EVP_CIPHER-NULL.pod: Add NULL-HMAC-* algorithms

siemens · Jan 30, 2024 · 8ea370b · 8ea370b
1 parent f4c9f8c
commit 8ea370b
Showing 1 changed file with 22 additions and 38 deletions.
diff --git a/doc/man7/EVP_CIPHER-NULL.pod b/doc/man7/EVP_CIPHER-NULL.pod
@@ -2,71 +2,55 @@
 
 =head1 NAME
 
-EVP_CIPHER-NULL - The NULL EVP_CIPHER implementation
+EVP_CIPHER-NULL - NULL encryption EVP_CIPHER implementation
 
 =head1 DESCRIPTION
 
-Support for a NULL symmetric encryption using the B<EVP_CIPHER> API.
-This is used when the TLS cipher suite is TLS_NULL_WITH_NULL_NULL.
-This does no encryption (just copies the data) and has a mac size of zero.
+This module provides support for NULL encryption using the B<EVP_CIPHER> API.
+It simply copies the data without any encryption.
 
-=head2 Algorithm Name
+=head2 Algorithm Names
 
-The following algorithm is available in the default provider:
+The default provider offers the following algorithms:
 
 =over 4
 
 =item "NULL"
 
-=back
-
-=head2 Parameters
-
-This implementation supports the following parameters:
-
-=head3 Gettable EVP_CIPHER parameters
-
-See L<EVP_EncryptInit(3)/Gettable EVP_CIPHER parameters>
-
-=head3 Gettable EVP_CIPHER_CTX parameters
-
-=over 4
-
-=item "keylen" (B<OSSL_CIPHER_PARAM_KEYLEN>) <unsigned integer>
-
-=item "ivlen" (B<OSSL_CIPHER_PARAM_IVLEN> and <B<OSSL_CIPHER_PARAM_AEAD_IVLEN>) <unsigned integer>
-
-=item "tls-mac" (B<OSSL_CIPHER_PARAM_TLS_MAC>) <octet ptr>
+=item "NULL-HMAC-SHA256" and "NULL-HMAC-SHA384"
 
 =back
 
-See L<EVP_EncryptInit(3)/PARAMETERS> for further information.
-
-=head3 Settable EVP_CIPHER_CTX parameters
-
-=over 4
-
-=item "tls-mac-size" (B<OSSL_CIPHER_PARAM_TLS_MAC_SIZE>) <unsigned integer>
+=head2 Parameters
 
-=back
+The parameters supported by this implementation are detailed in
+L<EVP_EncryptInit(3)/PARAMETERS>.
 
-See L<EVP_EncryptInit(3)/PARAMETERS> for further information.
+=head1 NOTES
 
-=head1 CONFORMING TO
+"NULL" algorithm is used when the TLS cipher suite is TLS_NULL_WITH_NULL_NULL.
+This does no encryption (just copies the data) and has a mac size of zero.
+This conforms to RFC 5246 section-6.2.3.1.
 
-RFC 5246 section-6.2.3.1
+"NULL-HMAC-SHA256" and "NULL-HMAC-SHA384" are used when the TLS cipher suite is
+TLS_SHA256_SHA256 and TLS_SHA384_SHA384 respectively.
+This conforms to RFC 9150.
 
 =head1 SEE ALSO
 
 L<provider-cipher(7)>, L<OSSL_PROVIDER-default(7)>
 
+=head1 HISTORY
+
+The NULL-HMAC-SHA256 and NULL-HMAC-SHA384 ciphers were added in OpenSSL version 3.3.
+
 =head1 COPYRIGHT
 
-Copyright 2023 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2021-2024 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
 in the file LICENSE in the source distribution or at
 L<https://www.openssl.org/source/license.html>.
 
-=cut
+=cut