openssl/doc/man3/EVP_PKEY_CTX_set_scrypt_N.pod

=pod

=head1 NAME

EVP_PKEY_CTX_set1_scrypt_salt,
EVP_PKEY_CTX_set_scrypt_N,
EVP_PKEY_CTX_set_scrypt_r,
EVP_PKEY_CTX_set_scrypt_p,
EVP_PKEY_CTX_set_scrypt_maxmem_bytes
- EVP_PKEY scrypt KDF support functions

=head1 SYNOPSIS

 #include <openssl/kdf.h>

 int EVP_PKEY_CTX_set1_scrypt_salt(EVP_PKEY_CTX *pctx, unsigned char *salt,
                                   int saltlen);

 int EVP_PKEY_CTX_set_scrypt_N(EVP_PKEY_CTX *pctx, uint64_t N);

 int EVP_PKEY_CTX_set_scrypt_r(EVP_PKEY_CTX *pctx, uint64_t r);

 int EVP_PKEY_CTX_set_scrypt_p(EVP_PKEY_CTX *pctx, uint64_t p);

 int EVP_PKEY_CTX_set_scrypt_maxmem_bytes(EVP_PKEY_CTX *pctx,
                                          uint64_t maxmem);

=head1 DESCRIPTION

These functions are used to set up the necessary data to use the
scrypt KDF.
For more information on scrypt, see L<scrypt(7)>.

EVP_PKEY_CTX_set1_scrypt_salt() sets the B<saltlen> bytes long salt
value.

EVP_PKEY_CTX_set_scrypt_N(), EVP_PKEY_CTX_set_scrypt_r() and
EVP_PKEY_CTX_set_scrypt_p() configure the work factors N, r and p.

EVP_PKEY_CTX_set_scrypt_maxmem_bytes() sets how much RAM key
derivation may maximally use, given in bytes.
If RAM is exceeded because the load factors are chosen too high, the
key derivation will fail.

=head1 STRING CTRLS

scrypt also supports string based control operations via
L<EVP_PKEY_CTX_ctrl_str(3)>.
Similarly, the B<salt> can either be specified using the B<type>
parameter "salt" or in hex encoding by using the "hexsalt" parameter.
The work factors B<N>, B<r> and B<p> as well as B<maxmem_bytes> can be
set by using the parameters "N", "r", "p" and "maxmem_bytes",
respectively.

=head1 NOTES

The scrypt KDF also uses EVP_PKEY_CTX_set1_pbe_pass() as well as
the value from the string controls "pass" and "hexpass".
See L<EVP_PKEY_CTX_set1_pbe_pass(3)>.

All the functions described here are implemented as macros.

=head1 RETURN VALUES

All these functions return 1 for success and 0 or a negative value for
failure.
In particular a return value of -2 indicates the operation is not
supported by the public key algorithm.

=head1 SEE ALSO

L<scrypt(7)>,
L<EVP_PKEY_CTX_new(3)>,
L<EVP_PKEY_CTX_ctrl_str(3)>,
L<EVP_PKEY_derive(3)>

=head1 COPYRIGHT

Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.

Licensed under the Apache License 2.0 (the "License").  You may not use
this file except in compliance with the License.  You can obtain a copy
in the file LICENSE in the source distribution or at
L<https://www.openssl.org/source/license.html>.

=cut
Split the scrypt and RSA-PSS into man3 and man7 pages The scrypt and RSA-PSS documents were a mixture of section 3 and section 7 material. With pre-1.1.1 OpenSSL, this is understandable, since we had a different directory layout. With 1.1.1, we've moved to the typical man-page directory layout, and the documents need to be updated accordingly. Also, the scrypt document contained a description of EVP_PKEY_CTX_set1_pbe_pass(), which is a generic function rather than an scrypt specific function, and therefore should be documented separately. Fixes #5802 Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5942) 2018-04-13 16:14:40 +08:00			`=pod`

			`=head1 NAME`

			`EVP_PKEY_CTX_set1_scrypt_salt,`
			`EVP_PKEY_CTX_set_scrypt_N,`
			`EVP_PKEY_CTX_set_scrypt_r,`
			`EVP_PKEY_CTX_set_scrypt_p,`
			`EVP_PKEY_CTX_set_scrypt_maxmem_bytes`
			`- EVP_PKEY scrypt KDF support functions`

			`=head1 SYNOPSIS`

			`#include <openssl/kdf.h>`

			`int EVP_PKEY_CTX_set1_scrypt_salt(EVP_PKEY_CTX pctx, unsigned char salt,`
			`int saltlen);`

			`int EVP_PKEY_CTX_set_scrypt_N(EVP_PKEY_CTX *pctx, uint64_t N);`

			`int EVP_PKEY_CTX_set_scrypt_r(EVP_PKEY_CTX *pctx, uint64_t r);`

			`int EVP_PKEY_CTX_set_scrypt_p(EVP_PKEY_CTX *pctx, uint64_t p);`

			`int EVP_PKEY_CTX_set_scrypt_maxmem_bytes(EVP_PKEY_CTX *pctx,`
			`uint64_t maxmem);`

			`=head1 DESCRIPTION`

			`These functions are used to set up the necessary data to use the`
			`scrypt KDF.`
			`For more information on scrypt, see L<scrypt(7)>.`

			`EVP_PKEY_CTX_set1_scrypt_salt() sets the B<saltlen> bytes long salt`
			`value.`

			`EVP_PKEY_CTX_set_scrypt_N(), EVP_PKEY_CTX_set_scrypt_r() and`
			`EVP_PKEY_CTX_set_scrypt_p() configure the work factors N, r and p.`

			`EVP_PKEY_CTX_set_scrypt_maxmem_bytes() sets how much RAM key`
			`derivation may maximally use, given in bytes.`
			`If RAM is exceeded because the load factors are chosen too high, the`
			`key derivation will fail.`

			`=head1 STRING CTRLS`

			`scrypt also supports string based control operations via`
			`L<EVP_PKEY_CTX_ctrl_str(3)>.`
			`Similarly, the B<salt> can either be specified using the B<type>`
			`parameter "salt" or in hex encoding by using the "hexsalt" parameter.`
			`The work factors B<N>, B<r> and B<p> as well as B<maxmem_bytes> can be`
			`set by using the parameters "N", "r", "p" and "maxmem_bytes",`
			`respectively.`

			`=head1 NOTES`

			`The scrypt KDF also uses EVP_PKEY_CTX_set1_pbe_pass() as well as`
			`the value from the string controls "pass" and "hexpass".`
			`See L<EVP_PKEY_CTX_set1_pbe_pass(3)>.`

			`All the functions described here are implemented as macros.`

			`=head1 RETURN VALUES`

			`All these functions return 1 for success and 0 or a negative value for`
			`failure.`
			`In particular a return value of -2 indicates the operation is not`
			`supported by the public key algorithm.`

			`=head1 SEE ALSO`

			`L<scrypt(7)>,`
			`L<EVP_PKEY_CTX_new(3)>,`
			`L<EVP_PKEY_CTX_ctrl_str(3)>,`
			`L<EVP_PKEY_derive(3)>`

			`=head1 COPYRIGHT`

			`Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.`

Following the license change, modify the boilerplates in doc/man3/ [skip ci] Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7829) 2018-12-06 21:04:44 +08:00			`Licensed under the Apache License 2.0 (the "License"). You may not use`
Split the scrypt and RSA-PSS into man3 and man7 pages The scrypt and RSA-PSS documents were a mixture of section 3 and section 7 material. With pre-1.1.1 OpenSSL, this is understandable, since we had a different directory layout. With 1.1.1, we've moved to the typical man-page directory layout, and the documents need to be updated accordingly. Also, the scrypt document contained a description of EVP_PKEY_CTX_set1_pbe_pass(), which is a generic function rather than an scrypt specific function, and therefore should be documented separately. Fixes #5802 Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5942) 2018-04-13 16:14:40 +08:00			`this file except in compliance with the License. You can obtain a copy`
			`in the file LICENSE in the source distribution or at`
			`L<https://www.openssl.org/source/license.html>.`

			`=cut`