From 57cd10dd1ee9659b94cfa8a8e74c5a151632975e Mon Sep 17 00:00:00 2001 From: Pauli Date: Tue, 21 Sep 2021 10:59:56 +1000 Subject: [PATCH] doc: remove end of line whitespace Reviewed-by: Tomas Mraz Reviewed-by: Shane Lontis (Merged from https://github.com/openssl/openssl/pull/16641) --- doc/build.info.in | 2 +- doc/internal/man3/OPTIONS.pod | 2 +- doc/internal/man3/cms_add1_signing_cert.pod | 2 +- doc/internal/man3/evp_generic_fetch.pod | 2 +- doc/internal/man3/ossl_lib_ctx_get_data.pod | 2 +- doc/internal/man3/ossl_provider_new.pod | 2 +- doc/internal/man7/DERlib.pod | 2 +- doc/internal/man7/build.info.pod | 2 +- doc/life-cycles/digest.dot | 2 +- doc/life-cycles/kdf.dot | 2 +- doc/life-cycles/mac.dot | 2 +- doc/life-cycles/rand.dot | 2 +- doc/man1/openssl-cmp.pod.in | 2 +- doc/man3/CMS_add1_recipient_cert.pod | 2 +- doc/man3/CMS_get0_RecipientInfos.pod | 2 +- doc/man3/CMS_verify.pod | 2 +- doc/man3/CRYPTO_get_ex_new_index.pod | 2 +- doc/man3/ERR_get_error.pod | 4 +-- doc/man3/ERR_put_error.pod | 2 +- doc/man3/EVP_EncryptInit.pod | 2 +- doc/man3/EVP_PKEY_copy_parameters.pod | 2 +- doc/man3/EVP_PKEY_encapsulate.pod | 2 +- doc/man3/EVP_PKEY_encrypt.pod | 2 +- doc/man3/EVP_PKEY_fromdata.pod | 2 +- doc/man3/OSSL_CMP_SRV_CTX_new.pod | 2 +- doc/man3/OSSL_DECODER_CTX.pod | 2 +- doc/man3/PKCS12_SAFEBAG_create_cert.pod | 4 +-- doc/man3/PKCS12_SAFEBAG_get0_attrs.pod | 6 ++--- doc/man3/PKCS12_SAFEBAG_get1_cert.pod | 2 +- doc/man3/PKCS12_decrypt_skey.pod | 2 +- doc/man3/SSL_set_async_callback.pod | 2 +- doc/man3/SSL_set_bio.pod | 2 +- doc/man3/X509_get0_signature.pod | 4 +-- doc/man3/d2i_RSAPrivateKey.pod | 14 +++++----- doc/man5/x509v3_config.pod | 4 +-- doc/man7/EVP_KEYEXCH-ECDH.pod | 2 +- doc/man7/EVP_PKEY-DH.pod | 2 +- doc/man7/EVP_PKEY-EC.pod | 2 +- doc/man7/EVP_PKEY-FFC.pod | 2 +- doc/man7/EVP_SIGNATURE-DSA.pod | 2 +- doc/man7/EVP_SIGNATURE-ECDSA.pod | 2 +- doc/man7/EVP_SIGNATURE-RSA.pod | 6 ++--- doc/man7/OSSL_PROVIDER-FIPS.pod | 4 +-- doc/man7/bio.pod | 2 +- doc/man7/life_cycle-cipher.pod | 6 ++--- doc/man7/life_cycle-digest.pod | 2 +- doc/man7/life_cycle-kdf.pod | 2 +- doc/man7/life_cycle-mac.pod | 2 +- doc/man7/life_cycle-rand.pod | 2 +- doc/man7/migration_guide.pod | 30 ++++++++++----------- doc/man7/openssl-core.h.pod | 2 +- doc/man7/openssl-glossary.pod | 2 +- doc/man7/property.pod | 2 +- doc/man7/provider-base.pod | 2 +- doc/man7/provider-keyexch.pod | 2 +- doc/man7/provider-keymgmt.pod | 4 +-- doc/man7/provider-signature.pod | 2 +- doc/man7/proxy-certificates.pod | 4 +-- 58 files changed, 91 insertions(+), 91 deletions(-) diff --git a/doc/build.info.in b/doc/build.info.in index fa1962f382..e8dae7058a 100644 --- a/doc/build.info.in +++ b/doc/build.info.in @@ -14,7 +14,7 @@ SUBDIRS = man1 map { $_ => 1 } glob catfile($sourcedir, "man$section", "img", "*.png"); my %podfiles = map { $_ => 1 } glob catfile($sourcedir, "man$section", "*.pod"); - my %podinfiles = + my %podinfiles = map { $_ => 1 } glob catfile($sourcedir, "man$section", "*.pod.in"); foreach (keys %podinfiles) { diff --git a/doc/internal/man3/OPTIONS.pod b/doc/internal/man3/OPTIONS.pod index 1971c76241..90593ca46f 100644 --- a/doc/internal/man3/OPTIONS.pod +++ b/doc/internal/man3/OPTIONS.pod @@ -189,7 +189,7 @@ B macro: OPT_PARAMETERS() {OPT_PARAM_STR, 1, '-', "Parameters:\n"} -Every "option" after after this should contain the parameter and +Every "option" after after this should contain the parameter and the help string: {"text", 0, 0, "Words to display (optional)"}, diff --git a/doc/internal/man3/cms_add1_signing_cert.pod b/doc/internal/man3/cms_add1_signing_cert.pod index 97c5a5111d..1f5f681c64 100644 --- a/doc/internal/man3/cms_add1_signing_cert.pod +++ b/doc/internal/man3/cms_add1_signing_cert.pod @@ -31,7 +31,7 @@ For a fuller description see L). =head1 RETURN VALUES -cms_add1_signing_cert() and cms_add1_signing_cert_v2() return 1 if attribute +cms_add1_signing_cert() and cms_add1_signing_cert_v2() return 1 if attribute is added or 0 if an error occurred. =head1 COPYRIGHT diff --git a/doc/internal/man3/evp_generic_fetch.pod b/doc/internal/man3/evp_generic_fetch.pod index 243f6c952f..bc9a3a0770 100644 --- a/doc/internal/man3/evp_generic_fetch.pod +++ b/doc/internal/man3/evp_generic_fetch.pod @@ -37,7 +37,7 @@ I, I, I, and I and uses it to create an EVP method with the help of the functions I, I, and I. -evp_generic_fetch_by_number() does the same thing as evp_generic_fetch(), +evp_generic_fetch_by_number() does the same thing as evp_generic_fetch(), but takes a numeric I instead of a name. I must always be nonzero; as a matter of fact, it being zero is considered a programming error. diff --git a/doc/internal/man3/ossl_lib_ctx_get_data.pod b/doc/internal/man3/ossl_lib_ctx_get_data.pod index 2050a2506b..faedf7275f 100644 --- a/doc/internal/man3/ossl_lib_ctx_get_data.pod +++ b/doc/internal/man3/ossl_lib_ctx_get_data.pod @@ -91,7 +91,7 @@ and a destructor to an index. } /* - * Include a reference to this in the methods table in context.c + * Include a reference to this in the methods table in context.c * OSSL_LIB_CTX_FOO_INDEX should be added to internal/cryptlib.h * Priorities can be OSSL_LIB_CTX_METHOD_DEFAULT_PRIORITY, * OSSL_LIB_CTX_METHOD_PRIORITY_1, OSSL_LIB_CTX_METHOD_PRIORITY_2, etc. diff --git a/doc/internal/man3/ossl_provider_new.pod b/doc/internal/man3/ossl_provider_new.pod index 09b2e04117..10d197bcfc 100644 --- a/doc/internal/man3/ossl_provider_new.pod +++ b/doc/internal/man3/ossl_provider_new.pod @@ -296,7 +296,7 @@ in a bitstring that's internal to I. ossl_provider_test_operation_bit() checks if the bit operation I is set (1) or not (0) in the internal I bitstring, and sets -I<*result> to 1 or 0 accorddingly. +I<*result> to 1 or 0 accorddingly. ossl_provider_clear_all_operation_bits() clears all of the operation bits to (0) for all providers in the library context I. diff --git a/doc/internal/man7/DERlib.pod b/doc/internal/man7/DERlib.pod index 7085a2cb6d..3129a9b74d 100644 --- a/doc/internal/man7/DERlib.pod +++ b/doc/internal/man7/DERlib.pod @@ -81,7 +81,7 @@ As a reminder, the AlgorithmIdentifier is specified like this: -- From RFC 3280, section 4.1.1.2 AlgorithmIdentifier ::= SEQUENCE { algorithm OBJECT IDENTIFIER, - parameters ANY DEFINED BY algorithm OPTIONAL } + parameters ANY DEFINED BY algorithm OPTIONAL } And the RSASSA-PSS OID and parameters are specified like this: diff --git a/doc/internal/man7/build.info.pod b/doc/internal/man7/build.info.pod index 8c651b37e6..080c9e444e 100644 --- a/doc/internal/man7/build.info.pod +++ b/doc/internal/man7/build.info.pod @@ -574,7 +574,7 @@ appear in a linking command line (because of recursive dependencies through other libraries), they will be ordered in such a way that this dependency is maintained: - DEPEND[libfoo.a]{weak}=libfoo.a libcookie.a + DEPEND[libfoo.a]{weak}=libfoo.a libcookie.a This is useful in complex dependency trees where two libraries can be used as alternatives for each other. In this example, C and diff --git a/doc/life-cycles/digest.dot b/doc/life-cycles/digest.dot index 4ad7f79e45..8d4d72480c 100644 --- a/doc/life-cycles/digest.dot +++ b/doc/life-cycles/digest.dot @@ -30,4 +30,4 @@ digraph digest { finaled -> initialised [label="EVP_DigestInit", style=dashed, color="#034f84", fontcolor="#034f84"]; } - + diff --git a/doc/life-cycles/kdf.dot b/doc/life-cycles/kdf.dot index b0e925685d..2dce34377d 100644 --- a/doc/life-cycles/kdf.dot +++ b/doc/life-cycles/kdf.dot @@ -13,4 +13,4 @@ strict digraph kdf { deriving -> newed [label="EVP_KDF_CTX_reset", style=dashed, color="#034f84", fontcolor="#034f84"]; } - + diff --git a/doc/life-cycles/mac.dot b/doc/life-cycles/mac.dot index c841c5f218..fe277f8328 100644 --- a/doc/life-cycles/mac.dot +++ b/doc/life-cycles/mac.dot @@ -25,4 +25,4 @@ digraph mac { finaled -> initialised [label="EVP_MAC_init", style=dashed, color="#034f84", fontcolor="#034f84"]; } - + diff --git a/doc/life-cycles/rand.dot b/doc/life-cycles/rand.dot index df740b7a9b..a57cf710c7 100644 --- a/doc/life-cycles/rand.dot +++ b/doc/life-cycles/rand.dot @@ -14,4 +14,4 @@ strict digraph rand { uninstantiated -> end [label="EVP_RAND_CTX_free"]; uninstantiated -> instantiated [label="EVP_RAND_instantiate", style=dashed, color="#034f84", fontcolor="#034f84"]; } - + diff --git a/doc/man1/openssl-cmp.pod.in b/doc/man1/openssl-cmp.pod.in index 0e482677a0..b4c3c82255 100644 --- a/doc/man1/openssl-cmp.pod.in +++ b/doc/man1/openssl-cmp.pod.in @@ -835,7 +835,7 @@ have no effect on the certificate verification enabled via this option. =item B<-tls_host> I -Address to be checked during hostname validation. +Address to be checked during hostname validation. This may be a DNS name or an IP address. If not given it defaults to the B<-server> address. diff --git a/doc/man3/CMS_add1_recipient_cert.pod b/doc/man3/CMS_add1_recipient_cert.pod index 34d1e0ee36..0855d5321b 100644 --- a/doc/man3/CMS_add1_recipient_cert.pod +++ b/doc/man3/CMS_add1_recipient_cert.pod @@ -9,7 +9,7 @@ CMS_add1_recipient, CMS_add1_recipient_cert, CMS_add0_recipient_key - add recipi #include CMS_RecipientInfo *CMS_add1_recipient(CMS_ContentInfo *cms, X509 *recip, - EVP_PKEY *originatorPrivKey, + EVP_PKEY *originatorPrivKey, X509 *originator, unsigned int flags); CMS_RecipientInfo *CMS_add1_recipient_cert(CMS_ContentInfo *cms, diff --git a/doc/man3/CMS_get0_RecipientInfos.pod b/doc/man3/CMS_get0_RecipientInfos.pod index c6354381fc..eb755f5243 100644 --- a/doc/man3/CMS_get0_RecipientInfos.pod +++ b/doc/man3/CMS_get0_RecipientInfos.pod @@ -140,7 +140,7 @@ L, L =head1 HISTORY -B and B +B and B were added in OpenSSL 3.0. =head1 COPYRIGHT diff --git a/doc/man3/CMS_verify.pod b/doc/man3/CMS_verify.pod index 33130bc9f2..6c9595e51e 100644 --- a/doc/man3/CMS_verify.pod +++ b/doc/man3/CMS_verify.pod @@ -71,7 +71,7 @@ verified, unless CMS_CADES flag is also set. If B is set the signed attributes signature is not verified, unless CMS_CADES flag is also set. -If B is set, each signer certificate is checked against the +If B is set, each signer certificate is checked against the ESS signingCertificate or ESS signingCertificateV2 extension that is required in the signed attributes of the signature. diff --git a/doc/man3/CRYPTO_get_ex_new_index.pod b/doc/man3/CRYPTO_get_ex_new_index.pod index 7a8ebdf1d9..86b3745d8d 100644 --- a/doc/man3/CRYPTO_get_ex_new_index.pod +++ b/doc/man3/CRYPTO_get_ex_new_index.pod @@ -152,7 +152,7 @@ will fail. CRYPTO_get_ex_new_index() returns a new index or -1 on failure. CRYPTO_free_ex_index(), CRYPTO_alloc_ex_data() and CRYPTO_set_ex_data() -return 1 on success or 0 on failure. +return 1 on success or 0 on failure. CRYPTO_get_ex_data() returns the application data or NULL on failure; note that NULL may be a valid value. diff --git a/doc/man3/ERR_get_error.pod b/doc/man3/ERR_get_error.pod index 4e33378cf3..fb02a3ca07 100644 --- a/doc/man3/ERR_get_error.pod +++ b/doc/man3/ERR_get_error.pod @@ -78,14 +78,14 @@ is valid until the respective entry is overwritten in the error queue. ERR_peek_error_line() and ERR_peek_last_error_line() are the same as ERR_peek_error() and ERR_peek_last_error(), but on success they additionally store the filename and line number where the error occurred in *I and -*I, as far as they are not NULL. +*I, as far as they are not NULL. An unset filename is indicated as "", i.e., an empty string. An unset line number is indicated as 0. ERR_peek_error_func() and ERR_peek_last_error_func() are the same as ERR_peek_error() and ERR_peek_last_error(), but on success they additionally store the name of the function where the error occurred in *I, unless -it is NULL. +it is NULL. An unset function name is indicated as "". ERR_peek_error_data() and ERR_peek_last_error_data() are the same as diff --git a/doc/man3/ERR_put_error.pod b/doc/man3/ERR_put_error.pod index a4e0cd6bec..06e728bb82 100644 --- a/doc/man3/ERR_put_error.pod +++ b/doc/man3/ERR_put_error.pod @@ -35,7 +35,7 @@ record. ERR_raise_data() does the same thing as ERR_raise(), but also lets the caller specify additional information as a format string B and an -arbitrary number of values, which are processed with L. +arbitrary number of values, which are processed with L. ERR_put_error() adds an error code to the thread's error queue. It signals that the error of reason code B occurred in function diff --git a/doc/man3/EVP_EncryptInit.pod b/doc/man3/EVP_EncryptInit.pod index 62d9047dce..93b4f2c383 100644 --- a/doc/man3/EVP_EncryptInit.pod +++ b/doc/man3/EVP_EncryptInit.pod @@ -1330,7 +1330,7 @@ Sets the CCM B value. If not set a default is used (8 for AES). =item EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL) -Sets the CCM nonce (IV) length. This call can only be made before specifying a +Sets the CCM nonce (IV) length. This call can only be made before specifying a nonce value. The nonce length is given by B<15 - L> so it is 7 by default for AES. diff --git a/doc/man3/EVP_PKEY_copy_parameters.pod b/doc/man3/EVP_PKEY_copy_parameters.pod index 1ca38f8ae9..7c3404403e 100644 --- a/doc/man3/EVP_PKEY_copy_parameters.pod +++ b/doc/man3/EVP_PKEY_copy_parameters.pod @@ -64,7 +64,7 @@ doesn't use parameters. These functions EVP_PKEY_copy_parameters() returns 1 for success and 0 for failure. -The functions EVP_PKEY_cmp_parameters(), EVP_PKEY_parameters_eq(), +The functions EVP_PKEY_cmp_parameters(), EVP_PKEY_parameters_eq(), EVP_PKEY_cmp() and EVP_PKEY_eq() return 1 if their inputs match, 0 if they don't match, -1 if the key types are different and -2 if the operation is not supported. diff --git a/doc/man3/EVP_PKEY_encapsulate.pod b/doc/man3/EVP_PKEY_encapsulate.pod index 22b0aaed6f..9baf88d07b 100644 --- a/doc/man3/EVP_PKEY_encapsulate.pod +++ b/doc/man3/EVP_PKEY_encapsulate.pod @@ -75,7 +75,7 @@ Encapsulate an RSASVE key (for RSA keys). /* * The generated 'secret' can be used as key material. * The encapsulated 'out' can be sent to another party who can - * decapsulate it using their private key to retrieve the 'secret'. + * decapsulate it using their private key to retrieve the 'secret'. */ if (EVP_PKEY_encapsulate(ctx, out, &outlen, secret, &secretlen) <= 0) /* Error */ diff --git a/doc/man3/EVP_PKEY_encrypt.pod b/doc/man3/EVP_PKEY_encrypt.pod index e574efa73a..9ff6ed6cae 100644 --- a/doc/man3/EVP_PKEY_encrypt.pod +++ b/doc/man3/EVP_PKEY_encrypt.pod @@ -2,7 +2,7 @@ =head1 NAME -EVP_PKEY_encrypt_init_ex, +EVP_PKEY_encrypt_init_ex, EVP_PKEY_encrypt_init, EVP_PKEY_encrypt - encrypt using a public key algorithm =head1 SYNOPSIS diff --git a/doc/man3/EVP_PKEY_fromdata.pod b/doc/man3/EVP_PKEY_fromdata.pod index 107ebf82a0..b968150bb6 100644 --- a/doc/man3/EVP_PKEY_fromdata.pod +++ b/doc/man3/EVP_PKEY_fromdata.pod @@ -80,7 +80,7 @@ public key and key parameters. These functions only work with key management methods coming from a provider. This is the mirror function to L. -=for comment We may choose to make this available for legacy methods too... +=for comment We may choose to make this available for legacy methods too... =head1 RETURN VALUES diff --git a/doc/man3/OSSL_CMP_SRV_CTX_new.pod b/doc/man3/OSSL_CMP_SRV_CTX_new.pod index bad043cb92..d7f1a2e4db 100644 --- a/doc/man3/OSSL_CMP_SRV_CTX_new.pod +++ b/doc/man3/OSSL_CMP_SRV_CTX_new.pod @@ -100,7 +100,7 @@ in the same way as L. The B must be set as I of I. OSSL_CMP_SRV_CTX_new() creates and initializes an B structure -associated with the library context I and property query string +associated with the library context I and property query string I, both of which may be NULL to select the defaults. OSSL_CMP_SRV_CTX_free() deletes the given I. diff --git a/doc/man3/OSSL_DECODER_CTX.pod b/doc/man3/OSSL_DECODER_CTX.pod index aa5dc90893..0c9db4e087 100644 --- a/doc/man3/OSSL_DECODER_CTX.pod +++ b/doc/man3/OSSL_DECODER_CTX.pod @@ -159,7 +159,7 @@ OSSL_DECODER_CTX_set_cleanup() respectively. OSSL_DECODER_export() is a fallback function for constructors that cannot use the data they get directly for diverse reasons. It takes the same -decode instance I that the constructor got and an object +decode instance I that the constructor got and an object I, unpacks the object which it refers to, and exports it by creating an L array that it then passes to I, along with I. diff --git a/doc/man3/PKCS12_SAFEBAG_create_cert.pod b/doc/man3/PKCS12_SAFEBAG_create_cert.pod index 07ba1425e7..ef161f01ba 100644 --- a/doc/man3/PKCS12_SAFEBAG_create_cert.pod +++ b/doc/man3/PKCS12_SAFEBAG_create_cert.pod @@ -3,7 +3,7 @@ =head1 NAME PKCS12_SAFEBAG_create_cert, PKCS12_SAFEBAG_create_crl, -PKCS12_SAFEBAG_create_secret, PKCS12_SAFEBAG_create0_p8inf, +PKCS12_SAFEBAG_create_secret, PKCS12_SAFEBAG_create0_p8inf, PKCS12_SAFEBAG_create0_pkcs8, PKCS12_SAFEBAG_create_pkcs8_encrypt, PKCS12_SAFEBAG_create_pkcs8_encrypt_ex - Create PKCS#12 safeBag objects @@ -52,7 +52,7 @@ containing the supplied PKCS8 structure. PKCS12_SAFEBAG_create0_pkcs8() creates a new B of type B containing the supplied PKCS8 structure. -PKCS12_SAFEBAG_create_pkcs8_encrypt() creates a new B of type +PKCS12_SAFEBAG_create_pkcs8_encrypt() creates a new B of type B by encrypting the supplied PKCS8 I. If I is 0, a default encryption algorithm is used. I is the passphrase and I is the iteration count. If I is zero then a default diff --git a/doc/man3/PKCS12_SAFEBAG_get0_attrs.pod b/doc/man3/PKCS12_SAFEBAG_get0_attrs.pod index c1544bc0e7..8ed67fbdf7 100644 --- a/doc/man3/PKCS12_SAFEBAG_get0_attrs.pod +++ b/doc/man3/PKCS12_SAFEBAG_get0_attrs.pod @@ -16,7 +16,7 @@ PKCS12_SAFEBAG_get0_attrs, PKCS12_get_attr_gen =head1 DESCRIPTION -PKCS12_SAFEBAG_get0_attrs() retrieves the stack of Bs from a +PKCS12_SAFEBAG_get0_attrs() retrieves the stack of Bs from a PKCS#12 safeBag. I is the B to retrieve the attributes from. PKCS12_get_attr_gen() retrieves an attribute by NID from a stack of @@ -24,10 +24,10 @@ Bs. I is the NID of the attribute to retrieve. =head1 RETURN VALUES -PKCS12_SAFEBAG_get0_attrs() returns the stack of Bs from a +PKCS12_SAFEBAG_get0_attrs() returns the stack of Bs from a PKCS#12 safeBag, which could be empty. -PKCS12_get_attr_gen() returns an B object containing the attribute, +PKCS12_get_attr_gen() returns an B object containing the attribute, or NULL if the attribute was either not present or an error occurred. PKCS12_get_attr_gen() does not allocate a new attribute. The returned attribute diff --git a/doc/man3/PKCS12_SAFEBAG_get1_cert.pod b/doc/man3/PKCS12_SAFEBAG_get1_cert.pod index b89b17eeaf..13f1263fe6 100644 --- a/doc/man3/PKCS12_SAFEBAG_get1_cert.pod +++ b/doc/man3/PKCS12_SAFEBAG_get1_cert.pod @@ -48,7 +48,7 @@ PKCS12_SAFEBAG_get0_p8inf() and PKCS12_SAFEBAG_get0_pkcs8() return the PKCS8 obj from a PKCS8shroudedKeyBag or a keyBag. PKCS12_SAFEBAG_get0_safes() retrieves the set of B contained within a -safeContentsBag. +safeContentsBag. =head1 RETURN VALUES diff --git a/doc/man3/PKCS12_decrypt_skey.pod b/doc/man3/PKCS12_decrypt_skey.pod index a376ddc502..7a41b2b06c 100644 --- a/doc/man3/PKCS12_decrypt_skey.pod +++ b/doc/man3/PKCS12_decrypt_skey.pod @@ -21,7 +21,7 @@ decrypt functions PKCS12_decrypt_skey() Decrypt the PKCS#8 shrouded keybag contained within I using the supplied password I of length I. -PKCS12_decrypt_skey_ex() is similar to the above but allows for a library contex +PKCS12_decrypt_skey_ex() is similar to the above but allows for a library contex I and property query I to be used to select algorithm implementations. =head1 RETURN VALUES diff --git a/doc/man3/SSL_set_async_callback.pod b/doc/man3/SSL_set_async_callback.pod index 9de735f8fc..db858a00ce 100644 --- a/doc/man3/SSL_set_async_callback.pod +++ b/doc/man3/SSL_set_async_callback.pod @@ -55,7 +55,7 @@ An example of the above functions would be the following: =item 1. -Application sets the async callback and callback data on an SSL connection +Application sets the async callback and callback data on an SSL connection by calling SSL_set_async_callback(). =item 2. diff --git a/doc/man3/SSL_set_bio.pod b/doc/man3/SSL_set_bio.pod index d88e6836b8..44c69ef21e 100644 --- a/doc/man3/SSL_set_bio.pod +++ b/doc/man3/SSL_set_bio.pod @@ -78,7 +78,7 @@ and no references are consumed for the B. If the B and B parameters are different and the B is the same as the previously set value and the old B and B values were different -to each other, then one reference is consumed for the B and one +to each other, then one reference is consumed for the B and one reference is consumed for the B. =back diff --git a/doc/man3/X509_get0_signature.pod b/doc/man3/X509_get0_signature.pod index 0d251a0012..a49a70038e 100644 --- a/doc/man3/X509_get0_signature.pod +++ b/doc/man3/X509_get0_signature.pod @@ -3,8 +3,8 @@ =head1 NAME X509_get0_signature, X509_REQ_set0_signature, X509_REQ_set1_signature_algo, -X509_get_signature_nid, X509_get0_tbs_sigalg, X509_REQ_get0_signature, -X509_REQ_get_signature_nid, X509_CRL_get0_signature, X509_CRL_get_signature_nid, +X509_get_signature_nid, X509_get0_tbs_sigalg, X509_REQ_get0_signature, +X509_REQ_get_signature_nid, X509_CRL_get0_signature, X509_CRL_get_signature_nid, X509_get_signature_info, X509_SIG_INFO_get, X509_SIG_INFO_set - signature information =head1 SYNOPSIS diff --git a/doc/man3/d2i_RSAPrivateKey.pod b/doc/man3/d2i_RSAPrivateKey.pod index 20cdfb1fcb..2e22049ffb 100644 --- a/doc/man3/d2i_RSAPrivateKey.pod +++ b/doc/man3/d2i_RSAPrivateKey.pod @@ -172,13 +172,13 @@ There are two migration paths: =item * Replace -bPrivateKey()> with L, -bPublicKey()> with L, -bparams()> with L, -b_PUBKEY()> with L, -bPrivateKey()> with L, -bPublicKey()> with L, -bparams()> with L, +bPrivateKey()> with L, +bPublicKey()> with L, +bparams()> with L, +b_PUBKEY()> with L, +bPrivateKey()> with L, +bPublicKey()> with L, +bparams()> with L, b_PUBKEY()> with L. A caveat is that L may output a DER encoded PKCS#8 outermost structure instead of the type specific structure, and that diff --git a/doc/man5/x509v3_config.pod b/doc/man5/x509v3_config.pod index fb7c3aaff7..1d4c4dc3ae 100644 --- a/doc/man5/x509v3_config.pod +++ b/doc/man5/x509v3_config.pod @@ -289,8 +289,8 @@ B, where B is an object identifier syntax as subject alternative name (except that B is not supported). Possible values for access_id include B (OCSP responder), -B (CA Issuers), -B (AD Time Stamping), +B (CA Issuers), +B (AD Time Stamping), B (ad dvcs), B (CA Repository). diff --git a/doc/man7/EVP_KEYEXCH-ECDH.pod b/doc/man7/EVP_KEYEXCH-ECDH.pod index 95076b1ebd..a710625f22 100644 --- a/doc/man7/EVP_KEYEXCH-ECDH.pod +++ b/doc/man7/EVP_KEYEXCH-ECDH.pod @@ -74,7 +74,7 @@ Keys for the host and peer must be generated as shown in L using the same curve name. The code to generate a shared secret for the normal case is identical to -L. +L. To derive a shared secret on the host using the host's key and the peer's public key but also using X963KDF with a user key material: diff --git a/doc/man7/EVP_PKEY-DH.pod b/doc/man7/EVP_PKEY-DH.pod index 9da5d9c6ef..2c90982d07 100644 --- a/doc/man7/EVP_PKEY-DH.pod +++ b/doc/man7/EVP_PKEY-DH.pod @@ -74,7 +74,7 @@ See EVP_PKEY_set1_encoded_public_key() and EVP_PKEY_get1_encoded_public_key(). Used for DH generation of safe primes using the old safe prime generator code. The default value is 2. It is recommended to use a named safe prime group instead, if domain parameter -validation is required. +validation is required. Randomly generated safe primes are not allowed by FIPS, so setting this value for the OpenSSL FIPS provider will instead choose a named safe prime group diff --git a/doc/man7/EVP_PKEY-EC.pod b/doc/man7/EVP_PKEY-EC.pod index 31d92bf8a1..a3c3ccb705 100644 --- a/doc/man7/EVP_PKEY-EC.pod +++ b/doc/man7/EVP_PKEY-EC.pod @@ -71,7 +71,7 @@ I multiplied by the I gives the number of points on the curve. =item "decoded-from-explicit" (B) Gets a flag indicating wether the key or parameters were decoded from explicit -curve parameters. Set to 1 if so or 0 if a named curve was used. +curve parameters. Set to 1 if so or 0 if a named curve was used. =item "use-cofactor-flag" (B) diff --git a/doc/man7/EVP_PKEY-FFC.pod b/doc/man7/EVP_PKEY-FFC.pod index 3ab243f45a..dab7380fc2 100644 --- a/doc/man7/EVP_PKEY-FFC.pod +++ b/doc/man7/EVP_PKEY-FFC.pod @@ -92,7 +92,7 @@ of I

. This value must be saved if domain parameter validation is required. =item "hindex" (B) -For unverifiable generation of the generator I this value is output during +For unverifiable generation of the generator I this value is output during generation of I. Its value is the first integer larger than one that satisfies g = h^j mod p (where g != 1 and "j" is the cofactor). diff --git a/doc/man7/EVP_SIGNATURE-DSA.pod b/doc/man7/EVP_SIGNATURE-DSA.pod index 11fe500cb3..4801cf9994 100644 --- a/doc/man7/EVP_SIGNATURE-DSA.pod +++ b/doc/man7/EVP_SIGNATURE-DSA.pod @@ -14,7 +14,7 @@ See L for information related to DSA keys. The following signature parameters can be set using EVP_PKEY_CTX_set_params(). This may be called after EVP_PKEY_sign_init() or EVP_PKEY_verify_init(), -and before calling EVP_PKEY_sign() or EVP_PKEY_verify(). +and before calling EVP_PKEY_sign() or EVP_PKEY_verify(). =over 4 diff --git a/doc/man7/EVP_SIGNATURE-ECDSA.pod b/doc/man7/EVP_SIGNATURE-ECDSA.pod index 04b80a1118..0ac3f78461 100644 --- a/doc/man7/EVP_SIGNATURE-ECDSA.pod +++ b/doc/man7/EVP_SIGNATURE-ECDSA.pod @@ -13,7 +13,7 @@ See L for information related to EC keys. The following signature parameters can be set using EVP_PKEY_CTX_set_params(). This may be called after EVP_PKEY_sign_init() or EVP_PKEY_verify_init(), -and before calling EVP_PKEY_sign() or EVP_PKEY_verify(). +and before calling EVP_PKEY_sign() or EVP_PKEY_verify(). =over 4 diff --git a/doc/man7/EVP_SIGNATURE-RSA.pod b/doc/man7/EVP_SIGNATURE-RSA.pod index 1be30b3158..06ca036f0c 100644 --- a/doc/man7/EVP_SIGNATURE-RSA.pod +++ b/doc/man7/EVP_SIGNATURE-RSA.pod @@ -14,7 +14,7 @@ See L for information related to RSA keys. The following signature parameters can be set using EVP_PKEY_CTX_set_params(). This may be called after EVP_PKEY_sign_init() or EVP_PKEY_verify_init(), -and before calling EVP_PKEY_sign() or EVP_PKEY_verify(). +and before calling EVP_PKEY_sign() or EVP_PKEY_verify(). =over 4 @@ -32,11 +32,11 @@ The type of padding to be used. Its value can be one of the following: =item "none" (B) -=item "pkcs1" (B) +=item "pkcs1" (B) =item "x931" (B) -=item "pss" (B) +=item "pss" (B) =back diff --git a/doc/man7/OSSL_PROVIDER-FIPS.pod b/doc/man7/OSSL_PROVIDER-FIPS.pod index 0eac85b324..00ab7977f4 100644 --- a/doc/man7/OSSL_PROVIDER-FIPS.pod +++ b/doc/man7/OSSL_PROVIDER-FIPS.pod @@ -6,7 +6,7 @@ OSSL_PROVIDER-FIPS - OpenSSL FIPS provider =head1 DESCRIPTION -The OpenSSL FIPS provider is a special provider that conforms to the Federal +The OpenSSL FIPS provider is a special provider that conforms to the Federal Information Processing Standards (FIPS) specified in FIPS 140-2. This 'module' contains an approved set of cryptographic algorithms that is validated by an accredited testing laboratory. @@ -214,7 +214,7 @@ Known answer test for a digest. Known answer test for a signature. -=item "PCT_Signature" (B) +=item "PCT_Signature" (B) Pairwise Consistency check for a signature. diff --git a/doc/man7/bio.pod b/doc/man7/bio.pod index e2c11665b9..9b86e9493d 100644 --- a/doc/man7/bio.pod +++ b/doc/man7/bio.pod @@ -49,7 +49,7 @@ BIO_free() on it other than the discarded return value. Normally the I argument is supplied by a function which returns a pointer to a BIO_METHOD. There is a naming convention for such functions: -a source/sink BIO typically starts with I and +a source/sink BIO typically starts with I and a filter BIO with I. =head1 EXAMPLES diff --git a/doc/man7/life_cycle-cipher.pod b/doc/man7/life_cycle-cipher.pod index 227cc18b8d..1fe05688ed 100644 --- a/doc/man7/life_cycle-cipher.pod +++ b/doc/man7/life_cycle-cipher.pod @@ -126,12 +126,12 @@ This is the canonical list. Function Call ---------------------------------------------- Current State ----------------------------------------------- start newed initialised updated finaled initialised updated initialised updated freed decryption decryption encryption encryption - EVP_CIPHER_CTX_new newed + EVP_CIPHER_CTX_new newed EVP_CipherInit initialised initialised initialised initialised initialised initialised initialised initialised EVP_DecryptInit initialised initialised initialised initialised initialised initialised initialised initialised - decryption decryption decryption decryption decryption decryption decryption decryption + decryption decryption decryption decryption decryption decryption decryption decryption EVP_EncryptInit initialised initialised initialised initialised initialised initialised initialised initialised - encryption encryption encryption encryption encryption encryption encryption encryption + encryption encryption encryption encryption encryption encryption encryption encryption EVP_CipherUpdate updated updated EVP_DecryptUpdate updated updated decryption decryption diff --git a/doc/man7/life_cycle-digest.pod b/doc/man7/life_cycle-digest.pod index 5425f57dd5..709fd0d04c 100644 --- a/doc/man7/life_cycle-digest.pod +++ b/doc/man7/life_cycle-digest.pod @@ -93,7 +93,7 @@ This is the canonical list. Function Call --------------------- Current State ---------------------- start newed initialised updated finaled freed - EVP_MD_CTX_new newed + EVP_MD_CTX_new newed EVP_DigestInit initialised initialised initialised initialised EVP_DigestUpdate updated updated EVP_DigestFinal finaled diff --git a/doc/man7/life_cycle-kdf.pod b/doc/man7/life_cycle-kdf.pod index d2aec8fe82..9fe042a2c2 100644 --- a/doc/man7/life_cycle-kdf.pod +++ b/doc/man7/life_cycle-kdf.pod @@ -75,7 +75,7 @@ This is the canonical list. Function Call ------------- Current State ------------- start newed deriving freed - EVP_KDF_CTX_new newed + EVP_KDF_CTX_new newed EVP_KDF_derive deriving deriving EVP_KDF_CTX_free freed freed freed EVP_KDF_CTX_reset newed newed diff --git a/doc/man7/life_cycle-mac.pod b/doc/man7/life_cycle-mac.pod index 1a9a008818..60b8b55d4b 100644 --- a/doc/man7/life_cycle-mac.pod +++ b/doc/man7/life_cycle-mac.pod @@ -94,7 +94,7 @@ This is the canonical list. Function Call --------------------- Current State ---------------------- start newed initialised updated finaled freed - EVP_MAC_CTX_new newed + EVP_MAC_CTX_new newed EVP_MAC_init initialised initialised initialised initialised EVP_MAC_update updated updated EVP_MAC_final finaled diff --git a/doc/man7/life_cycle-rand.pod b/doc/man7/life_cycle-rand.pod index de2dfcb97e..8afb229b58 100644 --- a/doc/man7/life_cycle-rand.pod +++ b/doc/man7/life_cycle-rand.pod @@ -87,7 +87,7 @@ This is the canonical list. Function Call ------------------ Current State ------------------ start newed instantiated uninstantiated freed - EVP_RAND_CTX_new newed + EVP_RAND_CTX_new newed EVP_RAND_instantiate instantiated EVP_RAND_generate instantiated EVP_RAND_uninstantiate uninstantiated diff --git a/doc/man7/migration_guide.pod b/doc/man7/migration_guide.pod index 02d2327ee2..3e4ce9f65a 100644 --- a/doc/man7/migration_guide.pod +++ b/doc/man7/migration_guide.pod @@ -119,7 +119,7 @@ bypass provider selection and configuration, with unintended consequences. This is particularly relevant for applications written to use the OpenSSL 3.0 FIPS module, as detailed below. Authors and maintainers of external engines are strongly encouraged to refactor their code transforming engines into providers -using the new Provider API and avoiding deprecated methods. +using the new Provider API and avoiding deprecated methods. =head3 Versioning Scheme @@ -133,7 +133,7 @@ at the end of the release version number. This will no longer be used and instead the patch level is indicated by the final number in the version. A change in the second (MINOR) number indicates that new features may have been added. OpenSSL versions with the same major number are API and ABI compatible. -If the major number changes then API and ABI compatibility is not guaranteed. +If the major number changes then API and ABI compatibility is not guaranteed. For more information, see L. @@ -409,7 +409,7 @@ enable them to be "freed". However they should also be treated as read-only. This may mean result in an error in L rather than during L. -To disable this check use EVP_PKEY_derive_set_peer_ex(dh, peer, 0). +To disable this check use EVP_PKEY_derive_set_peer_ex(dh, peer, 0). =head4 The print format has cosmetic changes for some functions @@ -541,14 +541,14 @@ The code needs to be amended to look like this: Support for TLSv1.3 has been added. -This has a number of implications for SSL/TLS applications. See the +This has a number of implications for SSL/TLS applications. See the L for further details. =back More details about the breaking changes between OpenSSL versions 1.0.2 and 1.1.0 can be found on the -L. +L. =head3 Upgrading from the OpenSSL 2.0 FIPS Object Module @@ -985,7 +985,7 @@ APIs, or alternatively use L or L. Functions that access low-level objects directly such as L are now deprecated. Applications should use one of L, L, l, -L, L or +L, L or L to access fields from an EVP_PKEY. Gettable parameters are listed in L, L, L, @@ -1115,7 +1115,7 @@ Bi-directional IGE mode. These modes were never formally standardised and usage of these functions is believed to be very small. In particular AES_bi_ige_encrypt() has a known bug. It accepts 2 AES keys, but only one is ever used. The security implications are believed to be minimal, but -this issue was never fixed for backwards compatibility reasons. +this issue was never fixed for backwards compatibility reasons. =item * @@ -1265,7 +1265,7 @@ DES_decrypt3(), DES_ede3_cbc_encrypt(), DES_ede3_cfb64_encrypt(), DES_ede3_cfb_encrypt(),DES_ede3_ofb64_encrypt(), DES_ecb_encrypt(), DES_ecb3_encrypt(), DES_ofb64_encrypt(), DES_ofb_encrypt(), DES_cfb64_encrypt DES_cfb_encrypt(), DES_cbc_encrypt(), DES_ncbc_encrypt(), -DES_pcbc_encrypt(), DES_xcbc_encrypt(), DES_cbc_cksum(), DES_quad_cksum(), +DES_pcbc_encrypt(), DES_xcbc_encrypt(), DES_cbc_cksum(), DES_quad_cksum(), DES_check_key_parity(), DES_is_weak_key(), DES_key_sched(), DES_options(), DES_random_key(), DES_set_key(), DES_set_key_checked(), DES_set_key_unchecked(), DES_set_odd_parity(), DES_string_to_2keys(), DES_string_to_key() @@ -1513,7 +1513,7 @@ EC_KEY_set_flags(), EC_KEY_get_flags(), EC_KEY_clear_flags() See L which handles flags as seperate parameters for B, B, B, -B and +B and B. See also L @@ -1715,7 +1715,7 @@ See L for further details. =item * -EVP_PKEY_encrypt_old(), EVP_PKEY_decrypt_old(), +EVP_PKEY_encrypt_old(), EVP_PKEY_decrypt_old(), Applications should use L and L or L and L instead. @@ -1795,7 +1795,7 @@ See L. i2d_DHparams(), i2d_DHxparams() See L -and L +and L =item * @@ -1804,7 +1804,7 @@ i2d_DSAPrivateKey_fp(), i2d_DSA_PUBKEY(), i2d_DSA_PUBKEY_bio(), i2d_DSA_PUBKEY_fp(), i2d_DSAPublicKey() See L -and L +and L =item * @@ -1813,7 +1813,7 @@ i2d_ECPrivateKey_fp(), i2d_EC_PUBKEY(), i2d_EC_PUBKEY_bio(), i2d_EC_PUBKEY_fp(), i2o_ECPublicKey() See L -and L +and L =item * @@ -1822,7 +1822,7 @@ i2d_RSA_PUBKEY(), i2d_RSA_PUBKEY_bio(), i2d_RSA_PUBKEY_fp(), i2d_RSAPublicKey(), i2d_RSAPublicKey_bio(), i2d_RSAPublicKey_fp() See L -and L +and L =item * @@ -2201,7 +2201,7 @@ B<-provider_path> and B<-provider> are available to all apps and can be used multiple times to load any providers, such as the 'legacy' provider or third party providers. If used then the 'default' provider would also need to be specified if required. The B<-provider_path> must be specified before the -B<-provider> option. +B<-provider> option. The B app has many new options. See L for more information. diff --git a/doc/man7/openssl-core.h.pod b/doc/man7/openssl-core.h.pod index 03980a4b56..3d1eca3e64 100644 --- a/doc/man7/openssl-core.h.pod +++ b/doc/man7/openssl-core.h.pod @@ -67,7 +67,7 @@ or canonical name, on a per algorithm implementation basis. This type is a structure that allows passing arbitrary object data between two parties that have no or very little shared knowledge about -their respective internal structures for that object. +their respective internal structures for that object. It's normally passed in arrays, where the array is terminated with an element where all fields are zero (for non-pointers) or NULL (for pointers). diff --git a/doc/man7/openssl-glossary.pod b/doc/man7/openssl-glossary.pod index 16ff2f3176..b112b375ac 100644 --- a/doc/man7/openssl-glossary.pod +++ b/doc/man7/openssl-glossary.pod @@ -132,7 +132,7 @@ L =item Operation -An operation is a group of OpenSSL functions with a common purpose such as +An operation is a group of OpenSSL functions with a common purpose such as encryption, or digesting. L diff --git a/doc/man7/property.pod b/doc/man7/property.pod index 90368b1f8d..a75f262246 100644 --- a/doc/man7/property.pod +++ b/doc/man7/property.pod @@ -144,7 +144,7 @@ setting. The lexical syntax in EBNF is given by: - Definition ::= PropertyName ( '=' Value )? + Definition ::= PropertyName ( '=' Value )? ( ',' PropertyName ( '=' Value )? )* Query ::= PropertyQuery ( ',' PropertyQuery )* PropertyQuery ::= '-' PropertyName diff --git a/doc/man7/provider-base.pod b/doc/man7/provider-base.pod index ac197accca..d1e26baa11 100644 --- a/doc/man7/provider-base.pod +++ b/doc/man7/provider-base.pod @@ -443,7 +443,7 @@ different for any third party provider. This returns 0 if the provider has entered an error state, otherwise it returns 1. -=back +=back provider_gettable_params() should return the above parameters. diff --git a/doc/man7/provider-keyexch.pod b/doc/man7/provider-keyexch.pod index ebfcd85153..f85f3cac50 100644 --- a/doc/man7/provider-keyexch.pod +++ b/doc/man7/provider-keyexch.pod @@ -43,7 +43,7 @@ This documentation is primarily aimed at provider authors. See L for further information. The key exchange (OSSL_OP_KEYEXCH) operation enables providers to implement key -exchange algorithms and make them available to applications via +exchange algorithms and make them available to applications via L and other related functions). diff --git a/doc/man7/provider-keymgmt.pod b/doc/man7/provider-keymgmt.pod index 25b822b47d..b0397b4103 100644 --- a/doc/man7/provider-keymgmt.pod +++ b/doc/man7/provider-keymgmt.pod @@ -237,7 +237,7 @@ OSSL_FUNC_keymgmt_gen_set_params() should set additional parameters from I in the key object generation context I. OSSL_FUNC_keymgmt_gen_settable_params() should return a constant array of -descriptor B, for parameters that OSSL_FUNC_keymgmt_gen_set_params() +descriptor B, for parameters that OSSL_FUNC_keymgmt_gen_set_params() can handle. OSSL_FUNC_keymgmt_gen() should perform the key object generation itself, and @@ -255,7 +255,7 @@ Outside the provider, this reference is simply an array of bytes. At least one of OSSL_FUNC_keymgmt_new(), OSSL_FUNC_keymgmt_gen() and OSSL_FUNC_keymgmt_load() are mandatory, as well as OSSL_FUNC_keymgmt_free() and -OSSL_FUNC_keymgmt_has(). Additionally, if OSSL_FUNC_keymgmt_gen() is present, +OSSL_FUNC_keymgmt_has(). Additionally, if OSSL_FUNC_keymgmt_gen() is present, OSSL_FUNC_keymgmt_gen_init() and OSSL_FUNC_keymgmt_gen_cleanup() must be present as well. diff --git a/doc/man7/provider-signature.pod b/doc/man7/provider-signature.pod index 9cb3a620c3..a299d43cc5 100644 --- a/doc/man7/provider-signature.pod +++ b/doc/man7/provider-signature.pod @@ -371,7 +371,7 @@ Sets a flag to modify the sign operation to return an error if the initial calculated signature is invalid. In the normal mode of operation - new random values are chosen until the signature operation succeeds. -By default it retries until a signature is calculated. +By default it retries until a signature is calculated. Setting the value to 0 causes the sign operation to retry, otherwise the sign operation is only tried once and returns whether or not it was successful. diff --git a/doc/man7/proxy-certificates.pod b/doc/man7/proxy-certificates.pod index 395fab86e5..89cd3eea80 100644 --- a/doc/man7/proxy-certificates.pod +++ b/doc/man7/proxy-certificates.pod @@ -215,7 +215,7 @@ The following skeleton code can be used as a starting point: * bottom. You get the CA root first, followed by the * possible chain of intermediate CAs, followed by the EE * certificate, followed by the possible proxy - * certificates. + * certificates. */ X509 *xs = X509_STORE_CTX_get_current_cert(ctx); @@ -234,7 +234,7 @@ The following skeleton code can be used as a starting point: * by pulling them from some database. If there * are none to be found, clear all rights (making * this and any subsequent proxy certificate void - * of any rights). + * of any rights). */ memset(rights->rights, 0, sizeof(rights->rights)); break; -- 2.39.5