits(w)) rounds of Miller-Rabin when
generating DSA primes (why not use BN_is_prime()?)
2000-01-27 19:31:26 +00:00
Bodo Möller
38b1fa8995 Small correction. 2000-01-27 09:03:49 +00:00
Bodo Möller
387ca353fa Correct typos that ispell did not find. 2000-01-27 08:57:57 +00:00
Richard Levitte
d629757a84 Made link of reference 2000-01-27 02:29:19 +00:00
Ulf Möller
fc58fa8bb8 New manpage. 2000-01-27 01:54:05 +00:00
Ulf Möller
e93f9a3284 Run ispell.
Clean up bn_mont.c.
2000-01-27 01:50:42 +00:00
Richard Levitte
bb075f8833 Update all links so they will be rendered better. 2000-01-27 01:25:31 +00:00
Bodo Möller
ada3cc4a8f Clarification. 2000-01-26 08:59:26 +00:00
Bodo Möller
a598cd1ab4 New manual page. 2000-01-25 22:35:20 +00:00
Richard Levitte
4a1a3440a4 Man page section forgotten... 2000-01-24 14:19:00 +00:00
Bodo Möller
05ccd698b9 RAND_load_file(..., -1) now means "read the complete file";
this is what we now use to read $RANDFILE / $HOME/.rnd.
(Previously, after 'cat'ting lots of stuff into .rnd
only the first MB would be looked at.)

Bugfix for apps/enc.c: Continue if RAND_pseudo_bytes returns 0
(only -1 is an error).
2000-01-24 10:03:24 +00:00
Richard Levitte
1675f6eb05 Let's make all the example formated the same, shall we? 2000-01-24 02:24:37 +00:00
Richard Levitte
8548d44270 Correct indentation 2000-01-24 02:15:59 +00:00
Dr. Stephen Henson
fd38fecc1a Document how CRYPTO_EX_DATA stuff works for
RSA structures. Other structures behave in
a similar way.
2000-01-24 01:50:17 +00:00
Ulf Möller
3bec05e933 Documented in the RSA_print page 2000-01-24 01:21:22 +00:00
Ulf Möller
223fc8654a RSA_print etc 2000-01-24 01:20:39 +00:00
Ulf Möller
dd8dec69b8 Document the BN library. 2000-01-23 22:06:24 +00:00
Dr. Stephen Henson
fabce04122 Make s_server, s_client check cipher list return codes.
Update docs.
2000-01-23 02:28:08 +00:00
Dr. Stephen Henson
64287002ce Minor patch: check only match @STRENGTH and remove eNULL
comment.

Add documentation for the ciphers command including a full
description of cipher lists.
2000-01-22 23:34:44 +00:00
Bodo Möller
c88a900fa1 update PRNG documentation/comments 2000-01-22 23:11:13 +00:00
Ulf Möller
2a99e8b9df dh renamed to dhparam 2000-01-22 21:26:52 +00:00
Ulf Möller
4486d0cd7a Document the DH library, and make some minor changes along the way. 2000-01-22 20:05:23 +00:00
Dr. Stephen Henson
09483c58e3 Add new program dhparam and update docs. 2000-01-22 13:58:29 +00:00
Ulf Möller
3604a4d3d1 Move ssl.pod to doc/ssl 2000-01-21 23:58:03 +00:00
Ulf Möller
3779469192 Use comment from md_rand.c (part 2, as well). 2000-01-21 23:39:15 +00:00
Ulf Möller
0b5cfe32e9 Use comment from md_rand.c in rand.pod 2000-01-21 23:36:40 +00:00
Dr. Stephen Henson
cc8709a090 Docs for sess_id utility. 2000-01-21 22:38:52 +00:00
Bodo Möller
720b3598d6 Avoid integer overflow in entropy counter.
Slightly clarify the RAND_... documentation.
2000-01-21 19:54:22 +00:00
Ulf Möller
60b5245360 Document RAND library. 2000-01-21 17:50:27 +00:00
Ulf Möller
5d82c5b3f4 Move ssl.pod to doc/ssl 2000-01-21 17:46:36 +00:00
Dr. Stephen Henson
8100490a72 Make -CAcreateserial start from 1 instead of 0 for
serial numbers.
2000-01-21 02:42:14 +00:00
Dr. Stephen Henson
dd46d58f65 Change the 'man' directory to 'apps'. Yes I wish cvs
could rename too :-(
2000-01-21 02:17:04 +00:00
Dr. Stephen Henson
6e6bc352b1 Finish off the X509_ATTRIBUTE string stuff. 2000-01-20 01:37:17 +00:00
Richard Levitte
9597902a91 Tell the truth about list separators. 2000-01-15 23:19:22 +00:00
Richard Levitte
b46c3e9b69 Typo 2000-01-14 22:43:11 +00:00
Ulf Möller
036c8d7e7b PKCS#1 signatures don't use randomness.
Add a note about the padding functions.
2000-01-12 20:47:46 +00:00
Ulf Möller
6a3fff5ecf corrections 2000-01-12 13:59:20 +00:00
Ulf Möller
90308e7072 Dummy page superseded by crypto/crypto.pod 2000-01-11 22:36:25 +00:00
Ulf Möller
2186cd8ef1 Document the RSA library. 2000-01-11 22:35:21 +00:00
Ulf Möller
efeca6aa32 Add missing =back. 2000-01-11 00:06:40 +00:00
Dr. Stephen Henson
4b08eaf5c7 Update docs. 2000-01-10 00:11:51 +00:00
Bodo Möller
150a4320d8 s_client and s_server now have their own man pages. 2000-01-09 10:55:29 +00:00
Dr. Stephen Henson
a2151c5b9a Man page for s_server. 2000-01-09 01:26:43 +00:00
Dr. Stephen Henson
c3ed3b6eab Add -prexit command to s_client and patch some BIO
functions so it doesn't crash. Document s_client.
2000-01-08 19:05:47 +00:00
Bodo Möller
c708302516 superseded by doc/man/openssl.pod 2000-01-08 18:08:39 +00:00
Bodo Möller
3ea4404fd7 Unify doc/openssl.pod and doc/man/openssl.pod, which were almost the
same and now are identical.
The next step will be to delete doc/openssl.pod, this is just
to see the individual CVS deltas.
2000-01-08 18:08:02 +00:00
Dr. Stephen Henson
ef7eaa4cb0 Manpages for the DH utils and fix for a memory leak in dh program 2000-01-08 13:36:17 +00:00
Dr. Stephen Henson
dad666fbbe Add PKCS#12 manpage and use MAC iteration counts by default. 2000-01-08 03:16:04 +00:00
Ulf Möller
69396b4199 Minor format changes. 2000-01-08 02:07:46 +00:00
Ulf Möller
1f2f922455 ispell. 2000-01-07 02:07:13 +00:00
Ulf Möller
19d2bb574b Add some newlines needed for pod2man, and run ispell.
Submitted by:
Reviewed by:
PR:
2000-01-07 01:39:59 +00:00
Dr. Stephen Henson
b38f9f66c3 Initial automation changes to 'req' and X509_ATTRIBUTE functions. 2000-01-06 01:26:48 +00:00
Dr. Stephen Henson
20432eae41 Fix some of the command line password stuff. New function
that can automatically determine the type of a DER encoded
"traditional" format private key and change some of the
d2i functions to use it instead of requiring the application
to work out the key type.
2000-01-01 16:42:49 +00:00
Dr. Stephen Henson
525f51f6c9 Add PKCS#8 utility functions and add PBE options. 1999-12-23 02:02:42 +00:00
Dr. Stephen Henson
3fc9635ea7 Fix the S/MIME code to use canonical MIME format for
encrypted mail. Also update the smime docs.
1999-12-15 01:26:17 +00:00
Dr. Stephen Henson
e3775a33c1 Make the PKCS#7 S/MIME functions check for passed NULL pointers.
Fix the usage message of smime utility and sanitise the return
codes.

Add some documentation.
1999-12-09 01:31:32 +00:00
Dr. Stephen Henson
21131f00d7 New function PKC12_newpass() 1999-12-03 03:46:18 +00:00
Dr. Stephen Henson
5f2f0b5596 Document the extension tests performed by the -purpose test
in the x509 utility.
1999-11-30 14:39:58 +00:00
Dr. Stephen Henson
7b418a474c Document all possible errors (and some impossible) from the verify program. 1999-11-30 02:28:42 +00:00
Dr. Stephen Henson
13938aceca Add part of chain verify SSL support code: not complete or doing anything
yet.

Add a function X509_STORE_CTX_purpose_inherit() which implements the logic
of "inheriting" purpose and trust from a parent structure and using a default:
this will be used in the SSL code and possibly future S/MIME.

Partial documentation of the 'verify' utility. Still need to document how all
the extension checking works and the various error messages.
1999-11-29 01:09:25 +00:00
Dr. Stephen Henson
9868232ae1 Initial trust code: allow setting of trust checking functions
in a table. Doesn't do too much yet.

Make the -<digestname> options in 'x509' affect all relevant
options.

Change the name of the 'notrust' options to 'reject' as this
causes less confusion and is a better description of the
effect.

A few constification changes.
1999-11-27 01:14:04 +00:00
Dr. Stephen Henson
6d1b637ba1 Clarify docs. 1999-11-16 02:51:41 +00:00
Dr. Stephen Henson
fd699ac55f Add a salt to the key derivation using the 'enc' program. 1999-11-16 02:49:25 +00:00
Dr. Stephen Henson
4abc5c624a Add some examples to the enc man page. 1999-11-14 13:34:34 +00:00
Dr. Stephen Henson
a0e9f529a4 Add support for the 40 and 64 bit RC2 and RC4 ciphers in 'enc'
add documentation for 'enc'.
1999-11-14 03:23:17 +00:00
Dr. Stephen Henson
0286d94454 Add info about the header and footer lines used in PEM formats
and add an nseq manpage.
1999-11-13 21:58:39 +00:00
Dr. Stephen Henson
938ead8f88 Correct x509 manpaghe and add a crl manpage 1999-11-13 21:28:01 +00:00
Dr. Stephen Henson
01aad2c80a Add an spkac manual page and fix the pkcs7 manpage. 1999-11-12 14:04:41 +00:00
Dr. Stephen Henson
954ef7ef69 Merge some common functionality in the apps, delete
the encryption option in the pkcs7 utility (they never
did anything) and add a couple more options to pkcs7.
1999-11-12 01:42:25 +00:00
Dr. Stephen Henson
c4471290c0 Oops forgot the S/MIME v3 RFC. 1999-11-12 01:07:33 +00:00
Dr. Stephen Henson
5e76807bbd More docs and corrections/updates 1999-11-12 01:04:39 +00:00
Dr. Stephen Henson
af29811edd Add password command line options to some utils. Fix and update man
pages.
1999-11-11 18:41:31 +00:00
Dr. Stephen Henson
53b1899e3c Fix a couple of outstanding issues: update STATUS file, fix NO_FP_API problems.
Update docs, change 'ca' to use the new callback parameter. Now moved key_callback
into app.c because some other utilities will use it soon.
1999-11-11 13:58:41 +00:00
Dr. Stephen Henson
174a4a8c89 Oops. The pkcs8 man page wasn't finished: this is an updated version 1999-11-11 00:48:39 +00:00
Dr. Stephen Henson
aba3e65f2c Very preliminary POD format documentation for some
of the openssl utility commands...
1999-11-10 02:52:17 +00:00
Dr. Stephen Henson
f769ce3ea4 More multibyte character support.
Functions to get keys from EVP_PKEY structures.
1999-10-25 02:00:09 +00:00
Dr. Stephen Henson
fd52057729 Add functions to allow extensions to be added to certificate requests.
Modify obj_dat.pl to take its files from the command line. Usage is now
perl obj_dat.pl objects.h obj_dat.h
this should avoid redirection shell escape problems under Win32.
1999-08-11 13:08:58 +00:00
Dr. Stephen Henson
87c49f622e Support for parsing of certificate extensions in PKCS#10 requests: these are
used by things like Xenroll. Also include documentation for extendedKeyUsage
extension.
1999-08-09 22:38:05 +00:00
Dr. Stephen Henson
66ab08b1cf Implement STACK_OF(ANS1_OBJECT) for extended key usage extension, change the
documentation to reflect the STACK_OF(CONF_VALUE) change to the CONF lib and
use ANSI typedefs for X509V3_EXT_I2D and X509V3_EXT_FREE.
1999-06-21 23:59:09 +00:00
Dr. Stephen Henson
565d1065c3 Document the X509V3 code and change some of the extension function pointers
to use 'void *' rather than 'char *' for an "arbitrary extension".
1999-06-11 01:58:42 +00:00
Dr. Stephen Henson
257e206da6 Include some notes on basic extension usage and change openssl.cnf to usually
do sensible things with extensions.
1999-05-19 23:54:58 +00:00
Ulf Möller
405b4a7edb Oops. 1999-05-19 19:14:59 +00:00
Ulf Möller
33d50ef662 Small corrections. 1999-05-19 18:39:23 +00:00
Dr. Stephen Henson
703126f027 Various clarifications to extension docs: change the name of literal
extensions from RAW to DER to avoid confusion with raw extensions.

Update NEWS file.
1999-05-17 20:05:36 +00:00
Bodo Möller
3f45ed82dc Rename "openssl x509" option "-config" to "-extfile", because it
doesn't have a default value like the "-config" options of other
openssl subprograms.
1999-05-17 08:28:37 +00:00
Bodo Möller
b975f15d54 Keep text lines less than 80 characters wide. 1999-05-16 18:27:46 +00:00
Dr. Stephen Henson
e40b7abeed Allows PKCS#12 password to be placed on command line and add allow config
file name for 'ca' to come from the environment.
1999-05-08 12:59:50 +00:00
Dr. Stephen Henson
b64f825671 Add PKCS#12 documentation and new option in x509 to add certificate extensions. 1999-04-27 00:36:20 +00:00
Bodo Möller
4c0c739288 Comment changed.
Submitted by:
Reviewed by:
PR:
1999-04-25 09:34:36 +00:00
Bodo Möller
ad38bedbac C indentation style definition for Emacs.
Submitted by:
Reviewed by:
PR:
1999-04-24 11:49:33 +00:00
Dr. Stephen Henson
d943e37241 Suppport for CRL distribution points extension. Also document some of
this stuff.
1999-04-21 17:44:45 +00:00
Ralf S. Engelschall
94c95d04c6 Fix a typo in the X.509v3 docs: cRLSign instead of cRLCertSign is correct
according to the sources.... found by Steffen Dettmer <steffen@tfh-berlin.de>.
1999-04-10 11:33:28 +00:00
Ulf Möller
b822aa562f Pointer to Ariel Glenn's SSLeay documentation. 1999-04-01 13:09:56 +00:00
Ralf S. Engelschall
36108adbb8 update list 1999-03-22 15:56:31 +00:00
Ralf S. Engelschall
f5904406d0 Merge ext-conf.txt and buffer.txt into a global openssl.txt because we
shouldn't again start with thousend little text files or we quickly come back
to the old SSLeay days ;-)
1999-03-22 15:55:01 +00:00
Ralf S. Engelschall
6e9f108dd7 Add two recently added functions 1999-03-22 15:53:08 +00:00
Dr. Stephen Henson
1756d405cc Added support for adding extensions to CRLs, also fix a memory leak and
make 'req' check the config file syntax before it adds extensions. Added
info in the documentation as well.
1999-03-06 19:33:29 +00:00
Dr. Stephen Henson
9985bed331 Deleted my str_dup() function from X509V3: the same functionality is provided
by BUF_MEM_strdup(). Added text documentation to the BUF_MEM stuff.
1999-03-04 23:29:51 +00:00
Ralf S. Engelschall
789285aa96 Added the new `Includes OpenSSL Cryptography Software' button as
doc/openssl_button.{gif,html} which is similar in style to the old SSLeay
button and can be used by applications based on OpenSSL to show the
relationship to the OpenSSL project.

PS: This beast caused me three hours to create, because
    of the size I had to hand-paint the 7pt fonts in Photoshop.
1999-03-04 12:55:42 +00:00
Ben Laurie
754048577b Perhaps if I do a tiny bit of docco, others may follow? 1999-02-25 17:39:04 +00:00
Ralf S. Engelschall
ea14a91f64 Move s_server -dcert and -dkey options out of the undocumented feature area
because they are useful for the DSA situation and should be recognized by the
users. Thanks to Steve for the original hint.
1999-02-25 11:26:26 +00:00
Dr. Stephen Henson
deff75b634 Add preliminary user level config documentation for extension stuff. Programming
info will come later...

Feel free to reformat and tidy this up...
1999-02-21 17:41:08 +00:00
Ralf S. Engelschall
155d7a0e1d First cut for a very conservative source tree cleanup:
1. merge various obsolete readme texts into doc/ssleay.txt
   where we collect the old documents and readme texts.

2. remove the first part of files where I'm already sure that we no longer need
   them because of three reasons: either they are just temporary files which
   were left by Eric or they are preserved original files where I've verified
   that the diff is also available in the CVS via "cvs diff -rSSLeay_0_8_1b"
   or they were renamed (as it was definitely the case for the crypto/md/
   stuff).

We've still a horrible mess under crypto/bn/asm/.  There for a lot of files
I'm sure whether we need them or not. So, when someone knows it better, feel
free to cleanup there.
1999-02-10 08:26:08 +00:00
Ralf S. Engelschall
288cb84fb4 Fill in more contents for the openssl(1) manpage. 1999-01-28 14:50:10 +00:00
Ralf S. Engelschall
9f28c57cea More structuring and sorting of the SSL API documentation.
And the first steps to descriptions in prosa.
1998-12-31 11:18:15 +00:00
Ralf S. Engelschall
fcc6c7199b Puhhh... now we've documented the prototypes of all 214 API "functions". This
is a pain to do, because of the various macro definitions which I had to
expand manually to get their prototype :-(

What's now needed is a volunteer who wants to write down one or two sentences
per API function to document it a little bit...
1998-12-31 10:33:17 +00:00
Ralf S. Engelschall
db1842132f Cleanup of doc/ directory: The old/obsolete SSLeay files are now assembled
together in a ssleay.txt file.
1998-12-30 22:58:47 +00:00
Ralf S. Engelschall
1b4559977e Replace AUTHOR with a better HISTORY as in FreeBSD's manpages 1998-12-30 07:21:32 +00:00
Ralf S. Engelschall
cb496082f8 Import the first cut for manual pages.
They are written in Perl's POD format for two reasons: First Perl is already
needed for SSLeay and second, POD is easy to write and maintain _AND_ created
nice looking NRoff manpages.

The idea is to have three manual pages:

  openssl(1) ... The manpage for the `openssl' program (formerly ssleay)
  crypto(3) .... The manpage for crypto.h/libcrypto.a
  ssl(3) ....... The manpage for ssl.h/libssl.a

The openssl(1) should be very similar to cvs(1), i.e.  it should document all
commands in a compact way.  And I've even created the first cut for an
overview of all 243 functions of the SSL API for ssl.pod. More to come...
1998-12-29 17:12:34 +00:00
Ralf S. Engelschall
58964a4922 Import of old SSLeay release: SSLeay 0.9.0b 1998-12-21 10:56:39 +00:00
Ralf S. Engelschall
d02b48c63a Import of old SSLeay release: SSLeay 0.8.1b 1998-12-21 10:52:47 +00:00