Lines Matching full:s0
165 OpenSSL 3.0 such as the availability of the \s-1FIPS\s0 module.
175 \fIProviders and \s-1FIPS\s0 support\fR
188 One of the standard providers available is the \s-1FIPS\s0 provider. This makes
189 available \s-1FIPS\s0 validated cryptographic algorithms.
190 The \s-1FIPS\s0 provider is disabled by default and needs to be enabled explicitly
192 the \s-1FIPS\s0 provider gets built and installed in addition to the other standard
195 special purpose of installing only the \s-1FIPS\s0 provider into an existing
199 If the application code uses any digest or cipher algorithm via the \s-1EVP\s0 interface,
206 See also \*(L"Completing the installation of the \s-1FIPS\s0 Module\*(R" and
207 \&\*(L"Using the \s-1FIPS\s0 Module in applications\*(R".
216 For example, the \s-1EVP\s0 APIs provide the functions \fBEVP_EncryptInit_ex\fR\|(3),
218 encryption. Those functions can be used with the algorithms \s-1AES, CHACHA, 3DES\s0 etc.
219 On the other hand, to do \s-1AES\s0 encryption using the low level APIs you would have
220 to call \s-1AES\s0 specific functions such as \fBAES_set_encrypt_key\fR\|(3),
235 Some cryptographic algorithms such as \fB\s-1MD2\s0\fR and \fB\s-1DES\s0\fR that were available via
236 the \s-1EVP\s0 APIs are now considered legacy and their use is strongly discouraged.
237 These legacy \s-1EVP\s0 algorithms are still available in OpenSSL 3.0 but not by
241 Applications using the \s-1EVP\s0 APIs to access these algorithms should instead use
247 \fIEngines and \*(L"\s-1METHOD\*(R"\s0 APIs\fR
251 support engines, including the \s-1ENGINE API\s0 and any function that creates or
252 modifies custom \*(L"\s-1METHODS\*(R"\s0 (for example \fBEVP_MD_meth_new\fR\|(3),
258 \&\s-1FIPS\s0 module, as detailed below. Authors and maintainers of external engines are
260 using the new Provider \s-1API\s0 and avoiding deprecated methods.
265 If openssl is not built without engine support or deprecated \s-1API\s0 support, engines
270 Engine-backed keys can be loaded via custom \fB\s-1OSSL_STORE\s0\fR implementation.
271 In this case the \fB\s-1EVP_PKEY\s0\fR objects created via \fBENGINE_load_private_key\fR\|(3)
284 \&\s-1MAJOR.MINOR.PATCH\s0
289 change in the second (\s-1MINOR\s0) number indicates that new features may have been
290 added. OpenSSL versions with the same major number are \s-1API\s0 and \s-1ABI\s0 compatible.
291 If the major number changes then \s-1API\s0 and \s-1ABI\s0 compatibility is not guaranteed.
298 Certificate Management Protocol (\s-1CMP, RFC 4210\s0)
301 This also covers \s-1CRMF\s0 (\s-1RFC 4211\s0) and \s-1HTTP\s0 transfer (\s-1RFC 6712\s0)
304 \s-1HTTP\s0(S) client
307 A proper \s-1HTTP\s0(S) client that supports \s-1GET\s0 and \s-1POST,\s0 redirection, plain and
308 \&\s-1ASN\s0.1\-encoded contents, proxies, and timeouts.
310 Key Derivation Function \s-1API\s0 (\s-1EVP_KDF\s0)
313 This simplifies the process of adding new \s-1KDF\s0 and \s-1PRF\s0 implementations.
315 Previously \s-1KDF\s0 algorithms had been shoe-horned into using the \s-1EVP_PKEY\s0 object
317 Existing applications that use \s-1KDF\s0 algorithms using \s-1EVP_PKEY\s0
318 (scrypt, \s-1TLS1 PRF\s0 and \s-1HKDF\s0) may be slower as they use an \s-1EVP_KDF\s0 bridge
320 All new applications should use the new \s-1\fBEVP_KDF\s0\fR\|(3) interface.
321 See also \*(L"Key Derivation Function (\s-1KDF\s0)\*(R" in \fBOSSL_PROVIDER\-default\fR\|(7) and
322 \&\*(L"Key Derivation Function (\s-1KDF\s0)\*(R" in \s-1\fBOSSL_PROVIDER\-FIPS\s0\fR\|(7).
324 Message Authentication Code \s-1API\s0 (\s-1EVP_MAC\s0)
327 This simplifies the process of adding \s-1MAC\s0 implementations.
329 This includes a generic \s-1EVP_PKEY\s0 to \s-1EVP_MAC\s0 bridge, to facilitate the continued
333 All new applications should use the new \s-1\fBEVP_MAC\s0\fR\|(3) interface.
334 See also \*(L"Message Authentication Code (\s-1MAC\s0)\*(R" in \fBOSSL_PROVIDER\-default\fR\|(7)
335 and \*(L"Message Authentication Code (\s-1MAC\s0)\*(R" in \s-1\fBOSSL_PROVIDER\-FIPS\s0\fR\|(7).
347 Support for Linux Kernel \s-1TLS\s0
350 In order to use \s-1KTLS,\s0 support for it must be compiled in using the
352 the \fB\s-1SSL_OP_ENABLE_KTLS\s0\fR option.
357 \&\s-1KDF\s0 algorithms \*(L"\s-1SINGLE STEP\*(R"\s0 and \*(L"\s-1SSH\*(R"\s0
359 See \s-1\fBEVP_KDF\-SS\s0\fR\|(7) and \s-1\fBEVP_KDF\-SSHKDF\s0\fR\|(7)
361 \&\s-1MAC\s0 Algorithms \*(L"\s-1GMAC\*(R"\s0 and \*(L"\s-1KMAC\*(R"\s0
363 See \s-1\fBEVP_MAC\-GMAC\s0\fR\|(7) and \s-1\fBEVP_MAC\-KMAC\s0\fR\|(7).
365 \&\s-1KEM\s0 Algorithm \*(L"\s-1RSASVE\*(R"\s0
367 See \s-1\fBEVP_KEM\-RSA\s0\fR\|(7).
371 See \*(L"\s-1SIV\s0 Mode\*(R" in \fBEVP_EncryptInit\fR\|(3).
373 \&\s-1AES\s0 Key Wrap inverse ciphers supported by \s-1EVP\s0 layer.
375 The inverse ciphers use \s-1AES\s0 decryption for wrapping, and \s-1AES\s0 encryption for
377 …-256\-WRAP\-INV\*(R", \*(L"AES\-128\-WRAP\-PAD\-INV\*(R", \*(L"AES\-192\-WRAP\-PAD\-INV\*(R"\s0 and
378 \&\*(L"\s-1AES\-256\-WRAP\-PAD\-INV\*(R".\s0
380 \&\s-1CTS\s0 ciphers added to \s-1EVP\s0 layer.
383 \&\*(L"CAMELLIA\-128\-CBC\-CTS\*(R", \*(L"CAMELLIA\-192\-CBC\-CTS\*(R"\s0 and \*(L"\s-1CAMELLIA\-25…
384 CS1, CS2\s0 and \s-1CS3\s0 variants are supported.
386 \s-1CMS\s0 and PKCS#7 updates
391 Added CAdES-BES signature scheme and attributes support (\s-1RFC 5126\s0) to \s-1CMS API.\s0
393 Added AuthEnvelopedData content type structure (\s-1RFC 5083\s0) using \s-1AES_GCM\s0
395 This uses the AES-GCM parameter (\s-1RFC 5084\s0) for the Cryptographic Message Syntax.
397 is both authenticated and encrypted using \s-1AES GCM\s0 mode.
401 PKCS#12 \s-1API\s0 updates
405 were changed to more modern \s-1PBKDF2\s0 and \s-1AES\s0 based algorithms. The default
406 \&\s-1MAC\s0 iteration count was changed to \s-1PKCS12_DEFAULT_ITER\s0 to make it equal
408 algorithm for the \s-1MAC\s0 computation was changed to \s-1SHA\-256.\s0 The pkcs12
412 Added enhanced PKCS#12 APIs which accept a library context \fB\s-1OSSL_LIB_CTX\s0\fR
431 PKCS#12 \s-1KDF\s0 versus \s-1FIPS\s0
434 Unlike in 1.x.y, the \s-1PKCS12KDF\s0 algorithm used when a PKCS#12 structure
435 is created with a \s-1MAC\s0 that does not work with the \s-1FIPS\s0 provider as the \s-1PKCS12KDF\…
436 is not a \s-1FIPS\s0 approvable mechanism.
438 See \s-1\fBEVP_KDF\-PKCS12KDF\s0\fR\|(7), \fBPKCS12_create\fR\|(3), \fBopenssl\-pkcs12\fR\|(1),
439 \&\s-1\fBOSSL_PROVIDER\-FIPS\s0\fR\|(7).
445 supported by the \s-1OS,\s0 otherwise CriticalSection continues to be used.
447 Trace \s-1API\s0
450 A new generic trace \s-1API\s0 has been added which provides support for enabling
455 If the tracing \s-1API\s0 is enabled, the application can activate trace output by
463 more key types. This includes \s-1RSA, DSA, ED25519, X25519, ED448\s0 and X448.
475 \s-1STACK\s0 and \s-1HASH\s0 macros have been cleaned up
479 See \s-1\fBDEFINE_STACK_OF\s0\fR\|(3) and \s-1\fBDECLARE_LHASH_OF\s0\fR\|(3).
481 The \s-1RAND_DRBG\s0 subsystem has been removed
484 The new \s-1\fBEVP_RAND\s0\fR\|(3) is a partial replacement: the \s-1DRBG\s0 callback framework is
485 absent. The \s-1RAND_DRBG API\s0 did not fit well into the new provider concept as
486 implemented by \s-1EVP_RAND\s0 and \s-1EVP_RAND_CTX.\s0
500 including \s-1RSA\s0 key generation. This affects the time for larger keys sizes.
502 The default key generation method for the regular 2\-prime \s-1RSA\s0 keys was changed
503 to the \s-1FIPS186\-4 B.3.6\s0 method (Generation of Probable Primes with Conditions
507 Change \s-1PBKDF2\s0 to conform to \s-1SP800\-132\s0 instead of the older \s-1PKCS5 RFC2898\s0
513 default provider, but are enabled by default in the \s-1FIPS\s0 provider.
515 To enable or disable the checks see \fB\s-1OSSL_KDF_PARAM_PKCS5\s0\fR in
516 \&\s-1\fBEVP_KDF\-PBKDF2\s0\fR\|(7). The parameter can be set using \fBEVP_KDF_derive\fR\|(3).
518 Enforce a minimum \s-1DH\s0 modulus size of 512 bits
523 \s-1SM2\s0 key changes
526 \&\s-1EC\s0 EVP_PKEYs with the \s-1SM2\s0 curve have been reworked to automatically become
527 \&\s-1EVP_PKEY_SM2\s0 rather than \s-1EVP_PKEY_EC.\s0
530 call \f(CW\*(C`EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2)\*(C'\fR to get \s-1SM2\s0 computations.
533 to generate \s-1EVP_PKEY_SM2\s0 parameters and keys. Applications must now generate
534 \&\s-1SM2\s0 keys directly and must not create an \s-1EVP_PKEY_EC\s0 key first. It is no longer
535 possible to import an \s-1SM2\s0 key with domain parameters other than the \s-1SM2\s0 elliptic
538 Validation of \s-1SM2\s0 keys has been separated from the validation of regular \s-1EC\s0
539 keys, allowing to improve the \s-1SM2\s0 validation process to reject loaded private
540 keys that are not conforming to the \s-1SM2 ISO\s0 standard.
547 This function made a \fB\s-1EVP_PKEY\s0\fR object mutable after it had been set up. In
558 where the \s-1EVP_PKEY\s0 was constructed using this key in the first place, for
561 Where the \s-1EVP_PKEY\s0 holds a provider managed key, then these functions now return
605 \s-1DH\s0 and \s-1DHX\s0 key types have different settable parameters
609 result in errors. See \s-1\fBEVP_PKEY\-DH\s0\fR\|(7) for further details. This affects the
610 behaviour of \fBopenssl\-genpkey\fR\|(1) for \s-1DH\s0 parameter generation.
615 If using a cipher from a provider the \fB\s-1EVP_CIPH_FLAG_LENGTH_BITS\s0\fR flag can only
617 See \*(L"\s-1FLAGS\*(R"\s0 in \fBEVP_EncryptInit\fR\|(3) for more information.
629 but later keygen operations with the \s-1EVP_PKEY_CTX\s0 will fail.
635 reason the \s-1\fBERR_GET_FUNC\s0()\fR macro was removed. Applications must resolve
638 ChaCha20\-Poly1305 cipher does not allow a truncated \s-1IV\s0 length to be used
641 In OpenSSL 3.0 setting the \s-1IV\s0 length to any value other than 12 will result in an
644 using EVP_CIPHER_CTX_ctrl(ctx, \s-1EVP_CRTL_AEAD_SET_IVLEN,\s0 ivlen, \s-1NULL\s0). This resulted
645 in an \s-1IV\s0 that had leading zero padding.
648 Please refer to the \s-1INSTALL\s0.md file in the top of the distribution for
650 various platform specific \s-1NOTES\s0 files for your specific platform.
685 Check the file \s-1INSTALL\s0.md in the top of the installation for instructions on how
686 to build and install OpenSSL for your platform. Also read the various \s-1NOTES\s0
720 This has a number of implications for \s-1SSL/TLS\s0 applications. See the
721 \&\s-1TLS1.3\s0 page <https://wiki.openssl.org/index.php/TLS1.3> for further details.
727 \fIUpgrading from the OpenSSL 2.0 \s-1FIPS\s0 Object Module\fR
730 The OpenSSL 2.0 \s-1FIPS\s0 Object Module was a separate download that had to be built
732 In OpenSSL 3.0 the \s-1FIPS\s0 support is fully integrated into the mainline version of
734 \&\*(L"Completing the installation of the \s-1FIPS\s0 Module\*(R".
738 See \fBfips_module\fR\|(7) and \s-1\fBOSSL_PROVIDER\-FIPS\s0\fR\|(7) for details.
739 .SS "Completing the installation of the \s-1FIPS\s0 Module"
741 The \s-1FIPS\s0 Module will be built and installed automatically if \s-1FIPS\s0 support has
760 If the user creates an \fB\s-1OSSL_LIB_CTX\s0\fR via \fBOSSL_LIB_CTX_new\fR\|(3) then many
768 \&\fBconst \s-1EVP_MD\s0 *\fR such as \fBEVP_sha256()\fR should be replaced with a call to
769 \&\fBEVP_MD_fetch\fR\|(3). See \*(L"\s-1ALGORITHM FETCHING\*(R"\s0 in \fBcrypto\fR\|(7).
772 \&\fBconst \s-1EVP_CIPHER\s0 *\fR such as \fBEVP_aes_128_cbc()\fR should be replaced vith a call to
773 \&\fBEVP_CIPHER_fetch\fR\|(3). See \*(L"\s-1ALGORITHM FETCHING\*(R"\s0 in \fBcrypto\fR\|(7).
777 \&\fBd2i_X509_PUBKEY\fR\|(3). If \s-1NULL\s0 is passed instead then the created object will be
782 All functions listed below with a \fI\s-1NAME\s0\fR have a replacement function \fINAME_ex\fR
783 that takes \fB\s-1OSSL_LIB_CTX\s0\fR as an additional argument. Functions that have other
821 \&\s-1\fBEVP_PKCS82PKEY\s0\fR\|(3)
890 Passing \s-1NULL\s0 will use the default library context.
919 \&\s-1\fBEVP_RAND\s0\fR\|(3) and \fBEVP_RAND_do_all_provided\fR\|(3)
960 See also \*(L"\s-1OPENSSL PROVIDERS\*(R"\s0 in \fBcrypto\fR\|(7).
966 \&\*(L"\s-1ALGORITHM FETCHING\*(R"\s0 in \fBcrypto\fR\|(7).
968 \fIMapping \s-1EVP\s0 controls and flags to provider \s-1\f(BIOSSL_PARAM\s0\fI\|(3) parameters\fR
973 \&\fB\s-1OSSL_PARAMS\s0\fR to pass information to/from provider objects.
974 See \s-1\fBOSSL_PARAM\s0\fR\|(3) for additional information related to parameters.
976 For ciphers see \*(L"\s-1CONTROLS\*(R"\s0 in \fBEVP_EncryptInit\fR\|(3), \*(L"\s-1FLAGS\*(R"\s0 in …
977 \&\*(L"\s-1PARAMETERS\*(R"\s0 in \fBEVP_EncryptInit\fR\|(3).
979 For digests see \*(L"\s-1CONTROLS\*(R"\s0 in \fBEVP_DigestInit\fR\|(3), \*(L"\s-1FLAGS\*(R"\s0 in \…
980 \&\*(L"\s-1PARAMETERS\*(R"\s0 in \fBEVP_DigestInit\fR\|(3).
993 Any accessor that uses an \s-1ENGINE\s0 is deprecated (such as \fBEVP_PKEY_set1_engine()\fR).
1004 have been deprecated. Applications should instead use the \s-1\fBOSSL_DECODER\s0\fR\|(3) and
1005 \&\s-1\fBOSSL_ENCODER\s0\fR\|(3) APIs to read and write files.
1012 or \fBEVP_PKEY_get0()\fR) should instead use the \s-1OSSL_ENCODER\s0
1013 (See \fBOSSL_ENCODER_to_bio\fR\|(3)) or \s-1OSSL_DECODER\s0 (See \fBOSSL_DECODER_from_bio\fR\|(3))
1023 \&\fBEVP_PKEY_get_params\fR\|(3) to access fields from an \s-1EVP_PKEY.\s0
1024 Gettable parameters are listed in \*(L"Common \s-1RSA\s0 parameters\*(R" in \s-1\fBEVP_PKEY\-RSA\s0…
1025 \&\*(L"\s-1DH\s0 parameters\*(R" in \s-1\fBEVP_PKEY\-DH\s0\fR\|(7), \*(L"\s-1DSA\s0 parameters\*(R"…
1026 \&\*(L"\s-1FFC\s0 parameters\*(R" in \s-1\fBEVP_PKEY\-FFC\s0\fR\|(7), \*(L"Common \s-1EC\s0 paramet…
1027 \&\*(L"Common X25519, X448, \s-1ED25519\s0 and \s-1ED448\s0 parameters\*(R" in \s-1\fBEVP_PKEY\-X25…
1038 See \*(L"Examples\*(R" in \s-1\fBEVP_PKEY\-DH\s0\fR\|(7) for more information.
1047 high-level \s-1EVP_PKEY\s0 APIs, e.g. \fBEVP_PKEY_new\fR\|(3), \fBEVP_PKEY_up_ref\fR\|(3) and
1061 instead use the high level \s-1EVP\s0 APIs \fBEVP_EncryptInit_ex\fR\|(3),
1070 use the the high level \s-1EVP\s0 APIs \fBEVP_DigestInit_ex\fR\|(3), \fBEVP_DigestUpdate\fR\|(3)
1073 Note that the functions \s-1\fBSHA1\s0\fR\|(3), \s-1\fBSHA224\s0\fR\|(3), \s-1\fBSHA256\s0\fR\|(3),…
1074 and \s-1\fBSHA512\s0\fR\|(3) have changed to macros that use \fBEVP_Q_digest\fR\|(3).
1082 See also \s-1\fBEVP_SIGNATURE\-RSA\s0\fR\|(7), \s-1\fBEVP_SIGNATURE\-DSA\s0\fR\|(7),
1083 \&\s-1\fBEVP_SIGNATURE\-ECDSA\s0\fR\|(7) and \s-1\fBEVP_SIGNATURE\-ED25519\s0\fR\|(7).
1085 Deprecated low-level \s-1MAC\s0 functions
1089 Applications should instead use the new \s-1\fBEVP_MAC\s0\fR\|(3) interface, using
1091 \&\fBEVP_MAC_update\fR\|(3) and \fBEVP_MAC_final\fR\|(3) or the single-shot \s-1MAC\s0 function
1093 See \s-1\fBEVP_MAC\s0\fR\|(3), \s-1\fBEVP_MAC\-HMAC\s0\fR\|(7), \s-1\fBEVP_MAC\-CMAC\s0\fR\|(7), \s…
1094 \&\s-1\fBEVP_MAC\-KMAC\s0\fR\|(7), \s-1\fBEVP_MAC\-BLAKE2\s0\fR\|(7), \fBEVP_MAC\-Poly1305\fR\|(7) …
1097 Note that the one-shot method \s-1\fBHMAC\s0()\fR is still available for compatibility purposes,
1098 but this can also be replaced by using \s-1EVP_Q_MAC\s0 if a library context is required.
1105 \&\s-1EVP_PKEY\s0 APIs such as \fBEVP_PKEY_check\fR\|(3), \fBEVP_PKEY_param_check\fR\|(3),
1115 See \s-1\fBEVP_KEYEXCH\-DH\s0\fR\|(7), \s-1\fBEVP_KEYEXCH\-ECDH\s0\fR\|(7) and \s-1\fBEVP_KEYEXCH\-…
1122 …PKEY_generate\fR\|(3) as described in \s-1\fBEVP_PKEY\-DSA\s0\fR\|(7), \s-1\fBEVP_PKEY\-DH\s0\fR\|…
1123 \&\s-1\fBEVP_PKEY\-RSA\s0\fR\|(7), \s-1\fBEVP_PKEY\-EC\s0\fR\|(7) and \s-1\fBEVP_PKEY\-X25519\s0\fR…
1130 Use of low-level objects (such as \s-1DSA\s0) has been informally discouraged from use
1138 Use of low-level objects (such as \s-1DSA\s0) has been informally discouraged from use
1140 \&\fBDSA_print()\fR should be replaced with the equivalent \s-1EVP_PKEY\s0 functions.
1154 There is no replacement for the \s-1IGE\s0 functions. New code should not use these modes.
1155 These undocumented functions were never integrated into the \s-1EVP\s0 layer.
1156 They implemented the \s-1AES\s0 Infinite Garble Extension (\s-1IGE\s0) mode and \s-1AES\s0
1157 Bi-directional \s-1IGE\s0 mode. These modes were never formally standardised and
1159 \&\fBAES_bi_ige_encrypt()\fR has a known bug. It accepts 2 \s-1AES\s0 keys, but only one
1173 There is no replacement. It returned a string indicating if the \s-1AES\s0 code was unrolled.
1178 disabled with the macro \s-1NO_ASN1_OLD\s0 since OpenSSL 0.9.7.
1226 The \s-1CAST\s0 algorithm has been moved to the Legacy Provider.
1231 See \*(L"Deprecated low-level \s-1MAC\s0 functions\*(R".
1235 See \*(L"Deprecated low-level \s-1MAC\s0 functions\*(R".
1253 \&\*(L"Gettable and Settable \s-1EVP_CIPHER_CTX\s0 parameters\*(R" in \fBEVP_EncryptInit\fR\|(3).
1254 See \*(L"\s-1EXAMPLES\*(R"\s0 in \fBEVP_EncryptInit\fR\|(3) for a \s-1AES\-256\-CBC\-CTS\s0 example.
1280 \&\*(L"\s-1DES\-CFB1\*(R"\s0 and \*(L"\s-1DES\-CFB8\*(R"\s0 have been moved to the Legacy Provider.
1294 The \fB\s-1DH_FLAG_CACHE_MONT_P\s0\fR flag has been deprecated without replacement.
1295 The \fB\s-1DH_FLAG_TYPE_DH\s0\fR and \fB\s-1DH_FLAG_TYPE_DHX\s0\fR have been deprecated.
1318 Applications should instead set the \fB\s-1OSSL_PKEY_PARAM_GROUP_NAME\s0\fR as specified in
1319 \&\*(L"\s-1DH\s0 parameters\*(R" in \s-1\fBEVP_PKEY\-DH\s0\fR\|(7)) to one of \*(L"dh_1024_160\*(R"…
1320 \&\*(L"dh_2048_256\*(R" when generating a \s-1DH\s0 key.
1322 \&\s-1\fBDH_KDF_X9_42\s0()\fR
1384 The \fB\s-1DSA_FLAG_CACHE_MONT_P\s0\fR flag has been deprecated without replacement.
1394 \&\s-1\fBECDH_KDF_X9_62\s0()\fR
1397 \&\fBEVP_PKEY_CTX_set_ecdh_kdf_type\fR\|(3) or by setting an \s-1\fBOSSL_PARAM\s0\fR\|(3) using the
1398 \&\*(L"kdf-type\*(R" as shown in \*(L"\s-1EXAMPLES\*(R"\s0 in \s-1\fBEVP_KEYEXCH\-ECDH\s0\fR\|(7)
1414 library automatically assigning a suitable method internally when an \s-1EC_GROUP\s0
1434 \&\s-1EC_METHOD\s0 is now an internal-only concept and a suitable \s-1EC_METHOD\s0 is assigned
1448 See \*(L"Common \s-1EC\s0 parameters\*(R" in \s-1\fBEVP_PKEY\-EC\s0\fR\|(7) which handles flags as …
1449 parameters for \fB\s-1OSSL_PKEY_PARAM_EC_POINT_CONVERSION_FORMAT\s0\fR,
1450 \&\fB\s-1OSSL_PKEY_PARAM_EC_GROUP_CHECK_TYPE\s0\fR, \fB\s-1OSSL_PKEY_PARAM_EC_ENCODING\s0\fR,
1451 \&\fB\s-1OSSL_PKEY_PARAM_USE_COFACTOR_ECDH\s0\fR and
1452 \&\fB\s-1OSSL_PKEY_PARAM_EC_INCLUDE_PUBLIC\s0\fR.
1453 See also \*(L"\s-1EXAMPLES\*(R"\s0 in \s-1\fBEVP_PKEY\-EC\s0\fR\|(7)
1514 These functions were not particularly useful, since \s-1EC\s0 point serialization
1574 \&\s-1\fBEVP_PKEY_CTRL_PKCS7_ENCRYPT\s0()\fR, \s-1\fBEVP_PKEY_CTRL_PKCS7_DECRYPT\s0()\fR,
1575 \&\s-1\fBEVP_PKEY_CTRL_PKCS7_SIGN\s0()\fR, \s-1\fBEVP_PKEY_CTRL_CMS_ENCRYPT\s0()\fR,
1576 \&\s-1\fBEVP_PKEY_CTRL_CMS_DECRYPT\s0()\fR, and \s-1\fBEVP_PKEY_CTRL_CMS_SIGN\s0()\fR
1584 See the \*(L"kdf-ukm\*(R" item in \*(L"\s-1DH\s0 key exchange parameters\*(R" in \s-1\fBEVP_KEYEXCH…
1585 \&\*(L"\s-1ECDH\s0 Key Exchange parameters\*(R" in \s-1\fBEVP_KEYEXCH\-ECDH\s0\fR\|(7).
1604 This function returns \s-1NULL\s0 if the key comes from a provider.
1618 See \*(L"Deprecated low-level \s-1MAC\s0 functions\*(R".
1628 key into/from an \s-1EVP_PKEY\s0 object. With OpenSSL 3.0 these are replaced by the more
1645 See \*(L"Deprecated low-level \s-1MAC\s0 functions\*(R".
1650 See \*(L"Deprecated low-level \s-1MAC\s0 functions\*(R".
1683 \&\s-1IDEA\s0 has been moved to the Legacy Provider.
1689 \&\s-1\fBMD2\s0()\fR, \fBMD2_Init()\fR, \fBMD2_Update()\fR, \fBMD2_Final()\fR
1692 \&\s-1MD2\s0 has been moved to the Legacy Provider.
1698 \&\s-1\fBMD4\s0()\fR, \fBMD4_Init()\fR, \fBMD4_Update()\fR, \fBMD4_Final()\fR, \fBMD4_Transform()\fR
1701 \&\s-1MD4\s0 has been moved to the Legacy Provider.
1703 \&\s-1\fBMDC2\s0()\fR, \fBMDC2_Init()\fR, \fBMDC2_Update()\fR, \fBMDC2_Final()\fR
1706 \&\s-1MDC2\s0 has been moved to the Legacy Provider.
1708 \&\s-1\fBMD5\s0()\fR, \fBMD5_Init()\fR, \fBMD5_Update()\fR, \fBMD5_Final()\fR, \fBMD5_Transform()\fR
1712 \&\s-1\fBNCONF_WIN32\s0()\fR
1715 See \*(L"\s-1HISTORY\*(R"\s0 in \fBconfig\fR\|(5) for more details.
1721 \&\fB\s-1OCSP_REQ_CTX\s0\fR type and \fBOCSP_REQ_CTX_*()\fR functions
1723 These methods were used to collect all necessary data to form a \s-1HTTP\s0 request,
1724 and to perform the \s-1HTTP\s0 transfer with that request. With OpenSSL 3.0, the
1725 type is \fB\s-1OSSL_HTTP_REQ_CTX\s0\fR, and the deprecated functions are replaced
1726 with \fBOSSL_HTTP_REQ_CTX_*()\fR. See \s-1\fBOSSL_HTTP_REQ_CTX\s0\fR\|(3) for additional
1767 \&\s-1\fBPKCS1_MGF1\s0()\fR
1775 \&\s-1\fBEVP_RAND\s0\fR\|(3) and \s-1\fBEVP_RAND\s0\fR\|(7).
1780 \&\s-1\fBRC4\s0()\fR, \fBRC4_set_key()\fR, \fBRC4_options()\fR,
1785 The Algorithms \*(L"\s-1RC2\*(R", \*(L"RC4\*(R"\s0 and \*(L"\s-1RC5\*(R"\s0 have been moved to the …
1787 \&\s-1\fBRIPEMD160\s0()\fR, \fBRIPEMD160_Init()\fR, \fBRIPEMD160_Update()\fR, \fBRIPEMD160_Final()\…
1791 The \s-1RIPE\s0 algorithm has been moved to the Legacy Provider.
1805 All of these \s-1RSA\s0 flags have been deprecated without replacement:
1807 \&\fB\s-1RSA_FLAG_BLINDING\s0\fR, \fB\s-1RSA_FLAG_CACHE_PRIVATE\s0\fR, \fB\s-1RSA_FLAG_CACHE_PUBLIC…
1808 \&\fB\s-1RSA_FLAG_EXT_PKEY\s0\fR, \fB\s-1RSA_FLAG_NO_BLINDING\s0\fR, \fB\s-1RSA_FLAG_THREAD_SAFE\s0…
1809 \&\fB\s-1RSA_METHOD_FLAG_NO_CHECK\s0\fR
1887 X931 padding can be set using \*(L"Signature Parameters\*(R" in \s-1\fBEVP_SIGNATURE\-RSA\s0\fR\|(7…
1888 See \fB\s-1OSSL_SIGNATURE_PARAM_PAD_MODE\s0\fR.
1894 The \s-1SEED\s0 algorithm has been moved to the Legacy Provider.
1911 There are no replacements for the \s-1SRP\s0 functions.
1916 These are used to set the Diffie-Hellman (\s-1DH\s0) parameters that are to be used by
1917 servers requiring ephemeral \s-1DH\s0 keys. Instead applications should consider using
1918 the built-in \s-1DH\s0 parameters that are available by calling \fBSSL_CTX_set_dh_auto\fR\|(3)
1931 \&\s-1\fBWHIRLPOOL\s0()\fR, \fBWHIRLPOOL_Init()\fR, \fBWHIRLPOOL_Update()\fR, \fBWHIRLPOOL_Final()\…
1946 \fI\s-1NID\s0 handling for provided keys and algorithms\fR
1949 The following functions for \s-1NID\s0 (numeric id) handling have changed semantics.
1953 This function was previously used to reliably return the \s-1NID\s0 of
1954 an \s-1EVP_PKEY\s0 object, e.g., to look up the name of the algorithm of
1955 such \s-1EVP_PKEY\s0 by calling \fBOBJ_nid2sn\fR\|(3). With the introduction
1958 (\fB\s-1EVP_PKEY_KEYMGMT\s0\fR) indicating the use of a provider to
1959 implement the \s-1EVP_PKEY\s0 object. Therefore, the use of
1961 the name of the \s-1EVP_PKEY\s0 algorithm.
1962 .SS "Using the \s-1FIPS\s0 Module in applications"
1964 See \fBfips_module\fR\|(7) and \s-1\fBOSSL_PROVIDER\-FIPS\s0\fR\|(7) for details.
1970 \&\fBopenssl kdf\fR uses the new \s-1\fBEVP_KDF\s0\fR\|(3) \s-1API.\s0
1971 \&\fBopenssl kdf\fR uses the new \s-1\fBEVP_MAC\s0\fR\|(3) \s-1API.\s0
1986 explicit setting of fields in the generated \s-1CRL.\s0
2003 For example, the \s-1DH\s0 parameters output from \fBopenssl dhparam\fR now lists 'P',
2008 automatically detect the \s-1PEM\s0 or \s-1DER\s0 format of the input files so it is not
2012 \&\fBopenssl speed\fR no longer uses low-level \s-1API\s0 calls.
2018 \&\fBopenssl genrsa\fR and \fBopenssl rsa\fR have been modified to use \s-1PKEY\s0 APIs.
2019 \&\fBopenssl genrsa\fR and \fBopenssl rsa\fR now write \s-1PKCS\s0 #8 keys by default.
2024 \&\*(L"\s-1SHA256\*(R"\s0 is now the default digest for \s-1TS\s0 query used by \fBopenssl ts\fR.
2033 .SS "\s-1TLS\s0 Changes"
2036 \&\s-1TLS 1.3 FFDHE\s0 key exchange support added
2038 This uses \s-1DH\s0 safe prime named groups.
2046 \&\s-1SSL\s0 and \s-1SSL_CTX\s0 options are now 64 bit instead of 32 bit.
2048 The signatures of the functions to get and set options on \s-1SSL\s0 and
2049 \&\s-1SSL_CTX\s0 objects changed from \*(L"unsigned long\*(R" to \*(L"uint64_t\*(R" type.
2052 to use the \fB\s-1SSL_OP_\s0\fR macro values in preprocessor \f(CW\*(C`#if\*(C'\fR conditions.
2060 These functions now take \s-1IP\s0 literal addresses as well as actual hostnames.
2062 Added \s-1SSL\s0 option \s-1SSL_OP_CLEANSE_PLAINTEXT\s0
2072 the \fB\s-1SSL_OP_ALLOW_CLIENT_RENEGOTIATION\s0\fR flag, or the \f(CW\*(C`ClientRenegotiation\*(C'\…
2075 Secure renegotiation is now required by default for \s-1TLS\s0 connections
2077 Support for \s-1RFC 5746\s0 secure renegotiation is now required by default for
2078 \&\s-1SSL\s0 or \s-1TLS\s0 connections to succeed. Applications that require the ability
2080 \&\s-1SSL_OP_LEGACY_SERVER_CONNECT.\s0 Accordingly, \s-1SSL_OP_LEGACY_SERVER_CONNECT\s0
2081 is no longer set as part of \s-1SSL_OP_ALL.\s0
2085 Typically if OpenSSL has no \s-1EC\s0 or \s-1DH\s0 algorithms then it cannot support
2089 \&\s-1TLS\s0 connections in such a build without also disabling TLSv1.3 at run time or
2100 the security operation \s-1SSL_SECOP_TMP_DH.\s0 This is defined to take an \s-1EVP_PKEY\s0
2103 security operation and it passed a \s-1DH\s0 object instead. This is incorrect
2104 according to the definition of \s-1SSL_SECOP_TMP_DH,\s0 and is inconsistent with all
2106 pass an \s-1EVP_PKEY\s0 instead.
2108 New \s-1SSL\s0 option \s-1SSL_OP_IGNORE_UNEXPECTED_EOF\s0
2110 The \s-1SSL\s0 option \s-1SSL_OP_IGNORE_UNEXPECTED_EOF\s0 is introduced. If that option
2111 is set, an unexpected \s-1EOF\s0 is ignored, it pretends a close notify was received
2112 instead and so the returned error becomes \s-1SSL_ERROR_ZERO_RETURN.\s0
2114 The security strength of \s-1SHA1\s0 and \s-1MD5\s0 based signatures in \s-1TLS\s0 has been reduced.
2116 This results in \s-1SSL 3, TLS 1.0, TLS 1.1\s0 and \s-1DTLS 1.0\s0 no longer
2121 then the handshake will fail in \s-1TLS 1.2\s0 at security level 1. This is because,
2124 set requires the availability of \s-1SHA1.\s0
2126 X509 certificates signed using \s-1SHA1\s0 are no longer allowed at security level 1 and above.
2128 In \s-1TLS/SSL\s0 the default security level is 1. It can be set either using the cipher
2130 leaf certificate is signed with \s-1SHA\-1,\s0 a call to \fBSSL_CTX_use_certificate\fR\|(3)
2132 Outside \s-1TLS/SSL,\s0 the default security level is \-1 (effectively 0). It can
2147 in the file \s-1LICENSE\s0 in the source distribution or at