diff options
| author | Clemens Lang <cllang@redhat.com> | 2024-08-28 17:18:03 +0200 |
|---|---|---|
| committer | Tomas Mraz <tomas@openssl.org> | 2024-08-29 19:20:05 +0200 |
| commit | 6772c2ab1bc5f12dd800247cd6800c45c2c0bf6e (patch) | |
| tree | b9518c6794496bf8a85a7cf0c697534a3b3baade /doc | |
| parent | Refactor and Enhance Compression Field Testing (diff) | |
| download | openssl-6772c2ab1bc5f12dd800247cd6800c45c2c0bf6e.tar.xz openssl-6772c2ab1bc5f12dd800247cd6800c45c2c0bf6e.zip | |
doc: Document properties param for Argon2 KDF
The Argon2 KDF uses OSSL_KDF_PARAM_PROPERTIES to fetch implementations
of blake2bmac and blake2b512 if ctx->mac and ctx->md are NULL. This
isn't documented in the manpage, so users that might, for example, want
to fetch an instance of Argon2 with the -fips property query to obtain
a working Argon2 KDF even though the default property query requires
fips=yes are left wondering why this fails.
Fortunately, EVP_KDF(3)/PARAMETERS already explains what the properties
are used for, so we really just need to add a single line.
Signed-off-by: Clemens Lang <cllang@redhat.com>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25306)
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/man7/EVP_KDF-ARGON2.pod | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/doc/man7/EVP_KDF-ARGON2.pod b/doc/man7/EVP_KDF-ARGON2.pod index d41a3179b5..ecbd3ad745 100644 --- a/doc/man7/EVP_KDF-ARGON2.pod +++ b/doc/man7/EVP_KDF-ARGON2.pod @@ -44,6 +44,8 @@ The supported parameters are: =item "size" (B<OSSL_KDF_PARAM_SIZE>) <unsigned integer> +=item "properties" (B<OSSL_KDF_PARAM_PROPERTIES>) <UTF8 string> + These parameters work as described in L<EVP_KDF(3)/PARAMETERS>. Note that RFC 9106 recommends 128 bits salt for most applications, or 64 bits |