[openssl] master update

Sat Sep 14 00:56:07 UTC 2019

The branch master has been updated
       via  7b6b194b5281649ad5c50ecead0f3725d2d2a6a0 (commit)
       via  f4651268b42dc5d7ccf29922d06b65e62d0ab2a1 (commit)
       via  1aa010093537a0b49facfb9b435b081989b6f08e (commit)
      from  3a9f26f3308c5b3e59ec0e589310fd137b0399f6 (commit)


- Log -----------------------------------------------------------------
commit 7b6b194b5281649ad5c50ecead0f3725d2d2a6a0
Author: Pauli <paul.dale at oracle.com>
Date:   Fri Sep 13 19:37:40 2019 +1000

    Use param types instead of native types in the param descriptions
    
    Reviewed-by: Richard Levitte <levitte at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/9891)

commit f4651268b42dc5d7ccf29922d06b65e62d0ab2a1
Author: Pauli <paul.dale at oracle.com>
Date:   Fri Sep 13 19:35:37 2019 +1000

    Use param types for parameter descriptions.  Mention a size_t limit to those where it makes sense.
    
    Reviewed-by: Richard Levitte <levitte at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/9891)

commit 1aa010093537a0b49facfb9b435b081989b6f08e
Author: Pauli <paul.dale at oracle.com>
Date:   Fri Sep 13 19:32:28 2019 +1000

    Add wording to limit the 'size' parameter to no more than can be specified using a size_t variable
    
    Reviewed-by: Richard Levitte <levitte at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/9891)

-----------------------------------------------------------------------

Summary of changes:
 doc/man3/EVP_DigestInit.pod |  9 +++++----
 doc/man3/EVP_KDF.pod        | 10 ++++++----
 doc/man3/EVP_MAC.pod        | 11 ++++++-----
 3 files changed, 17 insertions(+), 13 deletions(-)

diff --git a/doc/man3/EVP_DigestInit.pod b/doc/man3/EVP_DigestInit.pod
index cc38235274..7f5a1e5db2 100644
--- a/doc/man3/EVP_DigestInit.pod
+++ b/doc/man3/EVP_DigestInit.pod
@@ -339,12 +339,13 @@ EVP_MD_CTX_set_params() can be used with the following OSSL_PARAM keys:
 
 =over 4
 
-=item OSSL_PARAM_DIGEST_KEY_XOFLEN <size_t>
+=item OSSL_PARAM_DIGEST_KEY_XOFLEN <unsigned integer>
 
 Sets the digest length for extendable output functions.
-It is used by the SHAKE algorithm.
+It is used by the SHAKE algorithm and should not exceed what can be given
+using a B<size_t>.
 
-=item OSSL_PARAM_DIGEST_KEY_PAD_TYPE <int>
+=item OSSL_PARAM_DIGEST_KEY_PAD_TYPE <integer>
 
 Sets the pad type.
 It is used by the MDC2 algorithm.
@@ -355,7 +356,7 @@ EVP_MD_CTX_get_params() can be used with the following OSSL_PARAM keys:
 
 =over 4
 
-=item OSSL_PARAM_DIGEST_KEY_MICALG <utf8string>.
+=item OSSL_PARAM_DIGEST_KEY_MICALG <UTF8 string>.
 
 Gets the digest Message Integrity Check algorithm string. This is used when
 creating S/MIME multipart/signed messages, as specified in RFC 3851.
diff --git a/doc/man3/EVP_KDF.pod b/doc/man3/EVP_KDF.pod
index 2069e7f0ee..2770c9534f 100644
--- a/doc/man3/EVP_KDF.pod
+++ b/doc/man3/EVP_KDF.pod
@@ -156,7 +156,7 @@ For those KDF implementations that support it, this parameter sets the salt.
 
 The default value, if any, is implementation dependent.
 
-=item B<OSSL_KDF_PARAM_ITER> ("iter") <unsigned int>
+=item B<OSSL_KDF_PARAM_ITER> ("iter") <unsigned integer>
 
 Some KDF implementations require an iteration count.
 For those KDF implementations that support it, this parameter sets the
@@ -170,7 +170,7 @@ The default value, if any, is implementation dependent.
 
 =item B<OSSL_KDF_PARAM_DIGEST> ("digest") <UTF8 string>
 
-=item B<OSSL_MAC_PARAM_ENGINE> ("engine") <utf8string>
+=item B<OSSL_MAC_PARAM_ENGINE> ("engine") <UTF8 string>
 
 For KDF implementations that use an underlying computation MAC or
 digest, these parameters set what the algorithm should be, and the
@@ -189,15 +189,16 @@ Some KDF implementations require a key.
 For those KDF implementations that support it, this octet string parameter
 sets the key.
 
-=item B<OSSL_KDF_PARAM_MAC_SIZE> ("maclen") <size_t>
+=item B<OSSL_KDF_PARAM_MAC_SIZE> ("maclen") <unsigned integer>
 
 Used by implementations that use a MAC with a variable output size (KMAC).
 For those KDF implementations that support it, this parameter
 sets the MAC output size.
 
 The default value, if any, is implementation dependent.
+The length must never exceed what can be given with a B<size_t>.
 
-=item B<OSSL_KDF_PARAM_SCRYPT_MAXMEM> ("macmaxmem_byteslen") <size_t>
+=item B<OSSL_KDF_PARAM_SCRYPT_MAXMEM> ("macmaxmem_byteslen") <unsigned integer>
 
 Memory-hard password-based KDF algorithms, such as scrypt, use an amount of
 memory that depends on the load factors provided as input.
@@ -208,6 +209,7 @@ If this memory usage limit is exceeded because the load factors are chosen
 too high, the key derivation will fail.
 
 The default value is implementation dependent.
+The memory size must never exceed what can be given with a B<size_t>.
 
 =back
 
diff --git a/doc/man3/EVP_MAC.pod b/doc/man3/EVP_MAC.pod
index cf851354e7..4d819b7544 100644
--- a/doc/man3/EVP_MAC.pod
+++ b/doc/man3/EVP_MAC.pod
@@ -210,13 +210,13 @@ This option is used by KMAC.
 These will set the MAC flags to the given numbers.
 Some MACs do not support this option.
 
-=item B<OSSL_MAC_PARAM_ENGINE> ("engine") <utf8 string>
+=item B<OSSL_MAC_PARAM_ENGINE> ("engine") <UTF8 string>
 
-=item B<OSSL_MAC_PARAM_PROPERTIES> ("properties") <utf8 string>
+=item B<OSSL_MAC_PARAM_PROPERTIES> ("properties") <UTF8 string>
 
-=item B<OSSL_MAC_PARAM_DIGEST> ("digest") <utf8 string>
+=item B<OSSL_MAC_PARAM_DIGEST> ("digest") <UTF8 string>
 
-=item B<OSSL_MAC_PARAM_CIPHER> ("cipher") <utf8 string>
+=item B<OSSL_MAC_PARAM_CIPHER> ("cipher") <UTF8 string>
 
 For MAC implementations that use an underlying computation cipher or
 digest, these parameters set what the algorithm should be, and the
@@ -234,7 +234,8 @@ or SHAKE256.
 
 For MAC implementations that support it, set the output size that
 EVP_MAC_final() should produce.
-The allowed sizes vary between MAC implementations.
+The allowed sizes vary between MAC implementations, but must never exceed
+what can be given with a B<size_t>.
 
 =back
 
