Documentation updates due to naming tweaks

Also documents our new canonical naming. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/10092)
2019-10-04 12:46:33 +01:00 · 2019-10-04 12:46:33 +01:00 · e44192d14b
parent cc35c3ed8f
commit e44192d14b
7 changed files with 56 additions and 79 deletions
--- a/doc/man1/openssl-kdf.pod
+++ b/doc/man1/openssl-kdf.pod
@ -83,7 +83,7 @@ To see the list of supported digests, use the command I<list -digest-commands>.

 Specifies the name of a supported KDF algorithm which will be used.
 The supported algorithms names include TLS1-PRF, HKDF, SSKDF, PBKDF2,
-SSHKDF, X942KDF, X963KDF and id-scrypt.
+SSHKDF, X942KDF, X963KDF and SCRYPT.

 =back

@ -91,35 +91,35 @@ SSHKDF, X942KDF, X963KDF and id-scrypt.

 Use TLS1-PRF to create a hex-encoded derived key from a secret key and seed:

-    openssl kdf -keylen 16 -kdfopt digest:SHA256 -kdfopt key:secret \
+    openssl kdf -keylen 16 -kdfopt digest:SHA2-256 -kdfopt key:secret \
                -kdfopt seed:seed TLS1-PRF

 Use HKDF to create a hex-encoded derived key from a secret key, salt and info:

-    openssl kdf -keylen 10 -kdfopt digest:SHA256 -kdfopt key:secret \
+    openssl kdf -keylen 10 -kdfopt digest:SHA2-256 -kdfopt key:secret \
                -kdfopt salt:salt -kdfopt info:label HKDF

 Use SSKDF with KMAC to create a hex-encoded derived key from a secret key, salt and info:

-    openssl kdf -keylen 64 -kdfopt mac:KMAC128 -kdfopt maclen:20 \
+    openssl kdf -keylen 64 -kdfopt mac:KMAC-128 -kdfopt maclen:20 \
                -kdfopt hexkey:b74a149a161545 -kdfopt hexinfo:348a37a2 \
                -kdfopt hexsalt:3638271ccd68a2 SSKDF

 Use SSKDF with HMAC to create a hex-encoded derived key from a secret key, salt and info:

-    openssl kdf -keylen 16 -kdfopt mac:HMAC -kdfopt digest:SHA256 \
+    openssl kdf -keylen 16 -kdfopt mac:HMAC -kdfopt digest:SHA2-256 \
                -kdfopt hexkey:b74a149a -kdfopt hexinfo:348a37a2 \
                -kdfopt hexsalt:3638271c SSKDF

 Use SSKDF with Hash to create a hex-encoded derived key from a secret key, salt and info:

-    openssl kdf -keylen 14 -kdfopt digest:SHA256 \
+    openssl kdf -keylen 14 -kdfopt digest:SHA2-256 \
                -kdfopt hexkey:6dbdc23f045488 \
                -kdfopt hexinfo:a1b2c3d4 SSKDF

 Use SSHKDF to create a hex-encoded derived key from a secret key, hash and session_id:

-    openssl kdf -keylen 16 -kdfopt digest:SHA256 \
+    openssl kdf -keylen 16 -kdfopt digest:SHA2-256 \
                -kdfopt hexkey:0102030405 \
                -kdfopt hexxcghash:06090A \
                -kdfopt hexsession_id:01020304 \
@ -134,7 +134,7 @@ Use scrypt to create a hex-encoded derived key from a password and salt:

    openssl kdf -keylen 64 -kdfopt pass:password -kdfopt salt:NaCl \
                -kdfopt N:1024 -kdfopt r:8 -kdfopt p:16 \
-                -kdfopt maxmem_bytes:10485760 id-scrypt
+                -kdfopt maxmem_bytes:10485760 SCRYPT

 =head1 NOTES

--- a/doc/man7/EVP_KDF-KB.pod
+++ b/doc/man7/EVP_KDF-KB.pod
@ -80,7 +80,7 @@ Label "label", and Context "context".
 EVP_KDF_free(kdf);

 *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST,
-                                         "SHA256", 0);
+                                         "SHA2-256", 0);
 *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_MAC,
                                         "HMAC", 0);
 *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_KEY,
--- a/doc/man7/EVP_KDF-SCRYPT.pod
+++ b/doc/man7/EVP_KDF-SCRYPT.pod
@ -34,7 +34,7 @@ may be used by scrypt defaults to 1025 MiB.

 =head2 Identity

-"ID-SCRYPT" is the name for this implementation; it
+"SCRYPT" is the name for this implementation; it
 can be used with the EVP_KDF_fetch() function.

 =head2 Supported parameters
@ -65,7 +65,7 @@ Both r and p are parameters of type B<uint32_t>.

 A context for scrypt can be obtained by calling:

- EVP_KDF *kdf = EVP_KDF_fetch(NULL, "ID-SCRYPT", NULL);
+ EVP_KDF *kdf = EVP_KDF_fetch(NULL, "SCRYPT", NULL);
 EVP_KDF_CTX *kctx = EVP_KDF_CTX_new(kdf);

 The output length of an scrypt key derivation is specified via the
@ -81,7 +81,7 @@ This example derives a 64-byte long test vector using scrypt with the password
 unsigned char out[64];
 OSSL_PARAM params[6], *p = params;

- kdf = EVP_KDF_fetch(NULL, "ID-SCRYPT", NULL);
+ kdf = EVP_KDF_fetch(NULL, "SCRYPT", NULL);
 kctx = EVP_KDF_CTX_new(kdf);
 EVP_KDF_free(kdf);

--- a/doc/man7/EVP_MAC-KMAC.pod
+++ b/doc/man7/EVP_MAC-KMAC.pod
@ -16,9 +16,9 @@ properties, to be used with EVP_MAC_fetch():

 =over 4

-=item "KMAC128", "default=yes"
+=item "KMAC-128", "default=yes"

-=item "KMAC256", "default=yes"
+=item "KMAC-256", "default=yes"

 =back

--- a/doc/man7/EVP_MAC-Poly1305.pod
+++ b/doc/man7/EVP_MAC-Poly1305.pod
@ -15,7 +15,7 @@ used with EVP_MAC_fetch():

 =over 4

-=item "Poly1305", "default=yes"
+=item "POLY1305", "default=yes"

 =back

--- a/doc/man7/EVP_MAC-Siphash.pod
+++ b/doc/man7/EVP_MAC-Siphash.pod
@ -15,7 +15,7 @@ used with EVP_MAC_fetch():

 =over 4

-=item "Siphash", "default=yes"
+=item "SIPHASH", "default=yes"

 =back

--- a/doc/man7/provider.pod
+++ b/doc/man7/provider.pod
@ -216,11 +216,38 @@ In this case an algorithm implementation is implicitly fetched using
 default search criteria and an algorithm name that is consistent with
 the type of EVP_PKEY being used.

+=head3 Algorithm naming
+
+Algorithm names are case insensitive. Any particular algorithm can have multiple
+aliases associated with it. The canonical OpenSSL naming scheme follows this
+format:
+
+ALGNAME[VERSION?][-SUBNAME[VERSION?]?][-SIZE?][-MODE?]
+
+VERSION is only present if there are multiple versions of an algorithm (e.g.
+MD2, MD4, MD5).  It may be omitted if there is only one version.
+
+SUBNAME may be present where multiple algorithms are combined together,
+e.g. MD5-SHA1.
+
+SIZE is only present if multiple versions of an algorithm exist with different
+sizes (e.g. AES-128-CBC, AES-256-CBC)
+
+MODE is only present where applicable.
+
+Other aliases may exist for example where standards bodies or common practice
+use alternative names or names that OpenSSL has used historically.
+
 =head1 OPENSSL PROVIDERS

 OpenSSL comes with a set of providers.
-All the algorithm names mentioned can be used as an algorithm
-identifier to the appropriate fetching function.
+
+The algorithms available in each of these providers may vary due to build time
+configuration options. The L<openssl-list(1)> command can be used to list the
+currently available algorithms.
+
+The names of the algorithms shown from L<openssl-list(1)> can be used as an
+algorithm identifier to the appropriate fetching function.

 =head2 Default provider

@ -229,30 +256,6 @@ Should it be needed (if other providers are loaded and offer
 implementations of the same algorithms), the property "default=yes"
 can be used as a search criterion for these implementations.

-It currently offers the following named algorithms:
-
-=over 4
-
-=item Digests
-
-SHA1, SHA224, SHA256, SHA384, SHA512, SHA512-224, SHA512-256,
-SHA3-224, SHA3-256, SHA3-384, SHA3-512, SHAKE128, SHAKE256, SM3,
-BLAKE2b512, BLAKE2s256, KMAC128, KMAC256, MD5, MD5-SHA1
-
-=item Symmetric ciphers
-
-AES-256-ECB, AES-192-ECB, AES-128-ECB, AES-256-CBC, AES-192-CBC,
-AES-128-CBC, AES-256-OFB, AES-192-OFB, AES-128-OFB, AES-256-CFB,
-AES-192-CFB, AES-128-CFB, AES-256-CFB1, AES-192-CFB1, AES-128-CFB1,
-AES-256-CFB8, AES-192-CFB8, AES-128-CFB8, AES-256-CTR, AES-192-CTR,
-AES-128-CTR, id-aes256-GCM, id-aes192-GCM, id-aes128-GCM
-
-=item Key Exchange
-
-dhKeyAgreement
-
-=back
-
 =head2 FIPS provider

 The FIPS provider is a dynamically loadable module, and must therefore
@ -262,22 +265,6 @@ Should it be needed (if other providers are loaded and offer
 implementations of the same algorithms), the property "fips=yes" can
 be used as a search criterion for these implementations.

-It currently offers the following FIPS approved named algorithms:
-
-=over 4
-
-=item Digests
-
-SHA1, SHA224, SHA256, SHA384, SHA512, SHA512-224, SHA512-256,
-SHA3-224, SHA3-256, SHA3-384, SHA3-512, KMAC128, KMAC256
-
-=item Symmetric ciphers
-
-AES-256-ECB, AES-192-ECB, AES-128-ECB, AES-256-CBC, AES-192-CBC,
-AES-128-CBC, AES-256-CTR, AES-192-CTR, AES-128-CTR
-
-=back
-
 =head2 Legacy provider

 The legacy provider is a dynamically loadable module, and must therefore
@ -287,23 +274,13 @@ Should it be needed (if other providers are loaded and offer
 implementations of the same algorithms), the property "legacy=yes" can be
 used as a search criterion for these implementations.

-It currently offers the following named algorithms:
-
-=over 4
-
-=item Digest algorithms:
-
-RIPEMD160, MD2, MD4, MDC2, whirlpool.
-
-=back
-
 =head1 EXAMPLES

 =head2 Fetching

-Fetch any available implementation of SHA256 in the default context:
+Fetch any available implementation of SHA2-256 in the default context:

- EVP_MD *md = EVP_MD_fetch(NULL, "SHA256", NULL);
+ EVP_MD *md = EVP_MD_fetch(NULL, "SHA2-256", NULL);
 ...
 EVP_MD_meth_free(md);

@ -313,34 +290,34 @@ Fetch any available implementation of AES-128-CBC in the default context:
 ...
 EVP_CIPHER_meth_free(cipher);

-Fetch an implementation of SHA256 from the default provider in the default
+Fetch an implementation of SHA2-256 from the default provider in the default
 context:

- EVP_MD *md = EVP_MD_fetch(NULL, "SHA256", "default=yes");
+ EVP_MD *md = EVP_MD_fetch(NULL, "SHA2-256", "default=yes");
 ...
 EVP_MD_meth_free(md);

-Fetch an implementation of SHA256 that is not from the default provider in the
+Fetch an implementation of SHA2-256 that is not from the default provider in the
 default context:

- EVP_MD *md = EVP_MD_fetch(NULL, "SHA256", "default=no");
+ EVP_MD *md = EVP_MD_fetch(NULL, "SHA2-256", "default=no");
 ...
 EVP_MD_meth_free(md);

-Fetch an implementation of SHA256 from the default provider in the specified
+Fetch an implementation of SHA2-256 from the default provider in the specified
 context:

- EVP_MD *md = EVP_MD_fetch(ctx, "SHA256", "default=yes");
+ EVP_MD *md = EVP_MD_fetch(ctx, "SHA2-256", "default=yes");
 ...
 EVP_MD_meth_free(md);

 Load the legacy provider into the default context and then fetch an
-implementation of whirlpool from it:
+implementation of WHIRLPOOL from it:

 /* This only needs to be done once - usually at application start up */
 OSSL_PROVIDER *legacy = OSSL_PROVIDER_load(NULL, "legacy");

- EVP_MD *md = EVP_MD_fetch(NULL, "whirlpool", "legacy=yes");
+ EVP_MD *md = EVP_MD_fetch(NULL, "WHIRLPOOL", "legacy=yes");
 ...
 EVP_MD_meth_free(md);

@ -355,7 +332,7 @@ other providers:
 OSSL_PROVIDER *default = OSSL_PROVIDER_load(NULL, "default");

 EVP_MD *md_whirlpool = EVP_MD_fetch(NULL, "whirlpool", NULL);
- EVP_MD *md_sha256 = EVP_MD_fetch(NULL, "SHA256", NULL);
+ EVP_MD *md_sha256 = EVP_MD_fetch(NULL, "SHA2-256", NULL);
 ...
 EVP_MD_meth_free(md_whirlpool);
 EVP_MD_meth_free(md_sha256);