From: Pauli Date: Mon, 15 Jul 2024 01:06:45 +0000 (+1000) Subject: Fix parameter types int -> integer changes X-Git-Tag: openssl-3.4.0-alpha1~341 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=2c3f1a6cad300e3812aee34dab98f23a329296f4;p=thirdparty%2Fopenssl.git Fix parameter types int -> integer changes Reviewed-by: Shane Lontis Reviewed-by: Paul Yang Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/24881) --- diff --git a/doc/man7/EVP_ASYM_CIPHER-RSA.pod b/doc/man7/EVP_ASYM_CIPHER-RSA.pod index b36927082dc..005a20f82fe 100644 --- a/doc/man7/EVP_ASYM_CIPHER-RSA.pod +++ b/doc/man7/EVP_ASYM_CIPHER-RSA.pod @@ -57,9 +57,9 @@ See L for further details. =item "oaep-label" (B) -=item "fips-indicator" (B) +=item "fips-indicator" (B) -=item "key-check" (B) +=item "key-check" (B) =item "tls-client-version" (B) diff --git a/doc/man7/EVP_KDF-TLS1_PRF.pod b/doc/man7/EVP_KDF-TLS1_PRF.pod index 1c0bf750bad..9cfc9a24245 100644 --- a/doc/man7/EVP_KDF-TLS1_PRF.pod +++ b/doc/man7/EVP_KDF-TLS1_PRF.pod @@ -44,14 +44,14 @@ This parameter sets the context seed. The length of the context seed cannot exceed 1024 bytes; this should be more than enough for any normal use of the TLS PRF. -=item "fips-indicator" (B) +=item "fips-indicator" (B) A getter that returns 1 if the operation is FIPS approved, or 0 otherwise. This may be used after calling EVP_KDF_derive. It returns 0 if the "ems_check" is set to 0 and the "extended master secret" test fails. This option is used by the OpenSSL FIPS provider. -=item "ems_check" (B) +=item "ems_check" (B) The default value of 1 causes an error during EVP_KDF_derive() if "master secret" is used instead of "extended master secret" Setting this to zero diff --git a/doc/man7/EVP_KEM-RSA.pod b/doc/man7/EVP_KEM-RSA.pod index 2733be6a6cb..e67f27bbda0 100644 --- a/doc/man7/EVP_KEM-RSA.pod +++ b/doc/man7/EVP_KEM-RSA.pod @@ -31,9 +31,9 @@ The decapsulate function recovers the secret using the RSA private key. This can be set using EVP_PKEY_CTX_set_kem_op(). -=item "fips-indicator" (B) +=item "fips-indicator" (B) -=item "key-check" (B) +=item "key-check" (B) These parameters are described in L. diff --git a/doc/man7/EVP_KEYEXCH-DH.pod b/doc/man7/EVP_KEYEXCH-DH.pod index 1ccc4693182..bf24a35f987 100644 --- a/doc/man7/EVP_KEYEXCH-DH.pod +++ b/doc/man7/EVP_KEYEXCH-DH.pod @@ -36,11 +36,11 @@ the KDF type is set to "X942KDF-ASN1" (B). =item "kdf-ukm" (B) -=item "fips-indicator" (B) +=item "fips-indicator" (B) -=item "key-check" (B) +=item "key-check" (B) -=item "digest-check" (B) +=item "digest-check" (B) See L. diff --git a/doc/man7/EVP_KEYEXCH-ECDH.pod b/doc/man7/EVP_KEYEXCH-ECDH.pod index 28e8d2a7608..1d27f552982 100644 --- a/doc/man7/EVP_KEYEXCH-ECDH.pod +++ b/doc/man7/EVP_KEYEXCH-ECDH.pod @@ -41,11 +41,11 @@ per-key basis. =item "kdf-ukm" (B) -=item "fips-indicator" (B) +=item "fips-indicator" (B) -=item "key-check" (B) +=item "key-check" (B) -=item "digest-check" (B) +=item "digest-check" (B) See L. diff --git a/doc/man7/EVP_SIGNATURE-DSA.pod b/doc/man7/EVP_SIGNATURE-DSA.pod index 2e761cb6679..b0ae2ea33f5 100644 --- a/doc/man7/EVP_SIGNATURE-DSA.pod +++ b/doc/man7/EVP_SIGNATURE-DSA.pod @@ -25,9 +25,9 @@ using EVP_PKEY_sign_init_ex() or EVP_PKEY_verify_init_ex(). =item "nonce-type" (B) -=item "key-check" (B) +=item "key-check" (B) -=item "digest-check" (B) +=item "digest-check" (B) The settable parameters are described in L. @@ -44,7 +44,7 @@ EVP_PKEY_CTX_get_params(). =item "nonce-type" (B) -=item "fips-indicator" (B) +=item "fips-indicator" (B) The gettable parameters are described in L. diff --git a/doc/man7/EVP_SIGNATURE-ECDSA.pod b/doc/man7/EVP_SIGNATURE-ECDSA.pod index 4d47b8c9bfc..49d9dff9497 100644 --- a/doc/man7/EVP_SIGNATURE-ECDSA.pod +++ b/doc/man7/EVP_SIGNATURE-ECDSA.pod @@ -23,9 +23,9 @@ and before calling EVP_PKEY_sign() or EVP_PKEY_verify(). =item "nonce-type" (B) -=item "key-check" (B) +=item "key-check" (B) -=item "digest-check" (B) +=item "digest-check" (B) These parameters are described in L. @@ -42,7 +42,7 @@ EVP_PKEY_CTX_get_params(). =item "nonce-type" (B) -=item "fips-indicator" (B) +=item "fips-indicator" (B) The parameters are described in L. diff --git a/doc/man7/EVP_SIGNATURE-RSA.pod b/doc/man7/EVP_SIGNATURE-RSA.pod index 9398e77019c..4400c4f0537 100644 --- a/doc/man7/EVP_SIGNATURE-RSA.pod +++ b/doc/man7/EVP_SIGNATURE-RSA.pod @@ -23,9 +23,9 @@ using EVP_PKEY_sign_init_ex() or EVP_PKEY_verify_init_ex(). =item "properties" (B) -=item "key-check" (B) +=item "key-check" (B) -=item "digest-check" (B) +=item "digest-check" (B) These common parameters are described in L. @@ -89,7 +89,7 @@ EVP_PKEY_CTX_get_params(). =item "algorithm-id" (B) -=item "fips-indicator" (B) +=item "fips-indicator" (B) These common parameter are described in L. diff --git a/doc/man7/provider-asym_cipher.pod b/doc/man7/provider-asym_cipher.pod index 9602367da8e..e2a981e860f 100644 --- a/doc/man7/provider-asym_cipher.pod +++ b/doc/man7/provider-asym_cipher.pod @@ -243,14 +243,14 @@ This makes exploitation of the Bleichenbacher significantly harder, even if the code using the RSA decryption API is not implemented in side-channel free manner. Set by default. Requires provider support. -=item "fips-indicator" (B) +=item "fips-indicator" (B) A getter that returns 1 if the operation is FIPS approved, or 0 otherwise. This may be used after calling either OSSL_FUNC_asym_cipher_encrypt() or OSSL_FUNC_asym_cipher_decrypt(). It may return 0 if "key-check" is set to 0. This option is used by the OpenSSL FIPS provider. -=item "key-check" (B) +=item "key-check" (B) If required this parameter should be set using either OSSL_FUNC_asym_cipher_encrypt_init() or OSSL_FUNC_asym_cipher_decrypt_init(). diff --git a/doc/man7/provider-kem.pod b/doc/man7/provider-kem.pod index eb04beb4291..57c2ca916b5 100644 --- a/doc/man7/provider-kem.pod +++ b/doc/man7/provider-kem.pod @@ -191,14 +191,14 @@ are as follows. =over 4 -=item "fips-indicator" (B) +=item "fips-indicator" (B) A getter that returns 1 if the operation is FIPS approved, or 0 otherwise. This may be used after calling either OSSL_FUNC_kem_encapsulate() or OSSL_FUNC_kem_decapsulate(). It may return 0 if the "key-check" is set to 0. This option is used by the OpenSSL FIPS provider. -=item "key-check" (B) +=item "key-check" (B) If required this parameter should be set using OSSL_FUNC_kem_encapsulate_init() or OSSL_FUNC_kem_decapsulate_init(). diff --git a/doc/man7/provider-keyexch.pod b/doc/man7/provider-keyexch.pod index 702bfb01f6b..69feb527724 100644 --- a/doc/man7/provider-keyexch.pod +++ b/doc/man7/provider-keyexch.pod @@ -204,14 +204,14 @@ usually do not need to support this gettable parameter as its sole purpose is to support functionality of the deprecated EVP_PKEY_CTX_get0_ecdh_kdf_ukm() and EVP_PKEY_CTX_get0_dh_kdf_ukm() functions. -=item "fips-indicator" (B) +=item "fips-indicator" (B) A getter that returns 1 if the operation is FIPS approved, or 0 otherwise. This may be used after calling OSSL_FUNC_keyexch_derive(). It may return 0 if either the "digest-check" or the "key-check" are set to 0. This option is used by the OpenSSL FIPS provider. -=item "key-check" (B) +=item "key-check" (B) If required this parameter should be set using OSSL_FUNC_keyexch_init(). The default value of 1 causes an error during the init if the key is not FIPS @@ -220,7 +220,7 @@ this to 0 will ignore the error and set the approved "fips-indicator" to 0. This option is used by the OpenSSL FIPS provider, and breaks FIPS compliance if set to 0. -=item "digest-check" (B) +=item "digest-check" (B) If required this parameter should be set before any optional digest is set. The default value of 1 causes an error when the digest is set if the digest is diff --git a/doc/man7/provider-rand.pod b/doc/man7/provider-rand.pod index aa1df965f65..64d6f1b3bb4 100644 --- a/doc/man7/provider-rand.pod +++ b/doc/man7/provider-rand.pod @@ -254,14 +254,14 @@ Sets the properties to be queried when trying to fetch an underlying algorithm. This must be given together with the algorithm naming parameter to be considered valid. -=item "fips-indicator" (B) +=item "fips-indicator" (B) A getter that returns 1 if the operation is FIPS approved, or 0 otherwise. This may be used after calling OSSL_FUNC_rand_generate(). It may return 0 if the "digest-check" is set to 0. This option is used by the OpenSSL FIPS provider. -=item "digest-check" (B) +=item "digest-check" (B) If required this parameter should be set before the digest is set. The default value of 1 causes an error when the digest is set if the digest is diff --git a/doc/man7/provider-signature.pod b/doc/man7/provider-signature.pod index 7763112d06e..49466e2cbcc 100644 --- a/doc/man7/provider-signature.pod +++ b/doc/man7/provider-signature.pod @@ -388,14 +388,14 @@ was successful. Known answer tests can be performed if the random generator is overridden to supply known values that either pass or fail. -=item "fips-indicator" (B) +=item "fips-indicator" (B) A getter that returns 1 if the operation is FIPS approved, or 0 otherwise. This may be used after calling either the sign or verify final functions. It may return 0 if either the "digest-check" or the "key-check" are set to 0. This option is used by the OpenSSL FIPS provider. -=item "key-check" (B) +=item "key-check" (B) If required this parameter should be set early via an init function (e.g. OSSL_FUNC_signature_sign_init() or OSSL_FUNC_signature_verify_init()). @@ -405,7 +405,7 @@ Setting this to 0 will ignore the error and set the approved "indicator" to 0. This option is used by the OpenSSL FIPS provider, and breaks FIPS compliance if set to 0. -=item "digest-check" (B) +=item "digest-check" (B) If required this parameter should be set before the signature digest is set. The default value of 1 causes an error when the digest is set if the digest is