diff options
author | Matt Caswell <matt@openssl.org> | 2017-06-14 14:27:53 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2017-06-21 14:45:35 +0100 |
commit | 9c39fa1e38d0973787e32799a28a46a2812aba2b (patch) | |
tree | 43d60fd90c5d4d9d17c7e536c3aa86c9a81ea58c /doc | |
parent | 267869d3f307e1160f79e1b09246bb091ed00bbf (diff) |
Document SSL_CIPHER_get_handshake_digest()
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3670)
Diffstat (limited to 'doc')
-rw-r--r-- | doc/man3/SSL_CIPHER_get_name.pod | 31 |
1 files changed, 22 insertions, 9 deletions
diff --git a/doc/man3/SSL_CIPHER_get_name.pod b/doc/man3/SSL_CIPHER_get_name.pod index e19bf2132e..157c162c85 100644 --- a/doc/man3/SSL_CIPHER_get_name.pod +++ b/doc/man3/SSL_CIPHER_get_name.pod @@ -2,10 +2,16 @@ =head1 NAME -SSL_CIPHER_get_cipher_nid, SSL_CIPHER_get_digest_nid, SSL_CIPHER_get_kx_nid, -SSL_CIPHER_get_auth_nid, SSL_CIPHER_is_aead, -SSL_CIPHER_get_name, SSL_CIPHER_get_bits, -SSL_CIPHER_get_version, SSL_CIPHER_description +SSL_CIPHER_get_name, +SSL_CIPHER_get_bits, +SSL_CIPHER_get_version, +SSL_CIPHER_description, +SSL_CIPHER_get_cipher_nid, +SSL_CIPHER_get_digest_nid, +SSL_CIPHER_get_handshake_digest, +SSL_CIPHER_get_kx_nid, +SSL_CIPHER_get_auth_nid, +SSL_CIPHER_is_aead - get SSL_CIPHER properties =head1 SYNOPSIS @@ -18,6 +24,7 @@ SSL_CIPHER_get_version, SSL_CIPHER_description char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int size); int SSL_CIPHER_get_cipher_nid(const SSL_CIPHER *c); int SSL_CIPHER_get_digest_nid(const SSL_CIPHER *c); + const EVP_MD *SSL_CIPHER_get_handshake_digest(const SSL_CIPHER *c); int SSL_CIPHER_get_kx_nid(const SSL_CIPHER *c); int SSL_CIPHER_get_auth_nid(const SSL_CIPHER *c); int SSL_CIPHER_is_aead(const SSL_CIPHER *c); @@ -38,8 +45,12 @@ If there is no cipher (e.g. for cipher suites with no encryption) then B<NID_undef> is returned. SSL_CIPHER_get_digest_nid() returns the digest NID corresponding to the MAC -used by B<c>. If there is no digest (e.g. for AEAD cipher suites) then -B<NID_undef> is returned. +used by B<c> during record encryption/decryption. If there is no digest (e.g. +for AEAD cipher suites) then B<NID_undef> is returned. + +SSL_CIPHER_get_handshake_digest() returns an EVP_MD for the digest used during +the SSL/TLS handshake when using the SSL_CIPHER B<c>. Note that this may be +different to the digest used to calculate the MAC for encrypted records. SSL_CIPHER_get_kx_nid() returns the key exchange NID corresponding to the method used by B<c>. If there is no key exchange, then B<NID_undef> is returned. @@ -109,10 +120,12 @@ Some examples for the output of SSL_CIPHER_description(): =head1 HISTORY SSL_CIPHER_get_version() was updated to always return the correct protocol -string in OpenSSL 1.1. +string in OpenSSL 1.1.0. SSL_CIPHER_description() was changed to return B<NULL> on error, -rather than a fixed string, in OpenSSL 1.1 +rather than a fixed string, in OpenSSL 1.1.0. + +SSL_CIPHER_get_handshake_digest() was added in OpenSSL 1.1.1. =head1 SEE ALSO @@ -121,7 +134,7 @@ L<SSL_get_ciphers(3)>, L<ciphers(1)> =head1 COPYRIGHT -Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved. Licensed under the OpenSSL license (the "License"). You may not use this file except in compliance with the License. You can obtain a copy |