From d8652be06e2778e8898453a391deb7253e1a35a2 Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Thu, 24 Sep 2020 10:42:23 +0100 Subject: Run the withlibctx.pl script Automatically rename all instances of _with_libctx() to _ex() as per our coding style. Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/12970) --- doc/man3/CMS_EncryptedData_encrypt.pod | 20 ++++--- doc/man3/CMS_EnvelopedData_create.pod | 24 ++++---- doc/man3/CMS_data_create.pod | 15 +++-- doc/man3/CMS_digest_create.pod | 16 ++--- doc/man3/CMS_encrypt.pod | 18 +++--- doc/man3/CMS_get1_ReceiptRequest.pod | 12 ++-- doc/man3/CMS_sign.pod | 18 +++--- doc/man3/CONF_modules_free.pod | 2 +- doc/man3/CONF_modules_load_file.pod | 29 +++++----- doc/man3/CTLOG_STORE_new.pod | 11 ++-- doc/man3/CTLOG_new.pod | 24 ++++---- doc/man3/CT_POLICY_EVAL_CTX_new.pod | 14 ++--- doc/man3/EC_GROUP_new.pod | 12 ++-- doc/man3/EC_KEY_new.pod | 18 +++--- doc/man3/EVP_DigestSignInit.pod | 23 ++++---- doc/man3/EVP_DigestVerifyInit.pod | 23 ++++---- doc/man3/EVP_PKEY_new.pod | 54 +++++++++-------- doc/man3/EVP_SignInit.pod | 15 +++-- doc/man3/EVP_VerifyInit.pod | 16 ++--- doc/man3/NCONF_new_with_libctx.pod | 12 ++-- doc/man3/OSSL_STORE_LOADER.pod | 34 +++++------ doc/man3/OSSL_STORE_open.pod | 21 ++++--- doc/man3/PEM_X509_INFO_read_bio_with_libctx.pod | 33 +++++------ doc/man3/PEM_read_bio_PrivateKey.pod | 2 +- doc/man3/PKCS7_encrypt.pod | 16 ++--- doc/man3/PKCS7_sign.pod | 16 ++--- doc/man3/SMIME_read_ASN1.pod | 2 +- doc/man3/SMIME_read_CMS.pod | 2 +- doc/man3/SMIME_read_PKCS7.pod | 2 +- doc/man3/SMIME_write_ASN1.pod | 14 ++--- doc/man3/SSL_CTX_new.pod | 12 ++-- doc/man3/SSL_load_client_CA_file.pod | 14 ++--- doc/man3/X509_LOOKUP.pod | 77 ++++++++++++------------- doc/man3/X509_LOOKUP_hash_dir.pod | 18 +++--- doc/man3/X509_STORE_CTX_new.pod | 11 ++-- doc/man3/X509_STORE_add_cert.pod | 60 ++++++++++--------- doc/man3/X509_dup.pod | 8 +-- doc/man3/X509_new.pod | 10 ++-- doc/man3/X509_sign.pod | 2 +- doc/man3/X509_verify.pod | 12 ++-- 40 files changed, 362 insertions(+), 380 deletions(-) (limited to 'doc/man3') diff --git a/doc/man3/CMS_EncryptedData_encrypt.pod b/doc/man3/CMS_EncryptedData_encrypt.pod index cb2672f629..63d5d2a1ff 100644 --- a/doc/man3/CMS_EncryptedData_encrypt.pod +++ b/doc/man3/CMS_EncryptedData_encrypt.pod @@ -2,16 +2,20 @@ =head1 NAME -CMS_EncryptedData_encrypt_with_libctx, CMS_EncryptedData_encrypt +CMS_EncryptedData_encrypt_ex, CMS_EncryptedData_encrypt - Create CMS EncryptedData =head1 SYNOPSIS #include - CMS_ContentInfo *CMS_EncryptedData_encrypt_with_libctx(BIO *in, - const EVP_CIPHER *cipher, const unsigned char *key, size_t keylen, - unsigned int flags, OPENSSL_CTX *ctx, const char *propq); + CMS_ContentInfo *CMS_EncryptedData_encrypt_ex(BIO *in, + const EVP_CIPHER *cipher, + const unsigned char *key, + size_t keylen, + unsigned int flags, + OPENSSL_CTX *ctx, + const char *propq); CMS_ContentInfo *CMS_EncryptedData_encrypt(BIO *in, const EVP_CIPHER *cipher, const unsigned char *key, size_t keylen, @@ -19,7 +23,7 @@ CMS_EncryptedData_encrypt_with_libctx, CMS_EncryptedData_encrypt =head1 DESCRIPTION -CMS_EncryptedData_encrypt_with_libctx() creates a B structure +CMS_EncryptedData_encrypt_ex() creates a B structure with a type B. I is a BIO containing the data to encrypt using I and the encryption key I of size I bytes. The library context I and the property query I are used when @@ -34,13 +38,13 @@ its parameters. The B structure can be freed using L. -CMS_EncryptedData_encrypt() is similar to CMS_EncryptedData_encrypt_with_libctx() +CMS_EncryptedData_encrypt() is similar to CMS_EncryptedData_encrypt_ex() but uses default values of NULL for the library context I and the property query I. =head1 RETURN VALUES -If the allocation fails, CMS_EncryptedData_encrypt_with_libctx() and +If the allocation fails, CMS_EncryptedData_encrypt_ex() and CMS_EncryptedData_encrypt() return NULL and set an error code that can be obtained by L. Otherwise they return a pointer to the newly allocated structure. @@ -51,7 +55,7 @@ L, L, L head1 HISTORY -The CMS_EncryptedData_encrypt_with_libctx() method was added in OpenSSL 3.0. +The CMS_EncryptedData_encrypt_ex() method was added in OpenSSL 3.0. =head1 COPYRIGHT diff --git a/doc/man3/CMS_EnvelopedData_create.pod b/doc/man3/CMS_EnvelopedData_create.pod index 6978aaabcb..97ece28f54 100644 --- a/doc/man3/CMS_EnvelopedData_create.pod +++ b/doc/man3/CMS_EnvelopedData_create.pod @@ -2,8 +2,8 @@ =head1 NAME -CMS_EnvelopedData_create_with_libctx, CMS_EnvelopedData_create, -CMS_AuthEnvelopedData_create, CMS_AuthEnvelopedData_create_with_libctx +CMS_EnvelopedData_create_ex, CMS_EnvelopedData_create, +CMS_AuthEnvelopedData_create, CMS_AuthEnvelopedData_create_ex - Create CMS envelope =head1 SYNOPSIS @@ -11,25 +11,23 @@ CMS_AuthEnvelopedData_create, CMS_AuthEnvelopedData_create_with_libctx #include CMS_ContentInfo * - CMS_EnvelopedData_create_with_libctx(const EVP_CIPHER *cipher, - OPENSSL_CTX *libctx, - const char *propq); + CMS_EnvelopedData_create_ex(const EVP_CIPHER *cipher, OPENSSL_CTX *libctx, + const char *propq); CMS_ContentInfo *CMS_EnvelopedData_create(const EVP_CIPHER *cipher); CMS_ContentInfo * - CMS_AuthEnvelopedData_create_with_libctx(const EVP_CIPHER *cipher, - OPENSSL_CTX *libctx, - const char *propq); + CMS_AuthEnvelopedData_create_ex(const EVP_CIPHER *cipher, OPENSSL_CTX *libctx, + const char *propq); CMS_ContentInfo *CMS_AuthEnvelopedData_create(const EVP_CIPHER *cipher); =head1 DESCRIPTION -CMS_EnvelopedData_create_with_libctx() creates a B structure +CMS_EnvelopedData_create_ex() creates a B structure with a type B. I is the symmetric cipher to use. The library context I and the property query I are used when retrieving algorithms from providers. -CMS_AuthEnvelopedData_create_with_libctx() creates a B +CMS_AuthEnvelopedData_create_ex() creates a B structure with a type B. B is the symmetric AEAD cipher to use. Currently only AES variants with GCM mode are supported. The library context I and the property query I are @@ -45,8 +43,8 @@ The B structure needs to be finalized using L and then freed using L. CMS_EnvelopedData_create() and CMS_AuthEnvelopedData_create are similar to -CMS_EnvelopedData_create_with_libctx() and -CMS_AuthEnvelopedData_create_with_libctx() but use default values of NULL for +CMS_EnvelopedData_create_ex() and +CMS_AuthEnvelopedData_create_ex() but use default values of NULL for the library context I and the property query I. =head1 NOTES @@ -68,7 +66,7 @@ L, L, L, L head1 HISTORY -The CMS_EnvelopedData_create_with_libctx() method was added in OpenSSL 3.0. +The CMS_EnvelopedData_create_ex() method was added in OpenSSL 3.0. =head1 COPYRIGHT diff --git a/doc/man3/CMS_data_create.pod b/doc/man3/CMS_data_create.pod index b64a7a1d46..2d361af6cc 100644 --- a/doc/man3/CMS_data_create.pod +++ b/doc/man3/CMS_data_create.pod @@ -2,21 +2,20 @@ =head1 NAME -CMS_data_create_with_libctx, CMS_data_create +CMS_data_create_ex, CMS_data_create - Create CMS Data object =head1 SYNOPSIS #include - CMS_ContentInfo *CMS_data_create_with_libctx(BIO *in, unsigned int flags, - OPENSSL_CTX *libctx, - const char *propq); + CMS_ContentInfo *CMS_data_create_ex(BIO *in, unsigned int flags, + OPENSSL_CTX *libctx, const char *propq); CMS_ContentInfo *CMS_data_create(BIO *in, unsigned int flags); =head1 DESCRIPTION -CMS_data_create_with_libctx() creates a B structure +CMS_data_create_ex() creates a B structure with a type B. The data is supplied via the I BIO. The library context I and the property query I are used when retrieving algorithms from providers. The I field supports the @@ -25,13 +24,13 @@ specified. The B structure can be freed using L. -CMS_data_create() is similar to CMS_data_create_with_libctx() +CMS_data_create() is similar to CMS_data_create_ex() but uses default values of NULL for the library context I and the property query I. =head1 RETURN VALUES -If the allocation fails, CMS_data_create_with_libctx() and CMS_data_create() +If the allocation fails, CMS_data_create_ex() and CMS_data_create() return NULL and set an error code that can be obtained by L. Otherwise they return a pointer to the newly allocated structure. @@ -41,7 +40,7 @@ L, L head1 HISTORY -The CMS_data_create_with_libctx() method was added in OpenSSL 3.0. +The CMS_data_create_ex() method was added in OpenSSL 3.0. =head1 COPYRIGHT diff --git a/doc/man3/CMS_digest_create.pod b/doc/man3/CMS_digest_create.pod index 0eba22cfe6..74bd1fdea2 100644 --- a/doc/man3/CMS_digest_create.pod +++ b/doc/man3/CMS_digest_create.pod @@ -2,23 +2,23 @@ =head1 NAME -CMS_digest_create_with_libctx, CMS_digest_create +CMS_digest_create_ex, CMS_digest_create - Create CMS DigestedData object =head1 SYNOPSIS #include - CMS_ContentInfo *CMS_digest_create_with_libctx(BIO *in, - const EVP_MD *md, unsigned int flags, - OPENSSL_CTX *ctx, const char *propq); + CMS_ContentInfo *CMS_digest_create_ex(BIO *in, const EVP_MD *md, + unsigned int flags, OPENSSL_CTX *ctx, + const char *propq); CMS_ContentInfo *CMS_digest_create(BIO *in, const EVP_MD *md, unsigned int flags); =head1 DESCRIPTION -CMS_digest_create_with_libctx() creates a B structure +CMS_digest_create_ex() creates a B structure with a type B. The data supplied via the I BIO is digested using I. The library context I and the property query I are used when retrieving algorithms from providers. @@ -27,14 +27,14 @@ Internally CMS_final() is called unless B is specified. The B structure can be freed using L. -CMS_digest_create() is similar to CMS_digest_create_with_libctx() +CMS_digest_create() is similar to CMS_digest_create_ex() but uses default values of NULL for the library context I and the property query I. =head1 RETURN VALUES -If the allocation fails, CMS_digest_create_with_libctx() and CMS_digest_create() +If the allocation fails, CMS_digest_create_ex() and CMS_digest_create() return NULL and set an error code that can be obtained by L. Otherwise they return a pointer to the newly allocated structure. @@ -44,7 +44,7 @@ L, L> head1 HISTORY -The CMS_digest_create_with_libctx() method was added in OpenSSL 3.0. +The CMS_digest_create_ex() method was added in OpenSSL 3.0. =head1 COPYRIGHT diff --git a/doc/man3/CMS_encrypt.pod b/doc/man3/CMS_encrypt.pod index 9fe92e3ee6..e78c096c78 100644 --- a/doc/man3/CMS_encrypt.pod +++ b/doc/man3/CMS_encrypt.pod @@ -2,23 +2,21 @@ =head1 NAME -CMS_encrypt_with_libctx, CMS_encrypt - create a CMS envelopedData structure +CMS_encrypt_ex, CMS_encrypt - create a CMS envelopedData structure =head1 SYNOPSIS #include - CMS_ContentInfo *CMS_encrypt_with_libctx(STACK_OF(X509) *certs, - BIO *in, const EVP_CIPHER *cipher, - unsigned int flags, - OPENSSL_CTX *libctx, - const char *propq); + CMS_ContentInfo *CMS_encrypt_ex(STACK_OF(X509) *certs, BIO *in, + const EVP_CIPHER *cipher, unsigned int flags, + OPENSSL_CTX *libctx, const char *propq); CMS_ContentInfo *CMS_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher, unsigned int flags); =head1 DESCRIPTION -CMS_encrypt_with_libctx() creates and returns a CMS EnvelopedData or +CMS_encrypt_ex() creates and returns a CMS EnvelopedData or AuthEnvelopedData structure. I is a list of recipient certificates. I is the content to be encrypted. I is the symmetric cipher to use. I is an optional set of flags. The library context I and the @@ -85,12 +83,12 @@ and CMS_add0_recipient_key(). The parameter B may be NULL if B is set and recipients added later using CMS_add1_recipient_cert() or CMS_add0_recipient_key(). -CMS_encrypt() is similar to CMS_encrypt_with_libctx() but uses default values +CMS_encrypt() is similar to CMS_encrypt_ex() but uses default values of NULL for the library context I and the property query I. =head1 RETURN VALUES -CMS_encrypt_with_libctx() and CMS_encrypt() return either a CMS_ContentInfo +CMS_encrypt_ex() and CMS_encrypt() return either a CMS_ContentInfo structure or NULL if an error occurred. The error can be obtained from ERR_get_error(3). @@ -100,7 +98,7 @@ L, L =head1 HISTORY -The function CMS_encrypt_with_libctx() was added in OpenSSL 3.0. +The function CMS_encrypt_ex() was added in OpenSSL 3.0. The B flag was first supported in OpenSSL 1.0.0. diff --git a/doc/man3/CMS_get1_ReceiptRequest.pod b/doc/man3/CMS_get1_ReceiptRequest.pod index 704d4bac01..6e1d1c1fd2 100644 --- a/doc/man3/CMS_get1_ReceiptRequest.pod +++ b/doc/man3/CMS_get1_ReceiptRequest.pod @@ -2,7 +2,7 @@ =head1 NAME -CMS_ReceiptRequest_create0_with_libctx, CMS_ReceiptRequest_create0, +CMS_ReceiptRequest_create0_ex, CMS_ReceiptRequest_create0, CMS_add1_ReceiptRequest, CMS_get1_ReceiptRequest, CMS_ReceiptRequest_get0_values - CMS signed receipt request functions @@ -10,7 +10,7 @@ CMS_add1_ReceiptRequest, CMS_get1_ReceiptRequest, CMS_ReceiptRequest_get0_values #include - CMS_ReceiptRequest *CMS_ReceiptRequest_create0_with_libctx( + CMS_ReceiptRequest *CMS_ReceiptRequest_create0_ex( unsigned char *id, int idlen, int allorfirst, STACK_OF(GENERAL_NAMES) *receiptList, STACK_OF(GENERAL_NAMES) *receiptsTo, OPENSSL_CTX *libctx, const char *propq); @@ -26,7 +26,7 @@ CMS_add1_ReceiptRequest, CMS_get1_ReceiptRequest, CMS_ReceiptRequest_get0_values =head1 DESCRIPTION -CMS_ReceiptRequest_create0_with_libctx() creates a signed receipt request +CMS_ReceiptRequest_create0_ex() creates a signed receipt request structure. The B field is set using I and I, or it is set to 32 bytes of pseudo random data if I is NULL. If I is NULL the allOrFirstTier option in I is used @@ -36,7 +36,7 @@ parameter specifies the I field value. The library context I and the property query I are used when retrieving algorithms from providers. CMS_ReceiptRequest_create0() is similar to -CMS_ReceiptRequest_create0_with_libctx() but uses default values of NULL for the +CMS_ReceiptRequest_create0_ex() but uses default values of NULL for the library context I and the property query I. The CMS_add1_ReceiptRequest() function adds a signed receipt request B @@ -61,7 +61,7 @@ CMS_verify(). =head1 RETURN VALUES -CMS_ReceiptRequest_create0_with_libctx() and CMS_ReceiptRequest_create0() return +CMS_ReceiptRequest_create0_ex() and CMS_ReceiptRequest_create0() return a signed receipt request structure or NULL if an error occurred. CMS_add1_ReceiptRequest() returns 1 for success or 0 if an error occurred. @@ -78,7 +78,7 @@ L =head1 HISTORY -The function CMS_ReceiptRequest_create0_with_libctx() was added in OpenSSL 3.0. +The function CMS_ReceiptRequest_create0_ex() was added in OpenSSL 3.0. =head1 COPYRIGHT diff --git a/doc/man3/CMS_sign.pod b/doc/man3/CMS_sign.pod index cf92d35303..b5af7e0448 100644 --- a/doc/man3/CMS_sign.pod +++ b/doc/man3/CMS_sign.pod @@ -2,22 +2,22 @@ =head1 NAME -CMS_sign, CMS_sign_with_libctx - create a CMS SignedData structure +CMS_sign, CMS_sign_ex - create a CMS SignedData structure =head1 SYNOPSIS #include - CMS_ContentInfo *CMS_sign_with_libctx(X509 *signcert, EVP_PKEY *pkey, - STACK_OF(X509) *certs, BIO *data, - unsigned int flags, - OPENSSL_CTX *ctx, const char *propq); + CMS_ContentInfo *CMS_sign_ex(X509 *signcert, EVP_PKEY *pkey, + STACK_OF(X509) *certs, BIO *data, + unsigned int flags, OPENSSL_CTX *ctx, + const char *propq); CMS_ContentInfo *CMS_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, BIO *data, unsigned int flags); =head1 DESCRIPTION -CMS_sign_with_libctx() creates and returns a CMS SignedData structure. +CMS_sign_ex() creates and returns a CMS SignedData structure. I is the certificate to sign with, I is the corresponding private key. I is an optional additional set of certificates to include in the CMS structure (for example any intermediate CAs in the chain). The @@ -29,7 +29,7 @@ The data to be signed is read from BIO B. B is an optional set of flags. -CMS_sign() is similar to CMS_sign_with_libctx() but uses default values of NULL +CMS_sign() is similar to CMS_sign_ex() but uses default values of NULL for the library context I and the property query I. =head1 NOTES @@ -115,7 +115,7 @@ Some attributes such as counter signatures are not supported. =head1 RETURN VALUES -CMS_sign_with_libctx() and CMS_sign() return either a valid CMS_ContentInfo +CMS_sign_ex() and CMS_sign() return either a valid CMS_ContentInfo structure or NULL if an error occurred. The error can be obtained from ERR_get_error(3). @@ -128,7 +128,7 @@ L, L The B flag is only supported for detached data in OpenSSL 0.9.8, it is supported for embedded data in OpenSSL 1.0.0 and later. -The CMS_sign_with_libctx() method was added in OpenSSL 3.0. +The CMS_sign_ex() method was added in OpenSSL 3.0. =head1 COPYRIGHT diff --git a/doc/man3/CONF_modules_free.pod b/doc/man3/CONF_modules_free.pod index e7ad3dac29..f47637f62b 100644 --- a/doc/man3/CONF_modules_free.pod +++ b/doc/man3/CONF_modules_free.pod @@ -39,7 +39,7 @@ None of the functions return a value. =head1 SEE ALSO L, L, -L +L =head1 HISTORY diff --git a/doc/man3/CONF_modules_load_file.pod b/doc/man3/CONF_modules_load_file.pod index 7e99bb9d5a..07834a6ba5 100644 --- a/doc/man3/CONF_modules_load_file.pod +++ b/doc/man3/CONF_modules_load_file.pod @@ -2,16 +2,15 @@ =head1 NAME -CONF_modules_load_file_with_libctx, CONF_modules_load_file, CONF_modules_load +CONF_modules_load_file_ex, CONF_modules_load_file, CONF_modules_load - OpenSSL configuration functions =head1 SYNOPSIS #include - int CONF_modules_load_file_with_libctx(OPENSSL_CTX *libctx, - const char *filename, - const char *appname, unsigned long flags); + int CONF_modules_load_file_ex(OPENSSL_CTX *libctx, const char *filename, + const char *appname, unsigned long flags); int CONF_modules_load_file(const char *filename, const char *appname, unsigned long flags); int CONF_modules_load(const CONF *cnf, const char *appname, @@ -19,7 +18,7 @@ CONF_modules_load_file_with_libctx, CONF_modules_load_file, CONF_modules_load =head1 DESCRIPTION -The function CONF_modules_load_file_with_libctx() configures OpenSSL using +The function CONF_modules_load_file_ex() configures OpenSSL using library context B file B and application name B. If B is NULL the standard OpenSSL configuration file is used. If B is NULL the standard OpenSSL application name B is @@ -27,7 +26,7 @@ used. The behaviour can be customized using B. Note that, the error suppressing can be overriden by B as described in L. -CONF_modules_load_file() is the same as CONF_modules_load_file_with_libctx() but +CONF_modules_load_file() is the same as CONF_modules_load_file_ex() but has a NULL library context. CONF_modules_load() is identical to CONF_modules_load_file() except it @@ -49,7 +48,7 @@ returns success. This is used by default in L to ignore any errors in the default system-wide configuration file, as having all OpenSSL applications fail to start when there are potentially minor issues in the file is too risky. -Applications calling B explicitly should not +Applications calling B explicitly should not generally set this flag. If B is set configuration module loading from DSOs is @@ -62,7 +61,7 @@ return an error. B if set and B is not NULL will use the default section pointed to by B if B does not exist. -By using CONF_modules_load_file_with_libctx() with appropriate flags an +By using CONF_modules_load_file_ex() with appropriate flags an application can customise application configuration to best suit its needs. In some cases the use of a configuration file is optional and its absence is not an error: in this case B would be set. @@ -87,7 +86,7 @@ return value of the failing module (this will always be zero or negative). Load a configuration file and print out any errors and exit (missing file considered fatal): - if (CONF_modules_load_file_with_libctx(libctx, NULL, NULL, 0) <= 0) { + if (CONF_modules_load_file_ex(libctx, NULL, NULL, 0) <= 0) { fprintf(stderr, "FATAL: error loading configuration file\n"); ERR_print_errors_fp(stderr); exit(1); @@ -96,8 +95,8 @@ considered fatal): Load default configuration file using the section indicated by "myapp", tolerate missing files, but exit on other errors: - if (CONF_modules_load_file_with_libctx(NULL, NULL, "myapp", - CONF_MFLAGS_IGNORE_MISSING_FILE) <= 0) { + if (CONF_modules_load_file_ex(NULL, NULL, "myapp", + CONF_MFLAGS_IGNORE_MISSING_FILE) <= 0) { fprintf(stderr, "FATAL: error loading configuration file\n"); ERR_print_errors_fp(stderr); exit(1); @@ -106,8 +105,8 @@ tolerate missing files, but exit on other errors: Load custom configuration file and section, only print warnings on error, missing configuration file ignored: - if (CONF_modules_load_file_with_libctx(NULL, "/something/app.cnf", "myapp", - CONF_MFLAGS_IGNORE_MISSING_FILE) <= 0) { + if (CONF_modules_load_file_ex(NULL, "/something/app.cnf", "myapp", + CONF_MFLAGS_IGNORE_MISSING_FILE) <= 0) { fprintf(stderr, "WARNING: error loading configuration file\n"); ERR_print_errors_fp(stderr); } @@ -123,7 +122,7 @@ Load and parse configuration file manually, custom error handling: fprintf(stderr, "Error opening configuration file\n"); /* Other missing configuration file behaviour */ } else { - cnf = NCONF_new_with_libctx(libctx, NULL); + cnf = NCONF_new_ex(libctx, NULL); if (NCONF_load_fp(cnf, fp, &eline) == 0) { fprintf(stderr, "Error on line %ld of configuration file\n", eline); ERR_print_errors_fp(stderr); @@ -141,7 +140,7 @@ Load and parse configuration file manually, custom error handling: L, L, -L +L =head1 COPYRIGHT diff --git a/doc/man3/CTLOG_STORE_new.pod b/doc/man3/CTLOG_STORE_new.pod index 50d79a8bf6..25f3952be3 100644 --- a/doc/man3/CTLOG_STORE_new.pod +++ b/doc/man3/CTLOG_STORE_new.pod @@ -2,7 +2,7 @@ =head1 NAME -CTLOG_STORE_new_with_libctx, +CTLOG_STORE_new_ex, CTLOG_STORE_new, CTLOG_STORE_free, CTLOG_STORE_load_default_file, CTLOG_STORE_load_file - Create and populate a Certificate Transparency log list @@ -11,8 +11,7 @@ Create and populate a Certificate Transparency log list #include - CTLOG_STORE *CTLOG_STORE_new_with_libctx(OPENSSL_CTX *libctx, - const char *propq); + CTLOG_STORE *CTLOG_STORE_new_ex(OPENSSL_CTX *libctx, const char *propq); CTLOG_STORE *CTLOG_STORE_new(void); void CTLOG_STORE_free(CTLOG_STORE *store); @@ -25,10 +24,10 @@ A CTLOG_STORE is a container for a list of CTLOGs (Certificate Transparency logs). The list can be loaded from one or more files and then searched by LogID (see RFC 6962, Section 3.2, for the definition of a LogID). -CTLOG_STORE_new_with_libctx() creates an empty list of CT logs associated with +CTLOG_STORE_new_ex() creates an empty list of CT logs associated with the library context I and the property query string I. -CTLOG_STORE_new() does the same thing as CTLOG_STORE_new_with_libctx() but with +CTLOG_STORE_new() does the same thing as CTLOG_STORE_new_ex() but with the default library context and property query string. The CTLOG_STORE is then populated by CTLOG_STORE_load_default_file() or @@ -74,7 +73,7 @@ L =head1 HISTORY -CTLOG_STORE_new_with_libctx was added in OpenSSL 3.0. All other functions were +CTLOG_STORE_new_ex was added in OpenSSL 3.0. All other functions were added in OpenSSL 1.1.0. =head1 COPYRIGHT diff --git a/doc/man3/CTLOG_new.pod b/doc/man3/CTLOG_new.pod index 4bb1a1b646..227929c5b3 100644 --- a/doc/man3/CTLOG_new.pod +++ b/doc/man3/CTLOG_new.pod @@ -2,8 +2,8 @@ =head1 NAME -CTLOG_new_with_libctx, CTLOG_new, CTLOG_new_from_base64, -CTLOG_new_from_base64_with_libctx, CTLOG_free, +CTLOG_new_ex, CTLOG_new, CTLOG_new_from_base64, +CTLOG_new_from_base64_ex, CTLOG_free, CTLOG_get0_name, CTLOG_get0_log_id, CTLOG_get0_public_key - encapsulates information about a Certificate Transparency log @@ -11,13 +11,13 @@ encapsulates information about a Certificate Transparency log #include - CTLOG *CTLOG_new_with_libctx(EVP_PKEY *public_key, const char *name, - OPENSSL_CTX *libctx, const char *propq); + CTLOG *CTLOG_new_ex(EVP_PKEY *public_key, const char *name, + OPENSSL_CTX *libctx, const char *propq); CTLOG *CTLOG_new(EVP_PKEY *public_key, const char *name); - int CTLOG_new_from_base64_with_libctx(CTLOG **ct_log, const char *pkey_base64, - const char *name, OPENSSL_CTX *libctx, - const char *propq); + int CTLOG_new_from_base64_ex(CTLOG **ct_log, const char *pkey_base64, + const char *name, OPENSSL_CTX *libctx, + const char *propq); int CTLOG_new_from_base64(CTLOG ** ct_log, const char *pkey_base64, const char *name); void CTLOG_free(CTLOG *log); @@ -28,23 +28,23 @@ encapsulates information about a Certificate Transparency log =head1 DESCRIPTION -CTLOG_new_with_libctx() returns a new CTLOG that represents the Certificate +CTLOG_new_ex() returns a new CTLOG that represents the Certificate Transparency (CT) log with the given public key and associates it with the library context I and property query string I. A name must also be provided that can be used to help users identify this log. Ownership of the public key is transferred. -CTLOG_new() does the same thing as CTLOG_new_with_libctx() but with the default +CTLOG_new() does the same thing as CTLOG_new_ex() but with the default library context and the default property query string. -CTLOG_new_from_base64_with_libctx() also creates a new CTLOG, but takes the +CTLOG_new_from_base64_ex() also creates a new CTLOG, but takes the public key in base64-encoded DER form and sets the ct_log pointer to point to the new CTLOG. The base64 will be decoded and the public key parsed. The CTLOG will be associated with the given library context I and property query string I. CTLOG_new_from_base64() does the same thing as -CTLOG_new_from_base64_with_libctx() except that the default library context and +CTLOG_new_from_base64_ex() except that the default library context and property query string are used. Regardless of whether CTLOG_new() or CTLOG_new_from_base64() is used, it is the @@ -75,7 +75,7 @@ L =head1 HISTORY -The functions CTLOG_new_with_libctx() and CTLOG_new_from_base64_with_libctx() +The functions CTLOG_new_with_libctx() and CTLOG_new_from_base64_ex() were added in OpenSSL 3.0. All other functions were added in OpenSSL 1.1.0. =head1 COPYRIGHT diff --git a/doc/man3/CT_POLICY_EVAL_CTX_new.pod b/doc/man3/CT_POLICY_EVAL_CTX_new.pod index 1266076097..7b20e5f770 100644 --- a/doc/man3/CT_POLICY_EVAL_CTX_new.pod +++ b/doc/man3/CT_POLICY_EVAL_CTX_new.pod @@ -2,7 +2,7 @@ =head1 NAME -CT_POLICY_EVAL_CTX_new_with_libctx, +CT_POLICY_EVAL_CTX_new_ex, CT_POLICY_EVAL_CTX_new, CT_POLICY_EVAL_CTX_free, CT_POLICY_EVAL_CTX_get0_cert, CT_POLICY_EVAL_CTX_set1_cert, CT_POLICY_EVAL_CTX_get0_issuer, CT_POLICY_EVAL_CTX_set1_issuer, @@ -14,8 +14,8 @@ Encapsulates the data required to evaluate whether SCTs meet a Certificate Trans #include - CT_POLICY_EVAL_CTX *CT_POLICY_EVAL_CTX_new_with_libctx(OPENSSL_CTX *libctx, - const char *propq); + CT_POLICY_EVAL_CTX *CT_POLICY_EVAL_CTX_new_ex(OPENSSL_CTX *libctx, + const char *propq); CT_POLICY_EVAL_CTX *CT_POLICY_EVAL_CTX_new(void); void CT_POLICY_EVAL_CTX_free(CT_POLICY_EVAL_CTX *ctx); X509* CT_POLICY_EVAL_CTX_get0_cert(const CT_POLICY_EVAL_CTX *ctx); @@ -58,12 +58,12 @@ the current time The above requirements are met using the setters described below. -CT_POLICY_EVAL_CTX_new_with_libctx() creates an empty policy evaluation context +CT_POLICY_EVAL_CTX_new_ex() creates an empty policy evaluation context and associates it with the given library context I and property query string I. CT_POLICY_EVAL_CTX_new() does the same thing as -CT_POLICY_EVAL_CTX_new_with_libctx() except that it uses the default library +CT_POLICY_EVAL_CTX_new_ex() except that it uses the default library context and property query string. The CT_POLICY_EVAL_CTX should then be populated using: @@ -116,7 +116,7 @@ found in the TLS SCT extension or OCSP response. =head1 RETURN VALUES -CT_POLICY_EVAL_CTX_new_with_libctx() and CT_POLICY_EVAL_CTX_new() will return +CT_POLICY_EVAL_CTX_new_ex() and CT_POLICY_EVAL_CTX_new() will return NULL if malloc fails. =head1 SEE ALSO @@ -125,7 +125,7 @@ L =head1 HISTORY -CT_POLICY_EVAL_CTX_new_with_libctx was added in OpenSSL 3.0. All other +CT_POLICY_EVAL_CTX_new_ex was added in OpenSSL 3.0. All other functions were added in OpenSSL 1.1.0. =head1 COPYRIGHT diff --git a/doc/man3/EC_GROUP_new.pod b/doc/man3/EC_GROUP_new.pod index 918e504ce8..775a27936a 100644 --- a/doc/man3/EC_GROUP_new.pod +++ b/doc/man3/EC_GROUP_new.pod @@ -12,7 +12,7 @@ EC_GROUP_free, EC_GROUP_clear_free, EC_GROUP_new_curve_GFp, EC_GROUP_new_curve_GF2m, -EC_GROUP_new_by_curve_name_with_libctx, +EC_GROUP_new_by_curve_name_ex, EC_GROUP_new_by_curve_name, EC_GROUP_set_curve, EC_GROUP_get_curve, @@ -37,8 +37,8 @@ objects const BIGNUM *b, BN_CTX *ctx); EC_GROUP *EC_GROUP_new_curve_GF2m(const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx); - EC_GROUP *EC_GROUP_new_by_curve_name_with_libctx(OPENSSL_CTX *libctx, - const char *propq, int nid); + EC_GROUP *EC_GROUP_new_by_curve_name_ex(OPENSSL_CTX *libctx, const char *propq, + int nid); EC_GROUP *EC_GROUP_new_by_curve_name(int nid); int EC_GROUP_set_curve(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, @@ -153,14 +153,14 @@ Each EC_builtin_curve item has a unique integer id (I), and a human readable comment string describing the curve. In order to construct a built-in curve use the function -EC_GROUP_new_by_curve_name_with_libctx() and provide the I of the curve to +EC_GROUP_new_by_curve_name_ex() and provide the I of the curve to be constructed, the associated library context to be used in I (see L) and any property query string in I. The I value may be NULL in which case the default library context is used. The I value may also be NULL. EC_GROUP_new_by_curve_name() is the same as -EC_GROUP_new_by_curve_name_with_libctx() except that the default library context +EC_GROUP_new_by_curve_name_ex() except that the default library context is always used along with a NULL property query string. EC_GROUP_free() frees the memory associated with the EC_GROUP. @@ -198,7 +198,7 @@ L, L EC_GROUP_new() was deprecated in OpenSSL 3.0. -EC_GROUP_new_by_curve_name_with_libctx() and EC_GROUP_new_from_params() were +EC_GROUP_new_by_curve_name_ex() and EC_GROUP_new_from_params() were added in OpenSSL 3.0. =item * diff --git a/doc/man3/EC_KEY_new.pod b/doc/man3/EC_KEY_new.pod index c3e90a2474..97b29c60b1 100644 --- a/doc/man3/EC_KEY_new.pod +++ b/doc/man3/EC_KEY_new.pod @@ -2,9 +2,9 @@ =head1 NAME -EC_KEY_get_method, EC_KEY_set_method, EC_KEY_new_with_libctx, +EC_KEY_get_method, EC_KEY_set_method, EC_KEY_new_ex, EC_KEY_new, EC_KEY_get_flags, EC_KEY_set_flags, EC_KEY_clear_flags, -EC_KEY_new_by_curve_name_with_libctx, EC_KEY_new_by_curve_name, EC_KEY_free, +EC_KEY_new_by_curve_name_ex, EC_KEY_new_by_curve_name, EC_KEY_free, EC_KEY_copy, EC_KEY_dup, EC_KEY_up_ref, EC_KEY_get0_engine, EC_KEY_get0_group, EC_KEY_set_group, EC_KEY_get0_private_key, EC_KEY_set_private_key, EC_KEY_get0_public_key, EC_KEY_set_public_key, @@ -20,13 +20,13 @@ EC_KEY objects #include - EC_KEY *EC_KEY_new_with_libctx(OPENSSL_CTX *ctx, const char *propq); + EC_KEY *EC_KEY_new_ex(OPENSSL_CTX *ctx, const char *propq); EC_KEY *EC_KEY_new(void); int EC_KEY_get_flags(const EC_KEY *key); void EC_KEY_set_flags(EC_KEY *key, int flags); void EC_KEY_clear_flags(EC_KEY *key, int flags); - EC_KEY *EC_KEY_new_by_curve_name_with_libctx(OPENSSL_CTX *ctx, - const char *propq, int nid); + EC_KEY *EC_KEY_new_by_curve_name_ex(OPENSSL_CTX *ctx, const char *propq, + int nid); EC_KEY *EC_KEY_new_by_curve_name(int nid); void EC_KEY_free(EC_KEY *key); EC_KEY *EC_KEY_copy(EC_KEY *dst, const EC_KEY *src); @@ -80,16 +80,16 @@ EC_KEY_new() is the same as EC_KEY_new_ex() except that the default library context is always used. Alternatively a new EC_KEY can be constructed by calling -EC_KEY_new_by_curve_name_with_libctx() and supplying the nid of the associated +EC_KEY_new_by_curve_name_ex() and supplying the nid of the associated curve, the library context to be used I (see L) and any property query string I. The I parameter may be NULL in which case the default library context is used. The I value may also be NULL. See L for a description of curve names. This function simply wraps calls to EC_KEY_new_ex() and -EC_GROUP_new_by_curve_name_with_libctx(). +EC_GROUP_new_by_curve_name_ex(). -EC_KEY_new_by_curve_name() is the same as EC_KEY_new_by_curve_name_with_libctx() +EC_KEY_new_by_curve_name() is the same as EC_KEY_new_by_curve_name_ex() except that the default library context is always used and a NULL property query string. @@ -177,7 +177,7 @@ EC_KEY_priv2buf() converts an EC_KEY private key into an allocated buffer. =head1 RETURN VALUES -EC_KEY_new_with_libctx(), EC_KEY_new(), EC_KEY_new_by_curve_name_with_libctx(), +EC_KEY_new_with_libctx(), EC_KEY_new(), EC_KEY_new_by_curve_name_ex(), EC_KEY_new_by_curve_name() and EC_KEY_dup() return a pointer to the newly created EC_KEY object, or NULL on error. diff --git a/doc/man3/EVP_DigestSignInit.pod b/doc/man3/EVP_DigestSignInit.pod index 923de31a31..26f516fb35 100644 --- a/doc/man3/EVP_DigestSignInit.pod +++ b/doc/man3/EVP_DigestSignInit.pod @@ -2,17 +2,16 @@ =head1 NAME -EVP_DigestSignInit_with_libctx, EVP_DigestSignInit, EVP_DigestSignUpdate, +EVP_DigestSignInit_ex, EVP_DigestSignInit, EVP_DigestSignUpdate, EVP_DigestSignFinal, EVP_DigestSign - EVP signing functions =head1 SYNOPSIS #include - int EVP_DigestSignInit_with_libctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, - const char *mdname, - OPENSSL_CTX *libctx, const char *props, - EVP_PKEY *pkey); + int EVP_DigestSignInit_ex(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, + const char *mdname, OPENSSL_CTX *libctx, + const char *props, EVP_PKEY *pkey); int EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey); int EVP_DigestSignUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt); @@ -27,7 +26,7 @@ EVP_DigestSignFinal, EVP_DigestSign - EVP signing functions The EVP signature routines are a high-level interface to digital signatures. Input data is digested first before the signing takes place. -EVP_DigestSignInit_with_libctx() sets up signing context I to use a digest +EVP_DigestSignInit_ex() sets up signing context I to use a digest with the name I and private key I. The name of the digest to be used is passed to the provider of the signature algorithm in use. How that provider interprets the digest name is provider specific. The provider may @@ -50,17 +49,17 @@ I is not NULL, the EVP_PKEY_CTX of the signing operation will be written to I<*pctx>: this can be used to set alternative signing options. Note that any existing value in I<*pctx> is overwritten. The EVP_PKEY_CTX value returned must not be freed directly by the application if I is not assigned an -EVP_PKEY_CTX value before being passed to EVP_DigestSignInit_with_libctx() -(which means the EVP_PKEY_CTX is created inside EVP_DigestSignInit_with_libctx() +EVP_PKEY_CTX value before being passed to EVP_DigestSignInit_ex() +(which means the EVP_PKEY_CTX is created inside EVP_DigestSignInit_ex() and it will be freed automatically when the EVP_MD_CTX is freed). If the -EVP_PKEY_CTX to be used is created by EVP_DigestSignInit_with_libctx then it +EVP_PKEY_CTX to be used is created by EVP_DigestSignInit_ex then it will use the B specified in I and the property query string specified in I. The digest I may be NULL if the signing algorithm supports it. The I argument can always be NULL. -No B will be created by EVP_DigestSignInit_with_libctx() if the +No B will be created by EVP_DigestSignInit_ex() if the passed I has already been assigned one via L. See also L. @@ -110,7 +109,7 @@ Will ignore any digest provided. If RSA-PSS is used and restrictions apply then the digest must match. -EVP_DigestSignInit() works in the same way as EVP_DigestSignInit_with_libctx() +EVP_DigestSignInit() works in the same way as EVP_DigestSignInit_ex() except that the I parameter will be inferred from the supplied digest I, and I will be NULL. Where supplied the ENGINE I will be used for the signing and digest algorithm implementations. I may be NULL. @@ -184,7 +183,7 @@ L EVP_DigestSignInit(), EVP_DigestSignUpdate() and EVP_DigestSignFinal() were added in OpenSSL 1.0.0. -EVP_DigestSignInit_with_libctx() was added in OpenSSL 3.0. +EVP_DigestSignInit_ex() was added in OpenSSL 3.0. EVP_DigestSignUpdate() was converted from a macro to a function in OpenSSL 3.0. diff --git a/doc/man3/EVP_DigestVerifyInit.pod b/doc/man3/EVP_DigestVerifyInit.pod index f90fb2754f..b48f98e0db 100644 --- a/doc/man3/EVP_DigestVerifyInit.pod +++ b/doc/man3/EVP_DigestVerifyInit.pod @@ -2,17 +2,16 @@ =head1 NAME -EVP_DigestVerifyInit_with_libctx, EVP_DigestVerifyInit, EVP_DigestVerifyUpdate, +EVP_DigestVerifyInit_ex, EVP_DigestVerifyInit, EVP_DigestVerifyUpdate, EVP_DigestVerifyFinal, EVP_DigestVerify - EVP signature verification functions =head1 SYNOPSIS #include - int EVP_DigestVerifyInit_with_libctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, - const char *mdname, - OPENSSL_CTX *libctx, const char *props, - EVP_PKEY *pkey); + int EVP_DigestVerifyInit_ex(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, + const char *mdname, OPENSSL_CTX *libctx, + const char *props, EVP_PKEY *pkey); int EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey); int EVP_DigestVerifyUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt); @@ -26,7 +25,7 @@ EVP_DigestVerifyFinal, EVP_DigestVerify - EVP signature verification functions The EVP signature routines are a high-level interface to digital signatures. Input data is digested first before the signature verification takes place. -EVP_DigestVerifyInit_with_libctx() sets up verification context B to use a +EVP_DigestVerifyInit_ex() sets up verification context B to use a digest with the name B and public key B. The name of the digest to be used is passed to the provider of the signature algorithm in use. How that provider interprets the digest name is provider specific. The provider may @@ -49,14 +48,14 @@ B is not NULL, the EVP_PKEY_CTX of the verification operation will be written to B<*pctx>: this can be used to set alternative verification options. Note that any existing value in B<*pctx> is overwritten. The EVP_PKEY_CTX value returned must not be freed directly by the application if B is not assigned -an EVP_PKEY_CTX value before being passed to EVP_DigestVerifyInit_with_libctx() +an EVP_PKEY_CTX value before being passed to EVP_DigestVerifyInit_ex() (which means the EVP_PKEY_CTX is created inside -EVP_DigestVerifyInit_with_libctx() and it will be freed automatically when the +EVP_DigestVerifyInit_ex() and it will be freed automatically when the EVP_MD_CTX is freed). If the EVP_PKEY_CTX to be used is created by -EVP_DigestVerifyInit_with_libctx then it will use the B specified +EVP_DigestVerifyInit_ex then it will use the B specified in I and the property query string specified in I. -No B will be created by EVP_DigestSignInit_with_libctx() if the +No B will be created by EVP_DigestSignInit_ex() if the passed B has already been assigned one via L. See also L. @@ -102,7 +101,7 @@ Will ignore any digest provided. If RSA-PSS is used and restrictions apply then the digest must match. EVP_DigestVerifyInit() works in the same way as -EVP_DigestVerifyInit_with_libctx() except that the B parameter will be +EVP_DigestVerifyInit_ex() except that the B parameter will be inferred from the supplied digest B, and B will be NULL. Where supplied the ENGINE B will be used for the signature verification and digest algorithm implementations. B may be NULL. @@ -173,7 +172,7 @@ L EVP_DigestVerifyInit(), EVP_DigestVerifyUpdate() and EVP_DigestVerifyFinal() were added in OpenSSL 1.0.0. -EVP_DigestVerifyInit_with_libctx() was added in OpenSSL 3.0. +EVP_DigestVerifyInit_ex() was added in OpenSSL 3.0. EVP_DigestVerifyUpdate() was converted from a macro to a function in OpenSSL 3.0. diff --git a/doc/man3/EVP_PKEY_new.pod b/doc/man3/EVP_PKEY_new.pod index 0543600704..0c941a6006 100644 --- a/doc/man3/EVP_PKEY_new.pod +++ b/doc/man3/EVP_PKEY_new.pod @@ -5,11 +5,11 @@ EVP_PKEY_new, EVP_PKEY_up_ref, EVP_PKEY_free, -EVP_PKEY_new_raw_private_key_with_libctx, +EVP_PKEY_new_raw_private_key_ex, EVP_PKEY_new_raw_private_key, -EVP_PKEY_new_raw_public_key_with_libctx, +EVP_PKEY_new_raw_public_key_ex, EVP_PKEY_new_raw_public_key, -EVP_PKEY_new_CMAC_key_with_libctx, +EVP_PKEY_new_CMAC_key_ex, EVP_PKEY_new_CMAC_key, EVP_PKEY_new_mac_key, EVP_PKEY_get_raw_private_key, @@ -24,25 +24,23 @@ EVP_PKEY_get_raw_public_key int EVP_PKEY_up_ref(EVP_PKEY *key); void EVP_PKEY_free(EVP_PKEY *key); - EVP_PKEY *EVP_PKEY_new_raw_private_key_with_libctx(OPENSSL_CTX *libctx, - const char *keytype, - const char *propq, - const unsigned char *key, - size_t keylen); + EVP_PKEY *EVP_PKEY_new_raw_private_key_ex(OPENSSL_CTX *libctx, + const char *keytype, + const char *propq, + const unsigned char *key, + size_t keylen); EVP_PKEY *EVP_PKEY_new_raw_private_key(int type, ENGINE *e, const unsigned char *key, size_t keylen); - EVP_PKEY *EVP_PKEY_new_raw_public_key_with_libctx(OPENSSL_CTX *libctx, - const char *keytype, - const char *propq, - const unsigned char *key, - size_t keylen); + EVP_PKEY *EVP_PKEY_new_raw_public_key_ex(OPENSSL_CTX *libctx, + const char *keytype, + const char *propq, + const unsigned char *key, + size_t keylen); EVP_PKEY *EVP_PKEY_new_raw_public_key(int type, ENGINE *e, const unsigned char *key, size_t keylen); - EVP_PKEY *EVP_PKEY_new_CMAC_key_with_libctx(const unsigned char *priv, - size_t len, - const char *cipher_name, - OPENSSL_CTX *libctx, - const char *propq); + EVP_PKEY *EVP_PKEY_new_CMAC_key_ex(const unsigned char *priv, size_t len, + const char *cipher_name, + OPENSSL_CTX *libctx, const char *propq); EVP_PKEY *EVP_PKEY_new_CMAC_key(ENGINE *e, const unsigned char *priv, size_t len, const EVP_CIPHER *cipher); EVP_PKEY *EVP_PKEY_new_mac_key(int type, ENGINE *e, const unsigned char *key, @@ -64,7 +62,7 @@ EVP_PKEY_up_ref() increments the reference count of I. EVP_PKEY_free() decrements the reference count of I and, if the reference count is zero, frees it up. If I is NULL, nothing is done. -EVP_PKEY_new_raw_private_key_with_libctx() allocates a new B. Unless +EVP_PKEY_new_raw_private_key_ex() allocates a new B. Unless an engine should be used for the key type, a provider for the key is found using the library context I and the property query string I. The I argument indicates what kind of key this is. The value should be a @@ -78,17 +76,17 @@ appropriate for the type of the key. The public key data will be automatically derived from the given private key data (if appropriate for the algorithm type). EVP_PKEY_new_raw_private_key() does the same as -EVP_PKEY_new_raw_private_key_with_libctx() except that the default library +EVP_PKEY_new_raw_private_key_ex() except that the default library context and default property query are used instead. If I is non-NULL then the new B structure is associated with the engine I. The I argument indicates what kind of key this is. The value should be a NID for a public key algorithm that supports raw private keys, i.e. one of B, B, B, B, B or B. As for -EVP_PKEY_new_raw_private_key_with_libctx() you may also use B. +EVP_PKEY_new_raw_private_key_ex() you may also use B. -EVP_PKEY_new_raw_public_key_with_libctx() works in the same way as -EVP_PKEY_new_raw_private_key_with_libctx() except that I points to the raw +EVP_PKEY_new_raw_public_key_ex() works in the same way as +EVP_PKEY_new_raw_private_key_ex() except that I points to the raw public key data. The B structure will be initialised without any private key information. Algorithm types that support raw public keys are "X25519", "ED25519", "X448" or "ED448". @@ -99,7 +97,7 @@ data. The B structure will be initialised without any private key information. Algorithm types that support raw public keys are B, B, B or B. -EVP_PKEY_new_CMAC_key_with_libctx() works in the same way as +EVP_PKEY_new_CMAC_key_ex() works in the same way as EVP_PKEY_new_raw_private_key() except it is only for the B algorithm type. In addition to the raw private key data, it also takes a cipher algorithm to be used during creation of a CMAC in the I argument. The @@ -108,7 +106,7 @@ ciphers should not be used. Finally it also takes a library context I and property query I which are used when fetching any cryptographic algorithms which may be NULL to use the default values. -EVP_PKEY_new_CMAC_key() is the same as EVP_PKEY_new_CMAC_key_with_libctx() +EVP_PKEY_new_CMAC_key() is the same as EVP_PKEY_new_CMAC_key_ex() except that the default values are used for I and I. EVP_PKEY_new_mac_key() works in the same way as EVP_PKEY_new_raw_private_key(). @@ -170,9 +168,9 @@ EVP_PKEY_new_raw_private_key(), EVP_PKEY_new_raw_public_key(), EVP_PKEY_new_CMAC_key(), EVP_PKEY_new_raw_private_key() and EVP_PKEY_get_raw_public_key() functions were added in OpenSSL 1.1.1. -The EVP_PKEY_new_raw_private_key_with_libctx(), -EVP_PKEY_new_raw_public_key_with_libctx() and -EVP_PKEY_new_CMAC_key_with_libctx() functions were added in OpenSSL 3.0. +The EVP_PKEY_new_raw_private_key_ex(), +EVP_PKEY_new_raw_public_key_ex() and +EVP_PKEY_new_CMAC_key_ex() functions were added in OpenSSL 3.0. =head1 COPYRIGHT diff --git a/doc/man3/EVP_SignInit.pod b/doc/man3/EVP_SignInit.pod index f6165f0468..d2959fabac 100644 --- a/doc/man3/EVP_SignInit.pod +++ b/doc/man3/EVP_SignInit.pod @@ -3,7 +3,7 @@ =head1 NAME EVP_SignInit, EVP_SignInit_ex, EVP_SignUpdate, -EVP_SignFinal_with_libctx, EVP_SignFinal +EVP_SignFinal_ex, EVP_SignFinal - EVP signing functions =head1 SYNOPSIS @@ -12,9 +12,8 @@ EVP_SignFinal_with_libctx, EVP_SignFinal int EVP_SignInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl); int EVP_SignUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt); - int EVP_SignFinal_with_libctx(EVP_MD_CTX *ctx, unsigned char *md, - unsigned int *s, EVP_PKEY *pkey, - OPENSSL_CTX *libctx, const char *propq); + int EVP_SignFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s, + EVP_PKEY *pkey, OPENSSL_CTX *libctx, const char *propq); int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sig, unsigned int *s, EVP_PKEY *pkey); @@ -33,7 +32,7 @@ EVP_SignUpdate() hashes I bytes of data at I into the signature context I. This function can be called several times on the same I to include additional data. -EVP_SignFinal_with_libctx() signs the data in I using the private key +EVP_SignFinal_ex() signs the data in I using the private key I and places the signature in I. The library context I and property query I are used when creating a context to use with the key I. I must be at least C bytes in size. I is @@ -42,7 +41,7 @@ The number of bytes of data written (i.e. the length of the signature) will be written to the integer at I, at most C bytes will be written. -EVP_SignFinal() is similar to EVP_SignFinal_with_libctx() but uses default +EVP_SignFinal() is similar to EVP_SignFinal_ex() but uses default values of NULL for the library context I and the property query I. EVP_SignInit() initializes a signing context I to use the default @@ -50,7 +49,7 @@ implementation of digest I. =head1 RETURN VALUES -EVP_SignInit_ex(), EVP_SignUpdate(), EVP_SignFinal_with_libctx() and +EVP_SignInit_ex(), EVP_SignUpdate(), EVP_SignFinal_ex() and EVP_SignFinal() return 1 for success and 0 for failure. The error codes can be obtained by L. @@ -99,7 +98,7 @@ L, L =head1 HISTORY -The function EVP_SignFinal_with_libctx() was added in OpenSSL 3.0. +The function EVP_SignFinal_ex() was added in OpenSSL 3.0. =head1 COPYRIGHT diff --git a/doc/man3/EVP_VerifyInit.pod b/doc/man3/EVP_VerifyInit.pod index be5332a55d..b505af405d 100644 --- a/doc/man3/EVP_VerifyInit.pod +++ b/doc/man3/EVP_VerifyInit.pod @@ -3,7 +3,7 @@ =head1 NAME EVP_VerifyInit_ex, -EVP_VerifyInit, EVP_VerifyUpdate, EVP_VerifyFinal_with_libctx, EVP_VerifyFinal +EVP_VerifyInit, EVP_VerifyUpdate, EVP_VerifyFinal_ex, EVP_VerifyFinal - EVP signature verification functions =head1 SYNOPSIS @@ -12,9 +12,9 @@ EVP_VerifyInit, EVP_VerifyUpdate, EVP_VerifyFinal_with_libctx, EVP_VerifyFinal int EVP_VerifyInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl); int EVP_VerifyUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt); - int EVP_VerifyFinal_with_libctx(EVP_MD_CTX *ctx, const unsigned char *sigbuf, - unsigned int siglen, EVP_PKEY *pkey, - OPENSSL_CTX *libctx, const char *propq); + int EVP_VerifyFinal_ex(EVP_MD_CTX *ctx, const unsigned char *sigbuf, + unsigned int siglen, EVP_PKEY *pkey, + OPENSSL_CTX *libctx, const char *propq); int EVP_VerifyFinal(EVP_MD_CTX *ctx, unsigned char *sigbuf, unsigned int siglen, EVP_PKEY *pkey); @@ -33,12 +33,12 @@ EVP_VerifyUpdate() hashes I bytes of data at I into the verification context I. This function can be called several times on the same I to include additional data. -EVP_VerifyFinal_with_libctx() verifies the data in I using the public key +EVP_VerifyFinal_ex() verifies the data in I using the public key I and I bytes in I. The library context I and property query I are used when creating a context to use with the key I. -EVP_VerifyFinal() is similar to EVP_VerifyFinal_with_libctx() but uses default +EVP_VerifyFinal() is similar to EVP_VerifyFinal_ex() but uses default values of NULL for the library context I and the property query I. EVP_VerifyInit() initializes verification context I to use the default @@ -49,7 +49,7 @@ implementation of digest I. EVP_VerifyInit_ex() and EVP_VerifyUpdate() return 1 for success and 0 for failure. -EVP_VerifyFinal()_with_libctx() and EVP_VerifyFinal() return 1 for a correct +EVP_VerifyFinal()_ex() and EVP_VerifyFinal() return 1 for a correct signature, 0 for failure and -1 if some other error occurred. The error codes can be obtained by L. @@ -93,7 +93,7 @@ L, L head1 HISTORY -The function EVP_VerifyFinal_with_libctx() was added in OpenSSL 3.0. +The function EVP_VerifyFinal_ex() was added in OpenSSL 3.0. =head1 COPYRIGHT diff --git a/doc/man3/NCONF_new_with_libctx.pod b/doc/man3/NCONF_new_with_libctx.pod index b976d7f74c..2de14b4f4e 100644 --- a/doc/man3/NCONF_new_with_libctx.pod +++ b/doc/man3/NCONF_new_with_libctx.pod @@ -2,14 +2,14 @@ =head1 NAME -NCONF_new_with_libctx, NCONF_new, NCONF_free, NCONF_default, NCONF_load +NCONF_new_ex, NCONF_new, NCONF_free, NCONF_default, NCONF_load - functionality to Load and parse configuration files manually =head1 SYNOPSIS #include - CONF *NCONF_new_with_libctx(OPENSSL_CTX *libctx, CONF_METHOD *meth); + CONF *NCONF_new_ex(OPENSSL_CTX *libctx, CONF_METHOD *meth); CONF *NCONF_new(CONF_METHOD *meth); void NCONF_free(CONF *conf); CONF_METHOD *NCONF_default(void); @@ -17,11 +17,11 @@ NCONF_new_with_libctx, NCONF_new, NCONF_free, NCONF_default, NCONF_load =head1 DESCRIPTION -NCONF_new_with_libctx() creates a new CONF object in heap memory and assigns to +NCONF_new_ex() creates a new CONF object in heap memory and assigns to it a context I that can be used during loading. If the method table I is set to NULL then the default value of NCONF_default() is used. -NCONF_new() is similar to NCONF_new_with_libctx() but sets the I to NULL. +NCONF_new() is similar to NCONF_new_ex() but sets the I to NULL. NCONF_free() frees the data associated with I and then frees the I object. @@ -36,7 +36,7 @@ NCONF_default() gets the default method table for processing a configuration fil NCONF_load() returns 1 on success or 0 on error. -NCONF_new_with_libctx() and NCONF_new() return a newly created I object +NCONF_new_ex() and NCONF_new() return a newly created I object or NULL if an error occurs. =head1 SEE ALSO @@ -45,7 +45,7 @@ L, =head1 HISTORY -NCONF_new_with_libctx() was added in OpenSSL 3.0. +NCONF_new_ex() was added in OpenSSL 3.0. =head1 COPYRIGHT diff --git a/doc/man3/OSSL_STORE_LOADER.pod b/doc/man3/OSSL_STORE_LOADER.pod index 12e3748c47..e8da59392e 100644 --- a/doc/man3/OSSL_STORE_LOADER.pod +++ b/doc/man3/OSSL_STORE_LOADER.pod @@ -14,13 +14,13 @@ OSSL_STORE_LOADER_do_all_provided, OSSL_STORE_LOADER_names_do_all, OSSL_STORE_LOADER_CTX, OSSL_STORE_LOADER_new, OSSL_STORE_LOADER_get0_engine, OSSL_STORE_LOADER_get0_scheme, -OSSL_STORE_LOADER_set_open, OSSL_STORE_LOADER_set_open_with_libctx, +OSSL_STORE_LOADER_set_open, OSSL_STORE_LOADER_set_open_ex, OSSL_STORE_LOADER_set_attach, OSSL_STORE_LOADER_set_ctrl, OSSL_STORE_LOADER_set_expect, OSSL_STORE_LOADER_set_find, OSSL_STORE_LOADER_set_load, OSSL_STORE_LOADER_set_eof, OSSL_STORE_LOADER_set_error, OSSL_STORE_LOADER_set_close, OSSL_STORE_register_loader, OSSL_STORE_unregister_loader, -OSSL_STORE_open_fn, OSSL_STORE_open_with_libctx_fn, +OSSL_STORE_open_fn, OSSL_STORE_open_ex_fn, OSSL_STORE_attach_fn, OSSL_STORE_ctrl_fn, OSSL_STORE_expect_fn, OSSL_STORE_find_fn, OSSL_STORE_load_fn, OSSL_STORE_eof_fn, OSSL_STORE_error_fn, @@ -69,11 +69,11 @@ L: const char *uri, const UI_METHOD *ui_method, void *ui_data); int OSSL_STORE_LOADER_set_open(OSSL_STORE_LOADER *store_loader, OSSL_STORE_open_fn store_open_function); - typedef OSSL_STORE_LOADER_CTX *(*OSSL_STORE_open_with_libctx_fn)( + typedef OSSL_STORE_LOADER_CTX *(*OSSL_STORE_open_ex_fn)( const char *uri, const UI_METHOD *ui_method, void *ui_data); - int OSSL_STORE_LOADER_set_open_with_libctx + int OSSL_STORE_LOADER_set_open_ex (OSSL_STORE_LOADER *store_loader, - OSSL_STORE_open_with_libctx_fn store_open_with_libctx_function); + OSSL_STORE_open_ex_fn store_open_ex_function); typedef OSSL_STORE_LOADER_CTX *(*OSSL_STORE_attach_fn) (const OSSL_STORE_LOADER *loader, BIO *bio, OPENSSL_CTX *libctx, const char *propq, @@ -113,7 +113,7 @@ L: =head1 DESCRIPTION B is a method for OSSL_STORE loaders, which implement -OSSL_STORE_open(), OSSL_STORE_open_with_libctx(), OSSL_STORE_load(), +OSSL_STORE_open(), OSSL_STORE_open_ex(), OSSL_STORE_load(), OSSL_STORE_eof(), OSSL_STORE_error() and OSSL_STORE_close() for specific storage schemes. @@ -156,7 +156,7 @@ provider implementations, see L. B is a type template, to be defined by each loader using C. -B, B, +B, B, B, B, B, B, B, and B are the function pointer types used within a STORE loader. @@ -164,9 +164,9 @@ The functions pointed at define the functionality of the given loader. =over 4 -=item B and B +=item B and B -B takes a URI and is expected to +B takes a URI and is expected to interpret it in the best manner possible according to the scheme the loader implements. It also takes a B and associated data, to be used any time something needs to be prompted for, as well as a @@ -178,13 +178,13 @@ see above), and to return it. If something goes wrong, this function is expected to return NULL. B does the same thing as -B but uses NULL for the library +B but uses NULL for the library context I and property query I. =item B This function takes a B, otherwise works like -B. +B. =item B @@ -274,7 +274,7 @@ OSSL_STORE_LOADER_get0_scheme() returns the scheme of the I. OSSL_STORE_LOADER_set_open() sets the opener function for the I. -OSSL_STORE_LOADER_set_open_with_libctx() sets the opener with library context +OSSL_STORE_LOADER_set_open_ex() sets the opener with library context function for the I. OSSL_STORE_LOADER_set_attach() sets the attacher function for the @@ -299,7 +299,7 @@ OSSL_STORE_LOADER_free() frees the given I. OSSL_STORE_register_loader() register the given I and thereby makes it available for use with OSSL_STORE_open(), -OSSL_STORE_open_with_libctx(), OSSL_STORE_load(), OSSL_STORE_eof() +OSSL_STORE_open_ex(), OSSL_STORE