Lines Matching +full:max +full:- +full:reason

1 .\" -*- mode: troff; coding: utf-8 -*-
57 .IX Title "PROVIDER-BASE 7ossl"
58 .TH PROVIDER-BASE 7ossl 2025-09-30 3.5.4 OpenSSL
64 provider\-base
65 \&\- The basic OpenSSL library <\-> provider functions
91 \&                      uint32_t reason, const char *fmt, va_list args);
206 macros in \fBopenssl\-core_dispatch.h\fR\|(7), as follows:
299 This function is useful only for built-in providers such as the default
301 built-in as the OSSL_LIB_CTX of the library loading the provider might be
324 sets the \fIreason\fR for the error, along with any addition data.
325 The \fIreason\fR is a number defined by the provider and used to index
326 the reason strings table that's returned by
504 array that provides reason strings for reason codes the provider may
534 OpenSSL in-built providers use OPENSSL_VERSION_STR, but this may be different
539 OpenSSL in-built providers use OPENSSL_FULL_VERSION_STR, but this may be
550 .IP """openssl-version"" (\fBOSSL_PROV_PARAM_CORE_VERSION\fR) <UTF8 string ptr>" 4
551 .IX Item """openssl-version"" (OSSL_PROV_PARAM_CORE_VERSION) <UTF8 string ptr>"
554 .IP """provider-name"" (\fBOSSL_PROV_PARAM_CORE_PROV_NAME\fR) <UTF8 string ptr>" 4
555 .IX Item """provider-name"" (OSSL_PROV_PARAM_CORE_PROV_NAME) <UTF8 string ptr>"
557 .IP """module-filename"" (\fBOSSL_PROV_PARAM_CORE_MODULE_FILENAME\fR) <UTF8 string ptr>" 4
558 .IX Item """module-filename"" (OSSL_PROV_PARAM_CORE_MODULE_FILENAME) <UTF8 string ptr>"
610 \fI"TLS-GROUP" Capability\fR
611 .IX Subsection """TLS-GROUP"" Capability"
613 The "TLS-GROUP" capability can be queried by libssl to discover the list of
626 .IP """tls-group-name"" (\fBOSSL_CAPABILITY_TLS_GROUP_NAME\fR) <UTF8 string>" 4
627 .IX Item """tls-group-name"" (OSSL_CAPABILITY_TLS_GROUP_NAME) <UTF8 string>"
629 <https://www.iana.org/assignments/tls\-parameters/tls\-parameters.xhtml#tls\-parameters\-8>.
630 .IP """tls-group-name-internal"" (\fBOSSL_CAPABILITY_TLS_GROUP_NAME_INTERNAL\fR) <UTF8 string>" 4
631 .IX Item """tls-group-name-internal"" (OSSL_CAPABILITY_TLS_GROUP_NAME_INTERNAL) <UTF8 string>"
633 "tls-group-name", but does not have to be.
634 .IP """tls-group-id"" (\fBOSSL_CAPABILITY_TLS_GROUP_ID\fR) <unsigned integer>" 4
635 .IX Item """tls-group-id"" (OSSL_CAPABILITY_TLS_GROUP_ID) <unsigned integer>"
642 .IP """tls-group-alg"" (\fBOSSL_CAPABILITY_TLS_GROUP_ALG\fR) <UTF8 string>" 4
643 .IX Item """tls-group-alg"" (OSSL_CAPABILITY_TLS_GROUP_ALG) <UTF8 string>"
650 name given via "tls-group-name-internal" above will be passed via
652 .IP """tls-group-sec-bits"" (\fBOSSL_CAPABILITY_TLS_GROUP_SECURITY_BITS\fR) <unsigned integer>" 4
653 .IX Item """tls-group-sec-bits"" (OSSL_CAPABILITY_TLS_GROUP_SECURITY_BITS) <unsigned integer>"
655 should be comparable with the ones given in table 2 and 3 of the NIST SP800\-57
657 .IP """tls-group-is-kem"" (\fBOSSL_CAPABILITY_TLS_GROUP_IS_KEM\fR) <unsigned integer>" 4
658 .IX Item """tls-group-is-kem"" (OSSL_CAPABILITY_TLS_GROUP_IS_KEM) <unsigned integer>"
665 In KEX mode, in a typical Diffie-Hellman fashion, both sides execute \fIkeygen\fR
668 \&\fBprovider\-keyexch\fR\|(7).
675 described in \fBprovider\-kem\fR\|(7).
679 .IP """tls-min-tls"" (\fBOSSL_CAPABILITY_TLS_GROUP_MIN_TLS\fR) <integer>" 4
680 .IX Item """tls-min-tls"" (OSSL_CAPABILITY_TLS_GROUP_MIN_TLS) <integer>"
682 .IP """tls-max-tls"" (\fBOSSL_CAPABILITY_TLS_GROUP_MAX_TLS\fR) <integer>" 4
683 .IX Item """tls-max-tls"" (OSSL_CAPABILITY_TLS_GROUP_MAX_TLS) <integer>"
684 .IP """tls-min-dtls"" (\fBOSSL_CAPABILITY_TLS_GROUP_MIN_DTLS\fR) <integer>" 4
685 .IX Item """tls-min-dtls"" (OSSL_CAPABILITY_TLS_GROUP_MIN_DTLS) <integer>"
686 .IP """tls-max-dtls"" (\fBOSSL_CAPABILITY_TLS_GROUP_MAX_DTLS\fR) <integer>" 4
687 .IX Item """tls-max-dtls"" (OSSL_CAPABILITY_TLS_GROUP_MAX_DTLS) <integer>"
690 versions supported by the group. The values equate to the on-the-wire encoding
693 or maximum. A \-1 indicates that the group should not be used in that protocol.
695 \fI"TLS-SIGALG" Capability\fR
696 .IX Subsection """TLS-SIGALG"" Capability"
698 The "TLS-SIGALG" capability can be queried by libssl to discover the list of
700 can be used for client\- or server-authentication in addition to the built-in
711 .IP """iana-name"" (\fBOSSL_CAPABILITY_TLS_SIGALG_IANA_NAME\fR) <UTF8 string>" 4
712 .IX Item """iana-name"" (OSSL_CAPABILITY_TLS_SIGALG_IANA_NAME) <UTF8 string>"
715 <https://www.iana.org/assignments/tls\-parameters/tls\-parameters.xhtml#tls\-signaturescheme>.
717 .IP """iana-code-point"" (\fBOSSL_CAPABILITY_TLS_SIGALG_CODE_POINT\fR) <unsigned integer>" 4
718 .IX Item """iana-code-point"" (OSSL_CAPABILITY_TLS_SIGALG_CODE_POINT) <unsigned integer>"
726 .IP """sigalg-name"" (\fBOSSL_CAPABILITY_TLS_SIGALG_NAME\fR) <UTF8 string>" 4
727 .IX Item """sigalg-name"" (OSSL_CAPABILITY_TLS_SIGALG_NAME) <UTF8 string>"
728 A name for the full (possibly composite hash-and-signature) signature
733 parameters "sig-name" and "hash-name".
735 .IP """sigalg-oid"" (\fBOSSL_CAPABILITY_TLS_SIGALG_OID\fR) <UTF8 string>" 4
736 .IX Item """sigalg-oid"" (OSSL_CAPABILITY_TLS_SIGALG_OID) <UTF8 string>"
737 The OID of the "sigalg-name" algorithm in canonical numeric text form. If
739 a NID for this OID, using the "sigalg-name" parameter for its (short) name.
743 .IP """sig-name"" (\fBOSSL_CAPABILITY_TLS_SIGALG_SIG_NAME\fR) <UTF8 string>" 4
744 .IX Item """sig-name"" (OSSL_CAPABILITY_TLS_SIGALG_SIG_NAME) <UTF8 string>"
746 "sigalg-name". If "sigalg-name" is implemented by the provider, this
749 .IP """sig-oid"" (\fBOSSL_CAPABILITY_TLS_SIGALG_SIG_OID\fR) <UTF8 string>" 4
750 .IX Item """sig-oid"" (OSSL_CAPABILITY_TLS_SIGALG_SIG_OID) <UTF8 string>"
751 The OID of the "sig-name" algorithm in canonical numeric text form. If
753 a NID for this OID, using the "sig-name" parameter for its (short) name.
757 .IP """hash-name"" (\fBOSSL_CAPABILITY_TLS_SIGALG_HASH_NAME\fR) <UTF8 string>" 4
758 .IX Item """hash-name"" (OSSL_CAPABILITY_TLS_SIGALG_HASH_NAME) <UTF8 string>"
759 The name of the hash algorithm that is part of a composite "sigalg-name".
760 If "sigalg-name" is implemented by the provider, this parameter is redundant
763 .IP """hash-oid"" (\fBOSSL_CAPABILITY_TLS_SIGALG_HASH_OID\fR) <UTF8 string>" 4
764 .IX Item """hash-oid"" (OSSL_CAPABILITY_TLS_SIGALG_HASH_OID) <UTF8 string>"
765 The OID of the "hash-name" algorithm in canonical numeric text form. If
767 a NID for this OID, using the "hash-name" parameter for its (short) name.
771 .IP """key-type"" (\fBOSSL_CAPABILITY_TLS_SIGALG_KEYTYPE\fR) <UTF8 string>" 4
772 .IX Item """key-type"" (OSSL_CAPABILITY_TLS_SIGALG_KEYTYPE) <UTF8 string>"
774 isn't present, it's assumed to be the same as "sig-name" if that's present,
775 otherwise "sigalg-name".
777 .IP """key-type-oid"" (\fBOSSL_CAPABILITY_TLS_SIGALG_KEYTYPE_OID\fR) <UTF8 string>" 4
778 .IX Item """key-type-oid"" (OSSL_CAPABILITY_TLS_SIGALG_KEYTYPE_OID) <UTF8 string>"
779 The OID of the "key-type" in canonical numeric text form. If
781 a NID for this OID, using the "key-type" parameter for its (short) name.
785 .IP """sec-bits"" (\fBOSSL_CAPABILITY_TLS_SIGALG_SECURITY_BITS\fR) <unsigned integer>" 4
786 .IX Item """sec-bits"" (OSSL_CAPABILITY_TLS_SIGALG_SECURITY_BITS) <unsigned integer>"
789 SP800\-57 document. This number is used to determine the security strength of
795 .IP """tls-min-tls"" (\fBOSSL_CAPABILITY_TLS_SIGALG_MIN_TLS\fR) <integer>" 4
796 .IX Item """tls-min-tls"" (OSSL_CAPABILITY_TLS_SIGALG_MIN_TLS) <integer>"
798 .IP """tls-max-tls"" (\fBOSSL_CAPABILITY_TLS_SIGALG_MAX_TLS\fR) <integer>" 4
799 .IX Item """tls-max-tls"" (OSSL_CAPABILITY_TLS_SIGALG_MAX_TLS) <integer>"
800 .IP """tls-min-dtls"" (\fBOSSL_CAPABILITY_TLS_SIGALG_MIN_DTLS\fR) <integer>" 4
801 .IX Item """tls-min-dtls"" (OSSL_CAPABILITY_TLS_SIGALG_MIN_DTLS) <integer>"
802 .IP """tls-max-dtls"" (\fBOSSL_CAPABILITY_TLS_SIGALG_MAX_DTLS\fR) <integer>" 4
803 .IX Item """tls-max-dtls"" (OSSL_CAPABILITY_TLS_SIGALG_MAX_DTLS) <integer>"
807 on-the-wire encoding of the various TLS versions. For example TLSv1.3 is
809 there is no defined minimum or maximum. A \-1 in either the min or max field
871 \&         fooctx\->provctx = provctx;
873 \&         c_put_error(provctx\->handle, E_MALLOC, _\|_FILE_\|_, _\|_LINE_\|_);
886 \&     fooctx\->b = 0x33;
896 \&     for (; inl\-\- > 0; in++)
897 \&         *in ^= fooctx\->b;
905 \&     fooctx\->b = 0x66;
956 \&     for (; in\->function_id != 0; in++)
957 \&         switch (in\->function_id) {
967 \&          * ALEA IACTA EST, if the core retrieves the reason table
973 \&     pctx\->handle = handle;
986 \& { return (OSSL_FUNC_bar_newctx_fn *)opf\->function; }
991 \& { return (OSSL_FUNC_bar_freectx_fn *)opf\->function; }
996 \& { return (OSSL_FUNC_bar_init_fn *)opf\->function; }
1002 \& { return (OSSL_FUNC_bar_update_fn *)opf\->function; }
1007 \& { return (OSSL_FUNC_bar_final_fn *)opf\->function; }
1024 Copyright 2019\-2025 The OpenSSL Project Authors. All Rights Reserved.