Merging upstream version 4.23.0.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>

1 files changed, 35 insertions, 3 deletions

diff --git a/upstream/debian-unstable/man1/openssl-enc.1ssl b/upstream/debian-unstable/man1/openssl-enc.1ssl
index cacf726d..f388df12 100644
--- a/upstream/debian-unstable/man1/openssl-enc.1ssl
+++ b/upstream/debian-unstable/man1/openssl-enc.1ssl
@@ -55,7 +55,7 @@
 .\" ========================================================================
 .\"
 .IX Title "OPENSSL-ENC 1SSL"
-.TH OPENSSL-ENC 1SSL 2024-02-03 3.1.5 OpenSSL
+.TH OPENSSL-ENC 1SSL 2024-04-04 3.2.2-dev OpenSSL
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
@@ -88,6 +88,7 @@ openssl\-enc \- symmetric cipher routines
 [\fB\-md\fR \fIdigest\fR]
 [\fB\-iter\fR \fIcount\fR]
 [\fB\-pbkdf2\fR]
+[\fB\-saltlen\fR \fIsize\fR]
 [\fB\-p\fR]
 [\fB\-P\fR]
 [\fB\-bufsize\fR \fInumber\fR]
@@ -172,6 +173,14 @@ This option enables the use of PBKDF2 algorithm to derive the key.
 .IX Item "-pbkdf2"
 Use PBKDF2 algorithm with a default iteration count of 10000
 unless otherwise specified by the \fB\-iter\fR command line option.
+.IP \fB\-saltlen\fR 4
+.IX Item "-saltlen"
+Set the salt length to use when using the \fB\-pbkdf2\fR option.
+For compatibility reasons, the default is 8 bytes.
+The maximum value is currently 16 bytes.
+If the \fB\-pbkdf2\fR option is not used, then this option is ignored
+and a fixed salt length of 8 is used. The salt length used when
+encrypting must also be used when decrypting.
 .IP \fB\-nosalt\fR 4
 .IX Item "-nosalt"
 Don't use a salt in the key derivation routines. This option \fBSHOULD NOT\fR be
@@ -185,7 +194,8 @@ encrypting, this is the default.
 .IX Item "-S salt"
 The actual salt to use: this must be represented as a string of hex digits.
 If this option is used while encrypting, the same exact value will be needed
-again during decryption.
+again during decryption. This salt may be truncated or zero padded to
+match the salt length (See \fB\-saltlen\fR).
 .IP "\fB\-K\fR \fIkey\fR" 4
 .IX Item "-K key"
 The actual key to use: this must be represented as a string comprised only
@@ -322,7 +332,7 @@ able to roll back upon authentication failure.  The AEAD modes currently in
 common use also suffer from catastrophic failure of confidentiality and/or
 integrity upon reuse of key/iv/nonce, and since \fBopenssl enc\fR places the
 entire burden of key/iv/nonce management upon the user, the risk of
-exposing AEAD modes is too great to allow.  These key/iv/nonce
+exposing AEAD modes is too great to allow. These key/iv/nonce
 management issues also affect other modes currently exposed in this command,
 but the failure modes are less extreme in these cases, and the
 functionality cannot be removed with a stable release branch.
@@ -330,6 +340,15 @@ For bulk encryption of data, whether using authenticated encryption
 modes or other modes, \fBopenssl\-cms\fR\|(1) is recommended, as it provides a
 standard data format and performs the needed key/iv/nonce management.
 .PP
+When enc is used with key wrapping modes the input data cannot be streamed,
+meaning it must be processed in a single pass.
+Consequently, the input data size must be less than
+the buffer size (\-bufsize arg, default to 8*1024 bytes).
+The '*\-wrap' ciphers require the input to be a multiple of 8 bytes long,
+because no padding is involved.
+The '*\-wrap\-pad' ciphers allow any input length.
+In both cases, no IV is needed. See example below.
+.PP
 .Vb 1
 \& base64             Base 64
 \&
@@ -417,6 +436,9 @@ standard data format and performs the needed key/iv/nonce management.
 \& aes\-[128|192|256]\-ecb  128/192/256 bit AES in ECB mode
 \& aes\-[128|192|256]\-ofb  128/192/256 bit AES in OFB mode
 \&
+\& aes\-[128|192|256]\-wrap     key wrapping using 128/192/256 bit AES
+\& aes\-[128|192|256]\-wrap\-pad key wrapping with padding using 128/192/256 bit AES
+\&
 \& aria\-[128|192|256]\-cbc  128/192/256 bit ARIA in CBC mode
 \& aria[128|192|256]       Alias for aria\-[128|192|256]\-cbc
 \& aria\-[128|192|256]\-cfb  128/192/256 bit ARIA in 128 bit CFB mode
@@ -476,6 +498,14 @@ Base64 decode a file then decrypt it using a password supplied in a file:
 \& openssl enc \-aes\-256\-ctr \-pbkdf2 \-d \-a \-in file.aes256 \-out file.txt \e
 \&    \-pass file:<passfile>
 .Ve
+.PP
+AES key wrapping:
+.PP
+.Vb 3
+\& openssl enc \-e \-a \-id\-aes128\-wrap\-pad \-K 000102030405060708090A0B0C0D0E0F \-in file.bin
+\&or
+\& openssl aes128\-wrap\-pad \-e \-a \-K 000102030405060708090A0B0C0D0E0F \-in file.bin
+.Ve
 .SH BUGS
 .IX Header "BUGS"
 The \fB\-A\fR option when used with large files doesn't work properly.
@@ -490,6 +520,8 @@ The default digest was changed from MD5 to SHA256 in OpenSSL 1.1.0.
 The \fB\-list\fR option was added in OpenSSL 1.1.1e.
 .PP
 The \fB\-ciphers\fR and \fB\-engine\fR options were deprecated in OpenSSL 3.0.
+.PP
+The \fB\-saltlen\fR option was added in OpenSSL 3.2.
 .SH COPYRIGHT
 .IX Header "COPYRIGHT"
 Copyright 2000\-2023 The OpenSSL Project Authors. All Rights Reserved.