provider-base.7 - OpenGrok cross reference for /freebsd/secure/lib/libcrypto/man/man7/provider-base.7

Lines Matching +full:num +full:- +full:ss +full:- +full:bits
18 .\" Set up some character translations and predefined strings.  \*(-- will
24 .tr \(*W-
27 .    ds -- \(*W-
29 .    if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
30 .    if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\"  diablo 12 pitch
37 .    ds -- \|\(em\|
50 .\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
71 .\" Fear.  Run.  Save yourself.  No user-serviceable parts.
81 .    ds #H ((1u-(\\\\n(.fu%2u))*.13m)
97 .    ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
98 .    ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
99 .    ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
100 .    ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
101 .    ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
102 .    ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
104 .    \" troff and (daisy-wheel) nroff accents
121 .    ds 8 ss
123 .    ds d- d\h'-1'\(ga
124 .    ds D- D\h'-1'\(hy
133 .IX Title "PROVIDER-BASE 7ossl"
134 .TH PROVIDER-BASE 7ossl "2023-09-19" "3.0.11" "OpenSSL"
140 provider\-base
141 \&\- The basic OpenSSL library <\-> provider functions
178 \& void *CRYPTO_malloc(size_t num, const char *file, int line);
179 \& void *CRYPTO_zalloc(size_t num, const char *file, int line);
181 \& void CRYPTO_clear_free(void *ptr, size_t num,
183 \& void *CRYPTO_realloc(void *addr, size_t num,
185 \& void *CRYPTO_clear_realloc(void *addr, size_t old_num, size_t num,
187 \& void *CRYPTO_secure_malloc(size_t num, const char *file, int line);
188 \& void *CRYPTO_secure_zalloc(size_t num, const char *file, int line);
190 \& void CRYPTO_secure_clear_free(void *ptr, size_t num,
254 \&\fIlibcrypto\fR and the provider in \s-1\fBOSSL_DISPATCH\s0\fR\|(3) arrays, in the call
260 function pointer from a \s-1\fBOSSL_DISPATCH\s0\fR\|(3) element named
271 \&\s-1\fBOSSL_DISPATCH\s0\fR\|(3) arrays are indexed by numbers that are provided as
272 macros in \fBopenssl\-core_dispatch.h\fR\|(7), as follows:
274 For \fIin\fR (the \s-1\fBOSSL_DISPATCH\s0\fR\|(3) array passed from \fIlibcrypto\fR to the
324 For \fI*out\fR (the \s-1\fBOSSL_DISPATCH\s0\fR\|(3) array passed from the provider to
340 \&\s-1\fBOSSL_PARAM\s0\fR\|(3), for parameters that \fBcore_get_params()\fR can handle.
357 This function is useful only for built-in providers such as the default
358 provider. Never cast this to \s-1OSSL_LIB_CTX\s0 in a provider that is not
359 built-in as the \s-1OSSL_LIB_CTX\s0 of the library loading the provider might be
360 a completely different structure than the \s-1OSSL_LIB_CTX\s0 of the library the
394 The \fBcore_obj_create()\fR function registers a new \s-1OID\s0 and associated short name
397 It will treat as success the case where the \s-1OID\s0 already exists (even if the
399 associated with the existing \s-1OID,\s0 in which case the new names are not
410 rather than a numeric \s-1NID.\s0 Any name (\s-1OID,\s0 short name or long name) can be used
413 underlying signature or digest algorithm). For \fIdigest_name\fR, \s-1NULL\s0 or an
426 the same name.  As a matter of fact, the pointers in the \s-1\fBOSSL_DISPATCH\s0\fR\|(3)
427 array are typically direct pointers to those public functions. Note that the \s-1BIO\s0
428 functions take an \fB\s-1OSSL_CORE_BIO\s0\fR type rather than the standard \fB\s-1BIO\s0\fR
462 and must not call other OpenSSL \s-1API\s0 functions or upcalls.
507 descriptor \s-1\fBOSSL_PARAM\s0\fR\|(3), for parameters that \fBprovider_get_params()\fR
510 \&\fBprovider_get_params()\fR should process the \s-1\fBOSSL_PARAM\s0\fR\|(3) array
513 \&\fBprovider_query_operation()\fR should return a constant \s-1\fBOSSL_ALGORITHM\s0\fR\|(3)
524 \&\fBprovider_get_reason_strings()\fR should return a constant \s-1\fBOSSL_ITEM\s0\fR\|(3)
529 it a set of \s-1\fBOSSL_PARAM\s0\fR\|(3)s and the caller supplied argument \fIarg\fR. The
530 \&\s-1\fBOSSL_PARAM\s0\fR\|(3)s should provide details about the capability with the name given
535 \&\*(L"\s-1CAPABILITIES\*(R"\s0 section below. It should return 1 on success or 0 on error.
557 OpenSSL in-built providers use \s-1OPENSSL_VERSION_STR,\s0 but this may be different
563 OpenSSL in-built providers use \s-1OPENSSL_FULL_VERSION_STR,\s0 but this may be
577 .IX Item "openssl-version (OSSL_PROV_PARAM_CORE_VERSION) <UTF8 string ptr>"
579 expanded from the macro \fB\s-1OPENSSL_VERSION_STR\s0\fR.
582 .IX Item "provider-name (OSSL_PROV_PARAM_CORE_PROV_NAME) <UTF8 string ptr>"
586 .IX Item "module-filename (OSSL_PROV_PARAM_CORE_MODULE_FILENAME) <UTF8 string ptr>"
635 For more information on handling parameters, see \s-1\fBOSSL_PARAM\s0\fR\|(3) as
642 \fI\*(L"TLS-GROUP\*(R" Capability\fR
643 .IX Subsection "TLS-GROUP Capability"
645 The \*(L"TLS-GROUP\*(R" capability can be queried by libssl to discover the list of
646 \&\s-1TLS\s0 groups that a provider can support. Each group supported can be used for
647 \&\fIkey exchange\fR (\s-1KEX\s0) or \fIkey encapsulation method\fR (\s-1KEM\s0) during a \s-1TLS\s0
649 \&\s-1TLS\s0 clients can advertise the list of \s-1TLS\s0 groups they support in the
650 supported_groups extension, and \s-1TLS\s0 servers can select a group from the offered
654 Each \s-1TLS\s0 group that a provider supports should be described via the callback
657 \&\fB\s-1OSSL_CAPABILITY_TLS_GROUP_IS_KEM\s0\fR):
660 .IX Item "tls-group-name (OSSL_CAPABILITY_TLS_GROUP_NAME) <UTF8 string>"
661 The name of the group as given in the \s-1IANA TLS\s0 Supported Groups registry
662 <https://www.iana.org/assignments/tls\-parameters/tls\-parameters.xhtml#tls\-parameters\-8>.
665 .IX Item "tls-group-name-internal (OSSL_CAPABILITY_TLS_GROUP_NAME_INTERNAL) <UTF8 string>"
667 \&\*(L"tls-group-name\*(R", but does not have to be.
670 .IX Item "tls-group-id (OSSL_CAPABILITY_TLS_GROUP_ID) <unsigned integer>"
671 The \s-1TLS\s0 group id value as given in the \s-1IANA TLS\s0 Supported Groups registry.
674 .IX Item "tls-group-alg (OSSL_CAPABILITY_TLS_GROUP_ALG) <UTF8 string>"
677 or \fIkey encapsulation method\fR (\s-1KEM\s0), as implied by the optional
678 \&\fB\s-1OSSL_CAPABILITY_TLS_GROUP_IS_KEM\s0\fR flag.
680 key/parameter generation parameter, \fB\s-1OSSL_PKEY_PARAM_GROUP_NAME\s0\fR. The group
681 name given via \*(L"tls-group-name-internal\*(R" above will be passed via
682 \&\fB\s-1OSSL_PKEY_PARAM_GROUP_NAME\s0\fR when libssl wishes to generate keys/parameters.
685 .IX Item "tls-group-sec-bits (OSSL_CAPABILITY_TLS_GROUP_SECURITY_BITS) <unsigned integer>"
686 The number of bits of security offered by keys in this group. The number of bits
687 should be comparable with the ones given in table 2 and 3 of the \s-1NIST SP800\-57\s0
691 .IX Item "tls-group-is-kem (OSSL_CAPABILITY_TLS_GROUP_IS_KEM) <unsigned integer>"
692 Boolean flag to describe if the group should be used in \fIkey exchange\fR (\s-1KEX\s0)
693 mode (0, default) or in \fIkey encapsulation method\fR (\s-1KEM\s0) mode (1).
695 This parameter is optional: if not specified, \s-1KEX\s0 mode is assumed as the default
698 In \s-1KEX\s0 mode, in a typical Diffie-Hellman fashion, both sides execute \fIkeygen\fR
699 then \fIderive\fR against the peer public key. To operate in \s-1KEX\s0 mode, the group
701 \&\fBprovider\-keyexch\fR\|(7).
703 In \s-1KEM\s0 mode, the client executes \fIkeygen\fR and sends its public key, the server
707 in \s-1KEM\s0 mode, the group implementation must support the provider functions as
708 described in \fBprovider\-kem\fR\|(7).
710 Both in \s-1KEX\s0 and \s-1KEM\s0 mode, the resulting \fIshared secret\fR is then used according
714 .IX Item "tls-min-tls (OSSL_CAPABILITY_TLS_GROUP_MIN_TLS) <integer>"
718 .IX Item "tls-max-tls (OSSL_CAPABILITY_TLS_GROUP_MAX_TLS) <integer>"
721 .IX Item "tls-min-dtls (OSSL_CAPABILITY_TLS_GROUP_MIN_DTLS) <integer>"
724 .IX Item "tls-max-dtls (OSSL_CAPABILITY_TLS_GROUP_MAX_DTLS) <integer>"
726 These parameters can be used to describe the minimum and maximum \s-1TLS\s0 and \s-1DTLS\s0
727 versions supported by the group. The values equate to the on-the-wire encoding
728 of the various \s-1TLS\s0 versions. For example TLSv1.3 is 0x0304 (772 decimal), and
730 or maximum. A \-1 indicates that the group should not be used in that protocol.
785 \&         fooctx\->provctx = provctx;
787 \&         c_put_error(provctx\->handle, E_MALLOC, _\|_FILE_\|_, _\|_LINE_\|_);
800 \&     fooctx\->b = 0x33;
810 \&     for (; inl\-\- > 0; in++)
811 \&         *in ^= fooctx\->b;
819 \&     fooctx\->b = 0x66;
870 \&     for (; in\->function_id != 0; in++)
871 \&         switch (in\->function_id) {
887 \&     pctx\->handle = handle;
900 \& { return (OSSL_FUNC_bar_newctx_fn *)opf\->function; }
905 \& { return (OSSL_FUNC_bar_freectx_fn *)opf\->function; }
910 \& { return (OSSL_FUNC_bar_init_fn *)opf\->function; }
916 \& { return (OSSL_FUNC_bar_update_fn *)opf\->function; }
921 \& { return (OSSL_FUNC_bar_final_fn *)opf\->function; }
932 Copyright 2019\-2023 The OpenSSL Project Authors. All Rights Reserved.
936 in the file \s-1LICENSE\s0 in the source distribution or at
In current file

In project "undefined"

On Google
