summaryrefslogtreecommitdiffstats
path: root/doc/man7
diff options
context:
space:
mode:
authorslontis <shane.lontis@oracle.com>2022-11-16 06:40:09 +0100
committerTomas Mraz <tomas@openssl.org>2022-11-18 14:29:01 +0100
commitad60cd522b4f717a69c690f68f1591371a048591 (patch)
tree4271fe06dd9bf88f03122728d2465d2dfad59669 /doc/man7
parentFix more VMS inclusions (diff)
downloadopenssl-ad60cd522b4f717a69c690f68f1591371a048591.tar.xz
openssl-ad60cd522b4f717a69c690f68f1591371a048591.zip
Add doc for EVP_ASYM_CIPHER-RSA and clean up OSSL_PROVIDER-FIPS.pod.
Removed fields from missingcrypto.txt that are no longer missing. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19692)
Diffstat (limited to 'doc/man7')
-rw-r--r--doc/man7/EVP_ASYM_CIPHER-RSA.pod90
-rw-r--r--doc/man7/OSSL_PROVIDER-FIPS.pod8
-rw-r--r--doc/man7/provider-asym_cipher.pod20
3 files changed, 102 insertions, 16 deletions
diff --git a/doc/man7/EVP_ASYM_CIPHER-RSA.pod b/doc/man7/EVP_ASYM_CIPHER-RSA.pod
new file mode 100644
index 0000000000..c68cad6c42
--- /dev/null
+++ b/doc/man7/EVP_ASYM_CIPHER-RSA.pod
@@ -0,0 +1,90 @@
+=pod
+
+=head1 NAME
+
+EVP_ASYM_CIPHER-RSA
+- RSA Asymmetric Cipher algorithm support
+
+=head1 DESCRIPTION
+
+Asymmetric Cipher support for the B<RSA> key type.
+
+=head2 RSA Asymmetric Cipher parameters
+
+=over 4
+
+=item "pad-mode" (B<OSSL_ASYM_CIPHER_PARAM_PAD_MODE>) <UTF8 string>
+
+The default provider understands these RSA padding modes in string form:
+
+=over 4
+
+=item "none" (B<OSSL_PKEY_RSA_PAD_MODE_NONE>)
+
+=item "oaep" (B<OSSL_PKEY_RSA_PAD_MODE_OAEP>)
+
+=item "pkcs1" (B<OSSL_PKEY_RSA_PAD_MODE_PKCSV15>)
+
+=item "x931" (B<OSSL_PKEY_RSA_PAD_MODE_X931>)
+
+=back
+
+=item "pad-mode" (B<OSSL_ASYM_CIPHER_PARAM_PAD_MODE>) <integer>
+
+The default provider understands these RSA padding modes in integer form:
+
+=over 4
+
+=item 1 (B<RSA_PKCS1_PADDING>)
+
+=item 3 (B<RSA_NO_PADDING>)
+
+=item 4 (B<RSA_PKCS1_OAEP_PADDING>)
+
+=item 5 (B<RSA_X931_PADDING>)
+
+=back
+
+See L<EVP_PKEY_CTX_set_rsa_padding(3)> for further details.
+
+=item "digest" (B<OSSL_ASYM_CIPHER_PARAM_OAEP_DIGEST>) <UTF8 string>
+
+=item "digest-props" (B<OSSL_ASYM_CIPHER_PARAM_OAEP_DIGEST_PROPS>) <UTF8 string>
+
+=item "mgf1-digest" (B<OSSL_ASYM_CIPHER_PARAM_MGF1_DIGEST>) <UTF8 string>
+
+=item "mgf1-digest-props" (B<OSSL_ASYM_CIPHER_PARAM_MGF1_DIGEST_PROPS>) <UTF8 string>
+
+=item "oaep-label" (B<OSSL_ASYM_CIPHER_PARAM_OAEP_LABEL>) <octet string>
+
+=item "tls-client-version" (B<OSSL_ASYM_CIPHER_PARAM_TLS_CLIENT_VERSION>) <unsigned integer>
+
+See B<RSA_PKCS1_WITH_TLS_PADDING> on the page L<EVP_PKEY_CTX_set_rsa_padding(3)>.
+
+=item "tls-negotiated-version" (B<OSSL_ASYM_CIPHER_PARAM_TLS_CLIENT_VERSION>) <unsigned integer>
+
+See B<RSA_PKCS1_WITH_TLS_PADDING> on the page L<EVP_PKEY_CTX_set_rsa_padding(3)>.
+
+See L<provider-asym_cipher(7)/Asymmetric Cipher Parameters> for more information.
+
+=back
+
+=head1 SEE ALSO
+
+L<EVP_PKEY-RSA(7)>,
+L<EVP_PKEY(3)>,
+L<provider-asym_cipher(7)>,
+L<provider-keymgmt(7)>,
+L<OSSL_PROVIDER-default(7)>
+L<OSSL_PROVIDER-FIPS(7)>
+
+=head1 COPYRIGHT
+
+Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the Apache License 2.0 (the "License"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
+
+=cut
diff --git a/doc/man7/OSSL_PROVIDER-FIPS.pod b/doc/man7/OSSL_PROVIDER-FIPS.pod
index 899185974e..54ac236702 100644
--- a/doc/man7/OSSL_PROVIDER-FIPS.pod
+++ b/doc/man7/OSSL_PROVIDER-FIPS.pod
@@ -88,7 +88,7 @@ The OpenSSL FIPS provider supports these operations and algorithms:
=item TLS13-KDF, see L<EVP_KDF-TLS13_KDF(7)>
-=item SSKDF, see L<EVP_KDF-SSKDF(7)>
+=item SSKDF, see L<EVP_KDF-SS(7)>
=item PBKDF2, see L<EVP_KDF-PBKDF2(7)>
@@ -96,7 +96,7 @@ The OpenSSL FIPS provider supports these operations and algorithms:
=item TLS1-PRF, see L<EVP_KDF-TLS1_PRF(7)>
-=item KBKDF, see L<EVP_KDF-KBKDF(7)>
+=item KBKDF, see L<EVP_KDF-KB(7)>
=item X942KDF-ASN1, see L<EVP_KDF-X942-ASN1(7)>
@@ -124,8 +124,6 @@ The OpenSSL FIPS provider supports these operations and algorithms:
=over 4
-=item DSA, see L<EVP_KEYEXCH-DSA(7)>
-
=item RSA, see L<EVP_SIGNATURE-RSA(7)>
=item X25519, see L<EVP_SIGNATURE-ED25519(7)>
@@ -142,7 +140,7 @@ The OpenSSL FIPS provider supports these operations and algorithms:
=over 4
-=item RSA, see L<EVP_KEYEXCH-RSA(7)>
+=item RSA, see L<EVP_ASYM_CIPHER-RSA(7)>
=back
diff --git a/doc/man7/provider-asym_cipher.pod b/doc/man7/provider-asym_cipher.pod
index 99207b4e65..e14a1d9019 100644
--- a/doc/man7/provider-asym_cipher.pod
+++ b/doc/man7/provider-asym_cipher.pod
@@ -187,14 +187,10 @@ algorithms:
=over 4
-=item "pad-mode" (B<OSSL_ASYM_CIPHER_PARAM_PAD_MODE>) <integer>
+=item "pad-mode" (B<OSSL_ASYM_CIPHER_PARAM_PAD_MODE>) <UTF8 string> OR <integer>
The type of padding to be used. The interpretation of this value will depend
-on the algorithm in use. The default provider understands these RSA padding
-modes: 1 (RSA_PKCS1_PADDING), 3 (RSA_NO_PADDING),
-4 (RSA_PKCS1_OAEP_PADDING), 5 (RSA_X931_PADDING), 6 (RSA_PKCS1_PSS_PADDING) and
-7 (RSA_PKCS1_WITH_TLS_PADDING). See L<EVP_PKEY_CTX_set_rsa_padding(3)> for
-further details.
+on the algorithm in use.
=item "digest" (B<OSSL_ASYM_CIPHER_PARAM_OAEP_DIGEST>) <UTF8 string>
@@ -223,19 +219,21 @@ is in use.
Gets or sets the properties to use when fetching the MGF1 digest algorithm.
+=item "oaep-label" (B<OSSL_ASYM_CIPHER_PARAM_OAEP_LABEL>) <octet string ptr>
+
+Gets the OAEP label used when OAEP padding is in use.
+
=item "oaep-label" (B<OSSL_ASYM_CIPHER_PARAM_OAEP_LABEL>) <octet string>
-Gets or sets the OAEP label used when OAEP padding is in use.
+Sets the OAEP label used when OAEP padding is in use.
=item "tls-client-version" (B<OSSL_ASYM_CIPHER_PARAM_TLS_CLIENT_VERSION>) <unsigned integer>
-The TLS protocol version first requested by the client. See
-B<RSA_PKCS1_WITH_TLS_PADDING> on the page L<EVP_PKEY_CTX_set_rsa_padding(3)>.
+The TLS protocol version first requested by the client.
=item "tls-negotiated-version" (B<OSSL_ASYM_CIPHER_PARAM_TLS_CLIENT_VERSION>) <unsigned integer>
-The negotiated TLS protocol version. See
-B<RSA_PKCS1_WITH_TLS_PADDING> on the page L<EVP_PKEY_CTX_set_rsa_padding(3)>.
+The negotiated TLS protocol version.
=back