1. Forum
  2. Usenet
  3. LINUX.DEBIAN.BUGS.DIST

  • Bug#1108958: unblock: openssl (9/16)

    From Sebastian Andrzej Siewior@21:1/5 to Paul Gevers on Sat Jul 12 19:20:02 2025
    [continued from previous message]

    =item "algorithm-id" (B<OSSL_SIGNATURE_PARAM_ALGORITHM_ID>) <octet string>

    -Gets the DER encoded AlgorithmIdentifier that corresponds to the combination of
    -signature algorithm and digest algorithm for the signature operation.
    +Gets the DER-encoded AlgorithmIdentifier for the signature operation.
    +This typically corresponds to the combination of a digest algorithm
    +with a purely asymmetric signature algorithm, such as SHA256WithECDSA.
    +
    +The L<ASN1_item_sign_ctx(3)> function relies on this operation and is used by +many other functions that sign ASN.1 structures such as X.509 certificates, +certificate requests, and CRLs, as well as OCSP, CMP, and CMS messages.

    =item "nonce-type" (B<OSSL_SIGNATURE_PARAM_NONCE_TYPE>) <unsigned integer>

    @@ -599,11 +615,20 @@
    OSSL_FUNC_signature_gettable_md_ctx_params() and OSSL_FUNC_signature_settable_md_ctx_params(),
    return the gettable or settable parameters in a constant L<OSSL_PARAM(3)> array.

    -All other functions should return 1 for success or 0 on error. +OSSL_FUNC_signature_query_key_types() should return a NULL-terminated array of strings.
    +
    +All verification functions should return 1 for success,
    +0 for a non-matching signature, and a negative value for operation failure.
    +
    +All other functions should return 1 for success
    +and 0 or a negative value for failure.

    =head1 SEE ALSO

    -L<provider(7)>
    +L<provider(7)>, L<provider-base(7)/Provider Functions>,
    +L<OSSL_PARAM(3)>, L<OSSL_DISPATCH(3)>, L<OSSL_ALGORITHM(3)>, +L<EVP_PKEY_sign(3)>, L<EVP_PKEY_verify(3)>, L<EVP_PKEY_verify_recover(3)>, +L<EVP_SIGNATURE_is_a(3)>, L<ASN1_item_sign_ctx(3)>

    =head1 HISTORY

    diff -Nru -w openssl-3.5.0/HACKING.md openssl-3.5.1/HACKING.md
    --- openssl-3.5.0/HACKING.md 2025-04-08 15:09:06.000000000 +0200
    +++ openssl-3.5.1/HACKING.md 2025-07-01 13:52:08.000000000 +0200
    @@ -1,33 +1,80 @@
    MODIFYING OPENSSL SOURCE
    ========================

    -This document describes the way to add custom modifications to OpenSSL sources.
    +This document describes the way to add custom modifications to OpenSSL +sources.
    +
    +If you are adding new C source files
    +------------------------------------
    +
    +Please update the `build.info` files in the directories where you placed the +C source files, to include a line like this for each new C source file:
    +
    +- In `crypto/` or any of its subdirectories (intended for `libcrypto`):
    +
    + SOURCE[../libcrypto]={name-of-C-source-file}
    +
    +- In `ssl/` or any of its subdirectories (intended for `libssl`):
    +
    + SOURCE[../libssl]={name-of-C-source-file}
    +
    +Do note that the path given as the `SOURCE` attribute must be adapted +appropriately for the location of the `build.info` file, as it's a relati