Fix a possible crash in dsa_builtin_paramgen2.

[openssl.git] / doc / man3 / SSL_CIPHER_get_name.pod

diff --git a/doc/man3/SSL_CIPHER_get_name.pod b/doc/man3/SSL_CIPHER_get_name.pod
index b648e096ef6db6ba809d89c13c98a404268d3d0f..e19bf2132ee0bd35a5cb28c0aae34d63a9e13c10 100644 (file)
--- a/doc/man3/SSL_CIPHER_get_name.pod
+++ b/doc/man3/SSL_CIPHER_get_name.pod
@@ -34,15 +34,17 @@ SSL_CIPHER_get_version() returns string which indicates the SSL/TLS protocol
 version that first defined the cipher.  It returns "(NONE)" if B<cipher> is NULL.
 
 SSL_CIPHER_get_cipher_nid() returns the cipher NID corresponding to B<c>.
-If there is no cipher (e.g. for ciphersuites with no encryption) then
+If there is no cipher (e.g. for cipher suites with no encryption) then
 B<NID_undef> is returned.
 
 SSL_CIPHER_get_digest_nid() returns the digest NID corresponding to the MAC
-used by B<c>. If there is no digest (e.g. for AEAD ciphersuites) then
+used by B<c>. If there is no digest (e.g. for AEAD cipher suites) then
 B<NID_undef> is returned.
 
 SSL_CIPHER_get_kx_nid() returns the key exchange NID corresponding to the method
-used by B<c>. If there is no key exchange, then B<NID_undef> is returned. Examples (not comprehensive):
+used by B<c>. If there is no key exchange, then B<NID_undef> is returned.
+If any appropriate key exchange algorithm can be used (as in the case of TLS 1.3
+cipher suites) B<NID_kx_any> is returned. Examples (not comprehensive):
 
  NID_kx_rsa
  NID_kx_ecdhe
@@ -51,7 +53,8 @@ used by B<c>. If there is no key exchange, then B<NID_undef> is returned. Exampl
 
 SSL_CIPHER_get_auth_nid() returns the authentication NID corresponding to the method
 used by B<c>. If there is no authentication, then B<NID_undef> is returned.
-Examples (not comprehensive):
+If any appropriate authentication algorithm can be used (as in the case of
+TLS 1.3 cipher suites) B<NID_auth_any> is returned. Examples (not comprehensive):
 
  NID_auth_rsa
  NID_auth_ecdsa