[openssl] master update
Richard Levitte
levitte at openssl.org
Tue Mar 10 12:33:55 UTC 2020
The branch master has been updated
via 041a96e7acc89685228980b5615a53bee7f07b0f (commit)
via b5b91a79633dbecb6f4d74d469ea28748ba606d7 (commit)
via 2f3a709807e37f5a4f2242f18f121aa525971a93 (commit)
via 1e55cbc874826af63e178a3fd26d23981599effe (commit)
via c5926e930cc9a4bdf0932d14e17f1f122a70205b (commit)
from 99a16e0459e5089c2cfb92ee775f1221a51b8d05 (commit)
- Log -----------------------------------------------------------------
commit 041a96e7acc89685228980b5615a53bee7f07b0f
Author: Richard Levitte <levitte at openssl.org>
Date: Sat Mar 7 08:00:51 2020 +0100
DOCS: Clean up doc/man3/EVP_DigestInit.pod
We touch it, we clean it up!
Accordding to common man-pages(7) guidelines.
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11270)
commit b5b91a79633dbecb6f4d74d469ea28748ba606d7
Author: Richard Levitte <levitte at openssl.org>
Date: Sat Mar 7 07:51:27 2020 +0100
DOCS: Add translation information for EVP_MD_CTX_ctrl()
EVP_MD_CTX_ctrl() translates some known control commands when faced
with a fetched EVP_MD, so we need to document it.
This also ensures that we don't drop the information on the "micalg"
parameter entirely.
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11270)
commit 2f3a709807e37f5a4f2242f18f121aa525971a93
Author: Richard Levitte <levitte at openssl.org>
Date: Fri Mar 6 14:33:17 2020 +0100
DOCS: Add missing documentation in util/missingcrypto.txt
These lines will be taken away as documentation moves from diverse
provider operation interface manuals to implementation specific docs.
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11270)
commit 1e55cbc874826af63e178a3fd26d23981599effe
Author: Richard Levitte <levitte at openssl.org>
Date: Fri Mar 6 14:29:00 2020 +0100
DOCS: Move implementation specific docs away from provider-digest(7)
The provider- manuals are meant to describe the general interface for
their respective operation. This is not the place to describe
implementation specific details.
This change creates a number of doc/man7/EVP_MD manuals, one for each
algorithm or set of algorithms, as well as doc/man7/EVP_MD-common.pod
to describe what's common to them all.
While we're at it, correct the SHA3 settable context params array to
match what's actually settable.
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11270)
commit c5926e930cc9a4bdf0932d14e17f1f122a70205b
Author: Richard Levitte <levitte at openssl.org>
Date: Fri Mar 6 14:25:42 2020 +0100
DOCS: Start restructuring our provider and implementation documentation
This adds doc/man7/OSSL_PROVIDER-default.pod and OSSL_PROVIDER-legacy.pod,
and fills in currently implemented operations and algorithms in them, as
well as in doc/man7/OSSL_PROVIDER-FIPS.pod, with links to documentation to
come.
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11270)
-----------------------------------------------------------------------
Summary of changes:
doc/man3/EVP_DigestInit.pod | 92 ++++++-----
doc/man7/EVP_MD-BLAKE2.pod | 46 ++++++
doc/man7/EVP_MD-MD2.pod | 34 ++++
doc/man7/EVP_MD-MD4.pod | 34 ++++
doc/man7/EVP_MD-MD5-SHA1.pod | 56 +++++++
doc/man7/EVP_MD-MD5.pod | 34 ++++
doc/man7/EVP_MD-MDC2.pod | 50 ++++++
doc/man7/EVP_MD-RIPEMD160.pod | 35 ++++
doc/man7/EVP_MD-SHA1.pod | 55 +++++++
doc/man7/EVP_MD-SHA2.pod | 77 +++++++++
doc/man7/EVP_MD-SHA3.pod | 46 ++++++
doc/man7/EVP_MD-SHAKE.pod | 73 +++++++++
doc/man7/EVP_MD-SM3.pod | 34 ++++
doc/man7/EVP_MD-WHIRLPOOL.pod | 34 ++++
doc/man7/EVP_MD-common.pod | 67 ++++++++
doc/man7/OSSL_PROVIDER-FIPS.pod | 131 ++++++++++++++-
doc/man7/OSSL_PROVIDER-default.pod | 226 ++++++++++++++++++++++++++
doc/man7/OSSL_PROVIDER-legacy.pod | 92 +++++++++++
doc/man7/provider-digest.pod | 41 +----
providers/implementations/digests/sha3_prov.c | 2 +-
util/missingcrypto.txt | 39 +++++
21 files changed, 1215 insertions(+), 83 deletions(-)
create mode 100644 doc/man7/EVP_MD-BLAKE2.pod
create mode 100644 doc/man7/EVP_MD-MD2.pod
create mode 100644 doc/man7/EVP_MD-MD4.pod
create mode 100644 doc/man7/EVP_MD-MD5-SHA1.pod
create mode 100644 doc/man7/EVP_MD-MD5.pod
create mode 100644 doc/man7/EVP_MD-MDC2.pod
create mode 100644 doc/man7/EVP_MD-RIPEMD160.pod
create mode 100644 doc/man7/EVP_MD-SHA1.pod
create mode 100644 doc/man7/EVP_MD-SHA2.pod
create mode 100644 doc/man7/EVP_MD-SHA3.pod
create mode 100644 doc/man7/EVP_MD-SHAKE.pod
create mode 100644 doc/man7/EVP_MD-SM3.pod
create mode 100644 doc/man7/EVP_MD-WHIRLPOOL.pod
create mode 100644 doc/man7/EVP_MD-common.pod
create mode 100644 doc/man7/OSSL_PROVIDER-default.pod
create mode 100644 doc/man7/OSSL_PROVIDER-legacy.pod
diff --git a/doc/man3/EVP_DigestInit.pod b/doc/man3/EVP_DigestInit.pod
index ef40ae49f8..628e7c234f 100644
--- a/doc/man3/EVP_DigestInit.pod
+++ b/doc/man3/EVP_DigestInit.pod
@@ -110,8 +110,8 @@ The B<EVP_MD> type is a structure for digest method implementation.
=item EVP_MD_fetch()
-Fetches the digest implementation for the given B<algorithm> from any
-provider offering it, within the criteria given by the B<properties>.
+Fetches the digest implementation for the given I<algorithm> from any
+provider offering it, within the criteria given by the I<properties>.
See L<provider(7)/Fetching algorithms> for further information.
The returned value must eventually be freed with EVP_MD_free().
@@ -133,37 +133,45 @@ Allocates and returns a digest context.
=item EVP_MD_CTX_reset()
-Resets the digest context B<ctx>. This can be used to reuse an already
+Resets the digest context I<ctx>. This can be used to reuse an already
existing context.
=item EVP_MD_CTX_free()
-Cleans up digest context B<ctx> and frees up the space allocated to it.
+Cleans up digest context I<ctx> and frees up the space allocated to it.
=item EVP_MD_CTX_ctrl()
-This is a legacy method. EVP_MD_CTX_set_params() and EVP_MD_CTX_get_params()
+I<This is a legacy method. EVP_MD_CTX_set_params() and EVP_MD_CTX_get_params()
is the mechanism that should be used to set and get parameters that are used by
-providers.
-Performs digest-specific control actions on context B<ctx>. The control command
-is indicated in B<cmd> and any additional arguments in B<p1> and B<p2>.
+providers.>
+
+Performs digest-specific control actions on context I<ctx>. The control command
+is indicated in I<cmd> and any additional arguments in I<p1> and I<p2>.
EVP_MD_CTX_ctrl() must be called after EVP_DigestInit_ex(). Other restrictions
may apply depending on the control type and digest implementation.
-See L</CONTROLS> below for more information.
+
+If this function happens to be used with a fetched B<EVP_MD>, it will
+translate the controls that are known to OpenSSL into L<OSSL_PARAM(3)>
+parameters with keys defined by OpenSSL and call EVP_MD_CTX_get_params() or
+EVP_MD_CTX_set_params() as is appropriate for each control command.
+
+See L</CONTROLS> below for more information, including what translations are
+being done.
=item EVP_MD_get_params()
-Retrieves the requested list of B<params> from a MD B<md>.
+Retrieves the requested list of I<params> from a MD I<md>.
See L</PARAMETERS> below for more information.
=item EVP_MD_CTX_get_params()
-Retrieves the requested list of B<params> from a MD context B<ctx>.
+Retrieves the requested list of I<params> from a MD context I<ctx>.
See L</PARAMETERS> below for more information.
=item EVP_MD_CTX_set_params()
-Sets the list of B<params> into a MD context B<ctx>.
+Sets the list of I<params> into a MD context I<ctx>.
See L</PARAMETERS> below for more information.
=item EVP_MD_gettable_params(), EVP_MD_gettable_ctx_params(),
@@ -181,36 +189,36 @@ See L<OSSL_PARAM(3)> for the use of B<OSSL_PARAM> as parameter descriptor.
=item EVP_MD_CTX_set_flags(), EVP_MD_CTX_clear_flags(), EVP_MD_CTX_test_flags()
-Sets, clears and tests B<ctx> flags. See L</FLAGS> below for more information.
+Sets, clears and tests I<ctx> flags. See L</FLAGS> below for more information.
=item EVP_Digest()
A wrapper around the Digest Init_ex, Update and Final_ex functions.
-Hashes B<count> bytes of data at B<data> using a digest B<type> from ENGINE
-B<impl>. The digest value is placed in B<md> and its length is written at B<size>
+Hashes I<count> bytes of data at I<data> using a digest I<type> from ENGINE
+I<impl>. The digest value is placed in I<md> and its length is written at I<size>
if the pointer is not NULL. At most B<EVP_MAX_MD_SIZE> bytes will be written.
-If B<impl> is NULL the default implementation of digest B<type> is used.
+If I<impl> is NULL the default implementation of digest I<type> is used.
=item EVP_DigestInit_ex()
-Sets up digest context B<ctx> to use a digest B<type>.
-B<type> is typically supplied by a function such as EVP_sha1(), or a
+Sets up digest context I<ctx> to use a digest I<type>.
+I<type> is typically supplied by a function such as EVP_sha1(), or a
value explicitly fetched with EVP_MD_fetch().
-If B<impl> is non-NULL, its implementation of the digest B<type> is used if
+If I<impl> is non-NULL, its implementation of the digest I<type> is used if
there is one, and if not, the default implementation is used.
=item EVP_DigestUpdate()
-Hashes B<cnt> bytes of data at B<d> into the digest context B<ctx>. This
-function can be called several times on the same B<ctx> to hash additional
+Hashes I<cnt> bytes of data at I<d> into the digest context I<ctx>. This
+function can be called several times on the same I<ctx> to hash additional
data.
=item EVP_DigestFinal_ex()
-Retrieves the digest value from B<ctx> and places it in B<md>. If the B<s>
+Retrieves the digest value from I<ctx> and places it in I<md>. If the I<s>
parameter is not NULL then the number of bytes of data written (i.e. the
-length of the digest) will be written to the integer at B<s>, at most
+length of the digest) will be written to the integer at I<s>, at most
B<EVP_MAX_MD_SIZE> bytes will be written. After calling EVP_DigestFinal_ex()
no additional calls to EVP_DigestUpdate() can be made, but
EVP_DigestInit_ex() can be called to initialize a new digest operation.
@@ -218,13 +226,13 @@ EVP_DigestInit_ex() can be called to initialize a new digest operation.
=item EVP_DigestFinalXOF()
Interfaces to extendable-output functions, XOFs, such as SHAKE128 and SHAKE256.
-It retrieves the digest value from B<ctx> and places it in B<len>-sized <B>md.
+It retrieves the digest value from I<ctx> and places it in I<len>-sized <B>md.
After calling this function no additional calls to EVP_DigestUpdate() can be
made, but EVP_DigestInit_ex() can be called to initialize a new operation.
=item EVP_MD_CTX_copy_ex()
-Can be used to copy the message digest state from B<in> to B<out>. This is
+Can be used to copy the message digest state from I<in> to I<out>. This is
useful if large amounts of data are to be hashed which only differ in the last
few bytes.
@@ -235,12 +243,12 @@ default digest implementation and calls EVP_MD_CTX_reset().
=item EVP_DigestFinal()
-Similar to EVP_DigestFinal_ex() except the digest context B<ctx> is
+Similar to EVP_DigestFinal_ex() except the digest context I<ctx> is
automatically cleaned up.
=item EVP_MD_CTX_copy()
-Similar to EVP_MD_CTX_copy_ex() except the destination B<out> does not have to
+Similar to EVP_MD_CTX_copy_ex() except the destination I<out> does not have to
be initialized.
=item EVP_MD_is_a()
@@ -311,17 +319,17 @@ should not be used after the EVP_MD_CTX is freed.
=item EVP_MD_CTX_set_update_fn()
-Sets the update function for B<ctx> to B<update>.
+Sets the update function for I<ctx> to I<update>.
This is the function that is called by EVP_DigestUpdate. If not set, the
update function from the B<EVP_MD> type specified at initialization is used.
=item EVP_MD_CTX_update_fn()
-Returns the update function for B<ctx>.
+Returns the update function for I<ctx>.
=item EVP_MD_flags()
-Returns the B<md> flags. Note that these are different from the B<EVP_MD_CTX>
+Returns the I<md> flags. Note that these are different from the B<EVP_MD_CTX>
ones. See L<EVP_MD_meth_set_flags(3)> for more information.
=item EVP_MD_pkey_type()
@@ -345,16 +353,16 @@ B<ASN1_OBJECT> structure respectively.
=item EVP_MD_CTX_pkey_ctx()
-Returns the B<EVP_PKEY_CTX> assigned to B<ctx>. The returned pointer should not
+Returns the B<EVP_PKEY_CTX> assigned to I<ctx>. The returned pointer should not
be freed by the caller.
=item EVP_MD_CTX_set_pkey_ctx()
Assigns an B<EVP_PKEY_CTX> to B<EVP_MD_CTX>. This is usually used to provide
a customized B<EVP_PKEY_CTX> to L<EVP_DigestSignInit(3)> or
-L<EVP_DigestVerifyInit(3)>. The B<pctx> passed to this function should be freed
-by the caller. A NULL B<pctx> pointer is also allowed to clear the B<EVP_PKEY_CTX>
-assigned to B<ctx>. In such case, freeing the cleared B<EVP_PKEY_CTX> or not
+L<EVP_DigestVerifyInit(3)>. The I<pctx> passed to this function should be freed
+by the caller. A NULL I<pctx> pointer is also allowed to clear the B<EVP_PKEY_CTX>
+assigned to I<ctx>. In such case, freeing the cleared B<EVP_PKEY_CTX> or not
depends on how the B<EVP_PKEY_CTX> is created.
=item EVP_MD_do_all_provided()
@@ -382,7 +390,7 @@ using a B<size_t>.
=item "pad_type" (B<OSSL_PARAM_DIGEST_KEY_PAD_TYPE>) <integer>
-Sets the pad type.
+Sets the padding type.
It is used by the MDC2 algorithm.
=back
@@ -409,15 +417,21 @@ EVP_MD_CTX_ctrl() can be used to send the following standard controls:
Gets the digest Message Integrity Check algorithm string. This is used when
creating S/MIME multipart/signed messages, as specified in RFC 3851.
-The string value is written to B<p2>.
+The string value is written to I<p2>.
+
+When used with a fetched B<EVP_MD>, EVP_MD_CTX_get_params() gets called with
+an L<OSSL_PARAM(3)> item with the key "micalg" (B<OSSL_DIGEST_PARAM_MICALG>).
=item EVP_MD_CTRL_XOF_LEN
-This control sets the digest length for extendable output functions to B<p1>.
+This control sets the digest length for extendable output functions to I<p1>.
Sending this control directly should not be necessary, the use of
-C<EVP_DigestFinalXOF()> is preferred.
+EVP_DigestFinalXOF() is preferred.
Currently used by SHAKE.
+When used with a fetched B<EVP_MD>, EVP_MD_CTX_get_params() gets called with
+an L<OSSL_PARAM(3)> item with the key "xoflen" (B<OSSL_DIGEST_PARAM_XOFLEN>).
+
=back
=head1 FLAGS
@@ -529,7 +543,7 @@ New applications should use the SHA-2 (such as L<EVP_sha256(3)>) or the SHA-3
digest algorithms (such as L<EVP_sha3_512(3)>). The other digest algorithms
are still in common use.
-For most applications the B<impl> parameter to EVP_DigestInit_ex() will be
+For most applications the I<impl> parameter to EVP_DigestInit_ex() will be
set to NULL to use the default digest implementation.
The functions EVP_DigestInit(), EVP_DigestFinal() and EVP_MD_CTX_copy() are
diff --git a/doc/man7/EVP_MD-BLAKE2.pod b/doc/man7/EVP_MD-BLAKE2.pod
new file mode 100644
index 0000000000..be3b0b9286
--- /dev/null
+++ b/doc/man7/EVP_MD-BLAKE2.pod
@@ -0,0 +1,46 @@
+=pod
+
+=head1 NAME
+
+EVP_MD-BLAKE2 - The BLAKE2 EVP_MD implementation
+
+=head1 DESCRIPTION
+
+Support for computing SHA2 digests through the B<EVP_MD> API.
+
+=head2 Identities
+
+This implementation is only available with the default provider, and
+includes the following varieties:
+
+=over 4
+
+=item BLAKE2S-256
+
+Known names are "BLAKE2S-256" and "BLAKE2s256".
+
+=item BLAKE2B-512
+
+Known names are "BLAKE2B-512" and "BLAKE2b512".
+
+=back
+
+=head2 Gettable Parameters
+
+This implementation supports the common gettable parameters described
+in L<EVP_MD-common(7)>.
+
+=head1 SEE ALSO
+
+L<provider-digest(7)>, L<OSSL_PROVIDER-default(7)>
+
+=head1 COPYRIGHT
+
+Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the Apache License 2.0 (the "License"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
+
+=cut
diff --git a/doc/man7/EVP_MD-MD2.pod b/doc/man7/EVP_MD-MD2.pod
new file mode 100644
index 0000000000..61fc42fc4d
--- /dev/null
+++ b/doc/man7/EVP_MD-MD2.pod
@@ -0,0 +1,34 @@
+=pod
+
+=head1 NAME
+
+EVP_MD-MD2 - The MD2 EVP_MD implementation
+
+=head1 DESCRIPTION
+
+Support for computing MD2 digests through the B<EVP_MD> API.
+
+=head2 Identity
+
+This implementation is only available with the legacy provider, and is
+identified with the name "MD2".
+
+=head2 Gettable Parameters
+
+This implementation supports the common gettable parameters described
+in L<EVP_MD-common(7)>.
+
+=head1 SEE ALSO
+
+L<provider-digest(7)>, L<OSSL_PROVIDER-default(7)>
+
+=head1 COPYRIGHT
+
+Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the Apache License 2.0 (the "License"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
+
+=cut
diff --git a/doc/man7/EVP_MD-MD4.pod b/doc/man7/EVP_MD-MD4.pod
new file mode 100644
index 0000000000..0a3f97c47b
--- /dev/null
+++ b/doc/man7/EVP_MD-MD4.pod
@@ -0,0 +1,34 @@
+=pod
+
+=head1 NAME
+
+EVP_MD-MD4 - The MD4 EVP_MD implementation
+
+=head1 DESCRIPTION
+
+Support for computing MD4 digests through the B<EVP_MD> API.
+
+=head2 Identity
+
+This implementation is only available with the legacy provider, and is
+identified with the name "MD4".
+
+=head2 Gettable Parameters
+
+This implementation supports the common gettable parameters described
+in L<EVP_MD-common(7)>.
+
+=head1 SEE ALSO
+
+L<provider-digest(7)>, L<OSSL_PROVIDER-default(7)>
+
+=head1 COPYRIGHT
+
+Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the Apache License 2.0 (the "License"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
+
+=cut
diff --git a/doc/man7/EVP_MD-MD5-SHA1.pod b/doc/man7/EVP_MD-MD5-SHA1.pod
new file mode 100644
index 0000000000..61652ad5c6
--- /dev/null
+++ b/doc/man7/EVP_MD-MD5-SHA1.pod
@@ -0,0 +1,56 @@
+=pod
+
+=head1 NAME
+
+EVP_MD-MD5-SHA1 - The MD5-SHA1 EVP_MD implementation
+
+=head1 DESCRIPTION
+
+Support for computing MD5-SHA1 digests through the B<EVP_MD> API.
+
+MD5-SHA1 is a rather special digest that's used with SSLv3.
+
+=head2 Identity
+
+This implementation is only available with the default provider, and is
+identified with the name "MD5-SHA1".
+
+=head2 Gettable Parameters
+
+This implementation supports the common gettable parameters described
+in L<EVP_MD-common(7)>.
+
+=head2 Settable Context Parameters
+
+This implementation supports the following L<OSSL_PARAM(3)> entries,
+settable for an B<EVP_MD_CTX> with L<EVP_MD_CTX_set_params(3)>:
+
+=over 4
+
+=item "ssl3-ms" (B<OSSL_DIGEST_PARAM_SSL3_MS>) <octet string>
+
+This parameter is set by libssl in order to calculate a signature hash for an
+SSLv3 CertificateVerify message as per RFC6101.
+It is only set after all handshake messages have already been digested via
+OP_digest_update() calls.
+The parameter provides the master secret value to be added to the digest.
+The digest implementation should calculate the complete digest as per RFC6101
+section 5.6.8.
+The next call after setting this parameter should be OP_digest_final().
+
+=back
+
+=head1 SEE ALSO
+
+L<EVP_MD_CTX_set_params(3)>, L<provider-digest(7)>, L<OSSL_PROVIDER-default(7)>
+
+=head1 COPYRIGHT
+
+Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the Apache License 2.0 (the "License"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
+
+=cut
diff --git a/doc/man7/EVP_MD-MD5.pod b/doc/man7/EVP_MD-MD5.pod
new file mode 100644
index 0000000000..98ae2c5be5
--- /dev/null
+++ b/doc/man7/EVP_MD-MD5.pod
@@ -0,0 +1,34 @@
+=pod
+
+=head1 NAME
+
+EVP_MD-MD5 - The MD5 EVP_MD implementation
+
+=head1 DESCRIPTION
+
+Support for computing MD5 digests through the B<EVP_MD> API.
+
+=head2 Identity
+
+This implementation is only available with the default provider, and is
+identified with the name "MD5".
+
+=head2 Gettable Parameters
+
+This implementation supports the common gettable parameters described
+in L<EVP_MD-common(7)>.
+
+=head1 SEE ALSO
+
+L<provider-digest(7)>, L<OSSL_PROVIDER-default(7)>
+
+=head1 COPYRIGHT
+
+Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the Apache License 2.0 (the "License"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
+
+=cut
diff --git a/doc/man7/EVP_MD-MDC2.pod b/doc/man7/EVP_MD-MDC2.pod
new file mode 100644
index 0000000000..516e19da19
--- /dev/null
+++ b/doc/man7/EVP_MD-MDC2.pod
@@ -0,0 +1,50 @@
+=pod
+
+=head1 NAME
+
+EVP_MD-MDC2 - The MDC2 EVP_MD implementation
+
+=head1 DESCRIPTION
+
+Support for computing MDC2 digests through the B<EVP_MD> API.
+
+=head2 Identity
+
+This implementation is only available with the legacy provider, and is
+identified with the name "MDC2".
+
+=head2 Gettable Parameters
+
+This implementation supports the common gettable parameters described
+in L<EVP_MD-common(7)>.
+
+=head2 Settable Context Parameters
+
+This implementation supports the following L<OSSL_PARAM(3)> entries,
+settable for an B<EVP_MD_CTX> with L<EVP_MD_CTX_set_params(3)>:
+
+=over 4
+
+=item "pad_type" (B<OSSL_DIGEST_PARAM_PAD_TYPE>) <unsigned integer>
+
+Sets the padding type to be used.
+Normally the final MDC2 block is padded with zeros.
+If the pad type is set to 2 then the final block is padded with 0x80 followed by
+zeros.
+
+=back
+
+=head1 SEE ALSO
+
+L<EVP_MD_CTX_set_params(3)>, L<provider-digest(7)>, L<OSSL_PROVIDER-legacy(7)>
+
+=head1 COPYRIGHT
+
+Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the Apache License 2.0 (the "License"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
+
+=cut
diff --git a/doc/man7/EVP_MD-RIPEMD160.pod b/doc/man7/EVP_MD-RIPEMD160.pod
new file mode 100644
index 0000000000..0504e9b302
--- /dev/null
+++ b/doc/man7/EVP_MD-RIPEMD160.pod
@@ -0,0 +1,35 @@
+=pod
+
+=head1 NAME
+
+EVP_MD-RIPEMD160 - The RIPEMD160 EVP_MD implementation
+
+=head1 DESCRIPTION
+
+Support for computing RIPEMD160 digests through the B<EVP_MD> API.
+
+=head2 Identities
+
+This implementation is only available with the legacy provider, and is
+identified with any of the names "RIPEMD-160", "RIPEMD160", "RIPEMD" and
+"RMD160".
+
+=head2 Gettable Parameters
+
+This implementation supports the common gettable parameters described
+in L<EVP_MD-common(7)>.
+
+=head1 SEE ALSO
+
+L<provider-digest(7)>, L<OSSL_PROVIDER-default(7)>
+
+=head1 COPYRIGHT
+
+Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the Apache License 2.0 (the "License"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
+
+=cut
diff --git a/doc/man7/EVP_MD-SHA1.pod b/doc/man7/EVP_MD-SHA1.pod
new file mode 100644
index 0000000000..5fd94df4ce
--- /dev/null
+++ b/doc/man7/EVP_MD-SHA1.pod
@@ -0,0 +1,55 @@
+=pod
+
+=head1 NAME
+
+EVP_MD-SHA1 - The SHA1 EVP_MD implementation
+
+=head1 DESCRIPTION
+
+Support for computing SHA1 digests through the B<EVP_MD> API.
+
+=head2 Identities
+
+This implementation is available with the FIPS provider as well as the
+default provider, and is identified with the names "SHA1" and "SHA-1".
+
+=head2 Gettable Parameters
+
+This implementation supports the common gettable parameters described
+in L<EVP_MD-common(7)>.
+
+=head2 Settable Context Parameters
+
+This implementation supports the following L<OSSL_PARAM(3)> entries,
+settable for an B<EVP_MD_CTX> with L<EVP_MD_CTX_set_params(3)>:
+
+=over 4
+
+=item "ssl3-ms" (B<OSSL_DIGEST_PARAM_SSL3_MS>) <octet string>
+
+This parameter is set by libssl in order to calculate a signature hash for an
+SSLv3 CertificateVerify message as per RFC6101.
+It is only set after all handshake messages have already been digested via
+OP_digest_update() calls.
+The parameter provides the master secret value to be added to the digest.
+The digest implementation should calculate the complete digest as per RFC6101
+section 5.6.8.
+The next call after setting this parameter should be OP_digest_final().
+
+=back
+
+=head1 SEE ALSO
+
+L<EVP_MD_CTX_set_params(3)>, L<provider-digest(7)>,
+L<OSSL_PROVIDER-FIPS(7)>, L<OSSL_PROVIDER-default(7)>
+
+=head1 COPYRIGHT
+
+Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the Apache License 2.0 (the "License"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
+
+=cut
diff --git a/doc/man7/EVP_MD-SHA2.pod b/doc/man7/EVP_MD-SHA2.pod
new file mode 100644
index 0000000000..2a2e799d89
--- /dev/null
+++ b/doc/man7/EVP_MD-SHA2.pod
@@ -0,0 +1,77 @@
+=pod
+
+=head1 NAME
+
+EVP_MD-SHA2 - The SHA2 EVP_MD implementation
+
+=head1 DESCRIPTION
+
+Support for computing SHA2 digests through the B<EVP_MD> API.
+
+=head2 Identities
+
+This implementation includes the following varieties:
+
+=over 4
+
+=item *
+
+Available with the FIPS provider as well as the default provider:
+
+=over 4
+
+=item SHA2-224
+
+Known names are "SHA2-224", "SHA-224" and "SHA224".
+
+=item SHA2-256
+
+Known names are "SHA2-256", "SHA-256" and "SHA256".
+
+=item SHA2-384
+
+Known names are "SHA2-384", "SHA-384" and "SHA384".
+
+=item SHA2-512
+
+Known names are "SHA2-512", "SHA-512" and "SHA512".
+
+=back
+
+=item *
+
+Available with the default provider:
+
+=over 4
+
+=item SHA2-512/224
+
+Known names are "SHA2-512/224", "SHA-512/224" and "SHA512-224".
+
+=item SHA2-512/256
+
+Known names are "SHA2-512/256", "SHA-512/256" and "SHA512-256".
+
+=back
+
+=back
+
+=head2 Gettable Parameters
+
+This implementation supports the common gettable parameters described
+in L<EVP_MD-common(7)>.
+
+=head1 SEE ALSO
+
+L<provider-digest(7)>, L<OSSL_PROVIDER-FIPS(7)>, L<OSSL_PROVIDER-default(7)>
+
+=head1 COPYRIGHT
+
+Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the Apache License 2.0 (the "License"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
+
+=cut
diff --git a/doc/man7/EVP_MD-SHA3.pod b/doc/man7/EVP_MD-SHA3.pod
new file mode 100644
index 0000000000..bc5c3508be
--- /dev/null
+++ b/doc/man7/EVP_MD-SHA3.pod
@@ -0,0 +1,46 @@
+=pod
+
+=head1 NAME
+
+EVP_MD-SHA3 - The SHA3 EVP_MD implementations
+
+=head1 DESCRIPTION
+
+Support for computing SHA3 digests through the B<EVP_MD> API.
+
+=head2 Identities
+
+This implementation is available with the FIPS provider as well as the
+default provider, and includes the following varieties:
+
+=over 4
+
+=item "SHA3-224"
+
+=item "SHA3-256"
+
+=item "SHA3-384"
+
+=item "SHA3-512"
+
+=back
+
+=head2 Gettable Parameters
+
+This implementation supports the common gettable parameters described
+in L<EVP_MD-common(7)>.
+
+=head1 SEE ALSO
+
+L<provider-digest(7)>, L<OSSL_PROVIDER-FIPS(7)>, L<OSSL_PROVIDER-default(7)>
+
+=head1 COPYRIGHT
+
+Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the Apache License 2.0 (the "License"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
+
+=cut
diff --git a/doc/man7/EVP_MD-SHAKE.pod b/doc/man7/EVP_MD-SHAKE.pod
new file mode 100644
index 0000000000..2426d5a4a2
--- /dev/null
+++ b/doc/man7/EVP_MD-SHAKE.pod
@@ -0,0 +1,73 @@
+=pod
+
+=head1 NAME
+
+EVP_MD-SHAKE, EVP_MD-KECCAK-KMAC
+- The SHAKE / KECCAK family EVP_MD implementations
+
+=head1 DESCRIPTION
+
+Support for computing SHAKE or KECCAK-KMAC digests through the
+B<EVP_MD> API.
+
+KECCAK-KMAC is a special digest that's used by the KMAC EVP_MAC
+implementation (see L<EVP_MAC-KMAC(7)>).
+
+=head2 Identities
+
+This implementation is only available with the default provider, and
+includes the following varieties:
+
+=over 4
+
+=item KECCAK-KMAC-128
+
+Known names are "KECCAK-KMAC-128" and "KECCAK-KMAC128"
+
+=item KECCAK-KMAC-256
+
+Known names are "KECCAK-KMAC-256" and "KECCAK-KMAC256"
+
+=item SHAKE-128
+
+Known names are "SHAKE-128" and "SHAKE128"
+
+=item SHAKE-256
+
+Known names are "SHAKE-256" and "SHAKE256"
+
+=back
+
+=head2 Gettable Parameters
+
+This implementation supports the common gettable parameters described
+in L<EVP_MD-common(7)>.
+
+=head2 Settable Context Parameters
+
+These implementations support the following L<OSSL_PARAM(3)> entries,
+settable for an B<EVP_MD_CTX> with L<EVP_MD_CTX_set_params(3)>:
+
+=over 4
+
+=item "xoflen" (B<OSSL_DIGEST_PARAM_XOFLEN>) <unsigned integer>
+
+Sets the digest length for extendable output functions.
+The length of the "xoflen" parameter should not exceed that of a B<size_t>.
+
+=back
+
+=head1 SEE ALSO
+
+L<EVP_MD_CTX_set_params(3)>, L<provider-digest(7)>, L<OSSL_PROVIDER-default(7)>
+
+=head1 COPYRIGHT
+
+Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the Apache License 2.0 (the "License"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
+
+=cut
diff --git a/doc/man7/EVP_MD-SM3.pod b/doc/man7/EVP_MD-SM3.pod
new file mode 100644
index 0000000000..355c52ec84
--- /dev/null
+++ b/doc/man7/EVP_MD-SM3.pod
@@ -0,0 +1,34 @@
+=pod
+
+=head1 NAME
+
+EVP_MD-SM3 - The SM3 EVP_MD implementations
+
+=head1 DESCRIPTION
+
+Support for computing SM3 digests through the B<EVP_MD> API.
+
+=head2 Identity
+
+This implementation is only available with the default provider, and is
+identified with the name "SM3".
+
+=head2 Gettable Parameters
+
+This implementation supports the common gettable parameters described
+in L<EVP_MD-common(7)>.
+
+=head1 SEE ALSO
+
+L<provider-digest(7)>, L<OSSL_PROVIDER-default(7)>
+
+=head1 COPYRIGHT
+
+Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the Apache License 2.0 (the "License"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
+
+=cut
diff --git a/doc/man7/EVP_MD-WHIRLPOOL.pod b/doc/man7/EVP_MD-WHIRLPOOL.pod
new file mode 100644
index 0000000000..2252ab2dba
--- /dev/null
+++ b/doc/man7/EVP_MD-WHIRLPOOL.pod
@@ -0,0 +1,34 @@
+=pod
+
+=head1 NAME
+
+EVP_MD-WHIRLPOOL - The WHIRLPOOL EVP_MD implementation
+
+=head1 DESCRIPTION
+
+Support for computing WHIRLPOOL digests through the B<EVP_MD> API.
+
+=head2 Identity
+
+This implementation is only available with the legacy provider, and is
+identified with the name "WHIRLPOOL".
+
+=head2 Gettable Parameters
+
+This implementation supports the common gettable parameters described
+in L<EVP_MD-common(7)>.
+
+=head1 SEE ALSO
+
+L<provider-digest(7)>, L<OSSL_PROVIDER-default(7)>
+
+=head1 COPYRIGHT
+
+Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the Apache License 2.0 (the "License"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
+
+=cut
diff --git a/doc/man7/EVP_MD-common.pod b/doc/man7/EVP_MD-common.pod
new file mode 100644
index 0000000000..783844988b
--- /dev/null
+++ b/doc/man7/EVP_MD-common.pod
@@ -0,0 +1,67 @@
+=pod
+
+=head1 NAME
+
+EVP_MD-common - The OpenSSL EVP_MD implementations, common things
+
+=head1 DESCRIPTION
+
+All the OpenSSL EVP_MD implementations understand the following
+L<OSSL_PARAM(3)> entries:
+
+=over 4
+
+Gettable with L<EVP_MD_get_params(3)>:
+
+=over 4
+
+=item "blocksize" (B<OSSL_DIGEST_PARAM_BLOCK_SIZE>) <unsigned integer>
+
+The digest block size.
+The length of the "blocksize" parameter should not exceed that of a
+B<size_t>.
+
+This value can also be retrieved with L<EVP_MD_block_size(3)>.
+
+=item "size" (B<OSSL_DIGEST_PARAM_SIZE>) <unsigned integer>
+
+The digest output size.
+The length of the "size" parameter should not exceed that of a B<size_t>.
+
+This value can also be retrieved with L<EVP_MD_size(3)>.
+
+=item "flags" (B<OSSL_DIGEST_PARAM_FLAGS>) <unsigned integer>
+
+Diverse flags that describe exceptional behaviour for the digest.
+These flags are described in L<EVP_MD_meth_set_flags(3)/DESCRIPTION>.
+
+The length of the "flags" parameter should equal that of an
+B<unsigned long int>.
+
+=begin comment
+
+The description of these flags should probably be moved. Also,
+EVP_MD_FLAG_FIPS isn't relevant any more.
+
+=end comment
+
+This value can also be retrieved with L<EVP_MD_flags(3)>.
+
+=back
+
+=back
+
+=head1 SEE ALSO
+
+L<EVP_MD_get_params(3)>, L<provider-digest(7)>
+
+=head1 COPYRIGHT
+
+Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the Apache License 2.0 (the "License"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
+
+=cut
diff --git a/doc/man7/OSSL_PROVIDER-FIPS.pod b/doc/man7/OSSL_PROVIDER-FIPS.pod
index 1cb75e7c87..56844deeb9 100644
--- a/doc/man7/OSSL_PROVIDER-FIPS.pod
+++ b/doc/man7/OSSL_PROVIDER-FIPS.pod
@@ -2,15 +2,136 @@
=head1 NAME
-OSSL_PROVIDER-FIPS - OPENSSL FIPS provider
+OSSL_PROVIDER-FIPS - OpenSSL FIPS provider
=head1 DESCRIPTION
-The OPENSSL FIPS provider is a special provider that conforms to the Federal
+The OpenSSL FIPS provider is a special provider that conforms to the Federal
Information Processing Standards (FIPS) specified in FIPS 140-2. This 'module'
contains an approved set of cryptographic algorithms that is validated by an
accredited testing laboratory.
+=head2 Properties
+
+The implementations in this provider specifically have these properties
+defined:
+
+=over 4
+
+"provider=default"
+
+"fips=yes"
+
+=back
+
+It may be used in a property query string with fetching functions such as
+L<EVP_MD_fetch(3)> or L<EVP_CIPHER_fetch(3)>, as well as with other
+functions that take a property query string, such as
+L<EVP_PKEY_CTX_new_from_name(3)>.
+
+It isn't mandatory to query for any of these properties, except to
+make sure to get implementations of this provider and none other.
+
+The "fips=yes" property can be use to make sure only FIPS approved
+implementations are used for crypto operations. This may also include
+other non-crypto support operations that are not in the fips provider,
+such as asymmetric key serializers,
+see L<OSSL_PROVIDER-default(7)/Asymmetric Key Management>.
+
+=head1 OPERATIONS AND ALGORITHMS
+
+The OpenSSL FIPS provider supports these operations and algorithms:
+
+=head2 Hashing Algorithms / Message Digests
+
+=over 4
+
+=item SHA1, see L<EVP_MD-SHA1(7)>
+
+=item SHA2, see L<EVP_MD-SHA2(7)>
+
+=item SHA3, see L<EVP_MD-SHA3(7)>
+
+=item KECCAK-KMAC, see L<EVP_MD-KECCAK-KMAC(7)>
+
+=back
+
+=head2 Symmetric Ciphers
+
+=over 4
+
+=item AES, see L<EVP_CIPHER-AES(7)>
+
+=item DES-EDE3 (TrippleDES), see L<EVP_CIPHER-DES(7)>
+
+=back
+
+=head2 Message Authentication Code (MAC)
+
+=over 4
+
+=item CMAC, see L<EVP_MAC-CMAC(7)>
+
+=item GMAC, see L<EVP_MAC-GMAC(7)>
+
+=item HMAC, see L<EVP_MAC-HMAC(7)>
+
+=item KMAC, see L<EVP_MAC-KMAC(7)>
+
+=back
+
+=head2 Key Derivation Function (KDF)
+
+=over 4
+
+=item HKDF, see L<EVP_KDF-HKDF(7)>
+
+=item SSKDF, see L<EVP_KDF-SSKDF(7)>
+
+=item PBKDF2, see L<EVP_KDF-PBKDF2(7)>
+
+=item TLS1-PRF, see L<EVP_KDF-TLS1-PRF(7)>
+
+=item KBKDF, see L<EVP_KDF-KBKDF(7)>
+
+=back
+
+=head2 Key Exchange
+
+=over 4
+
+=item DH, see L<EVP_KEYEXCH-DH(7)>
+
+=back
+
+=head2 Asymmetric Signature
+
+=over 4
+
+=item DSA, see L<EVP_KEYEXCH-DSA(7)>
+
+=back
+
+=head2 Asymmetric Cipher
+
+=over 4
+
+=item RSA, see L<EVP_KEYEXCH-RSA(7)>
+
+=back
+
+=head2 Asymmetric Key Management
+
+=over 4
+
+=item DH, see L<EVP_KEYMGMT-DH(7)>
+
+=item DSA, see L<EVP_KEYMGMT-DSA(7)>
+
+=item RSA, see L<EVP_KEYMGMT-RSA(7)>
+
+=back
+
=head1 SELF TESTING
One of the requirements for the FIPS module is self testing. An optional callback
@@ -19,7 +140,7 @@ L<OSSL_SELF_TEST_set_callback(3)>.
The parameters passed to the callback are described in L<OSSL_SELF_TEST_new(3)>
-The OPENSSL FIPS module uses the following mechanism to provide information
+The OpenSSL FIPS module uses the following mechanism to provide information
about the self tests as they run.
This is useful for debugging if a self test is failing.
The callback also allows forcing any self test to fail, in order to check that
@@ -196,7 +317,9 @@ L<fips_config(5)>,
L<OSSL_SELF_TEST_set_callback(3)>,
L<OSSL_SELF_TEST_new(3)>,
L<OSSL_PARAM(3)>,
-L<openssl-core.h(7)>
+L<openssl-core.h(7)>,
+L<openssl-core_numbers.h(7)>,
+L<provider(7)>
=head1 HISTORY
diff --git a/doc/man7/OSSL_PROVIDER-default.pod b/doc/man7/OSSL_PROVIDER-default.pod
new file mode 100644
index 0000000000..acfd4d0e07
--- /dev/null
+++ b/doc/man7/OSSL_PROVIDER-default.pod
@@ -0,0 +1,226 @@
+=pod
+
+=head1 NAME
+
+OSSL_PROVIDER-default - OpenSSL default provider
+
+=head1 DESCRIPTION
+
+The OpenSSL default provider supplies the majority of OpenSSL's diverse
+algorithm implementations. It also acts as a fallback when no other
+provider has been loaded.
+
+=head2 Properties
+
+The implementations in this provider specifically have this property
+defined:
+
+=over 4
+
+"provider=default"
+
+=back
+
+It may be used in a property query string with fetching functions such as
+L<EVP_MD_fetch(3)> or L<EVP_CIPHER_fetch(3)>, as well as with other
+functions that take a property query string, such as
+L<EVP_PKEY_CTX_new_from_name(3)>.
+
+It isn't mandatory to query for this property, except to make sure to get
+implementations of this provider and none other.
+
+Some implementations may define additional properties. Exact information is
+listed below
+
+=head1 OPERATIONS AND ALGORITHMS
+
+The OpenSSL default provider supports these operations and algorithms:
+
+=head2 Hashing Algorithms / Message Digests
+
+=over 4
+
+=item SHA1, see L<EVP_MD-SHA1(7)>
+
+=item SHA2, see L<EVP_MD-SHA2(7)>
+
+=item SHA3, see L<EVP_MD-SHA3(7)>
+
+=item KECCAK-KMAC, see L<EVP_MD-KECCAK-KMAC(7)>
+
+=item SHAKE, see L<EVP_MD-SHAKE(7)>
+
+=item BLAKE2, see L<EVP_MD-BLAKE2(7)>
+
+=item SM3, see L<EVP_MD-SM3(7)>
+
+=item MD5, see L<EVP_MD-MD5(7)>
+
+=item MD5-SHA1, see L<EVP_MD-MD5-SHA1(7)>
+
+=back
+
+=head2 Symmetric Ciphers
+
+=over 4
+
+=item AES, see L<EVP_CIPHER-AES(7)>
+
+=item ARIA, see L<EVP_CIPHER-ARIA(7)>
+
+=item CAMELLIA, see L<EVP_CIPHER-CAMELLIA(7)>
+
+=item DES, see L<EVP_CIPHER-DES(7)>
+
+=item BF, see L<EVP_CIPHER-BF(7)>
+
+=item IDEA, see L<EVP_CIPHER-IDEA(7)>
+
+=item CAST5, see L<EVP_CIPHER-CAST5(7)>
+
+=item SEED, see L<EVP_CIPHER-SEED(7)>
+
+=item SM4, see L<EVP_CIPHER-SM4(7)>
+
+=item RC2, see L<EVP_CIPHER-RC2(7)>
+
+=item RC4, see L<EVP_CIPHER-RC4(7)>
+
+=item RC5, see L<EVP_CIPHER-RC5(7)>
+
+=item ChaCha20, see L<EVP_CIPHER-ChaCha20(7)>
+
+=item ChaCha20-Poly1305, see L<EVP_CIPHER-ChaCha20-Poly1305(7)>
+
+=back
+
+=head2 Message Authentication Code (MAC)
+
+=over 4
+
+=item BLAKE2, see L<EVP_MAC-BLAKE2(7)>
+
+=item CMAC, see L<EVP_MAC-CMAC(7)>
+
+=item GMAC, see L<EVP_MAC-GMAC(7)>
+
+=item HMAC, see L<EVP_MAC-HMAC(7)>
+
+=item KMAC, see L<EVP_MAC-KMAC(7)>
+
+=item SIPHASH, see L<EVP_MAC-Siphash(7)>
+
+=item POLY1305, see L<EVP_MAC-Poly1305(7)>
+
+=back
+
+=head2 Key Derivation Function (KDF)
+
+=over 4
+
+=item HKDF, see L<EVP_KDF-HKDF(7)>
+
+=item SSKDF, see L<EVP_KDF-SS(7)>
+
+=item PBKDF2, see L<EVP_KDF-PBKDF2(7)>
+
+=item SSHKDF, see L<EVP_KDF-SSHKDF(7)>
+
+=item TLS1-PRF, see L<EVP_KDF-TLS1_PRF(7)>
+
+=item KBKDF, see L<EVP_KDF-KB(7)>
+
+=item X942KDF, see L<EVP_KDF-X942(7)>
+
+=item SCRYPT, see L<EVP_KDF-SCRYPT(7)>
+
+=item KRB5KDF, see L<EVP_KDF-KRB5KDF(7)>
+
+=back
+
+=head2 Key Exchange
+
+=over 4
+
+=item DH, see L<EVP_KEYEXCH-DH(7)>
+
+=item ECDH, see L<EVP_KEYEXCH-ECDH(7)>
+
+=item X25519, see L<EVP_KEYEXCH-X25519(7)>
+
+=item X448, see L<EVP_KEYEXCH-X448(7)>
+
+=back
+
+=head2 Asymmetric Signature
+
+=over 4
+
+=item DSA, see L<EVP_SIGNATURE-DSA(7)>
+
+=item RSA, see L<EVP_SIGNATURE-RSA(7)>
+
+=back
+
+=head2 Asymmetric Cipher
+
+=over 4
+
+=item RSA, see L<EVP_ASYM_CIPHER-RSA(7)>
+
+=back
+
+=head2 Asymmetric Key Management
+
+=over 4
+
+=item DH, see L<EVP_KEYMGMT-DH(7)>
+
+=item DSA, see L<EVP_KEYMGMT-DSA(7)>
+
+=item RSA, see L<EVP_KEYMGMT-RSA(7)>
+
+=item EC, see L<EVP_KEYMGMT-EC(7)>
+
+=item X25519, see L<EVP_KEYMGMT-X25519(7)>
+
+=item X448, see L<EVP_KEYMGMT-X448(7)>
+
+=back
+
+=head2 Asymmetric Key Serializer
+
+In addition to "provider=default", this set of implementations define the
+property "fips=yes", to allow them to be used together with the FIPS
+provider.
+
+=over 4
+
+=item RSA, see L<OSSL_SERIALIZER-RSA(7)>
+
+=item DH, see L<OSSL_SERIALIZER-DH(7)>
+
+=item DSA, see L<OSSL_SERIALIZER-DSA(7)>
+
+=item EC, see L<OSSL_SERIALIZER-EC(7)>
+
+=item X25519, see L<OSSL_SERIALIZER-X25519(7)>
+
+=item X448, see L<OSSL_SERIALIZER-X448(7)>
+
+=back
+
+=head1 SEE ALSO
+
+L<openssl-core.h(7)>, L<openssl-core_numbers.h(7)>, L<provider(7)>
+
+=head1 COPYRIGHT
+
+Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the Apache License 2.0 (the "License"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
+
+=cut
diff --git a/doc/man7/OSSL_PROVIDER-legacy.pod b/doc/man7/OSSL_PROVIDER-legacy.pod
new file mode 100644
index 0000000000..27ed3080bf
--- /dev/null
+++ b/doc/man7/OSSL_PROVIDER-legacy.pod
@@ -0,0 +1,92 @@
+=pod
+
+=head1 NAME
+
+OSSL_PROVIDER-legacy - OpenSSL legacy provider
+
+=head1 DESCRIPTION
+
+The OpenSSL legacy provider supplies OpenSSL implementations of algorithms
+that have been deemed legacy. Such algorithms have commonly fallen out of
+use, have been deemed insecure by the cryptography community, or something
+similar.
+
+We can consider this the retirement home of cryptographic algorithms.
+
+=head2 Properties
+
+The implementations in this provider specifically have these property
+defined:
+
+=over 4
+
+"provider=legacy"
+
+=back
+
+It may be used in a property query string with fetching functions such as
+L<EVP_MD_fetch(3)> or L<EVP_CIPHER_fetch(3)>, as well as with other
+functions that take a property query string, such as
+L<EVP_PKEY_CTX_new_from_name(3)>.
+
+It isn't mandatory to query for any of these properties, except to
+make sure to get implementations of this provider and none other.
+
+=head1 OPERATIONS AND ALGORITHMS
+
+The OpenSSL legacy provider supports these operations and algorithms:
+
+=head2 Hashing Algorithms / Message Digests
+
+=over 4
+
+=item MD2, see L<EVP_MD-MD2(7)>
+
+=item MD4, see L<EVP_MD-MD4(7)>
+
+=item MDC2, see L<EVP_MD-MDC2(7)>
+
+=item WHIRLPOOL, see L<EVP_MD-WHIRLPOOL(7)>
+
+=item RIPEMD160, see L<EVP_MD-RIPEMD160(7)>
+
+=back
+
+=begin comment
+
+When algorithms for other operations start appearing, the
+following =head2 titles are appropriate to use:
+
+- Symmetric Ciphers
+
+- Message Authentication Code (MAC)
+
+- Key Derivation Function (KDF)
+
+- Key Exchange
+
+- Signature
+
+- Asymmetric Cipher
+
+- Asymmetric Key Management
+
+=end comment
+
+=head1 SEE ALSO
+
+L<OSSL_PARAM(3)>,
+L<openssl-core.h(7)>,
+L<openssl-core_numbers.h(7)>,
+L<provider(7)>
+
+=head1 COPYRIGHT
+
+Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the Apache License 2.0 (the "License"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
+
+=cut
diff --git a/doc/man7/provider-digest.pod b/doc/man7/provider-digest.pod
index 576ea581b4..1cac58b4bb 100644
--- a/doc/man7/provider-digest.pod
+++ b/doc/man7/provider-digest.pod
@@ -227,44 +227,6 @@ values associated with the give provider side digest context I<dctx>
and stores them in I<params>.
See L<OSSL_PARAM(3)> for further details on the parameters structure.
-Parameters currently recognised by built-in digests are as follows. Not all
-parameters are relevant to, or are understood by all digests:
-
-=over 4
-
-=item "xoflen" (B<OSSL_DIGEST_PARAM_XOFLEN>) <unsigned integer>
-
-Sets the digest length for extendable output functions.
-The length of the "xoflen" parameter should not exceed that of a B<size_t>.
-
-=item "ssl3-ms" (B<OSSL_DIGEST_PARAM_SSL3_MS>) <octet string>
-
-This parameter is set by libssl in order to calculate a signature hash for an
-SSLv3 CertificateVerify message as per RFC6101.
-It is only set after all handshake messages have already been digested via
-OP_digest_update() calls.
-The parameter provides the master secret value to be added to the digest.
-The digest implementation should calculate the complete digest as per RFC6101
-section 5.6.8.
-The next call after setting this parameter will be OP_digest_final().
-This is only relevant for implementations of SHA1 or MD5_SHA1.
-
-=item "pad_type" (B<OSSL_DIGEST_PARAM_PAD_TYPE>) <unsigned integer>
-
-Sets the pad type to be used.
-The only built-in digest that uses this is MDC2.
-Normally the final MDC2 block is padded with 0s.
-If the pad type is set to 2 then the final block is padded with 0x80 followed by
-0s.
-
-=item "micalg" (B<OSSL_DIGEST_PARAM_MICALG>) <UTF8 string>
-
-Gets the digest Message Integrity Check algorithm string.
-This is used when creating S/MIME multipart/signed messages, as specified in
-RFC 5751.
-
-=back
-
=head1 RETURN VALUES
OP_digest_newctx() and OP_digest_dupctx() should return the newly created
@@ -281,7 +243,8 @@ algorithm.
=head1 SEE ALSO
-L<provider(7)>
+L<provider(7)>, L<OSSL_PROVIDER-FIPS(7)>, L<OSSL_PROVIDER-default(7)>,
+L<OSSL_PROVIDER-legacy(7)>
=head1 HISTORY
diff --git a/providers/implementations/digests/sha3_prov.c b/providers/implementations/digests/sha3_prov.c
index 44471959a7..e6b9ba7a3d 100644
--- a/providers/implementations/digests/sha3_prov.c
+++ b/providers/implementations/digests/sha3_prov.c
@@ -247,7 +247,7 @@ static void *keccak_dupctx(void *ctx)
}
static const OSSL_PARAM known_shake_settable_ctx_params[] = {
- {OSSL_DIGEST_PARAM_SSL3_MS, OSSL_PARAM_OCTET_STRING, NULL, 0, 0},
+ {OSSL_DIGEST_PARAM_XOFLEN, OSSL_PARAM_UNSIGNED_INTEGER, NULL, 0, 0},
OSSL_PARAM_END
};
static const OSSL_PARAM *shake_settable_ctx_params(void)
diff --git a/util/missingcrypto.txt b/util/missingcrypto.txt
index 99c2883bd0..956ce7ce6e 100644
--- a/util/missingcrypto.txt
+++ b/util/missingcrypto.txt
@@ -572,6 +572,39 @@ ENGINE_setup_bsd_cryptodev(3)
ENGINE_unregister_EC(3)
ENGINE_unregister_pkey_asn1_meths(3)
ENGINE_unregister_pkey_meths(3)
+EVP_ASYM_CIPHER-RSA(7)
+EVP_CIPHER-AES(7)
+EVP_CIPHER-ARIA(7)
+EVP_CIPHER-BF(7)
+EVP_CIPHER-DES(7)
+EVP_CIPHER-CAMELLIA(7)
+EVP_CIPHER-CAST5(7)
+EVP_CIPHER-ChaCha20(7)
+EVP_CIPHER-ChaCha20-Poly1305(7)
+EVP_CIPHER-DES(7)
+EVP_CIPHER-IDEA(7)
+EVP_CIPHER-RC2(7)
+EVP_CIPHER-RC4(7)
+EVP_CIPHER-RC5(7)
+EVP_CIPHER-SEED(7)
+EVP_CIPHER-SM4(7)
+EVP_KDF-KBKDF(7)
+EVP_KDF-SSKDF(7)
+EVP_KDF-TLS1-PRF(7)
+EVP_KEYEXCH-DH(7)
+EVP_KEYEXCH-ECDH(7)
+EVP_KEYEXCH-DSA(7)
+EVP_KEYEXCH-RSA(7)
+EVP_KEYEXCH-X25519(7)
+EVP_KEYEXCH-X448(7)
+EVP_KEYMGMT-DH(7)
+EVP_KEYMGMT-EC(7)
+EVP_KEYMGMT-DSA(7)
+EVP_KEYMGMT-RSA(7)
+EVP_KEYMGMT-X25519(7)
+EVP_KEYMGMT-X448(7)
+EVP_SIGNATURE-DSA(7)
+EVP_SIGNATURE-RSA(7)
ERR_clear_last_mark(3)
ERR_get_state(3)
ERR_load_ASN1_strings(3)
@@ -886,6 +919,12 @@ OSSL_CMP_MSG_http_perform(3)
OSSL_CMP_exec_GENM_ses(3)
OSSL_CMP_exec_IR_ses(3)
OSSL_CMP_exec_KUR_ses(3)
+OSSL_SERIALIZER-DH(7)
+OSSL_SERIALIZER-DSA(7)
+OSSL_SERIALIZER-EC(7)
+OSSL_SERIALIZER-RSA(7)
+OSSL_SERIALIZER-X25519(7)
+OSSL_SERIALIZER-X448(7)
OSSL_STORE_do_all_loaders(3)
OSSL_STORE_vctrl(3)
OTHERNAME_cmp(3)
More information about the openssl-commits
mailing list