diff options
Diffstat (limited to 'secure/lib/libcrypto/man/man3/DES_random_key.3')
-rw-r--r-- | secure/lib/libcrypto/man/man3/DES_random_key.3 | 462 |
1 files changed, 462 insertions, 0 deletions
diff --git a/secure/lib/libcrypto/man/man3/DES_random_key.3 b/secure/lib/libcrypto/man/man3/DES_random_key.3 new file mode 100644 index 000000000000..b9533cacd68b --- /dev/null +++ b/secure/lib/libcrypto/man/man3/DES_random_key.3 @@ -0,0 +1,462 @@ +.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42) +.\" +.\" Standard preamble: +.\" ======================================================================== +.de Sp \" Vertical space (when we can't use .PP) +.if t .sp .5v +.if n .sp +.. +.de Vb \" Begin verbatim text +.ft CW +.nf +.ne \\$1 +.. +.de Ve \" End verbatim text +.ft R +.fi +.. +.\" Set up some character translations and predefined strings. \*(-- will +.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left +.\" double quote, and \*(R" will give a right double quote. \*(C+ will +.\" give a nicer C++. Capital omega is used to do unbreakable dashes and +.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff, +.\" nothing in troff, for use with C<>. +.tr \(*W- +.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' +.ie n \{\ +. ds -- \(*W- +. ds PI pi +. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch +. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch +. ds L" "" +. ds R" "" +. ds C` "" +. ds C' "" +'br\} +.el\{\ +. ds -- \|\(em\| +. ds PI \(*p +. ds L" `` +. ds R" '' +. ds C` +. ds C' +'br\} +.\" +.\" Escape single quotes in literal strings from groff's Unicode transform. +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" +.\" If the F register is >0, we'll generate index entries on stderr for +.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index +.\" entries marked with X<> in POD. Of course, you'll have to process the +.\" output yourself in some meaningful fashion. +.\" +.\" Avoid warning from groff about undefined register 'F'. +.de IX +.. +.nr rF 0 +.if \n(.g .if rF .nr rF 1 +.if (\n(rF:(\n(.g==0)) \{\ +. if \nF \{\ +. de IX +. tm Index:\\$1\t\\n%\t"\\$2" +.. +. if !\nF==2 \{\ +. nr % 0 +. nr F 2 +. \} +. \} +.\} +.rr rF +.\" Fear. Run. Save yourself. No user-serviceable parts. +. \" fudge factors for nroff and troff +.if n \{\ +. ds #H 0 +. ds #V .8m +. ds #F .3m +. ds #[ \f1 +. ds #] \fP +.\} +.if t \{\ +. ds #H ((1u-(\\\\n(.fu%2u))*.13m) +. ds #V .6m +. ds #F 0 +. ds #[ \& +. ds #] \& +.\} +. \" simple accents for nroff and troff +.if n \{\ +. ds ' \& +. ds ` \& +. ds ^ \& +. ds , \& +. ds ~ ~ +. ds / +.\} +.if t \{\ +. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" +. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' +. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' +. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' +. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' +. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' +.\} +. \" troff and (daisy-wheel) nroff accents +.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' +.ds 8 \h'\*(#H'\(*b\h'-\*(#H' +.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] +.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' +.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' +.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] +.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] +.ds ae a\h'-(\w'a'u*4/10)'e +.ds Ae A\h'-(\w'A'u*4/10)'E +. \" corrections for vroff +.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' +.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' +. \" for low resolution devices (crt and lpr) +.if \n(.H>23 .if \n(.V>19 \ +\{\ +. ds : e +. ds 8 ss +. ds o a +. ds d- d\h'-1'\(ga +. ds D- D\h'-1'\(hy +. ds th \o'bp' +. ds Th \o'LP' +. ds ae ae +. ds Ae AE +.\} +.rm #[ #] #H #V #F C +.\" ======================================================================== +.\" +.IX Title "DES_RANDOM_KEY 3ossl" +.TH DES_RANDOM_KEY 3ossl "2023-09-19" "3.0.11" "OpenSSL" +.\" For nroff, turn off justification. Always turn off hyphenation; it makes +.\" way too many mistakes in technical documents. +.if n .ad l +.nh +.SH "NAME" +DES_random_key, DES_set_key, DES_key_sched, DES_set_key_checked, +DES_set_key_unchecked, DES_set_odd_parity, DES_is_weak_key, +DES_ecb_encrypt, DES_ecb2_encrypt, DES_ecb3_encrypt, DES_ncbc_encrypt, +DES_cfb_encrypt, DES_ofb_encrypt, DES_pcbc_encrypt, DES_cfb64_encrypt, +DES_ofb64_encrypt, DES_xcbc_encrypt, DES_ede2_cbc_encrypt, +DES_ede2_cfb64_encrypt, DES_ede2_ofb64_encrypt, DES_ede3_cbc_encrypt, +DES_ede3_cfb64_encrypt, DES_ede3_ofb64_encrypt, +DES_cbc_cksum, DES_quad_cksum, DES_string_to_key, DES_string_to_2keys, +DES_fcrypt, DES_crypt \- DES encryption +.SH "SYNOPSIS" +.IX Header "SYNOPSIS" +.Vb 1 +\& #include <openssl/des.h> +.Ve +.PP +The following functions have been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining \fB\s-1OPENSSL_API_COMPAT\s0\fR with a suitable version value, +see \fBopenssl_user_macros\fR\|(7): +.PP +.Vb 1 +\& void DES_random_key(DES_cblock *ret); +\& +\& int DES_set_key(const_DES_cblock *key, DES_key_schedule *schedule); +\& int DES_key_sched(const_DES_cblock *key, DES_key_schedule *schedule); +\& int DES_set_key_checked(const_DES_cblock *key, DES_key_schedule *schedule); +\& void DES_set_key_unchecked(const_DES_cblock *key, DES_key_schedule *schedule); +\& +\& void DES_set_odd_parity(DES_cblock *key); +\& int DES_is_weak_key(const_DES_cblock *key); +\& +\& void DES_ecb_encrypt(const_DES_cblock *input, DES_cblock *output, +\& DES_key_schedule *ks, int enc); +\& void DES_ecb2_encrypt(const_DES_cblock *input, DES_cblock *output, +\& DES_key_schedule *ks1, DES_key_schedule *ks2, int enc); +\& void DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output, +\& DES_key_schedule *ks1, DES_key_schedule *ks2, +\& DES_key_schedule *ks3, int enc); +\& +\& void DES_ncbc_encrypt(const unsigned char *input, unsigned char *output, +\& long length, DES_key_schedule *schedule, DES_cblock *ivec, +\& int enc); +\& void DES_cfb_encrypt(const unsigned char *in, unsigned char *out, +\& int numbits, long length, DES_key_schedule *schedule, +\& DES_cblock *ivec, int enc); +\& void DES_ofb_encrypt(const unsigned char *in, unsigned char *out, +\& int numbits, long length, DES_key_schedule *schedule, +\& DES_cblock *ivec); +\& void DES_pcbc_encrypt(const unsigned char *input, unsigned char *output, +\& long length, DES_key_schedule *schedule, DES_cblock *ivec, +\& int enc); +\& void DES_cfb64_encrypt(const unsigned char *in, unsigned char *out, +\& long length, DES_key_schedule *schedule, DES_cblock *ivec, +\& int *num, int enc); +\& void DES_ofb64_encrypt(const unsigned char *in, unsigned char *out, +\& long length, DES_key_schedule *schedule, DES_cblock *ivec, +\& int *num); +\& +\& void DES_xcbc_encrypt(const unsigned char *input, unsigned char *output, +\& long length, DES_key_schedule *schedule, DES_cblock *ivec, +\& const_DES_cblock *inw, const_DES_cblock *outw, int enc); +\& +\& void DES_ede2_cbc_encrypt(const unsigned char *input, unsigned char *output, +\& long length, DES_key_schedule *ks1, +\& DES_key_schedule *ks2, DES_cblock *ivec, int enc); +\& void DES_ede2_cfb64_encrypt(const unsigned char *in, unsigned char *out, +\& long length, DES_key_schedule *ks1, +\& DES_key_schedule *ks2, DES_cblock *ivec, +\& int *num, int enc); +\& void DES_ede2_ofb64_encrypt(const unsigned char *in, unsigned char *out, +\& long length, DES_key_schedule *ks1, +\& DES_key_schedule *ks2, DES_cblock *ivec, int *num); +\& +\& void DES_ede3_cbc_encrypt(const unsigned char *input, unsigned char *output, +\& long length, DES_key_schedule *ks1, +\& DES_key_schedule *ks2, DES_key_schedule *ks3, +\& DES_cblock *ivec, int enc); +\& void DES_ede3_cfb64_encrypt(const unsigned char *in, unsigned char *out, +\& long length, DES_key_schedule *ks1, +\& DES_key_schedule *ks2, DES_key_schedule *ks3, +\& DES_cblock *ivec, int *num, int enc); +\& void DES_ede3_ofb64_encrypt(const unsigned char *in, unsigned char *out, +\& long length, DES_key_schedule *ks1, +\& DES_key_schedule *ks2, DES_key_schedule *ks3, +\& DES_cblock *ivec, int *num); +\& +\& DES_LONG DES_cbc_cksum(const unsigned char *input, DES_cblock *output, +\& long length, DES_key_schedule *schedule, +\& const_DES_cblock *ivec); +\& DES_LONG DES_quad_cksum(const unsigned char *input, DES_cblock output[], +\& long length, int out_count, DES_cblock *seed); +\& void DES_string_to_key(const char *str, DES_cblock *key); +\& void DES_string_to_2keys(const char *str, DES_cblock *key1, DES_cblock *key2); +\& +\& char *DES_fcrypt(const char *buf, const char *salt, char *ret); +\& char *DES_crypt(const char *buf, const char *salt); +.Ve +.SH "DESCRIPTION" +.IX Header "DESCRIPTION" +All of the functions described on this page are deprecated. Applications should +instead use \fBEVP_EncryptInit_ex\fR\|(3), \fBEVP_EncryptUpdate\fR\|(3) and +\&\fBEVP_EncryptFinal_ex\fR\|(3) or the equivalently named decrypt functions. +.PP +This library contains a fast implementation of the \s-1DES\s0 encryption +algorithm. +.PP +There are two phases to the use of \s-1DES\s0 encryption. The first is the +generation of a \fIDES_key_schedule\fR from a key, the second is the +actual encryption. A \s-1DES\s0 key is of type \fIDES_cblock\fR. This type +consists of 8 bytes with odd parity. The least significant bit in +each byte is the parity bit. The key schedule is an expanded form of +the key; it is used to speed the encryption process. +.PP +\&\fBDES_random_key()\fR generates a random key. The random generator must be +seeded when calling this function. +If the automatic seeding or reseeding of the OpenSSL \s-1CSPRNG\s0 fails due to +external circumstances (see \s-1\fBRAND\s0\fR\|(7)), the operation will fail. +If the function fails, 0 is returned. +.PP +Before a \s-1DES\s0 key can be used, it must be converted into the +architecture dependent \fIDES_key_schedule\fR via the +\&\fBDES_set_key_checked()\fR or \fBDES_set_key_unchecked()\fR function. +.PP +\&\fBDES_set_key_checked()\fR will check that the key passed is of odd parity +and is not a weak or semi-weak key. If the parity is wrong, then \-1 +is returned. If the key is a weak key, then \-2 is returned. If an +error is returned, the key schedule is not generated. +.PP +\&\fBDES_set_key()\fR works like \fBDES_set_key_checked()\fR and remains for +backward compatibility. +.PP +\&\fBDES_set_odd_parity()\fR sets the parity of the passed \fIkey\fR to odd. +.PP +\&\fBDES_is_weak_key()\fR returns 1 if the passed key is a weak key, 0 if it +is ok. +.PP +The following routines mostly operate on an input and output stream of +\&\fIDES_cblock\fRs. +.PP +\&\fBDES_ecb_encrypt()\fR is the basic \s-1DES\s0 encryption routine that encrypts or +decrypts a single 8\-byte \fIDES_cblock\fR in \fIelectronic code book\fR +(\s-1ECB\s0) mode. It always transforms the input data, pointed to by +\&\fIinput\fR, into the output data, pointed to by the \fIoutput\fR argument. +If the \fIencrypt\fR argument is nonzero (\s-1DES_ENCRYPT\s0), the \fIinput\fR +(cleartext) is encrypted in to the \fIoutput\fR (ciphertext) using the +key_schedule specified by the \fIschedule\fR argument, previously set via +\&\fIDES_set_key\fR. If \fIencrypt\fR is zero (\s-1DES_DECRYPT\s0), the \fIinput\fR (now +ciphertext) is decrypted into the \fIoutput\fR (now cleartext). Input +and output may overlap. \fBDES_ecb_encrypt()\fR does not return a value. +.PP +\&\fBDES_ecb3_encrypt()\fR encrypts/decrypts the \fIinput\fR block by using +three-key Triple-DES encryption in \s-1ECB\s0 mode. This involves encrypting +the input with \fIks1\fR, decrypting with the key schedule \fIks2\fR, and +then encrypting with \fIks3\fR. This routine greatly reduces the chances +of brute force breaking of \s-1DES\s0 and has the advantage of if \fIks1\fR, +\&\fIks2\fR and \fIks3\fR are the same, it is equivalent to just encryption +using \s-1ECB\s0 mode and \fIks1\fR as the key. +.PP +The macro \fBDES_ecb2_encrypt()\fR is provided to perform two-key Triple-DES +encryption by using \fIks1\fR for the final encryption. +.PP +\&\fBDES_ncbc_encrypt()\fR encrypts/decrypts using the \fIcipher-block-chaining\fR +(\s-1CBC\s0) mode of \s-1DES.\s0 If the \fIencrypt\fR argument is nonzero, the +routine cipher-block-chain encrypts the cleartext data pointed to by +the \fIinput\fR argument into the ciphertext pointed to by the \fIoutput\fR +argument, using the key schedule provided by the \fIschedule\fR argument, +and initialization vector provided by the \fIivec\fR argument. If the +\&\fIlength\fR argument is not an integral multiple of eight bytes, the +last block is copied to a temporary area and zero filled. The output +is always an integral multiple of eight bytes. +.PP +\&\fBDES_xcbc_encrypt()\fR is \s-1RSA\s0's \s-1DESX\s0 mode of \s-1DES.\s0 It uses \fIinw\fR and +\&\fIoutw\fR to 'whiten' the encryption. \fIinw\fR and \fIoutw\fR are secret +(unlike the iv) and are as such, part of the key. So the key is sort +of 24 bytes. This is much better than \s-1CBC DES.\s0 +.PP +\&\fBDES_ede3_cbc_encrypt()\fR implements outer triple \s-1CBC DES\s0 encryption with +three keys. This means that each \s-1DES\s0 operation inside the \s-1CBC\s0 mode is +\&\f(CW\*(C`C=E(ks3,D(ks2,E(ks1,M)))\*(C'\fR. This mode is used by \s-1SSL.\s0 +.PP +The \fBDES_ede2_cbc_encrypt()\fR macro implements two-key Triple-DES by +reusing \fIks1\fR for the final encryption. \f(CW\*(C`C=E(ks1,D(ks2,E(ks1,M)))\*(C'\fR. +This form of Triple-DES is used by the \s-1RSAREF\s0 library. +.PP +\&\fBDES_pcbc_encrypt()\fR encrypts/decrypts using the propagating cipher block +chaining mode used by Kerberos v4. Its parameters are the same as +\&\fBDES_ncbc_encrypt()\fR. +.PP +\&\fBDES_cfb_encrypt()\fR encrypts/decrypts using cipher feedback mode. This +method takes an array of characters as input and outputs an array of +characters. It does not require any padding to 8 character groups. +Note: the \fIivec\fR variable is changed and the new changed value needs to +be passed to the next call to this function. Since this function runs +a complete \s-1DES ECB\s0 encryption per \fInumbits\fR, this function is only +suggested for use when sending a small number of characters. +.PP +\&\fBDES_cfb64_encrypt()\fR +implements \s-1CFB\s0 mode of \s-1DES\s0 with 64\-bit feedback. Why is this +useful you ask? Because this routine will allow you to encrypt an +arbitrary number of bytes, without 8 byte padding. Each call to this +routine will encrypt the input bytes to output and then update ivec +and num. num contains 'how far' we are though ivec. If this does +not make much sense, read more about \s-1CFB\s0 mode of \s-1DES.\s0 +.PP +\&\fBDES_ede3_cfb64_encrypt()\fR and \fBDES_ede2_cfb64_encrypt()\fR is the same as +\&\fBDES_cfb64_encrypt()\fR except that Triple-DES is used. +.PP +\&\fBDES_ofb_encrypt()\fR encrypts using output feedback mode. This method +takes an array of characters as input and outputs an array of +characters. It does not require any padding to 8 character groups. +Note: the \fIivec\fR variable is changed and the new changed value needs to +be passed to the next call to this function. Since this function runs +a complete \s-1DES ECB\s0 encryption per \fInumbits\fR, this function is only +suggested for use when sending a small number of characters. +.PP +\&\fBDES_ofb64_encrypt()\fR is the same as \fBDES_cfb64_encrypt()\fR using Output +Feed Back mode. +.PP +\&\fBDES_ede3_ofb64_encrypt()\fR and \fBDES_ede2_ofb64_encrypt()\fR is the same as +\&\fBDES_ofb64_encrypt()\fR, using Triple-DES. +.PP +The following functions are included in the \s-1DES\s0 library for +compatibility with the \s-1MIT\s0 Kerberos library. +.PP +\&\fBDES_cbc_cksum()\fR produces an 8 byte checksum based on the input stream +(via \s-1CBC\s0 encryption). The last 4 bytes of the checksum are returned +and the complete 8 bytes are placed in \fIoutput\fR. This function is +used by Kerberos v4. Other applications should use +\&\fBEVP_DigestInit\fR\|(3) etc. instead. +.PP +\&\fBDES_quad_cksum()\fR is a Kerberos v4 function. It returns a 4 byte +checksum from the input bytes. The algorithm can be iterated over the +input, depending on \fIout_count\fR, 1, 2, 3 or 4 times. If \fIoutput\fR is +non-NULL, the 8 bytes generated by each pass are written into +\&\fIoutput\fR. +.PP +The following are DES-based transformations: +.PP +\&\fBDES_fcrypt()\fR is a fast version of the Unix \fBcrypt\fR\|(3) function. This +version takes only a small amount of space relative to other fast +\&\fBcrypt()\fR implementations. This is different to the normal \fBcrypt()\fR in +that the third parameter is the buffer that the return value is +written into. It needs to be at least 14 bytes long. This function +is thread safe, unlike the normal \fBcrypt()\fR. +.PP +\&\fBDES_crypt()\fR is a faster replacement for the normal system \fBcrypt()\fR. +This function calls \fBDES_fcrypt()\fR with a static array passed as the +third parameter. This mostly emulates the normal non-thread-safe semantics +of \fBcrypt\fR\|(3). +The \fBsalt\fR must be two \s-1ASCII\s0 characters. +.PP +The values returned by \fBDES_fcrypt()\fR and \fBDES_crypt()\fR are terminated by \s-1NUL\s0 +character. +.PP +\&\fBDES_enc_write()\fR writes \fIlen\fR bytes to file descriptor \fIfd\fR from +buffer \fIbuf\fR. The data is encrypted via \fIpcbc_encrypt\fR (default) +using \fIsched\fR for the key and \fIiv\fR as a starting vector. The actual +data send down \fIfd\fR consists of 4 bytes (in network byte order) +containing the length of the following encrypted data. The encrypted +data then follows, padded with random data out to a multiple of 8 +bytes. +.SH "BUGS" +.IX Header "BUGS" +\&\fBDES_cbc_encrypt()\fR does not modify \fBivec\fR; use \fBDES_ncbc_encrypt()\fR +instead. +.PP +\&\fBDES_cfb_encrypt()\fR and \fBDES_ofb_encrypt()\fR operates on input of 8 bits. +What this means is that if you set numbits to 12, and length to 2, the +first 12 bits will come from the 1st input byte and the low half of +the second input byte. The second 12 bits will have the low 8 bits +taken from the 3rd input byte and the top 4 bits taken from the 4th +input byte. The same holds for output. This function has been +implemented this way because most people will be using a multiple of 8 +and because once you get into pulling bytes input bytes apart things +get ugly! +.PP +\&\fBDES_string_to_key()\fR is available for backward compatibility with the +\&\s-1MIT\s0 library. New applications should use a cryptographic hash function. +The same applies for \fBDES_string_to_2key()\fR. +.SH "NOTES" +.IX Header "NOTES" +The \fBdes\fR library was written to be source code compatible with +the \s-1MIT\s0 Kerberos library. +.PP +Applications should use the higher level functions +\&\fBEVP_EncryptInit\fR\|(3) etc. instead of calling these +functions directly. +.PP +Single-key \s-1DES\s0 is insecure due to its short key size. \s-1ECB\s0 mode is +not suitable for most applications; see \fBdes_modes\fR\|(7). +.SH "RETURN VALUES" +.IX Header "RETURN VALUES" +\&\fBDES_set_key()\fR, \fBDES_key_sched()\fR, and \fBDES_set_key_checked()\fR +return 0 on success or negative values on error. +.PP +\&\fBDES_is_weak_key()\fR returns 1 if the passed key is a weak key, 0 if it +is ok. +.PP +\&\fBDES_cbc_cksum()\fR and \fBDES_quad_cksum()\fR return 4\-byte integer representing the +last 4 bytes of the checksum of the input. +.PP +\&\fBDES_fcrypt()\fR returns a pointer to the caller-provided buffer and \fBDES_crypt()\fR \- +to a static buffer on success; otherwise they return \s-1NULL.\s0 +.SH "SEE ALSO" +.IX Header "SEE ALSO" +\&\fBdes_modes\fR\|(7), +\&\fBEVP_EncryptInit\fR\|(3) +.SH "HISTORY" +.IX Header "HISTORY" +All of these functions were deprecated in OpenSSL 3.0. +.PP +The requirement that the \fBsalt\fR parameter to \fBDES_crypt()\fR and \fBDES_fcrypt()\fR +be two \s-1ASCII\s0 characters was first enforced in +OpenSSL 1.1.0. Previous versions tried to use the letter uppercase \fBA\fR +if both character were not present, and could crash when given non-ASCII +on some platforms. +.SH "COPYRIGHT" +.IX Header "COPYRIGHT" +Copyright 2000\-2021 The OpenSSL Project Authors. All Rights Reserved. +.PP +Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use +this file except in compliance with the License. You can obtain a copy +in the file \s-1LICENSE\s0 in the source distribution or at +<https://www.openssl.org/source/license.html>. |