[openssl] master update
Dr. Paul Dale
pauli at openssl.org
Tue Jun 8 08:59:45 UTC 2021
The branch master has been updated
via 95c8a5125207a62362345d85be77531ad9654edd (commit)
via 75653c100f0465206567150035a166bf42996540 (commit)
via dbf021c20ec62c57aa9dcb4a071611960f2dde0e (commit)
via b1307e94210c342df8ab736d7295110b20f003eb (commit)
via c0fc3fe3496ec02b0cafb252b7764f53cc3ae643 (commit)
via e748b4fbae59c08ba3e1bf2aef94fcc0ec642aae (commit)
via f7a19d6402fa7dd73f323b8b15a946ed3ec42efb (commit)
via 7f0dc8da7d0c9ed29e5aff30f2afc4902b01e2f5 (commit)
via 8809fdff9350f13e30c51925b73a3b1e172c0511 (commit)
via 7b9e2361778f71321ada562930e4661d2865fffd (commit)
via 618523e728dc884bad481324bfe7b8967199c00d (commit)
via e4d69413c25beedddf1463308fdf3dbf24cfe449 (commit)
from 178fa72ed5c6b26ac3d6bab1a45e732ee6458565 (commit)
- Log -----------------------------------------------------------------
commit 95c8a5125207a62362345d85be77531ad9654edd
Author: Pauli <pauli at openssl.org>
Date: Mon Jun 7 19:05:54 2021 +1000
doc: add PKEY life cycle documentation
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15637)
commit 75653c100f0465206567150035a166bf42996540
Author: Pauli <pauli at openssl.org>
Date: Mon Jun 7 19:07:30 2021 +1000
doc: build changes for PKEY life cycle documentation
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15637)
commit dbf021c20ec62c57aa9dcb4a071611960f2dde0e
Author: Pauli <pauli at openssl.org>
Date: Mon Jun 7 15:14:47 2021 +1000
doc: add build info for cipher life cycle documentation
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15637)
commit b1307e94210c342df8ab736d7295110b20f003eb
Author: Pauli <pauli at openssl.org>
Date: Mon Jun 7 15:14:25 2021 +1000
doc: add references to cipher life cycle documentation
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15637)
commit c0fc3fe3496ec02b0cafb252b7764f53cc3ae643
Author: Pauli <pauli at openssl.org>
Date: Mon Jun 7 15:11:28 2021 +1000
doc: add cipher life cycle documentation
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15637)
commit e748b4fbae59c08ba3e1bf2aef94fcc0ec642aae
Author: Pauli <pauli at openssl.org>
Date: Mon Jun 7 14:41:27 2021 +1000
doc: improve the cipher life cycle diagram
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15637)
commit f7a19d6402fa7dd73f323b8b15a946ed3ec42efb
Author: Pauli <pauli at openssl.org>
Date: Mon Jun 7 12:38:25 2021 +1000
doc-nits: support out of source execution
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15637)
commit 7f0dc8da7d0c9ed29e5aff30f2afc4902b01e2f5
Author: Pauli <pauli at openssl.org>
Date: Mon Jun 7 12:35:06 2021 +1000
doc: remove empty section
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15637)
commit 8809fdff9350f13e30c51925b73a3b1e172c0511
Author: Pauli <pauli at openssl.org>
Date: Mon Jun 7 12:28:29 2021 +1000
doc: add references to digest life cycle documentation
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15637)
commit 7b9e2361778f71321ada562930e4661d2865fffd
Author: Pauli <pauli at openssl.org>
Date: Mon Jun 7 12:28:02 2021 +1000
doc: add digest life cycle documentation
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15637)
commit 618523e728dc884bad481324bfe7b8967199c00d
Author: Pauli <pauli at openssl.org>
Date: Mon Jun 7 12:27:39 2021 +1000
doc: add digest lifecycle diagram
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15637)
commit e4d69413c25beedddf1463308fdf3dbf24cfe449
Author: Pauli <pauli at openssl.org>
Date: Mon Jun 7 12:27:17 2021 +1000
life-cycles: update digest state table
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15637)
-----------------------------------------------------------------------
Summary of changes:
doc/build.info | 23 +-
doc/internal/man3/evp_md_get_number.pod | 3 -
doc/life-cycles/cipher.dot | 12 +-
doc/life-cycles/lifecycles.ods | Bin 16752 -> 17042 bytes
doc/man3/EVP_DigestInit.pod | 7 +-
doc/man3/EVP_EncryptInit.pod | 8 +-
doc/man7/img/cipher.png | Bin 0 -> 81349 bytes
doc/man7/img/digest.png | Bin 0 -> 56894 bytes
doc/man7/img/pkey.png | Bin 0 -> 148963 bytes
doc/man7/life_cycle-cipher.pod | 370 +++++++++++
.../{life_cycle-mac.pod => life_cycle-digest.pod} | 145 +++--
doc/man7/life_cycle-mac.pod | 2 +-
doc/man7/life_cycle-pkey.pod | 713 +++++++++++++++++++++
doc/man7/provider-cipher.pod | 8 +-
doc/man7/provider-digest.pod | 8 +-
util/find-doc-nits | 2 +-
16 files changed, 1211 insertions(+), 90 deletions(-)
create mode 100644 doc/man7/img/cipher.png
create mode 100644 doc/man7/img/digest.png
create mode 100644 doc/man7/img/pkey.png
create mode 100644 doc/man7/life_cycle-cipher.pod
copy doc/man7/{life_cycle-mac.pod => life_cycle-digest.pod} (51%)
create mode 100644 doc/man7/life_cycle-pkey.pod
diff --git a/doc/build.info b/doc/build.info
index 946cc24032..4529e3c72f 100644
--- a/doc/build.info
+++ b/doc/build.info
@@ -4375,6 +4375,14 @@ DEPEND[html/man7/fips_module.html]=man7/fips_module.pod
GENERATE[html/man7/fips_module.html]=man7/fips_module.pod
DEPEND[man/man7/fips_module.7]=man7/fips_module.pod
GENERATE[man/man7/fips_module.7]=man7/fips_module.pod
+DEPEND[html/man7/life_cycle-cipher.html]=man7/life_cycle-cipher.pod
+GENERATE[html/man7/life_cycle-cipher.html]=man7/life_cycle-cipher.pod
+DEPEND[man/man7/life_cycle-cipher.7]=man7/life_cycle-cipher.pod
+GENERATE[man/man7/life_cycle-cipher.7]=man7/life_cycle-cipher.pod
+DEPEND[html/man7/life_cycle-digest.html]=man7/life_cycle-digest.pod
+GENERATE[html/man7/life_cycle-digest.html]=man7/life_cycle-digest.pod
+DEPEND[man/man7/life_cycle-digest.7]=man7/life_cycle-digest.pod
+GENERATE[man/man7/life_cycle-digest.7]=man7/life_cycle-digest.pod
DEPEND[html/man7/life_cycle-kdf.html]=man7/life_cycle-kdf.pod
GENERATE[html/man7/life_cycle-kdf.html]=man7/life_cycle-kdf.pod
DEPEND[man/man7/life_cycle-kdf.7]=man7/life_cycle-kdf.pod
@@ -4383,6 +4391,10 @@ DEPEND[html/man7/life_cycle-mac.html]=man7/life_cycle-mac.pod
GENERATE[html/man7/life_cycle-mac.html]=man7/life_cycle-mac.pod
DEPEND[man/man7/life_cycle-mac.7]=man7/life_cycle-mac.pod
GENERATE[man/man7/life_cycle-mac.7]=man7/life_cycle-mac.pod
+DEPEND[html/man7/life_cycle-pkey.html]=man7/life_cycle-pkey.pod
+GENERATE[html/man7/life_cycle-pkey.html]=man7/life_cycle-pkey.pod
+DEPEND[man/man7/life_cycle-pkey.7]=man7/life_cycle-pkey.pod
+GENERATE[man/man7/life_cycle-pkey.7]=man7/life_cycle-pkey.pod
DEPEND[html/man7/life_cycle-rand.html]=man7/life_cycle-rand.pod
GENERATE[html/man7/life_cycle-rand.html]=man7/life_cycle-rand.pod
DEPEND[man/man7/life_cycle-rand.7]=man7/life_cycle-rand.pod
@@ -4513,8 +4525,11 @@ DEPEND[html/man7/x509.html]=man7/x509.pod
GENERATE[html/man7/x509.html]=man7/x509.pod
DEPEND[man/man7/x509.7]=man7/x509.pod
GENERATE[man/man7/x509.7]=man7/x509.pod
-IMAGEDOCS[man7]=man7/img/kdf.png \
+IMAGEDOCS[man7]=man7/img/cipher.png \
+man7/img/digest.png \
+man7/img/kdf.png \
man7/img/mac.png \
+man7/img/pkey.png \
man7/img/rand.png
HTMLDOCS[man7]=html/man7/EVP_ASYM_CIPHER-SM2.html \
html/man7/EVP_CIPHER-AES.html \
@@ -4600,8 +4615,11 @@ html/man7/ct.html \
html/man7/des_modes.html \
html/man7/evp.html \
html/man7/fips_module.html \
+html/man7/life_cycle-cipher.html \
+html/man7/life_cycle-digest.html \
html/man7/life_cycle-kdf.html \
html/man7/life_cycle-mac.html \
+html/man7/life_cycle-pkey.html \
html/man7/life_cycle-rand.html \
html/man7/migration_guide.html \
html/man7/openssl-core.h.html \
@@ -4718,8 +4736,11 @@ man/man7/ct.7 \
man/man7/des_modes.7 \
man/man7/evp.7 \
man/man7/fips_module.7 \
+man/man7/life_cycle-cipher.7 \
+man/man7/life_cycle-digest.7 \
man/man7/life_cycle-kdf.7 \
man/man7/life_cycle-mac.7 \
+man/man7/life_cycle-pkey.7 \
man/man7/life_cycle-rand.7 \
man/man7/migration_guide.7 \
man/man7/openssl-core.h.7 \
diff --git a/doc/internal/man3/evp_md_get_number.pod b/doc/internal/man3/evp_md_get_number.pod
index 8e5bbd4437..3c85f58b99 100644
--- a/doc/internal/man3/evp_md_get_number.pod
+++ b/doc/internal/man3/evp_md_get_number.pod
@@ -96,9 +96,6 @@ Returns the internal dynamic number assigned to the given I<loader>.
All of these functions return the provider specific identification number
for the specified algorithm.
-=head1 SEE ALSO
-
-
=head1 HISTORY
This functionality was added to OpenSSL 3.0.
diff --git a/doc/life-cycles/cipher.dot b/doc/life-cycles/cipher.dot
index 8736ce7026..c1d5b83468 100644
--- a/doc/life-cycles/cipher.dot
+++ b/doc/life-cycles/cipher.dot
@@ -24,30 +24,28 @@ digraph cipher {
finaled -> finaled [label="EVP_CIPHER_CTX_get_params\n(AEAD encryption)",
style=dashed];
finaled -> end [label="EVP_CIPHER_CTX_free"];
- finaled -> newed [label="EVP_CIPHER_CTX_reset", style=dashed,
- color="#034f84", fontcolor="#034f84"];
- updated -> newed [label="EVP_CIPHER_CTX_reset", style=dashed,
- color="#034f84", fontcolor="#034f84"];
newed -> d_initialised [label="EVP_DecryptInit"];
d_initialised -> d_initialised [label="EVP_DecryptInit\n(not required but allowed)",
style=dashed];
d_initialised -> d_updated [label="EVP_DecryptUpdate", weight=2];
d_updated -> d_updated [label="EVP_DecryptUpdate"];
d_updated -> finaled [label="EVP_DecryptFinal"];
- d_updated -> newed [label="EVP_CIPHER_CTX_reset", style=dashed,
- color="#034f84", fontcolor="#034f84"];
newed -> e_initialised [label="EVP_EncryptInit"];
e_initialised -> e_initialised [label="EVP_EncryptInit\n(not required but allowed)",
style=dashed];
e_initialised -> e_updated [label="EVP_EncryptUpdate", weight=2];
e_updated -> e_updated [label="EVP_EncryptUpdate"];
e_updated -> finaled [label="EVP_EncryptFinal"];
- e_updated -> newed [label="EVP_CIPHER_CTX_reset", style=dashed,
+ most -> newed [label="EVP_CIPHER_CTX_reset", style=dashed,
+ color="#034f84", fontcolor="#034f84"];
+ most [label="any of the initialised\nupdated or finaled states", style=dashed,
color="#034f84", fontcolor="#034f84"];
}
/* This is a version with a single flavour which is easier to comprehend
digraph cipher {
+ bgcolor="transparent";
+
begin [label=start, color="#deeaee", style="filled"];
newed [fontcolor="#c94c4c", style="solid"];
initialised [fontcolor="#c94c4c"];
diff --git a/doc/life-cycles/lifecycles.ods b/doc/life-cycles/lifecycles.ods
index f80a76e622..6cc2030a9e 100644
Binary files a/doc/life-cycles/lifecycles.ods and b/doc/life-cycles/lifecycles.ods differ
diff --git a/doc/man3/EVP_DigestInit.pod b/doc/man3/EVP_DigestInit.pod
index 201c011095..dd822a4ca0 100644
--- a/doc/man3/EVP_DigestInit.pod
+++ b/doc/man3/EVP_DigestInit.pod
@@ -691,7 +691,11 @@ L<EVP_MD_meth_new(3)>,
L<openssl-dgst(1)>,
L<evp(7)>,
L<OSSL_PROVIDER(3)>,
-L<OSSL_PARAM(3)>
+L<OSSL_PARAM(3)>,
+L<property(7)>,
+L<crypto(7)/ALGORITHM FETCHING>,
+L<provider-digest(7)>,
+L<life_cycle-digest(7)>
The full list of digest algorithms are provided below.
@@ -706,7 +710,6 @@ L<EVP_sha224(3)>,
L<EVP_sha3_224(3)>,
L<EVP_sm3(3)>,
L<EVP_whirlpool(3)>
-L<crypto(7)/ALGORITHM FETCHING>
=head1 HISTORY
diff --git a/doc/man3/EVP_EncryptInit.pod b/doc/man3/EVP_EncryptInit.pod
index 4b90cdd780..a03c31ea35 100644
--- a/doc/man3/EVP_EncryptInit.pod
+++ b/doc/man3/EVP_EncryptInit.pod
@@ -1611,7 +1611,11 @@ Encryption using AES-CBC with a 256-bit key with "CS1" ciphertext stealing.
=head1 SEE ALSO
-L<evp(7)>
+L<evp(7)>,
+L<property(7)>,
+L<crypto(7)/ALGORITHM FETCHING>,
+L<provider-cipher(7)>,
+L<life_cycle-cipher(7)>
Supported ciphers are listed in:
@@ -1628,7 +1632,7 @@ L<EVP_rc2_cbc(3)>,
L<EVP_rc4(3)>,
L<EVP_rc5_32_12_16_cbc(3)>,
L<EVP_seed_cbc(3)>,
-L<EVP_sm4_cbc(3)>
+L<EVP_sm4_cbc(3)>,
=head1 HISTORY
diff --git a/doc/man7/img/cipher.png b/doc/man7/img/cipher.png
new file mode 100644
index 0000000000..79b8b621e6
Binary files /dev/null and b/doc/man7/img/cipher.png differ
diff --git a/doc/man7/img/digest.png b/doc/man7/img/digest.png
new file mode 100644
index 0000000000..9f35deb5dc
Binary files /dev/null and b/doc/man7/img/digest.png differ
diff --git a/doc/man7/img/pkey.png b/doc/man7/img/pkey.png
new file mode 100644
index 0000000000..d31b5d3841
Binary files /dev/null and b/doc/man7/img/pkey.png differ
diff --git a/doc/man7/life_cycle-cipher.pod b/doc/man7/life_cycle-cipher.pod
new file mode 100644
index 0000000000..227cc18b8d
--- /dev/null
+++ b/doc/man7/life_cycle-cipher.pod
@@ -0,0 +1,370 @@
+=pod
+
+=head1 NAME
+
+life_cycle-cipher - The cipher algorithm life-cycle
+
+=head1 DESCRIPTION
+
+All symmetric ciphers (CIPHERs) go through a number of stages in their
+life-cycle:
+
+=over 4
+
+=item start
+
+This state represents the CIPHER before it has been allocated. It is the
+starting state for any life-cycle transitions.
+
+=item newed
+
+This state represents the CIPHER after it has been allocated.
+
+=item initialised
+
+These states represent the CIPHER when it is set up and capable of processing
+input. There are three possible initialised states:
+
+=over 4
+
+=item initialised using EVP_CipherInit
+
+=item initialised for decryption using EVP_DecryptInit
+
+=item initialised for encryption using EVP_EncryptInit
+
+=back
+
+=item updated
+
+These states represent the CIPHER when it is set up and capable of processing
+additional input or generating output. The three possible states directly
+correspond to those for initialised above. The three different streams should
+not be mixed.
+
+=item finaled
+
+This state represents the CIPHER when it has generated output.
+
+=item freed
+
+This state is entered when the CIPHER is freed. It is the terminal state
+for all life-cycle transitions.
+
+=back
+
+=head2 State Transition Diagram
+
+The usual life-cycle of a CIPHER is illustrated:
+
+=begin man
+
+ +---------------------------+
+ | |
+ | start |
+ | |
+ +---------------------------+ + - - - - - - - - - - - - - +
+ | ' any of the initialised '
+ | EVP_CIPHER_CTX_new ' updated or finaled states '
+ v ' '
+ +---------------------------+ + - - - - - - - - - - - - - +
+ | | |
+ | newed | | EVP_CIPHER_CTX_reset
+ | | <----+
+ +---------------------------+
+ | | |
+ +---------+ | +---------+
+ EVP_DecryptInit | | EVP_CipherInit | EVP_EncryptInit
+ v v v
+ +---------------------------+ +---------------------------+ +---------------------------+
+ | | | | | |
+ | initialised | | initialised | | initialised |
+ | for decryption | | | | for encryption |
+ +---------------------------+ +---------------------------+ +---------------------------+
+ | | |
+ | EVP_DecryptUpdate | EVP_CipherUpdate EVP_EncryptUpdate |
+ | v |
+ | +---------------------------+ |
+ | | |--------------------+ |
+ | | updated | EVP_CipherUpdate | |
+ | | | <------------------+ |
+ v +---------------------------+ v
+ +---------------------------+ | +---------------------------+
+ | |---------------------+ | | |
+ | updated | EVP_DecryptUpdate | | | updated |------+
+ | for decryption | <-------------------+ | | for encryption | |
+ +---------------------------+ | +---------------------------+ |
+ | EVP_CipherFinal | | ^ |
+ +-------+ | +--------+ | |
+ EVP_DecryptFinal | | | EVP_EncryptFinal +-------------------+
+ v v v EVP_EncryptUpdate
+ +---------------------------+
+ | |-----------------------------+
+ | finaled | |
+ | | <---------------------------+
+ +---------------------------+ EVP_CIPHER_CTX_get_params
+ | (AEAD encryption)
+ | EVP_CIPHER_CTX_free
+ v
+ +---------------------------+
+ | |
+ | freed |
+ | |
+ +---------------------------+
+
+=end man
+
+=for html <img src="img/cipher.png">
+
+=head2 Formal State Transitions
+
+This section defines all of the legal state transitions.
+This is the canonical list.
+
+=begin man
+
+ Function Call ---------------------------------------------- Current State -----------------------------------------------
+ start newed initialised updated finaled initialised updated initialised updated freed
+ decryption decryption encryption encryption
+ EVP_CIPHER_CTX_new newed
+ EVP_CipherInit initialised initialised initialised initialised initialised initialised initialised initialised
+ EVP_DecryptInit initialised initialised initialised initialised initialised initialised initialised initialised
+ decryption decryption decryption decryption decryption decryption decryption decryption
+ EVP_EncryptInit initialised initialised initialised initialised initialised initialised initialised initialised
+ encryption encryption encryption encryption encryption encryption encryption encryption
+ EVP_CipherUpdate updated updated
+ EVP_DecryptUpdate updated updated
+ decryption decryption
+ EVP_EncryptUpdate updated updated
+ encryption encryption
+ EVP_CipherFinal finaled
+ EVP_DecryptFinal finaled
+ EVP_EncryptFinal finaled
+ EVP_CIPHER_CTX_free freed freed freed freed freed freed freed freed freed
+ EVP_CIPHER_CTX_reset newed newed newed newed newed newed newed newed
+ EVP_CIPHER_CTX_get_params newed initialised updated initialised updated initialised updated
+ decryption decryption encryption encryption
+ EVP_CIPHER_CTX_set_params newed initialised updated initialised updated initialised updated
+ decryption decryption encryption encryption
+ EVP_CIPHER_CTX_gettable_params newed initialised updated initialised updated initialised updated
+ decryption decryption encryption encryption
+ EVP_CIPHER_CTX_settable_params newed initialised updated initialised updated initialised updated
+ decryption decryption encryption encryption
+
+=end man
+
+=begin html
+
+<table style="border:1px solid; border-collapse:collapse">
+<tr><th style="border:1px solid" align="left">Function Call</th>
+ <th style="border:1px solid" colspan="10">Current State</th></tr>
+<tr><th style="border:1px solid"></th>
+ <th style="border:1px solid" align="center">start</th>
+ <th style="border:1px solid" align="center">newed</th>
+ <th style="border:1px solid" align="center">initialised</th>
+ <th style="border:1px solid" align="center">updated</th>
+ <th style="border:1px solid" align="center">finaled</th>
+ <th style="border:1px solid" align="center">initialised<br>decryption</th>
+ <th style="border:1px solid" align="center">updated<br>decryption</th>
+ <th style="border:1px solid" align="center">initialised<br>encryption</th>
+ <th style="border:1px solid" align="center">updated<br>encryption</th>
+ <th style="border:1px solid" align="center">freed</th></tr>
+<tr><th style="border:1px solid" align="left">EVP_CIPHER_CTX_new</th>
+ <td style="border:1px solid" align="center">newed</td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td></tr>
+<tr><th style="border:1px solid" align="left">EVP_CipherInit</th>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center">initialised</td>
+ <td style="border:1px solid" align="center">initialised</td>
+ <td style="border:1px solid" align="center">initialised</td>
+ <td style="border:1px solid" align="center">initialised</td>
+ <td style="border:1px solid" align="center">initialised</td>
+ <td style="border:1px solid" align="center">initialised</td>
+ <td style="border:1px solid" align="center">initialised</td>
+ <td style="border:1px solid" align="center">initialised</td>
+ <td style="border:1px solid" align="center"></td></tr>
+<tr><th style="border:1px solid" align="left">EVP_DecryptInit</th>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center">initialised<br>decryption</td>
+ <td style="border:1px solid" align="center">initialised<br>decryption</td>
+ <td style="border:1px solid" align="center">initialised<br>decryption</td>
+ <td style="border:1px solid" align="center">initialised<br>decryption</td>
+ <td style="border:1px solid" align="center">initialised<br>decryption</td>
+ <td style="border:1px solid" align="center">initialised<br>decryption</td>
+ <td style="border:1px solid" align="center">initialised<br>decryption</td>
+ <td style="border:1px solid" align="center">initialised<br>decryption</td>
+ <td style="border:1px solid" align="center"></td></tr>
+<tr><th style="border:1px solid" align="left">EVP_EncryptInit</th>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center">initialised<br>encryption</td>
+ <td style="border:1px solid" align="center">initialised<br>encryption</td>
+ <td style="border:1px solid" align="center">initialised<br>encryption</td>
+ <td style="border:1px solid" align="center">initialised<br>encryption</td>
+ <td style="border:1px solid" align="center">initialised<br>encryption</td>
+ <td style="border:1px solid" align="center">initialised<br>encryption</td>
+ <td style="border:1px solid" align="center">initialised<br>encryption</td>
+ <td style="border:1px solid" align="center">initialised<br>encryption</td>
+ <td style="border:1px solid" align="center"></td></tr>
+<tr><th style="border:1px solid" align="left">EVP_CipherUpdate</th>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center">updated</td>
+ <td style="border:1px solid" align="center">updated</td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td></tr>
+<tr><th style="border:1px solid" align="left">EVP_DecryptUpdate</th>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center">updated<br>decryption</td>
+ <td style="border:1px solid" align="center">updated<br>decryption</td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td></tr>
+<tr><th style="border:1px solid" align="left">EVP_EncryptUpdate</th>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center">updated<br>encryption</td>
+ <td style="border:1px solid" align="center">updated<br>encryption</td>
+ <td style="border:1px solid" align="center"></td></tr>
+<tr><th style="border:1px solid" align="left">EVP_CipherFinal</th>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center">finaled</td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td></tr>
+<tr><th style="border:1px solid" align="left">EVP_DecryptFinal</th>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center">finaled<br>decryption</td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td></tr>
+<tr><th style="border:1px solid" align="left">EVP_EncryptFinal</th>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center">finaled<br>decryption</td>
+ <td style="border:1px solid" align="center"></td></tr>
+<tr><th style="border:1px solid" align="left">EVP_CIPHER_CTX_free</th>
+ <td style="border:1px solid" align="center">freed</td>
+ <td style="border:1px solid" align="center">freed</td>
+ <td style="border:1px solid" align="center">freed</td>
+ <td style="border:1px solid" align="center">freed</td>
+ <td style="border:1px solid" align="center">freed</td>
+ <td style="border:1px solid" align="center">freed</td>
+ <td style="border:1px solid" align="center">freed</td>
+ <td style="border:1px solid" align="center">freed</td>
+ <td style="border:1px solid" align="center">freed</td>
+ <td style="border:1px solid" align="center"></td></tr>
+<tr><th style="border:1px solid" align="left">EVP_CIPHER_CTX_reset</th>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center">newed</td>
+ <td style="border:1px solid" align="center">newed</td>
+ <td style="border:1px solid" align="center">newed</td>
+ <td style="border:1px solid" align="center">newed</td>
+ <td style="border:1px solid" align="center">newed</td>
+ <td style="border:1px solid" align="center">newed</td>
+ <td style="border:1px solid" align="center">newed</td>
+ <td style="border:1px solid" align="center"></td></tr>
+<tr><th style="border:1px solid" align="left">EVP_CIPHER_CTX_get_params</th>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center">newed</td>
+ <td style="border:1px solid" align="center">initialised</td>
+ <td style="border:1px solid" align="center">updated</td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center">initialised<br>decryption</td>
+ <td style="border:1px solid" align="center">updated<br>decryption</td>
+ <td style="border:1px solid" align="center">initialised<br>encryption</td>
+ <td style="border:1px solid" align="center">updated<br>encryption</td>
+ <td style="border:1px solid" align="center"></td></tr>
+<tr><th style="border:1px solid" align="left">EVP_CIPHER_CTX_set_params</th>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center">newed</td>
+ <td style="border:1px solid" align="center">initialised</td>
+ <td style="border:1px solid" align="center">updated</td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center">initialised<br>decryption</td>
+ <td style="border:1px solid" align="center">updated<br>decryption</td>
+ <td style="border:1px solid" align="center">initialised<br>encryption</td>
+ <td style="border:1px solid" align="center">updated<br>encryption</td>
+ <td style="border:1px solid" align="center"></td></tr>
+<tr><th style="border:1px solid" align="left">EVP_CIPHER_CTX_gettable_params</th>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center">newed</td>
+ <td style="border:1px solid" align="center">initialised</td>
+ <td style="border:1px solid" align="center">updated</td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center">initialised<br>decryption</td>
+ <td style="border:1px solid" align="center">updated<br>decryption</td>
+ <td style="border:1px solid" align="center">initialised<br>encryption</td>
+ <td style="border:1px solid" align="center">updated<br>encryption</td>
+ <td style="border:1px solid" align="center"></td></tr>
+<tr><th style="border:1px solid" align="left">EVP_CIPHER_CTX_settable_params</th>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center">newed</td>
+ <td style="border:1px solid" align="center">initialised</td>
+ <td style="border:1px solid" align="center">updated</td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center">initialised<br>decryption</td>
+ <td style="border:1px solid" align="center">updated<br>decryption</td>
+ <td style="border:1px solid" align="center">initialised<br>encryption</td>
+ <td style="border:1px solid" align="center">updated<br>encryption</td>
+ <td style="border:1px solid" align="center"></td></tr>
+</table>
+
+=end html
+
+=head1 NOTES
+
+At some point the EVP layer will begin enforcing the transitions described
+herein.
+
+=head1 SEE ALSO
+
+L<provider-cipher(7)>, L<EVP_EncryptInit(3)>
+
+=head1 COPYRIGHT
+
+Copyright 2021 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the Apache License 2.0 (the "License"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
+
+=cut
diff --git a/doc/man7/life_cycle-mac.pod b/doc/man7/life_cycle-digest.pod
similarity index 51%
copy from doc/man7/life_cycle-mac.pod
copy to doc/man7/life_cycle-digest.pod
index 7875e53cbe..5425f57dd5 100644
--- a/doc/man7/life_cycle-mac.pod
+++ b/doc/man7/life_cycle-digest.pod
@@ -2,88 +2,87 @@
=head1 NAME
-life_cycle-mac - The MAC algorithm life-cycle
+life_cycle-digest - The digest algorithm life-cycle
=head1 DESCRIPTION
-All message authentication codes (MACs)
-go through a number of stages in their life-cycle:
+All message digests (MDs) go through a number of stages in their life-cycle:
=over 4
=item start
-This state represents the MAC before it has been allocated. It is the
+This state represents the MD before it has been allocated. It is the
starting state for any life-cycle transitions.
=item newed
-This state represents the MAC after it has been allocated.
+This state represents the MD after it has been allocated.
=item initialised
-This state represents the MAC when it is set up and capable of processing
+This state represents the MD when it is set up and capable of processing
input.
=item updated
-This state represents the MAC when it is set up and capable of processing
+This state represents the MD when it is set up and capable of processing
additional input or generating output.
=item finaled
-This state represents the MAC when it has generated output.
+This state represents the MD when it has generated output.
=item freed
-This state is entered when the MAC is freed. It is the terminal state
+This state is entered when the MD is freed. It is the terminal state
for all life-cycle transitions.
=back
=head2 State Transition Diagram
-The usual life-cycle of a MAC is illustrated:
+The usual life-cycle of a MD is illustrated:
=begin man
- +-------------------+
- | start |
- +-------------------+
- |
- | EVP_MAC_CTX_new
- v
- +-------------------+
- | newed |
- +-------------------+
- |
- | EVP_MAC_init
- v
- +-------------------+
- +> | initialised | <+
- | +-------------------+ |
- | | |
- | | EVP_MAC_update | EVP_MAC_init
- | v |
- EVP_MAC_init | +-------------------+ |
- | | updated | -+
- | +-------------------+
- | | |
- | | EVP_MAC_final | EVP_MAC_finalXOF
- | v v
- | +-------------------+
- +- | finaled |
- +-------------------+
- |
- | EVP_MAC_CTX_free
- v
- +-------------------+
- | freed |
- +-------------------+
+ +-------------------+
+ | start |
+ +-------------------+
+ |
+ | EVP_MD_CTX_new
+ v
+ +-------------------+ EVP_MD_CTX_reset
+ | newed | <------------------------------+
+ +-------------------+ |
+ | |
+ | EVP_DigestInit |
+ v |
+ +-------------------+ |
+ +--> | initialised | <+ EVP_DigestInit |
+ | +-------------------+ | |
+ | | | EVP_DigestUpdate |
+ | | EVP_DigestUpdate | +------------------+ |
+ | v | v | |
+ | +------------------------------------------------+ |
+ EVP_DigestInit | | updated | --+
+ | +------------------------------------------------+ |
+ | | | |
+ | | EVP_DigestFinal | EVP_DigestFinalXOF |
+ | v v |
+ | +------------------------------------------------+ |
+ +--- | finaled | --+
+ +------------------------------------------------+
+ |
+ | EVP_MD_CTX_free
+ v
+ +-------------------+
+ | freed |
+ +-------------------+
=end man
-=for html <img src="img/mac.png">
+=for html <img src="img/digest.png">
=head2 Formal State Transitions
@@ -92,18 +91,19 @@ This is the canonical list.
=begin man
- Function Call ------------- Current State -------------
- start newed initialised updated finaled freed
- EVP_MAC_CTX_new newed
- EVP_MAC_init initialised initialised initialised initialised
- EVP_MAC_update updated updated
- EVP_MAC_final finaled
- EVP_MAC_finalXOF finaled
- EVP_MAC_CTX_free freed freed freed freed freed
- EVP_MAC_CTX_get_params newed initialised updated
- EVP_MAC_CTX_set_params newed initialised updated
- EVP_MAC_CTX_gettable_params newed initialised updated
- EVP_MAC_CTX_settable_params newed initialised updated
+ Function Call --------------------- Current State ----------------------
+ start newed initialised updated finaled freed
+ EVP_MD_CTX_new newed
+ EVP_DigestInit initialised initialised initialised initialised
+ EVP_DigestUpdate updated updated
+ EVP_DigestFinal finaled
+ EVP_DigestFinalXOF finaled
+ EVP_MD_CTX_free freed freed freed freed freed
+ EVP_MD_CTX_reset newed newed newed newed
+ EVP_MD_CTX_get_params newed initialised updated
+ EVP_MD_CTX_set_params newed initialised updated
+ EVP_MD_CTX_gettable_params newed initialised updated
+ EVP_MD_CTX_settable_params newed initialised updated
=end man
@@ -119,70 +119,77 @@ This is the canonical list.
<th style="border:1px solid" align="center">updated</th>
<th style="border:1px solid" align="center">finaled</th>
<th style="border:1px solid" align="center">freed</th></tr>
-<tr><th style="border:1px solid" align="left">EVP_MAC_CTX_new</th>
+<tr><th style="border:1px solid" align="left">EVP_MD_CTX_new</th>
<td style="border:1px solid" align="center">newed</td>
<td style="border:1px solid" align="center"></td>
<td style="border:1px solid" align="center"></td>
<td style="border:1px solid" align="center"></td>
<td style="border:1px solid" align="center"></td>
<td style="border:1px solid" align="center"></td></tr>
-<tr><th style="border:1px solid" align="left">EVP_MAC_init</th>
+<tr><th style="border:1px solid" align="left">EVP_DigestInit</th>
<td style="border:1px solid" align="center"></td>
<td style="border:1px solid" align="center">initialised</td>
<td style="border:1px solid" align="center">initialised</td>
<td style="border:1px solid" align="center">initialised</td>
<td style="border:1px solid" align="center">initialised</td>
<td style="border:1px solid" align="center"></td></tr>
-<tr><th style="border:1px solid" align="left">EVP_MAC_update</th>
+<tr><th style="border:1px solid" align="left">EVP_DigestUpdate</th>
<td style="border:1px solid" align="center"></td>
<td style="border:1px solid" align="center"></td>
<td style="border:1px solid" align="center">updated</td>
<td style="border:1px solid" align="center">updated</td>
<td style="border:1px solid" align="center"></td>
<td style="border:1px solid" align="center"></td></tr>
-<tr><th style="border:1px solid" align="left">EVP_MAC_final</th>
+<tr><th style="border:1px solid" align="left">EVP_DigestFinal</th>
<td style="border:1px solid" align="center"></td>
<td style="border:1px solid" align="center"></td>
<td style="border:1px solid" align="center"></td>
<td style="border:1px solid" align="center">finaled</td>
<td style="border:1px solid" align="center"></td>
<td style="border:1px solid" align="center"></td></tr>
-<tr><th style="border:1px solid" align="left">EVP_MAC_finalXOF</th>
+<tr><th style="border:1px solid" align="left">EVP_DigestFinalXOF</th>
<td style="border:1px solid" align="center"></td>
<td style="border:1px solid" align="center"></td>
<td style="border:1px solid" align="center"></td>
<td style="border:1px solid" align="center">finaled</td>
<td style="border:1px solid" align="center"></td>
<td style="border:1px solid" align="center"></td></tr>
-<tr><th style="border:1px solid" align="left">EVP_MAC_CTX_free</th>
+<tr><th style="border:1px solid" align="left">EVP_MD_CTX_free</th>
<td style="border:1px solid" align="center">freed</td>
<td style="border:1px solid" align="center">freed</td>
<td style="border:1px solid" align="center">freed</td>
<td style="border:1px solid" align="center">freed</td>
<td style="border:1px solid" align="center">freed</td>
<td style="border:1px solid" align="center"></td></tr>
-<tr><th style="border:1px solid" align="left">EVP_MAC_CTX_get_params</th>
+<tr><th style="border:1px solid" align="left">EVP_MD_CTX_reset</th>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center">newed</td>
+ <td style="border:1px solid" align="center">newed</td>
+ <td style="border:1px solid" align="center">newed</td>
+ <td style="border:1px solid" align="center">newed</td>
+ <td style="border:1px solid" align="center"></td></tr>
+<tr><th style="border:1px solid" align="left">EVP_MD_CTX_get_params</th>
<td style="border:1px solid" align="center"></td>
<td style="border:1px solid" align="center">newed</td>
<td style="border:1px solid" align="center">initialised</td>
<td style="border:1px solid" align="center">updated</td>
<td style="border:1px solid" align="center"></td>
<td style="border:1px solid" align="center"></td></tr>
-<tr><th style="border:1px solid" align="left">EVP_MAC_CTX_set_params</th>
+<tr><th style="border:1px solid" align="left">EVP_MD_CTX_set_params</th>
<td style="border:1px solid" align="center"></td>
<td style="border:1px solid" align="center">newed</td>
<td style="border:1px solid" align="center">initialised</td>
<td style="border:1px solid" align="center">updated</td>
<td style="border:1px solid" align="center"></td>
<td style="border:1px solid" align="center"></td></tr>
-<tr><th style="border:1px solid" align="left">EVP_MAC_CTX_gettable_params</th>
+<tr><th style="border:1px solid" align="left">EVP_MD_CTX_gettable_params</th>
<td style="border:1px solid" align="center"></td>
<td style="border:1px solid" align="center">newed</td>
<td style="border:1px solid" align="center">initialised</td>
<td style="border:1px solid" align="center">updated</td>
<td style="border:1px solid" align="center"></td>
<td style="border:1px solid" align="center"></td></tr>
-<tr><th style="border:1px solid" align="left">EVP_MAC_CTX_settable_params</th>
+<tr><th style="border:1px solid" align="left">EVP_MD_CTX_settable_params</th>
<td style="border:1px solid" align="center"></td>
<td style="border:1px solid" align="center">newed</td>
<td style="border:1px solid" align="center">initialised</td>
@@ -200,11 +207,7 @@ herein.
=head1 SEE ALSO
-L<provider-mac(7)>, L<EVP_MAC(3)>.
-
-=head1 HISTORY
-
-The provider MAC interface was introduced in OpenSSL 3.0.
+L<provider-digest(7)>, L<EVP_DigestInit(3)>
=head1 COPYRIGHT
diff --git a/doc/man7/life_cycle-mac.pod b/doc/man7/life_cycle-mac.pod
index 7875e53cbe..1a9a008818 100644
--- a/doc/man7/life_cycle-mac.pod
+++ b/doc/man7/life_cycle-mac.pod
@@ -92,7 +92,7 @@ This is the canonical list.
=begin man
- Function Call ------------- Current State -------------
+ Function Call --------------------- Current State ----------------------
start newed initialised updated finaled freed
EVP_MAC_CTX_new newed
EVP_MAC_init initialised initialised initialised initialised
diff --git a/doc/man7/life_cycle-pkey.pod b/doc/man7/life_cycle-pkey.pod
new file mode 100644
index 0000000000..6768750f48
--- /dev/null
+++ b/doc/man7/life_cycle-pkey.pod
@@ -0,0 +1,713 @@
+=pod
+
+=head1 NAME
+
+life_cycle-pkey - The PKEY algorithm life-cycle
+
+=head1 DESCRIPTION
+
+All public keys (PKEYs) go through a number of stages in their life-cycle:
+
+=over 4
+
+=item start
+
+This state represents the PKEY before it has been allocated. It is the
+starting state for any life-cycle transitions.
+
+=item newed
+
+This state represents the PKEY after it has been allocated.
+
+=item decapsulate
+
+This state represents the PKEY when it is ready to perform a private key decapsulation
+opeartion.
+
+=item decrypt
+
+This state represents the PKEY when it is ready to decrypt some ciphertext.
+
+=item derive
+
+This state represents the PKEY when it is ready to derive a shared secret.
+
+=item digest sign
+
+This state represents the PKEY when it is ready to perform a private key signature
+operation.
+
+=item encapsulate
+
+This state represents the PKEY when it is ready to perform a public key encapsulation
+opeartion.
+
+=item encrypt
+
+This state represents the PKEY when it is ready to encrypt some plaintext.
+
+=item key generation
+
+This state represents the PKEY when it is ready to generate a new public/private key.
+
+=item parameter generation
+
+This state represents the PKEY when it is ready to generate key parameters.
+
+=item verify
+
+This state represents the PKEY when it is ready to verify a public key signature.
+
+=item verify recover
+
+This state represents the PKEY when it is ready to recover a public key signature data.
+
+=item freed
+
+This state is entered when the PKEY is freed. It is the terminal state
+for all life-cycle transitions.
+
+=back
+
+=head2 State Transition Diagram
+
+The usual life-cycle of a PKEY object is illustrated:
+
+=begin man
+
+ +-------------+
+ | |
+ | start |
+ | |
+ EVP_PKEY_derive +-------------+
+ +-------------+ EVP_PKEY_derive_set_peer | +-------------+
+ | |----------------------------+ | +----------------------------| |
+ | derive | | | | EVP_PKEY_verify | verify |
+ | |<---------------------------+ | +--------------------------->| |
+ +-------------+ | +-------------+
+ ^ | ^
+ | EVP_PKEY_derive_init | EVP_PKEY_verify_init |
+ +---------------------------------------+ | +---------------------------------------+
+ | | |
+ +-------------+ | | | +-------------+
+ | |----------------------------+ | | | +----------------------------| |
+ | digest sign | EVP_PKEY_sign | | | | | EVP_PKEY_verify_recover | verify |
+ | |<---------------------------+ | | | +--------------------------->| recover |
+ +-------------+ | | | +-------------+
+ ^ | | | ^
+ | EVP_PKEY_sign_init | | | EVP_PKEY_verify_recover_init |
+ +---------------------------------+ | | | +---------------------------------+
+ | | | | |
+ +-------------+ | | | | | +-------------+
+ | |----------------------------+ | | | | | +----------------------------| |
+ | decapsulate | EVP_PKEY_decapsulate | | | | | | | EVP_PKEY_decrypt | decrypt |
+ | |<---------------------------+ | | v | | +--------------------------->| |
+ +-------------+ | +-------------+ | +-------------+
+ ^ +---| |---+ ^
+ | EVP_PKEY_decapsulate_init | | EVP_PKEY_decrypt_init |
+ +-------------------------------------| newed |-------------------------------------+
+ | |
+ +---| |---+
+ +-------------+ | +-------------+ | +-------------+
+ | |----------------------------+ | | | | +----------------------------| |
+ | encapsulate | EVP_PKEY_encapsulate | | | | | | EVP_PKEY_encrypt | encrypt |
+ | |<---------------------------+ | | | | +--------------------------->| |
+ +-------------+ | | | | +-------------+
+ ^ | | | | ^
+ | EVP_PKEY_encapsulate_init | | | | EVP_PKEY_encrypt_init |
+ +---------------------------------+ | | +---------------------------------+
+ | |
+ +---------------------------------------+ +---------------------------------------+
+ | EVP_PKEY_paramgen_init EVP_PKEY_keygen_init |
+ v v
+ +-------------+ +-------------+
+ | |----------------------------+ +----------------------------| |
+ | parameter | | | | key |
+ | generation |<---------------------------+ +--------------------------->| generation |
+ +-------------+ EVP_PKEY_paramgen EVP_PKEY_keygen +-------------+
+ EVP_PKEY_gen EVP_PKEY_gen
+
+
+ + - - - - - + +-----------+
+ ' ' EVP_PKEY_CTX_free | |
+ ' any state '------------------->| freed |
+ ' ' | |
+ + - - - - - + +-----------+
+
+=end man
+
+=for html <img src="img/pkey.png">
+
+=head2 Formal State Transitions
+
+This section defines all of the legal state transitions.
+This is the canonical list.
+
+=begin man
+
+ Function Call ---------------------------------------------------------------------- Current State ----------------------------------------------------------------------
+ start newed digest verify verify encrypt decrypt derive encapsulate decapsulate parameter key freed
+ sign recover generation generation
+ EVP_PKEY_CTX_new newed
+ EVP_PKEY_CTX_new_id newed
+ EVP_PKEY_CTX_new_from_name newed
+ EVP_PKEY_CTX_new_from_pkey newed
+ EVP_PKEY_sign_init digest digest digest digest digest digest digest digest digest digest digest
+ sign sign sign sign sign sign sign sign sign sign sign
+ EVP_PKEY_sign digest
+ sign
+ EVP_PKEY_verify_init verify verify verify verify verify verify verify verify verify verify verify
+ EVP_PKEY_verify verify
+ EVP_PKEY_verify_recover_init verify verify verify verify verify verify verify verify verify verify verify
+ recover recover recover recover recover recover recover recover recover recover recover
+ EVP_PKEY_verify_recover verify
+ recover
+ EVP_PKEY_encrypt_init encrypt encrypt encrypt encrypt encrypt encrypt encrypt encrypt encrypt encrypt encrypt
+ EVP_PKEY_encrypt encrypt
+ EVP_PKEY_decrypt_init decrypt decrypt decrypt decrypt decrypt decrypt decrypt decrypt decrypt decrypt decrypt
+ EVP_PKEY_decrypt decrypt
+ EVP_PKEY_derive_init derive derive derive derive derive derive derive derive derive derive derive
+ EVP_PKEY_derive_set_peer derive
+ EVP_PKEY_derive derive
+ EVP_PKEY_encapsulate_init encapsulate encapsulate encapsulate encapsulate encapsulate encapsulate encapsulate encapsulate encapsulate encapsulate encapsulate
+ EVP_PKEY_encapsulate encapsulate
+ EVP_PKEY_decapsulate_init decapsulate decapsulate decapsulate decapsulate decapsulate decapsulate decapsulate decapsulate decapsulate decapsulate decapsulate
+ EVP_PKEY_decapsulate decapsulate
+ EVP_PKEY_paramgen_init parameter parameter parameter parameter parameter parameter parameter parameter parameter parameter parameter
+ generation generation generation generation generation generation generation generation generation generation generation
+ EVP_PKEY_paramgen parameter
+ generation
+ EVP_PKEY_keygen_init key key key key key key key key key key key
+ generation generation generation generation generation generation generation generation generation generation generation
+ EVP_PKEY_keygen key
+ generation
+ EVP_PKEY_gen parameter key
+ generation generation
+ EVP_PKEY_CTX_get_params newed digest verify verify encrypt decrypt derive encapsulate decapsulate parameter key
+ sign recover generation generation
+ EVP_PKEY_CTX_set_params newed digest verify verify encrypt decrypt derive encapsulate decapsulate parameter key
+ sign recover generation generation
+ EVP_PKEY_CTX_gettable_params newed digest verify verify encrypt decrypt derive encapsulate decapsulate parameter key
+ sign recover generation generation
+ EVP_PKEY_CTX_settable_params newed digest verify verify encrypt decrypt derive encapsulate decapsulate parameter key
+ sign recover generation generation
+ EVP_PKEY_CTX_free freed freed freed freed freed freed freed freed freed freed freed freed
+
+=end man
+
+=begin html
+
+<table style="border:1px solid; border-collapse:collapse">
+<tr><th style="border:1px solid" align="left">Function Call</th>
+ <th style="border:1px solid" colspan="13">Current State</th></tr>
+<tr><th style="border:1px solid"></th>
+ <th style="border:1px solid" align="center">start</th>
+ <th style="border:1px solid" align="center">newed</th>
+ <th style="border:1px solid" align="center">digest<br>sign</th>
+ <th style="border:1px solid" align="center">verify</th>
+ <th style="border:1px solid" align="center">verify<br>recover</th>
+ <th style="border:1px solid" align="center">encrypt</th>
+ <th style="border:1px solid" align="center">decrypt</th>
+ <th style="border:1px solid" align="center">derive</th>
+ <th style="border:1px solid" align="center">encapsulate</th>
+ <th style="border:1px solid" align="center">decapsulate</th>
+ <th style="border:1px solid" align="center">parameter<br>generation</th>
+ <th style="border:1px solid" align="center">key<br>generation</th>
+ <th style="border:1px solid" align="center">freed</th>
+</tr>
+
+<tr><th style="border:1px solid" align="left">EVP_PKEY_CTX_new</th>
+ <td style="border:1px solid" align="center">newed</td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+</tr>
+<tr><th style="border:1px solid" align="left">EVP_PKEY_CTX_new_id</th>
+ <td style="border:1px solid" align="center">newed</td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+</tr>
+<tr><th style="border:1px solid" align="left">EVP_PKEY_CTX_new_from_name</th>
+ <td style="border:1px solid" align="center">newed</td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+</tr>
+<tr><th style="border:1px solid" align="left">EVP_PKEY_CTX_new_from_pkey</th>
+ <td style="border:1px solid" align="center">newed</td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+</tr>
+<tr><th style="border:1px solid" align="left">EVP_PKEY_sign_init</th>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center">digest<br>sign</td>
+ <td style="border:1px solid" align="center">digest<br>sign</td>
+ <td style="border:1px solid" align="center">digest<br>sign</td>
+ <td style="border:1px solid" align="center">digest<br>sign</td>
+ <td style="border:1px solid" align="center">digest<br>sign</td>
+ <td style="border:1px solid" align="center">digest<br>sign</td>
+ <td style="border:1px solid" align="center">digest<br>sign</td>
+ <td style="border:1px solid" align="center">digest<br>sign</td>
+ <td style="border:1px solid" align="center">digest<br>sign</td>
+ <td style="border:1px solid" align="center">digest<br>sign</td>
+ <td style="border:1px solid" align="center">digest<br>sign</td>
+ <td style="border:1px solid" align="center"></td>
+</tr>
+<tr><th style="border:1px solid" align="left">EVP_PKEY_sign</th>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center">digest<br>sign</td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+</tr>
+<tr><th style="border:1px solid" align="left">EVP_PKEY_verify_init</th>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center">verify</td>
+ <td style="border:1px solid" align="center">verify</td>
+ <td style="border:1px solid" align="center">verify</td>
+ <td style="border:1px solid" align="center">verify</td>
+ <td style="border:1px solid" align="center">verify</td>
+ <td style="border:1px solid" align="center">verify</td>
+ <td style="border:1px solid" align="center">verify</td>
+ <td style="border:1px solid" align="center">verify</td>
+ <td style="border:1px solid" align="center">verify</td>
+ <td style="border:1px solid" align="center">verify</td>
+ <td style="border:1px solid" align="center">verify</td>
+ <td style="border:1px solid" align="center"></td>
+</tr>
+<tr><th style="border:1px solid" align="left">EVP_PKEY_verify</th>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center">verify</td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+</tr>
+<tr><th style="border:1px solid" align="left">EVP_PKEY_verify_recover_init</th>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center">verify<br>recover</td>
+ <td style="border:1px solid" align="center">verify<br>recover</td>
+ <td style="border:1px solid" align="center">verify<br>recover</td>
+ <td style="border:1px solid" align="center">verify<br>recover</td>
+ <td style="border:1px solid" align="center">verify<br>recover</td>
+ <td style="border:1px solid" align="center">verify<br>recover</td>
+ <td style="border:1px solid" align="center">verify<br>recover</td>
+ <td style="border:1px solid" align="center">verify<br>recover</td>
+ <td style="border:1px solid" align="center">verify<br>recover</td>
+ <td style="border:1px solid" align="center">verify<br>recover</td>
+ <td style="border:1px solid" align="center">verify<br>recover</td>
+ <td style="border:1px solid" align="center"></td>
+</tr>
+<tr><th style="border:1px solid" align="left">EVP_PKEY_verify_recover</th>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center">verify<br>recover</td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+</tr>
+<tr><th style="border:1px solid" align="left">EVP_PKEY_encrypt_init</th>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center">encrypt</td>
+ <td style="border:1px solid" align="center">encrypt</td>
+ <td style="border:1px solid" align="center">encrypt</td>
+ <td style="border:1px solid" align="center">encrypt</td>
+ <td style="border:1px solid" align="center">encrypt</td>
+ <td style="border:1px solid" align="center">encrypt</td>
+ <td style="border:1px solid" align="center">encrypt</td>
+ <td style="border:1px solid" align="center">encrypt</td>
+ <td style="border:1px solid" align="center">encrypt</td>
+ <td style="border:1px solid" align="center">encrypt</td>
+ <td style="border:1px solid" align="center">encrypt</td>
+ <td style="border:1px solid" align="center"></td>
+</tr>
+<tr><th style="border:1px solid" align="left">EVP_PKEY_encrypt</th>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center">encrypt</td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+</tr>
+<tr><th style="border:1px solid" align="left">EVP_PKEY_decrypt_init</th>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center">decrypt</td>
+ <td style="border:1px solid" align="center">decrypt</td>
+ <td style="border:1px solid" align="center">decrypt</td>
+ <td style="border:1px solid" align="center">decrypt</td>
+ <td style="border:1px solid" align="center">decrypt</td>
+ <td style="border:1px solid" align="center">decrypt</td>
+ <td style="border:1px solid" align="center">decrypt</td>
+ <td style="border:1px solid" align="center">decrypt</td>
+ <td style="border:1px solid" align="center">decrypt</td>
+ <td style="border:1px solid" align="center">decrypt</td>
+ <td style="border:1px solid" align="center">decrypt</td>
+ <td style="border:1px solid" align="center"></td>
+</tr>
+<tr><th style="border:1px solid" align="left">EVP_PKEY_decrypt</th>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center">decrypt</td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+</tr>
+<tr><th style="border:1px solid" align="left">EVP_PKEY_derive_init</th>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center">derive</td>
+ <td style="border:1px solid" align="center">derive</td>
+ <td style="border:1px solid" align="center">derive</td>
+ <td style="border:1px solid" align="center">derive</td>
+ <td style="border:1px solid" align="center">derive</td>
+ <td style="border:1px solid" align="center">derive</td>
+ <td style="border:1px solid" align="center">derive</td>
+ <td style="border:1px solid" align="center">derive</td>
+ <td style="border:1px solid" align="center">derive</td>
+ <td style="border:1px solid" align="center">derive</td>
+ <td style="border:1px solid" align="center">derive</td>
+ <td style="border:1px solid" align="center"></td>
+</tr>
+<tr><th style="border:1px solid" align="left">EVP_PKEY_derive_set_peer</th>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center">derive</td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+</tr>
+<tr><th style="border:1px solid" align="left">EVP_PKEY_derive</th>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center">derive</td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+</tr>
+<tr><th style="border:1px solid" align="left">EVP_PKEY_encapsulate_init</th>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center">encapsulate</td>
+ <td style="border:1px solid" align="center">encapsulate</td>
+ <td style="border:1px solid" align="center">encapsulate</td>
+ <td style="border:1px solid" align="center">encapsulate</td>
+ <td style="border:1px solid" align="center">encapsulate</td>
+ <td style="border:1px solid" align="center">encapsulate</td>
+ <td style="border:1px solid" align="center">encapsulate</td>
+ <td style="border:1px solid" align="center">encapsulate</td>
+ <td style="border:1px solid" align="center">encapsulate</td>
+ <td style="border:1px solid" align="center">encapsulate</td>
+ <td style="border:1px solid" align="center">encapsulate</td>
+ <td style="border:1px solid" align="center"></td>
+</tr>
+<tr><th style="border:1px solid" align="left">EVP_PKEY_encapsulate</th>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center">encapsulate</td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+</tr>
+<tr><th style="border:1px solid" align="left">EVP_PKEY_decapsulate_init</th>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center">decapsulate</td>
+ <td style="border:1px solid" align="center">decapsulate</td>
+ <td style="border:1px solid" align="center">decapsulate</td>
+ <td style="border:1px solid" align="center">decapsulate</td>
+ <td style="border:1px solid" align="center">decapsulate</td>
+ <td style="border:1px solid" align="center">decapsulate</td>
+ <td style="border:1px solid" align="center">decapsulate</td>
+ <td style="border:1px solid" align="center">decapsulate</td>
+ <td style="border:1px solid" align="center">decapsulate</td>
+ <td style="border:1px solid" align="center">decapsulate</td>
+ <td style="border:1px solid" align="center">decapsulate</td>
+ <td style="border:1px solid" align="center"></td>
+</tr>
+<tr><th style="border:1px solid" align="left">EVP_PKEY_decapsulate</th>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center">decapsulate</td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+</tr>
+<tr><th style="border:1px solid" align="left">EVP_PKEY_paramgen_init</th>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center">parameter<br>generation</td>
+ <td style="border:1px solid" align="center">parameter<br>generation</td>
+ <td style="border:1px solid" align="center">parameter<br>generation</td>
+ <td style="border:1px solid" align="center">parameter<br>generation</td>
+ <td style="border:1px solid" align="center">parameter<br>generation</td>
+ <td style="border:1px solid" align="center">parameter<br>generation</td>
+ <td style="border:1px solid" align="center">parameter<br>generation</td>
+ <td style="border:1px solid" align="center">parameter<br>generation</td>
+ <td style="border:1px solid" align="center">parameter<br>generation</td>
+ <td style="border:1px solid" align="center">parameter<br>generation</td>
+ <td style="border:1px solid" align="center">parameter<br>generation</td>
+ <td style="border:1px solid" align="center"></td>
+</tr>
+<tr><th style="border:1px solid" align="left">EVP_PKEY_paramgen</th>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center">parameter<br>generation</td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+</tr>
+<tr><th style="border:1px solid" align="left">EVP_PKEY_keygen_init</th>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center">key<br>generation</td>
+ <td style="border:1px solid" align="center">key<br>generation</td>
+ <td style="border:1px solid" align="center">key<br>generation</td>
+ <td style="border:1px solid" align="center">key<br>generation</td>
+ <td style="border:1px solid" align="center">key<br>generation</td>
+ <td style="border:1px solid" align="center">key<br>generation</td>
+ <td style="border:1px solid" align="center">key<br>generation</td>
+ <td style="border:1px solid" align="center">key<br>generation</td>
+ <td style="border:1px solid" align="center">key<br>generation</td>
+ <td style="border:1px solid" align="center">key<br>generation</td>
+ <td style="border:1px solid" align="center">key<br>generation</td>
+ <td style="border:1px solid" align="center"></td>
+</tr>
+<tr><th style="border:1px solid" align="left">EVP_PKEY_keygen</th>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center">key<br>generation</td>
+ <td style="border:1px solid" align="center"></td>
+</tr>
+<tr><th style="border:1px solid" align="left">EVP_PKEY_gen</th>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center">parameter<br>generation</td>
+ <td style="border:1px solid" align="center">key<br>generation</td>
+ <td style="border:1px solid" align="center"></td>
+</tr>
+<tr><th style="border:1px solid" align="left">EVP_PKEY_CTX_get_params</th>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center">newed</td>
+ <td style="border:1px solid" align="center">digest<br>sign</td>
+ <td style="border:1px solid" align="center">verify</td>
+ <td style="border:1px solid" align="center">verify<br>recover</td>
+ <td style="border:1px solid" align="center">encrypt</td>
+ <td style="border:1px solid" align="center">decrypt</td>
+ <td style="border:1px solid" align="center">derive</td>
+ <td style="border:1px solid" align="center">encapsulate</td>
+ <td style="border:1px solid" align="center">decapsulate</td>
+ <td style="border:1px solid" align="center">parameter<br>generation</td>
+ <td style="border:1px solid" align="center">key<br>generation</td>
+ <td style="border:1px solid" align="center"></td>
+</tr>
+<tr><th style="border:1px solid" align="left">EVP_PKEY_CTX_set_params</th>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center">newed</td>
+ <td style="border:1px solid" align="center">digest<br>sign</td>
+ <td style="border:1px solid" align="center">verify</td>
+ <td style="border:1px solid" align="center">verify<br>recover</td>
+ <td style="border:1px solid" align="center">encrypt</td>
+ <td style="border:1px solid" align="center">decrypt</td>
+ <td style="border:1px solid" align="center">derive</td>
+ <td style="border:1px solid" align="center">encapsulate</td>
+ <td style="border:1px solid" align="center">decapsulate</td>
+ <td style="border:1px solid" align="center">parameter<br>generation</td>
+ <td style="border:1px solid" align="center">key<br>generation</td>
+ <td style="border:1px solid" align="center"></td>
+</tr>
+<tr><th style="border:1px solid" align="left">EVP_PKEY_CTX_gettable_params</th>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center">newed</td>
+ <td style="border:1px solid" align="center">digest<br>sign</td>
+ <td style="border:1px solid" align="center">verify</td>
+ <td style="border:1px solid" align="center">verify<br>recover</td>
+ <td style="border:1px solid" align="center">encrypt</td>
+ <td style="border:1px solid" align="center">decrypt</td>
+ <td style="border:1px solid" align="center">derive</td>
+ <td style="border:1px solid" align="center">encapsulate</td>
+ <td style="border:1px solid" align="center">decapsulate</td>
+ <td style="border:1px solid" align="center">parameter<br>generation</td>
+ <td style="border:1px solid" align="center">key<br>generation</td>
+ <td style="border:1px solid" align="center"></td>
+</tr>
+<tr><th style="border:1px solid" align="left">EVP_PKEY_CTX_settable_params</th>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center">newed</td>
+ <td style="border:1px solid" align="center">digest<br>sign</td>
+ <td style="border:1px solid" align="center">verify</td>
+ <td style="border:1px solid" align="center">verify<br>recover</td>
+ <td style="border:1px solid" align="center">encrypt</td>
+ <td style="border:1px solid" align="center">decrypt</td>
+ <td style="border:1px solid" align="center">derive</td>
+ <td style="border:1px solid" align="center">encapsulate</td>
+ <td style="border:1px solid" align="center">decapsulate</td>
+ <td style="border:1px solid" align="center">parameter<br>generation</td>
+ <td style="border:1px solid" align="center">key<br>generation</td>
+ <td style="border:1px solid" align="center"></td>
+</tr>
+<tr><th style="border:1px solid" align="left">EVP_PKEY_CTX_free</th>
+ <td style="border:1px solid" align="center">freed</td>
+ <td style="border:1px solid" align="center">freed</td>
+ <td style="border:1px solid" align="center">freed</td>
+ <td style="border:1px solid" align="center">freed</td>
+ <td style="border:1px solid" align="center">freed</td>
+ <td style="border:1px solid" align="center">freed</td>
+ <td style="border:1px solid" align="center">freed</td>
+ <td style="border:1px solid" align="center">freed</td>
+ <td style="border:1px solid" align="center">freed</td>
+ <td style="border:1px solid" align="center">freed</td>
+ <td style="border:1px solid" align="center">freed</td>
+ <td style="border:1px solid" align="center">freed</td>
+ <td style="border:1px solid" align="center"></td>
+</tr>
+</table>
+
+=end html
+
+=head1 NOTES
+
+At some point the EVP layer will begin enforcing the transitions described
+herein.
+
+=head1 SEE ALSO
+
+L<EVP_PKEY_new(3)>,
+L<EVP_PKEY_decapsulate(3)>, L<EVP_PKEY_decrypt(3)>, L<EVP_PKEY_encapsulate(3)>,
+L<EVP_PKEY_encrypt(3)>, L<EVP_PKEY_derive(3)>, L<EVP_PKEY_keygen(3)>,
+L<EVP_PKEY_sign(3)>, L<EVP_PKEY_verify(3)>, L<EVP_PKEY_verify_recover(3)>
+
+=head1 HISTORY
+
+The provider PKEY interface was introduced in OpenSSL 3.0.
+
+=head1 COPYRIGHT
+
+Copyright 2021 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the Apache License 2.0 (the "License"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
+
+=cut
diff --git a/doc/man7/provider-cipher.pod b/doc/man7/provider-cipher.pod
index 52e8417e73..b4a87a3282 100644
--- a/doc/man7/provider-cipher.pod
+++ b/doc/man7/provider-cipher.pod
@@ -223,7 +223,13 @@ array, or NULL if none is offered.
=head1 SEE ALSO
L<provider(7)>, L<OSSL_PROVIDER-FIPS(7)>, L<OSSL_PROVIDER-default(7)>,
-L<OSSL_PROVIDER-legacy(7)>
+L<OSSL_PROVIDER-legacy(7)>,
+L<EVP_CIPHER-AES(7)>, L<EVP_CIPHER-ARIA(7)>, L<EVP_CIPHER-BLOWFISH(7)>,
+L<EVP_CIPHER-CAMELLIA(7)>, L<EVP_CIPHER-CAST(7)>, L<EVP_CIPHER-CHACHA(7)>,
+L<EVP_CIPHER-DES(7)>, L<EVP_CIPHER-IDEA(7)>, L<EVP_CIPHER-RC2(7)>,
+L<EVP_CIPHER-RC4(7)>, L<EVP_CIPHER-RC5(7)>, L<EVP_CIPHER-SEED(7)>,
+L<EVP_CIPHER-SM4(7)>,
+L<life_cycle-cipher(7)>, L<EVP_EncryptInit(3)>
=head1 HISTORY
diff --git a/doc/man7/provider-digest.pod b/doc/man7/provider-digest.pod
index bacdbf4821..63f30d77b5 100644
--- a/doc/man7/provider-digest.pod
+++ b/doc/man7/provider-digest.pod
@@ -262,7 +262,13 @@ produces larger digests is unusable with those API calls.
=head1 SEE ALSO
L<provider(7)>, L<OSSL_PROVIDER-FIPS(7)>, L<OSSL_PROVIDER-default(7)>,
-L<OSSL_PROVIDER-legacy(7)>
+L<OSSL_PROVIDER-legacy(7)>,
+L<EVP_MD-common(7)>, L<EVP_MD-BLAKE2(7)>, L<EVP_MD-MD2(7)>,
+L<EVP_MD-MD4(7)>, L<EVP_MD-MD5(7)>, L<EVP_MD-MD5-SHA1(7)>,
+L<EVP_MD-MDC2(7)>, L<EVP_MD-RIPEMD160(7)>, L<EVP_MD-SHA1(7)>,
+L<EVP_MD-SHA2(7)>, L<EVP_MD-SHA3(7)>, L<EVP_MD-SHAKE(7)>,
+L<EVP_MD-SM3(7)>, L<EVP_MD-WHIRLPOOL(7)>,
+L<life_cycle-digest(7)>, L<EVP_DigestInit(3)>
=head1 HISTORY
diff --git a/util/find-doc-nits b/util/find-doc-nits
index 467f551093..7244c589e8 100755
--- a/util/find-doc-nits
+++ b/util/find-doc-nits
@@ -1139,7 +1139,7 @@ if ( $opt_c ) {
# Get the lists of generic options.
my $active = "";
- open OFH, "apps/include/opt.h"
+ open OFH, catdir($config{sourcedir}, "apps/include/opt.h")
or die "Can't open apps/include/opt.h to list generic options, $!";
while ( <OFH> ) {
chop;
More information about the openssl-commits
mailing list