[openssl] master update
Dr. Paul Dale
pauli at openssl.org
Fri May 8 23:45:22 UTC 2020
The branch master has been updated
via 8c30dfee3ea038b71f339f193331ed6ac11e3055 (commit)
from 0324ffc5d5d393111288eca2c9d67f2141ed65f5 (commit)
- Log -----------------------------------------------------------------
commit 8c30dfee3ea038b71f339f193331ed6ac11e3055
Author: Pauli <paul.dale at oracle.com>
Date: Mon Apr 20 17:22:41 2020 +1000
doc: remove deprecation notes for apps that are staying.
The apps that are staying are: dhparam, dsa, dsaparam, ec, ecparam, gendsa and
rsa.
The rsautl app remains deprecated.
The -dsaparam option to dhparam also remains deprecated.
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11575)
-----------------------------------------------------------------------
Summary of changes:
doc/man1/openssl-dhparam.pod.in | 7 +++----
doc/man1/openssl-dsa.pod.in | 7 -------
doc/man1/openssl-dsaparam.pod.in | 7 -------
doc/man1/openssl-ec.pod.in | 7 -------
doc/man1/openssl-ecparam.pod.in | 8 --------
doc/man1/openssl-gendsa.pod.in | 7 -------
doc/man1/openssl-rsa.pod.in | 7 -------
doc/man7/EVP_PKEY-X25519.pod | 12 +++++++++---
8 files changed, 12 insertions(+), 50 deletions(-)
diff --git a/doc/man1/openssl-dhparam.pod.in b/doc/man1/openssl-dhparam.pod.in
index bb40149403..91883fb840 100644
--- a/doc/man1/openssl-dhparam.pod.in
+++ b/doc/man1/openssl-dhparam.pod.in
@@ -30,9 +30,6 @@ B<openssl dhparam>
=head1 DESCRIPTION
-This command has been deprecated.
-The L<openssl-pkeyparam(1)> command should be used instead.
-
This command is used to manipulate DH parameter files.
=head1 OPTIONS
@@ -62,6 +59,8 @@ as the input filename.
=item B<-dsaparam>
+This option is deprecated.
+
If this option is used, DSA rather than DH parameters are read or created;
they are converted to DH format. Otherwise, "strong" primes (such
that (p-1)/2 is also prime) will be used for DH parameter generation.
@@ -136,7 +135,7 @@ L<openssl-dsaparam(1)>
=head1 HISTORY
-This command was deprecated in OpenSSL 3.0.
+The B<-dsaparam> option was deprecated in OpenSSL 3.0.
=head1 COPYRIGHT
diff --git a/doc/man1/openssl-dsa.pod.in b/doc/man1/openssl-dsa.pod.in
index a035234323..f3d1a9423c 100644
--- a/doc/man1/openssl-dsa.pod.in
+++ b/doc/man1/openssl-dsa.pod.in
@@ -43,9 +43,6 @@ B<openssl> B<dsa>
=head1 DESCRIPTION
-This command has been deprecated.
-The L<openssl-pkey(1)> command should be used instead.
-
This command processes DSA keys. They can be converted between various
forms and their components printed out. B<Note> This command uses the
traditional SSLeay compatible format for private key encryption: newer
@@ -162,10 +159,6 @@ L<openssl-gendsa(1)>,
L<openssl-rsa(1)>,
L<openssl-genrsa(1)>
-=head1 HISTORY
-
-This command was deprecated in OpenSSL 3.0.
-
=head1 COPYRIGHT
Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.
diff --git a/doc/man1/openssl-dsaparam.pod.in b/doc/man1/openssl-dsaparam.pod.in
index d9775dd040..27bd6517e1 100644
--- a/doc/man1/openssl-dsaparam.pod.in
+++ b/doc/man1/openssl-dsaparam.pod.in
@@ -25,9 +25,6 @@ B<openssl dsaparam>
=head1 DESCRIPTION
-This command has been deprecated.
-The L<openssl-pkeyparam(1)> command should be used instead.
-
This command is used to manipulate or generate DSA parameter files.
DSA parameter generation can be a slow process and as a result the same set of
@@ -107,10 +104,6 @@ L<openssl-dsa(1)>,
L<openssl-genrsa(1)>,
L<openssl-rsa(1)>
-=head1 HISTORY
-
-This command was deprecated in OpenSSL 3.0.
-
=head1 COPYRIGHT
Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.
diff --git a/doc/man1/openssl-ec.pod.in b/doc/man1/openssl-ec.pod.in
index f493a5373a..cad26289b4 100644
--- a/doc/man1/openssl-ec.pod.in
+++ b/doc/man1/openssl-ec.pod.in
@@ -38,9 +38,6 @@ B<openssl> B<ec>
=head1 DESCRIPTION
-This command has been deprecated.
-The L<openssl-pkey(1)> command should be used instead.
-
The L<openssl-ec(1)> command processes EC keys. They can be converted between
various forms and their components printed out. B<Note> OpenSSL uses the
private key format specified in 'SEC 1: Elliptic Curve Cryptography'
@@ -183,10 +180,6 @@ L<openssl-ecparam(1)>,
L<openssl-dsa(1)>,
L<openssl-rsa(1)>
-=head1 HISTORY
-
-This command was deprecated in OpenSSL 3.0.
-
=head1 COPYRIGHT
Copyright 2003-2020 The OpenSSL Project Authors. All Rights Reserved.
diff --git a/doc/man1/openssl-ecparam.pod.in b/doc/man1/openssl-ecparam.pod.in
index a42fa35ee4..ff4d97ea5d 100644
--- a/doc/man1/openssl-ecparam.pod.in
+++ b/doc/man1/openssl-ecparam.pod.in
@@ -32,10 +32,6 @@ B<openssl ecparam>
=head1 DESCRIPTION
-This command has been deprecated.
-The L<openssl-genpkey(1)> and L<openssl-pkeyparam(1)> commands
-should be used instead.
-
This command is used to manipulate or generate EC parameter files.
OpenSSL is currently not able to generate new groups and therefore
@@ -172,10 +168,6 @@ L<openssl-genpkey(1)>,
L<openssl-ec(1)>,
L<openssl-dsaparam(1)>
-=head1 HISTORY
-
-This command was deprecated in OpenSSL 3.0.
-
=head1 COPYRIGHT
Copyright 2003-2020 The OpenSSL Project Authors. All Rights Reserved.
diff --git a/doc/man1/openssl-gendsa.pod.in b/doc/man1/openssl-gendsa.pod.in
index 0d908e0d61..aca9bb5165 100644
--- a/doc/man1/openssl-gendsa.pod.in
+++ b/doc/man1/openssl-gendsa.pod.in
@@ -33,9 +33,6 @@ B<openssl> B<gendsa>
=head1 DESCRIPTION
-This command has been deprecated.
-The L<openssl-genpkey(1)> command should be used instead.
-
This command generates a DSA private key from a DSA parameter file
(which will be typically generated by the L<openssl-dsaparam(1)> command).
@@ -95,10 +92,6 @@ L<openssl-dsa(1)>,
L<openssl-genrsa(1)>,
L<openssl-rsa(1)>
-=head1 HISTORY
-
-This command was deprecated in OpenSSL 3.0.
-
=head1 COPYRIGHT
Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.
diff --git a/doc/man1/openssl-rsa.pod.in b/doc/man1/openssl-rsa.pod.in
index 59929eafa1..5dacdf9313 100644
--- a/doc/man1/openssl-rsa.pod.in
+++ b/doc/man1/openssl-rsa.pod.in
@@ -46,9 +46,6 @@ B<openssl> B<rsa>
=head1 DESCRIPTION
-This command has been deprecated.
-The L<openssl-pkey(1)> command should be used instead.
-
This command processes RSA keys. They can be converted between
various forms and their components printed out. B<Note> this command uses the
traditional SSLeay compatible format for private key encryption: newer
@@ -184,10 +181,6 @@ L<openssl-dsa(1)>,
L<openssl-genrsa(1)>,
L<openssl-gendsa(1)>
-=head1 HISTORY
-
-This command was deprecated in OpenSSL 3.0.
-
=head1 COPYRIGHT
Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.
diff --git a/doc/man7/EVP_PKEY-X25519.pod b/doc/man7/EVP_PKEY-X25519.pod
index dd3e68f109..58f7525fd9 100644
--- a/doc/man7/EVP_PKEY-X25519.pod
+++ b/doc/man7/EVP_PKEY-X25519.pod
@@ -9,12 +9,18 @@ EVP_KEYMGMT-X25519, EVP_KEYMGMT-X448, EVP_KEYMGMT-ED25519, EVP_KEYMGMT-ED448
=head1 DESCRIPTION
The B<X25519>, B<X448>, B<ED25519> and B<ED448> keytypes are
-implemented in OpenSSL's default provider.
+implemented in OpenSSL's default and FIPS providers. These implementations
+support the associated key, containing the public key I<pub> and the
+private key I<priv>.
+
+In the FIPS provider they are non-approved algorithms and do not have the
+"fips=yes" property set.
=head2 Common X25519, X448, ED25519 and ED448 parameters
-The following Import/Export types are available for the built-in X25519, X448,
-ED25519 and X448 algorithms:
+In addition to the common parameters that all keytypes should support (see
+L<provider-keymgmt(7)/Common parameters>), the implementation of these keytypes
+support the following.
=over 4
More information about the openssl-commits
mailing list