Import OpenSSL 1.1.0j

doc/apps/ca.pod

@@ -243,8 +243,10 @@ for all available algorithms.
 =item B<-subj arg>
 
 supersedes subject name given in the request.
-The arg must be formatted as I</type0=value0/type1=value1/type2=...>,
-characters may be escaped by \ (backslash), no spaces are skipped.
+The arg must be formatted as I</type0=value0/type1=value1/type2=...>.
+Keyword characters may be escaped by \ (backslash), and whitespace is retained.
+Empty values are permitted, but the corresponding type will not be included
+in the resulting certificate.
 
 =item B<-utf8>
 

doc/apps/crl.pod

@@ -120,7 +120,7 @@ Convert a CRL file from PEM to DER:
 
 Output the text form of a DER encoded certificate:
 
- openssl crl -in crl.der -text -noout
+ openssl crl -in crl.der -inform DER -text -noout
 
 =head1 BUGS
 
@@ -133,7 +133,7 @@ L<crl2pkcs7(1)>, L<ca(1)>, L<x509(1)>
 
 =head1 COPYRIGHT
 
-Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the OpenSSL license (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy

doc/apps/req.pod

@@ -213,8 +213,10 @@ see L<openssl(1)/COMMAND SUMMARY>.
 
 sets subject name for new request or supersedes the subject name
 when processing a request.
-The arg must be formatted as I</type0=value0/type1=value1/type2=...>,
-characters may be escaped by \ (backslash), no spaces are skipped.
+The arg must be formatted as I</type0=value0/type1=value1/type2=...>.
+Keyword characters may be escaped by \ (backslash), and whitespace is retained.
+Empty values are permitted, but the corresponding type will not be included
+in the request.
 
 =item B<-multivalue-rdn>
 
@@ -369,7 +371,6 @@ option. For compatibility B<encrypt_rsa_key> is an equivalent option.
 
 This option specifies the digest algorithm to use.
 Any digest supported by the OpenSSL B<dgst> command can be used.
-If not present then MD5 is used.
 This option can be overridden on the command line.
 
 =item B<string_mask>
@@ -652,7 +653,7 @@ L<x509v3_config(5)>
 
 =head1 COPYRIGHT
 
-Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the OpenSSL license (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy

doc/crypto/EVP_DigestInit.pod

@@ -223,7 +223,7 @@ EVP_MD_CTX_copy_ex() because they can efficiently reuse a digest context
 instead of initializing and cleaning it up on each call and allow non default
 implementations of digests to be specified.
 
-If digest contexts are not cleaned up after use
+If digest contexts are not cleaned up after use,
 memory leaks will occur.
 
 EVP_MD_CTX_size(), EVP_MD_CTX_block_size(), EVP_MD_CTX_type(),

doc/crypto/EVP_DigestSignInit.pod

@@ -19,14 +19,16 @@ The EVP signature routines are a high level interface to digital signatures.
 
 EVP_DigestSignInit() sets up signing context B<ctx> to use digest B<type> from
 ENGINE B<impl> and private key B<pkey>. B<ctx> must be created with
-EVP_MD_CTX_new() before calling this function. If B<pctx> is not NULL the
+EVP_MD_CTX_new() before calling this function. If B<pctx> is not NULL, the
 EVP_PKEY_CTX of the signing operation will be written to B<*pctx>: this can
-be used to set alternative signing options. The digest B<type> may be NULL if
-the signing algorithm supports it.
+be used to set alternative signing options. Note that any existing value in
+B<*pctx> is overwritten. The EVP_PKEY_CTX value returned must not be freed
+directly by the application (it will be freed automatically when the EVP_MD_CTX
+is freed). The digest B<type> may be NULL if the signing algorithm supports it.
 
 Only EVP_PKEY types that support signing can be used with these functions. This
 includes MAC algorithms where the MAC generation is considered as a form of
-"signing." Built-in EVP_PKEY types supported by these functions are CMAC, DSA,
+"signing". Built-in EVP_PKEY types supported by these functions are CMAC, DSA,
 ECDSA, HMAC and RSA.
 
 Not all digests can be used for all key types. The following combinations apply.
@@ -69,17 +71,17 @@ signature context B<ctx>. This function can be called several times on the
 same B<ctx> to include additional data. This function is currently implemented
 using a macro.
 
-EVP_DigestSignFinal() signs the data in B<ctx> places the signature in B<sig>.
+EVP_DigestSignFinal() signs the data in B<ctx> and places the signature in B<sig>.
 If B<sig> is B<NULL> then the maximum size of the output buffer is written to
 the B<siglen> parameter. If B<sig> is not B<NULL> then before the call the
-B<siglen> parameter should contain the length of the B<sig> buffer, if the
+B<siglen> parameter should contain the length of the B<sig> buffer. If the
 call is successful the signature is written to B<sig> and the amount of data
 written to B<siglen>.
 
 =head1 RETURN VALUES
 
 EVP_DigestSignInit() EVP_DigestSignUpdate() and EVP_DigestSignaFinal() return
-1 for success and 0 or a negative value for failure. In particular a return
+1 for success and 0 or a negative value for failure. In particular, a return
 value of -2 indicates the operation is not supported by the public key
 algorithm.
 
@@ -103,7 +105,7 @@ The call to EVP_DigestSignFinal() internally finalizes a copy of the digest
 context. This means that calls to EVP_DigestSignUpdate() and
 EVP_DigestSignFinal() can be called later to digest and sign additional data.
 
-Since only a copy of the digest context is ever finalized the context must
+Since only a copy of the digest context is ever finalized, the context must
 be cleaned up after use by calling EVP_MD_CTX_cleanup() or a memory leak
 will occur.
 

doc/crypto/EVP_DigestVerifyInit.pod

@@ -19,9 +19,12 @@ The EVP signature routines are a high level interface to digital signatures.
 
 EVP_DigestVerifyInit() sets up verification context B<ctx> to use digest
 B<type> from ENGINE B<impl> and public key B<pkey>. B<ctx> must be created
-with EVP_MD_CTX_new() before calling this function. If B<pctx> is not NULL the
+with EVP_MD_CTX_new() before calling this function. If B<pctx> is not NULL, the
 EVP_PKEY_CTX of the verification operation will be written to B<*pctx>: this
-can be used to set alternative verification options.
+can be used to set alternative verification options. Note that any existing
+value in B<*pctx> is overwritten. The EVP_PKEY_CTX value returned must not be
+freed directly by the application (it will be freed automatically when the
+EVP_MD_CTX is freed).
 
 EVP_DigestVerifyUpdate() hashes B<cnt> bytes of data at B<d> into the
 verification context B<ctx>. This function can be called several times on the
@@ -62,7 +65,7 @@ The call to EVP_DigestVerifyFinal() internally finalizes a copy of the digest
 context. This means that EVP_VerifyUpdate() and EVP_VerifyFinal() can
 be called later to digest and verify additional data.
 
-Since only a copy of the digest context is ever finalized the context must
+Since only a copy of the digest context is ever finalized, the context must
 be cleaned up after use by calling EVP_MD_CTX_cleanup() or a memory leak
 will occur.
 
@@ -81,7 +84,7 @@ were first added to OpenSSL 1.0.0.
 
 =head1 COPYRIGHT
 
-Copyright 2006-2017 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the OpenSSL license (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy

doc/crypto/OCSP_resp_find_status.pod

@@ -6,6 +6,9 @@ OCSP_resp_get0_certs,
 OCSP_resp_get0_signer,
 OCSP_resp_get0_id,
 OCSP_resp_get0_produced_at,
+OCSP_resp_get0_signature,
+OCSP_resp_get0_tbs_sigalg,
+OCSP_resp_get0_respdata,
 OCSP_resp_find_status, OCSP_resp_count, OCSP_resp_get0, OCSP_resp_find,
 OCSP_single_get0_status, OCSP_check_validity,
 OCSP_basic_verify
@@ -32,6 +35,9 @@ OCSP_basic_verify
  const ASN1_GENERALIZEDTIME *OCSP_resp_get0_produced_at(
                              const OCSP_BASICRESP* single);
 
+ const ASN1_OCTET_STRING *OCSP_resp_get0_signature(const OCSP_BASICRESP *bs);
+ const X509_ALGOR *OCSP_resp_get0_tbs_sigalg(const OCSP_BASICRESP *bs);
+ const OCSP_RESPDATA *OCSP_resp_get0_respdata(const OCSP_BASICRESP *bs);
  const STACK_OF(X509) *OCSP_resp_get0_certs(const OCSP_BASICRESP *bs);
 
  int OCSP_resp_get0_signer(OCSP_BASICRESP *bs, X509 **signer,
@@ -78,6 +84,12 @@ B<*revtime>, B<*thisupd> and B<*nextupd>.
 OCSP_resp_get0_produced_at() extracts the B<producedAt> field from the
 single response B<bs>.
 
+OCSP_resp_get0_signature() returns the signature from B<bs>.
+
+OCSP_resp_get0_tbs_sigalg() returns the B<signatureAlgorithm> from B<bs>.
+
+OCSP_resp_get0_respdata() returns the B<tbsResponseData> from B<bs>.
+
 OCSP_resp_get0_certs() returns any certificates included in B<bs>.
 
 OCSP_resp_get0_signer() attempts to retrieve the certificate that directly

doc/crypto/OPENSSL_VERSION_NUMBER.pod

@@ -2,13 +2,14 @@
 
 =head1 NAME
 
-OPENSSL_VERSION_NUMBER, OpenSSL_version,
+OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT, OpenSSL_version,
 OpenSSL_version_num - get OpenSSL version number
 
 =head1 SYNOPSIS
 
  #include <openssl/opensslv.h>
  #define OPENSSL_VERSION_NUMBER 0xnnnnnnnnnL
+ #define OPENSSL_VERSION_TEXT "OpenSSL x.y.z xx XXX xxxx"
 
  #include <openssl/crypto.h>
 
@@ -45,6 +46,10 @@ Version 0.9.5a had an interim interpretation that is like the current one,
 except the patch level got the highest bit set, to keep continuity.  The
 number was therefore 0x0090581f.
 
+OPENSSL_VERSION_TEXT is the text variant of the version number and the
+release date.  For example,
+"OpenSSL 1.0.1a 15 Oct 2015".
+
 OpenSSL_version_num() returns the version number.
 
 OpenSSL_version() returns different strings depending on B<t>:

doc/crypto/RSA_meth_new.pod

@@ -58,9 +58,9 @@ RSA_meth_set_verify, RSA_meth_get_keygen, RSA_meth_set_keygen
                                             int padding));
      /* Can be null */
  int (*RSA_meth_get_mod_exp(const RSA_METHOD *meth))
-     (BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx);
+     (BIGNUM *r0, const BIGNUM *i, RSA *rsa, BN_CTX *ctx);
  int RSA_meth_set_mod_exp(RSA_METHOD *rsa,
-                          int (*mod_exp) (BIGNUM *r0, const BIGNUM *I, RSA *rsa,
+                          int (*mod_exp) (BIGNUM *r0, const BIGNUM *i, RSA *rsa,
                                           BN_CTX *ctx));
      /* Can be null */
  int (*RSA_meth_get_bn_mod_exp(const RSA_METHOD *meth))