Use corresponds macro

boring/src/derive.rs

@@ -1,6 +1,7 @@
 //! Shared secret derivation.
 use crate::ffi;
 use foreign_types::ForeignTypeRef;
+use openssl_macros::corresponds;
 use std::marker::PhantomData;
 use std::ptr;
 
@@ -25,10 +26,7 @@ impl Drop for Deriver<'_> {
 #[allow(clippy::len_without_is_empty)]
 impl<'a> Deriver<'a> {
     /// Creates a new `Deriver` using the provided private key.
-    ///
+    #[corresponds(EVP_PKEY_derive_init)]
-    /// This corresponds to [`EVP_PKEY_derive_init`].
-    ///
-    /// [`EVP_PKEY_derive_init`]: https://www.openssl.org/docs/man1.0.2/crypto/EVP_PKEY_derive_init.html
     pub fn new<T>(key: &'a PKeyRef<T>) -> Result<Deriver<'a>, ErrorStack>
     where
         T: HasPrivate,
@@ -41,10 +39,7 @@ impl<'a> Deriver<'a> {
     }
 
     /// Sets the peer key used for secret derivation.
-    ///
+    #[corresponds(EVP_PKEY_derive_set_peer)]
-    /// This corresponds to [`EVP_PKEY_derive_set_peer`]:
-    ///
-    /// [`EVP_PKEY_derive_set_peer`]: https://www.openssl.org/docs/man1.0.2/crypto/EVP_PKEY_derive_init.html
     pub fn set_peer<T>(&mut self, key: &'a PKeyRef<T>) -> Result<(), ErrorStack>
     where
         T: HasPublic,
@@ -55,10 +50,7 @@ impl<'a> Deriver<'a> {
     /// Returns the size of the shared secret.
     ///
     /// It can be used to size the buffer passed to [`Deriver::derive`].
-    ///
+    #[corresponds(EVP_PKEY_derive)]
-    /// This corresponds to [`EVP_PKEY_derive`].
-    ///
-    /// [`Deriver::derive`]: #method.derive
     /// [`EVP_PKEY_derive`]: https://www.openssl.org/docs/man1.0.2/crypto/EVP_PKEY_derive_init.html
     pub fn len(&mut self) -> Result<usize, ErrorStack> {
         unsafe {
@@ -70,10 +62,7 @@ impl<'a> Deriver<'a> {
     /// Derives a shared secret between the two keys, writing it into the buffer.
     ///
     /// Returns the number of bytes written.
-    ///
+    #[corresponds(EVP_PKEY_derive)]
-    /// This corresponds to [`EVP_PKEY_derive`].
-    ///
-    /// [`EVP_PKEY_derive`]: https://www.openssl.org/docs/man1.0.2/crypto/EVP_PKEY_derive_init.html
     pub fn derive(&mut self, buf: &mut [u8]) -> Result<usize, ErrorStack> {
         let mut len = buf.len();
         unsafe {

boring/src/dh.rs

@@ -1,6 +1,7 @@
 use crate::error::ErrorStack;
 use crate::ffi;
 use foreign_types::{ForeignType, ForeignTypeRef};
+use openssl_macros::corresponds;
 use std::mem;
 use std::ptr;
 
@@ -25,20 +26,14 @@ where
         /// Serializes the parameters into a PEM-encoded PKCS#3 DHparameter structure.
         ///
         /// The output will have a header of `-----BEGIN DH PARAMETERS-----`.
-        ///
+        #[corresponds(PEM_write_bio_DHparams)]
-        /// This corresponds to [`PEM_write_bio_DHparams`].
-        ///
-        /// [`PEM_write_bio_DHparams`]: https://www.openssl.org/docs/manmaster/man3/PEM_write_bio_DHparams.html
         params_to_pem,
         ffi::PEM_write_bio_DHparams
     }
 
     to_der! {
         /// Serializes the parameters into a DER-encoded PKCS#3 DHparameter structure.
-        ///
+        #[corresponds(i2d_DHparams)]
-        /// This corresponds to [`i2d_DHparams`].
-        ///
-        /// [`i2d_DHparams`]: https://www.openssl.org/docs/man1.1.0/crypto/i2d_DHparams.html
         params_to_der,
         ffi::i2d_DHparams
     }
@@ -58,10 +53,7 @@ impl Dh<Params> {
         /// Deserializes a PEM-encoded PKCS#3 DHpararameters structure.
         ///
         /// The input should have a header of `-----BEGIN DH PARAMETERS-----`.
-        ///
+        #[corresponds(PEM_read_bio_DHparams)]
-        /// This corresponds to [`PEM_read_bio_DHparams`].
-        ///
-        /// [`PEM_read_bio_DHparams`]: https://www.openssl.org/docs/man1.0.2/crypto/PEM_read_bio_DHparams.html
         params_from_pem,
         Dh<Params>,
         ffi::PEM_read_bio_DHparams
@@ -69,10 +61,7 @@ impl Dh<Params> {
 
     from_der! {
         /// Deserializes a DER-encoded PKCS#3 DHparameters structure.
-        ///
+        #[corresponds(d2i_DHparams)]
-        /// This corresponds to [`d2i_DHparams`].
-        ///
-        /// [`d2i_DHparams`]: https://www.openssl.org/docs/man1.1.0/crypto/d2i_DHparams.html
         params_from_der,
         Dh<Params>,
         ffi::d2i_DHparams,

boring/src/dsa.rs

@@ -8,6 +8,7 @@
 use crate::ffi;
 use foreign_types::{ForeignType, ForeignTypeRef};
 use libc::c_uint;
+use openssl_macros::corresponds;
 use std::fmt;
 use std::mem;
 use std::ptr;
@@ -84,20 +85,14 @@ where
         /// Serialies the public key into a PEM-encoded SubjectPublicKeyInfo structure.
         ///
         /// The output will have a header of `-----BEGIN PUBLIC KEY-----`.
-        ///
+        #[corresponds(PEM_write_bio_DSA_PUBKEY)]
-        /// This corresponds to [`PEM_write_bio_DSA_PUBKEY`].
-        ///
-        /// [`PEM_write_bio_DSA_PUBKEY`]: https://www.openssl.org/docs/man1.1.0/crypto/PEM_write_bio_DSA_PUBKEY.html
         public_key_to_pem,
         ffi::PEM_write_bio_DSA_PUBKEY
     }
 
     to_der! {
         /// Serializes the public key into a DER-encoded SubjectPublicKeyInfo structure.
-        ///
+        #[corresponds(i2d_DSA_PUBKEY)]
-        /// This corresponds to [`i2d_DSA_PUBKEY`].
-        ///
-        /// [`i2d_DSA_PUBKEY`]: https://www.openssl.org/docs/man1.1.0/crypto/i2d_DSA_PUBKEY.html
         public_key_to_der,
         ffi::i2d_DSA_PUBKEY
     }
@@ -120,18 +115,12 @@ where
         /// Serializes the private key to a PEM-encoded DSAPrivateKey structure.
         ///
         /// The output will have a header of `-----BEGIN DSA PRIVATE KEY-----`.
-        ///
+        #[corresponds(PEM_write_bio_DSAPrivateKey)]
-        /// This corresponds to [`PEM_write_bio_DSAPrivateKey`].
-        ///
-        /// [`PEM_write_bio_DSAPrivateKey`]: https://www.openssl.org/docs/man1.1.0/crypto/PEM_write_bio_DSAPrivateKey.html
         private_key_to_pem,
         /// Serializes the private key to a PEM-encoded encrypted DSAPrivateKey structure.
         ///
         /// The output will have a header of `-----BEGIN DSA PRIVATE KEY-----`.
-        ///
+        #[corresponds(PEM_write_bio_DSAPrivateKey)]
-        /// This corresponds to [`PEM_write_bio_DSAPrivateKey`].
-        ///
-        /// [`PEM_write_bio_DSAPrivateKey`]: https://www.openssl.org/docs/man1.1.0/crypto/PEM_write_bio_DSAPrivateKey.html
         private_key_to_pem_passphrase,
         ffi::PEM_write_bio_DSAPrivateKey
     }
@@ -151,10 +140,7 @@ where
     T: HasParams,
 {
     /// Returns the maximum size of the signature output by `self` in bytes.
-    ///
+    #[corresponds(DSA_size)]
-    /// OpenSSL documentation at [`DSA_size`]
-    ///
-    /// [`DSA_size`]: https://www.openssl.org/docs/man1.1.0/crypto/DSA_size.html
     pub fn size(&self) -> u32 {
         unsafe { ffi::DSA_size(self.as_ptr()) as u32 }
     }
@@ -244,10 +230,7 @@ impl Dsa<Public> {
         /// Decodes a PEM-encoded SubjectPublicKeyInfo structure containing a DSA key.
         ///
         /// The input should have a header of `-----BEGIN PUBLIC KEY-----`.
-        ///
+        #[corresponds(PEM_read_bio_DSA_PUBKEY)]
-        /// This corresponds to [`PEM_read_bio_DSA_PUBKEY`].
-        ///
-        /// [`PEM_read_bio_DSA_PUBKEY`]: https://www.openssl.org/docs/man1.0.2/crypto/PEM_read_bio_DSA_PUBKEY.html
         public_key_from_pem,
         Dsa<Public>,
         ffi::PEM_read_bio_DSA_PUBKEY
@@ -255,10 +238,7 @@ impl Dsa<Public> {
 
     from_der! {
         /// Decodes a DER-encoded SubjectPublicKeyInfo structure containing a DSA key.
-        ///
+        #[corresponds(d2i_DSA_PUBKEY)]
-        /// This corresponds to [`d2i_DSA_PUBKEY`].
-        ///
-        /// [`d2i_DSA_PUBKEY`]: https://www.openssl.org/docs/man1.0.2/crypto/d2i_DSA_PUBKEY.html
         public_key_from_der,
         Dsa<Public>,
         ffi::d2i_DSA_PUBKEY,

boring/src/ec.rs

@@ -18,6 +18,7 @@
 use crate::ffi;
 use foreign_types::{ForeignType, ForeignTypeRef};
 use libc::c_int;
+use openssl_macros::corresponds;
 use std::fmt;
 use std::ptr;
 
@@ -111,10 +112,7 @@ foreign_type_and_impl_send_sync! {
 
 impl EcGroup {
     /// Returns the group of a standard named curve.
-    ///
+    #[corresponds(EC_GROUP_new)]
-    /// OpenSSL documentation at [`EC_GROUP_new`].
-    ///
-    /// [`EC_GROUP_new`]: https://www.openssl.org/docs/man1.1.0/crypto/EC_GROUP_new.html
     pub fn from_curve_name(nid: Nid) -> Result<EcGroup, ErrorStack> {
         unsafe {
             init();
@@ -150,10 +148,7 @@ impl EcGroupRef {
     }
 
     /// Places the cofactor of the group in the provided `BigNum`.
-    ///
+    #[corresponds(EC_GROUP_get_cofactor)]
-    /// OpenSSL documentation at [`EC_GROUP_get_cofactor`]
-    ///
-    /// [`EC_GROUP_get_cofactor`]: https://www.openssl.org/docs/man1.1.0/crypto/EC_GROUP_get_cofactor.html
     pub fn cofactor(
         &self,
         cofactor: &mut BigNumRef,
@@ -170,29 +165,20 @@ impl EcGroupRef {
     }
 
     /// Returns the degree of the curve.
-    ///
+    #[corresponds(EC_GROUP_get_degree)]
-    /// OpenSSL documentation at [`EC_GROUP_get_degree`]
-    ///
-    /// [`EC_GROUP_get_degree`]: https://www.openssl.org/docs/man1.1.0/crypto/EC_GROUP_get_degree.html
     #[allow(clippy::unnecessary_cast)]
     pub fn degree(&self) -> u32 {
         unsafe { ffi::EC_GROUP_get_degree(self.as_ptr()) as u32 }
     }
 
     /// Returns the number of bits in the group order.
-    ///
+    #[corresponds(EC_GROUP_order_bits)]
-    /// OpenSSL documentation at [`EC_GROUP_order_bits`]
-    ///
-    /// [`EC_GROUP_order_bits`]: https://www.openssl.org/docs/man1.1.0/crypto/EC_GROUP_order_bits.html
     pub fn order_bits(&self) -> u32 {
         unsafe { ffi::EC_GROUP_order_bits(self.as_ptr()) as u32 }
     }
 
     /// Returns the generator for the given curve as a [`EcPoint`].
-    ///
+    #[corresponds(EC_GROUP_get0_generator)]
-    /// OpenSSL documentation at [`EC_GROUP_get0_generator`]
-    ///
-    /// [`EC_GROUP_get0_generator`]: https://www.openssl.org/docs/man1.1.0/man3/EC_GROUP_get0_generator.html
     pub fn generator(&self) -> &EcPointRef {
         unsafe {
             let ptr = ffi::EC_GROUP_get0_generator(self.as_ptr());
@@ -201,10 +187,7 @@ impl EcGroupRef {
     }
 
     /// Places the order of the curve in the provided `BigNum`.
-    ///
+    #[corresponds(EC_GROUP_get_order)]
-    /// OpenSSL documentation at [`EC_GROUP_get_order`]
-    ///
-    /// [`EC_GROUP_get_order`]: https://www.openssl.org/docs/man1.1.0/crypto/EC_GROUP_get_order.html
     pub fn order(
         &self,
         order: &mut BigNumRef,
@@ -232,10 +215,7 @@ impl EcGroupRef {
     }
 
     /// Returns the name of the curve, if a name is associated.
-    ///
+    #[corresponds(EC_GROUP_get_curve_name)]
-    /// OpenSSL documentation at [`EC_GROUP_get_curve_name`]
-    ///
-    /// [`EC_GROUP_get_curve_name`]: https://www.openssl.org/docs/man1.1.0/crypto/EC_GROUP_get_curve_name.html
     pub fn curve_name(&self) -> Option<Nid> {
         let nid = unsafe { ffi::EC_GROUP_get_curve_name(self.as_ptr()) };
         if nid > 0 {
@@ -260,10 +240,7 @@ foreign_type_and_impl_send_sync! {
 
 impl EcPointRef {
     /// Computes `a + b`, storing the result in `self`.
-    ///
+    #[corresponds(EC_POINT_add)]
-    /// OpenSSL documentation at [`EC_POINT_add`]
-    ///
-    /// [`EC_POINT_add`]: https://www.openssl.org/docs/man1.1.0/crypto/EC_POINT_add.html
     pub fn add(
         &mut self,
         group: &EcGroupRef,
@@ -284,10 +261,7 @@ impl EcPointRef {
     }
 
     /// Computes `q * m`, storing the result in `self`.
-    ///
+    #[corresponds(EC_POINT_mul)]
-    /// OpenSSL documentation at [`EC_POINT_mul`]
-    ///
-    /// [`EC_POINT_mul`]: https://www.openssl.org/docs/man1.1.0/crypto/EC_POINT_mul.html
     pub fn mul(
         &mut self,
         group: &EcGroupRef,
@@ -353,10 +327,7 @@ impl EcPointRef {
     }
 
     /// Inverts `self`.
-    ///
+    #[corresponds(EC_POINT_invert)]
-    /// OpenSSL documentation at [`EC_POINT_invert`]
-    ///
-    /// [`EC_POINT_invert`]: https://www.openssl.org/docs/man1.1.0/crypto/EC_POINT_invert.html
     pub fn invert(&mut self, group: &EcGroupRef, ctx: &BigNumContextRef) -> Result<(), ErrorStack> {
         unsafe {
             cvt(ffi::EC_POINT_invert(
@@ -369,10 +340,7 @@ impl EcPointRef {
     }
 
     /// Serializes the point to a binary representation.
-    ///
+    #[corresponds(EC_POINT_point2oct)]
-    /// OpenSSL documentation at [`EC_POINT_point2oct`]
-    ///
-    /// [`EC_POINT_point2oct`]: https://www.openssl.org/docs/man1.1.0/crypto/EC_POINT_point2oct.html
     pub fn to_bytes(
         &self,
         group: &EcGroupRef,
@@ -409,10 +377,7 @@ impl EcPointRef {
     }
 
     /// Creates a new point on the specified curve with the same value.
-    ///
+    #[corresponds(EC_POINT_dup)]
-    /// OpenSSL documentation at [`EC_POINT_dup`]
-    ///
-    /// [`EC_POINT_dup`]: https://www.openssl.org/docs/man1.1.0/crypto/EC_POINT_dup.html
     pub fn to_owned(&self, group: &EcGroupRef) -> Result<EcPoint, ErrorStack> {
         unsafe {
             cvt_p(ffi::EC_POINT_dup(self.as_ptr(), group.as_ptr())).map(|p| EcPoint::from_ptr(p))
@@ -443,10 +408,7 @@ impl EcPointRef {
 
     /// Place affine coordinates of a curve over a prime field in the provided
     /// `x` and `y` `BigNum`s
-    ///
+    #[corresponds(EC_POINT_get_affine_coordinates_GFp)]
-    /// OpenSSL documentation at [`EC_POINT_get_affine_coordinates_GFp`]
-    ///
-    /// [`EC_POINT_get_affine_coordinates_GFp`]: https://www.openssl.org/docs/man1.1.0/crypto/EC_POINT_get_affine_coordinates_GFp.html
     pub fn affine_coordinates_gfp(
         &self,
         group: &EcGroupRef,
@@ -469,19 +431,13 @@ impl EcPointRef {
 
 impl EcPoint {
     /// Creates a new point on the specified curve.
-    ///
+    #[corresponds(EC_POINT_new)]
-    /// OpenSSL documentation at [`EC_POINT_new`]
-    ///
-    /// [`EC_POINT_new`]: https://www.openssl.org/docs/man1.1.0/crypto/EC_POINT_new.html
     pub fn new(group: &EcGroupRef) -> Result<EcPoint, ErrorStack> {
         unsafe { cvt_p(ffi::EC_POINT_new(group.as_ptr())).map(|p| EcPoint::from_ptr(p)) }
     }
 
     /// Creates point from a binary representation
-    ///
+    #[corresponds(EC_POINT_oct2point)]
-    /// OpenSSL documentation at [`EC_POINT_oct2point`]
-    ///
-    /// [`EC_POINT_oct2point`]: https://www.openssl.org/docs/man1.1.0/crypto/EC_POINT_oct2point.html
     pub fn from_bytes(
         group: &EcGroupRef,
         buf: &[u8],
@@ -507,9 +463,6 @@ generic_foreign_type_and_impl_send_sync! {
 
     /// Public and optional Private key on the given curve
     ///
-    /// OpenSSL documentation at [`EC_KEY_new`]
-    ///
-    /// [`EC_KEY_new`]: https://www.openssl.org/docs/man1.1.0/crypto/EC_KEY_new.html
     pub struct EcKey<T>;
 
     /// Reference to [`EcKey`]
@@ -526,37 +479,25 @@ where
         /// Serializes the private key to a PEM-encoded ECPrivateKey structure.
         ///
         /// The output will have a header of `-----BEGIN EC PRIVATE KEY-----`.
-        ///
+        #[corresponds(PEM_write_bio_ECPrivateKey)]
-        /// This corresponds to [`PEM_write_bio_ECPrivateKey`].
-        ///
-        /// [`PEM_write_bio_ECPrivateKey`]: https://www.openssl.org/docs/man1.1.0/crypto/PEM_write_bio_ECPrivateKey.html
         private_key_to_pem,
         /// Serializes the private key to a PEM-encoded encrypted ECPrivateKey structure.
         ///
         /// The output will have a header of `-----BEGIN EC PRIVATE KEY-----`.
-        ///
+        #[corresponds(PEM_write_bio_ECPrivateKey)]
-        /// This corresponds to [`PEM_write_bio_ECPrivateKey`].
-        ///
-        /// [`PEM_write_bio_ECPrivateKey`]: https://www.openssl.org/docs/man1.1.0/crypto/PEM_write_bio_ECPrivateKey.html
         private_key_to_pem_passphrase,
         ffi::PEM_write_bio_ECPrivateKey
     }
 
     to_der! {
         /// Serializes the private key into a DER-encoded ECPrivateKey structure.
-        ///
+        #[corresponds(i2d_ECPrivateKey)]
-        /// This corresponds to [`i2d_ECPrivateKey`].
-        ///
-        /// [`i2d_ECPrivateKey`]: https://www.openssl.org/docs/man1.0.2/crypto/d2i_ECPrivate_key.html
         private_key_to_der,
         ffi::i2d_ECPrivateKey
     }
 
     /// Return [`EcPoint`] associated with the private key
-    ///
+    #[corresponds(EC_KEY_get0_private_key)]
-    /// OpenSSL documentation at [`EC_KEY_get0_private_key`]
-    ///
-    /// [`EC_KEY_get0_private_key`]: https://www.openssl.org/docs/man1.1.0/crypto/EC_KEY_get0_private_key.html
     pub fn private_key(&self) -> &BigNumRef {
         unsafe {
             let ptr = ffi::EC_KEY_get0_private_key(self.as_ptr());
@@ -570,10 +511,7 @@ where
     T: HasPublic,
 {
     /// Returns the public key.
-    ///
+    #[corresponds(EC_KEY_get0_public_key)]
-    /// OpenSSL documentation at [`EC_KEY_get0_public_key`]
-    ///
-    /// [`EC_KEY_get0_public_key`]: https://www.openssl.org/docs/man1.1.0/crypto/EC_KEY_get0_public_key.html
     pub fn public_key(&self) -> &EcPointRef {
         unsafe {
             let ptr = ffi::EC_KEY_get0_public_key(self.as_ptr());
@@ -585,20 +523,14 @@ where
         /// Serialies the public key into a PEM-encoded SubjectPublicKeyInfo structure.
         ///
         /// The output will have a header of `-----BEGIN PUBLIC KEY-----`.
-        ///
+        #[corresponds(PEM_write_bio_EC_PUBKEY)]
-        /// This corresponds to [`PEM_write_bio_EC_PUBKEY`].
-        ///
-        /// [`PEM_write_bio_EC_PUBKEY`]: https://www.openssl.org/docs/man1.1.0/crypto/PEM_write_bio_EC_PUBKEY.html
         public_key_to_pem,
         ffi::PEM_write_bio_EC_PUBKEY
     }
 
     to_der! {
         /// Serializes the public key into a DER-encoded SubjectPublicKeyInfo structure.
-        ///
+        #[corresponds(i2d_EC_PUBKEY)]
-        /// This corresponds to [`i2d_EC_PUBKEY`].
-        ///
-        /// [`i2d_EC_PUBKEY`]: https://www.openssl.org/docs/man1.1.0/crypto/i2d_EC_PUBKEY.html
         public_key_to_der,
         ffi::i2d_EC_PUBKEY
     }
@@ -609,10 +541,7 @@ where
     T: HasParams,
 {
     /// Return [`EcGroup`] of the `EcKey`
-    ///
+    #[corresponds(EC_KEY_get0_group)]
-    /// OpenSSL documentation at [`EC_KEY_get0_group`]
-    ///
-    /// [`EC_KEY_get0_group`]: https://www.openssl.org/docs/man1.1.0/crypto/EC_KEY_get0_group.html
     pub fn group(&self) -> &EcGroupRef {
         unsafe {
             let ptr = ffi::EC_KEY_get0_group(self.as_ptr());
@@ -621,10 +550,7 @@ where
     }
 
     /// Checks the key for validity.
-    ///
+    #[corresponds(EC_KEY_check_key)]
-    /// OpenSSL documentation at [`EC_KEY_check_key`]
-    ///
-    /// [`EC_KEY_check_key`]: https://www.openssl.org/docs/man1.1.0/crypto/EC_KEY_check_key.html
     pub fn check_key(&self) -> Result<(), ErrorStack> {
         unsafe { cvt(ffi::EC_KEY_check_key(self.as_ptr())).map(|_| ()) }
     }
@@ -647,10 +573,7 @@ impl EcKey<Params> {
     ///
     /// It will not have an associated public or private key. This kind of key is primarily useful
     /// to be provided to the `set_tmp_ecdh` methods on `Ssl` and `SslContextBuilder`.
-    ///
+    #[corresponds(EC_KEY_new_by_curve_name)]
-    /// OpenSSL documentation at [`EC_KEY_new_by_curve_name`]
-    ///
-    /// [`EC_KEY_new_by_curve_name`]: https://www.openssl.org/docs/man1.1.0/crypto/EC_KEY_new_by_curve_name.html
     pub fn from_curve_name(nid: Nid) -> Result<EcKey<Params>, ErrorStack> {
         unsafe {
             init();
@@ -659,10 +582,7 @@ impl EcKey<Params> {
     }
 
     /// Constructs an `EcKey` corresponding to a curve.
-    ///
+    #[corresponds(EC_KEY_set_group)]
-    /// This corresponds to [`EC_KEY_set_group`].
-    ///
-    /// [`EC_KEY_set_group`]: https://www.openssl.org/docs/man1.1.0/crypto/EC_KEY_new.html
     pub fn from_group(group: &EcGroupRef) -> Result<EcKey<Params>, ErrorStack> {
         unsafe {
             cvt_p(ffi::EC_KEY_new())
@@ -743,10 +663,7 @@ impl EcKey<Public> {
         /// Decodes a PEM-encoded SubjectPublicKeyInfo structure containing a EC key.
         ///
         /// The input should have a header of `-----BEGIN PUBLIC KEY-----`.
-        ///
+        #[corresponds(PEM_read_bio_EC_PUBKEY)]
-        /// This corresponds to [`PEM_read_bio_EC_PUBKEY`].
-        ///
-        /// [`PEM_read_bio_EC_PUBKEY`]: https://www.openssl.org/docs/man1.1.0/crypto/PEM_read_bio_EC_PUBKEY.html
         public_key_from_pem,
         EcKey<Public>,
         ffi::PEM_read_bio_EC_PUBKEY
@@ -754,10 +671,7 @@ impl EcKey<Public> {
 
     from_der! {
         /// Decodes a DER-encoded SubjectPublicKeyInfo structure containing a EC key.
-        ///
+        #[corresponds(d2i_EC_PUBKEY)]
-        /// This corresponds to [`d2i_EC_PUBKEY`].
-        ///
-        /// [`d2i_EC_PUBKEY`]: https://www.openssl.org/docs/man1.1.0/crypto/d2i_EC_PUBKEY.html
         public_key_from_der,
         EcKey<Public>,
         ffi::d2i_EC_PUBKEY,
@@ -811,15 +725,13 @@ impl EcKey<Private> {
         /// Deserializes a private key from a PEM-encoded ECPrivateKey structure.
         ///
         /// The input should have a header of `-----BEGIN EC PRIVATE KEY-----`.
-        ///
+        #[corresponds(PEM_read_bio_ECPrivateKey)]
-        /// This corresponds to `PEM_read_bio_ECPrivateKey`.
         private_key_from_pem,
 
         /// Deserializes a private key from a PEM-encoded encrypted ECPrivateKey structure.
         ///
         /// The input should have a header of `-----BEGIN EC PRIVATE KEY-----`.
-        ///
+        #[corresponds(PEM_read_bio_ECPrivateKey)]
-        /// This corresponds to `PEM_read_bio_ECPrivateKey`.
         private_key_from_pem_passphrase,
 
         /// Deserializes a private key from a PEM-encoded encrypted ECPrivateKey structure.
@@ -827,8 +739,7 @@ impl EcKey<Private> {
         /// The callback should fill the password into the provided buffer and return its length.
         ///
         /// The input should have a header of `-----BEGIN EC PRIVATE KEY-----`.
-        ///
+        #[corresponds(PEM_read_bio_ECPrivateKey)]
-        /// This corresponds to `PEM_read_bio_ECPrivateKey`.
         private_key_from_pem_callback,
         EcKey<Private>,
         ffi::PEM_read_bio_ECPrivateKey
@@ -836,10 +747,7 @@ impl EcKey<Private> {
 
     from_der! {
         /// Decodes a DER-encoded elliptic curve private key structure.
-        ///
+        #[corresponds(d2i_ECPrivateKey)]
-        /// This corresponds to [`d2i_ECPrivateKey`].
-        ///
-        /// [`d2i_ECPrivateKey`]: https://www.openssl.org/docs/man1.0.2/crypto/d2i_ECPrivate_key.html
         private_key_from_der,
         EcKey<Private>,
         ffi::d2i_ECPrivateKey,

boring/src/ecdsa.rs

@@ -3,6 +3,7 @@
 use crate::ffi;
 use foreign_types::{ForeignType, ForeignTypeRef};
 use libc::{c_int, size_t};
+use openssl_macros::corresponds;
 use std::mem;
 use std::ptr;
 
@@ -26,10 +27,7 @@ foreign_type_and_impl_send_sync! {
 
 impl EcdsaSig {
     /// Computes a digital signature of the hash value `data` using the private EC key eckey.
-    ///
+    #[corresponds(ECDSA_do_sign)]
-    /// OpenSSL documentation at [`ECDSA_do_sign`]
-    ///
-    /// [`ECDSA_do_sign`]: https://www.openssl.org/docs/man1.1.0/crypto/ECDSA_do_sign.html
     pub fn sign<T>(data: &[u8], eckey: &EcKeyRef<T>) -> Result<EcdsaSig, ErrorStack>
     where
         T: HasPrivate,
@@ -47,10 +45,7 @@ impl EcdsaSig {
 
     /// Returns a new `EcdsaSig` by setting the `r` and `s` values associated with a
     /// ECDSA signature.
-    ///
+    #[corresponds(ECDSA_SIG_set0)]
-    /// OpenSSL documentation at [`ECDSA_SIG_set0`]
-    ///
-    /// [`ECDSA_SIG_set0`]: https://www.openssl.org/docs/man1.1.0/crypto/ECDSA_SIG_set0.html
     pub fn from_private_components(r: BigNum, s: BigNum) -> Result<EcdsaSig, ErrorStack> {
         unsafe {
             let sig = cvt_p(ffi::ECDSA_SIG_new())?;
@@ -62,10 +57,7 @@ impl EcdsaSig {
 
     from_der! {
         /// Decodes a DER-encoded ECDSA signature.
-        ///
+        #[corresponds(d2i_ECDSA_SIG)]
-        /// This corresponds to [`d2i_ECDSA_SIG`].
-        ///
-        /// [`d2i_ECDSA_SIG`]: https://www.openssl.org/docs/man1.1.0/crypto/d2i_ECDSA_SIG.html
         from_der,
         EcdsaSig,
         ffi::d2i_ECDSA_SIG,
@@ -76,19 +68,13 @@ impl EcdsaSig {
 impl EcdsaSigRef {
     to_der! {
         /// Serializes the ECDSA signature into a DER-encoded ECDSASignature structure.
-        ///
+        #[corresponds(i2d_ECDSA_SIG)]
-        /// This corresponds to [`i2d_ECDSA_SIG`].
-        ///
-        /// [`i2d_ECDSA_SIG`]: https://www.openssl.org/docs/man1.1.0/crypto/i2d_ECDSA_SIG.html
         to_der,
         ffi::i2d_ECDSA_SIG
     }
 
     /// Verifies if the signature is a valid ECDSA signature using the given public key.
-    ///
+    #[corresponds(ECDSA_do_verify)]
-    /// OpenSSL documentation at [`ECDSA_do_verify`]
-    ///
-    /// [`ECDSA_do_verify`]: https://www.openssl.org/docs/man1.1.0/crypto/ECDSA_do_verify.html
     pub fn verify<T>(&self, data: &[u8], eckey: &EcKeyRef<T>) -> Result<bool, ErrorStack>
     where
         T: HasPublic,
@@ -106,10 +92,7 @@ impl EcdsaSigRef {
     }
 
     /// Returns internal component: `r` of an `EcdsaSig`. (See X9.62 or FIPS 186-2)
-    ///
+    #[corresponds(ECDSA_SIG_get0)]
-    /// OpenSSL documentation at [`ECDSA_SIG_get0`]
-    ///
-    /// [`ECDSA_SIG_get0`]: https://www.openssl.org/docs/man1.1.0/crypto/ECDSA_SIG_get0.html
     pub fn r(&self) -> &BigNumRef {
         unsafe {
             let mut r = ptr::null();
@@ -119,10 +102,7 @@ impl EcdsaSigRef {
     }
 
     /// Returns internal components: `s` of an `EcdsaSig`. (See X9.62 or FIPS 186-2)
-    ///
+    #[corresponds(ECDSA_SIG_get0)]
-    /// OpenSSL documentation at [`ECDSA_SIG_get0`]
-    ///
-    /// [`ECDSA_SIG_get0`]: https://www.openssl.org/docs/man1.1.0/crypto/ECDSA_SIG_get0.html
     pub fn s(&self) -> &BigNumRef {
         unsafe {
             let mut s = ptr::null();

boring/src/fips.rs

@@ -4,10 +4,10 @@
 //!
 //! [OpenSSL's documentation]: https://www.openssl.org/docs/fips/UserGuide-2.0.pdf
 use crate::ffi;
+use openssl_macros::corresponds;
 
 /// Determines if the library is running in the FIPS 140-2 mode of operation.
-///
+#[corresponds(FIPS_mode)]
-/// This corresponds to `FIPS_mode`.
 pub fn enabled() -> bool {
     unsafe { ffi::FIPS_mode() != 0 }
 }

boring/src/hash.rs

@@ -1,4 +1,5 @@
 use crate::ffi;
+use openssl_macros::corresponds;
 use std::convert::TryInto;
 use std::ffi::{c_uint, c_void};
 use std::fmt;
@@ -26,10 +27,7 @@ impl MessageDigest {
     }
 
     /// Returns the `MessageDigest` corresponding to an `Nid`.
-    ///
+    #[corresponds(EVP_get_digestbynid)]
-    /// This corresponds to [`EVP_get_digestbynid`].
-    ///
-    /// [`EVP_get_digestbynid`]: https://www.openssl.org/docs/man1.1.0/crypto/EVP_DigestInit.html
     pub fn from_nid(type_: Nid) -> Option<MessageDigest> {
         unsafe {
             let ptr = ffi::EVP_get_digestbynid(type_.as_raw());

boring/src/nid.rs

@@ -1,6 +1,7 @@
 //! A collection of numerical identifiers for OpenSSL objects.
 use crate::ffi;
 use libc::{c_char, c_int};
+use openssl_macros::corresponds;
 
 use std::ffi::CStr;
 use std::str;
@@ -61,8 +62,7 @@ impl Nid {
     }
 
     /// Returns the `Nid`s of the digest and public key algorithms associated with a signature ID.
-    ///
+    #[corresponds(OBJ_find_sigid_algs)]
-    /// This corresponds to `OBJ_find_sigid_algs`.
     #[allow(clippy::trivially_copy_pass_by_ref)]
     pub fn signature_algorithms(&self) -> Option<SignatureAlgorithms> {
         unsafe {
@@ -80,9 +80,7 @@ impl Nid {
     }
 
     /// Return the string representation of a `Nid` (long)
-    /// This corresponds to [`OBJ_nid2ln`]
+    #[corresponds(OBJ_nid2ln)]
-    ///
-    /// [`OBJ_nid2ln`]: https://www.openssl.org/docs/man1.1.0/crypto/OBJ_nid2ln.html
     #[allow(clippy::trivially_copy_pass_by_ref)]
     pub fn long_name(&self) -> Result<&'static str, ErrorStack> {
         unsafe {
@@ -92,9 +90,7 @@ impl Nid {
     }
 
     /// Return the string representation of a `Nid` (short)
-    /// This corresponds to [`OBJ_nid2sn`]
+    #[corresponds(OBJ_nid2sn)]
-    ///
-    /// [`OBJ_nid2sn`]: https://www.openssl.org/docs/man1.1.0/crypto/OBJ_nid2sn.html
     #[allow(clippy::trivially_copy_pass_by_ref)]
     pub fn short_name(&self) -> Result<&'static str, ErrorStack> {
         unsafe {

boring/src/pkcs12.rs

@@ -3,6 +3,7 @@
 use crate::ffi;
 use foreign_types::{ForeignType, ForeignTypeRef};
 use libc::c_int;
+use openssl_macros::corresponds;
 use std::ffi::CString;
 use std::ptr;
 
@@ -25,10 +26,7 @@ foreign_type_and_impl_send_sync! {
 impl Pkcs12Ref {
     to_der! {
         /// Serializes the `Pkcs12` to its standard DER encoding.
-        ///
+        #[corresponds(i2d_PKCS12)]
-        /// This corresponds to [`i2d_PKCS12`].
-        ///
-        /// [`i2d_PKCS12`]: https://www.openssl.org/docs/manmaster/man3/i2d_PKCS12.html
         to_der,
         ffi::i2d_PKCS12
     }
@@ -67,10 +65,7 @@ impl Pkcs12Ref {
 impl Pkcs12 {
     from_der! {
         /// Deserializes a DER-encoded PKCS#12 archive.
-        ///
+        #[corresponds(d2i_PKCS12)]
-        /// This corresponds to [`d2i_PKCS12`].
-        ///
-        /// [`d2i_PKCS12`]: https://www.openssl.org/docs/man1.1.0/crypto/d2i_PKCS12.html
         from_der,
         Pkcs12,
         ffi::d2i_PKCS12,

boring/src/pkey.rs

@@ -43,6 +43,7 @@
 use crate::ffi;
 use foreign_types::{ForeignType, ForeignTypeRef};
 use libc::{c_int, c_long};
+use openssl_macros::corresponds;
 use std::ffi::CString;
 use std::fmt;
 use std::mem;
@@ -138,10 +139,7 @@ impl<T> ToOwned for PKeyRef<T> {
 
 impl<T> PKeyRef<T> {
     /// Returns a copy of the internal RSA key.
-    ///
+    #[corresponds(EVP_PKEY_get1_RSA)]
-    /// This corresponds to [`EVP_PKEY_get1_RSA`].
-    ///
-    /// [`EVP_PKEY_get1_RSA`]: https://www.openssl.org/docs/man1.1.0/crypto/EVP_PKEY_get1_RSA.html
     pub fn rsa(&self) -> Result<Rsa<T>, ErrorStack> {
         unsafe {
             let rsa = cvt_p(ffi::EVP_PKEY_get1_RSA(self.as_ptr()))?;
@@ -150,10 +148,7 @@ impl<T> PKeyRef<T> {
     }
 
     /// Returns a copy of the internal DSA key.
-    ///
+    #[corresponds(EVP_PKEY_get1_DSA)]
-    /// This corresponds to [`EVP_PKEY_get1_DSA`].
-    ///
-    /// [`EVP_PKEY_get1_DSA`]: https://www.openssl.org/docs/man1.1.0/crypto/EVP_PKEY_get1_DSA.html
     pub fn dsa(&self) -> Result<Dsa<T>, ErrorStack> {
         unsafe {
             let dsa = cvt_p(ffi::EVP_PKEY_get1_DSA(self.as_ptr()))?;
@@ -162,10 +157,7 @@ impl<T> PKeyRef<T> {
     }
 
     /// Returns a copy of the internal DH key.
-    ///
+    #[corresponds(EVP_PKEY_get1_DH)]
-    /// This corresponds to [`EVP_PKEY_get1_DH`].
-    ///
-    /// [`EVP_PKEY_get1_DH`]: https://www.openssl.org/docs/man1.1.0/crypto/EVP_PKEY_get1_DH.html
     pub fn dh(&self) -> Result<Dh<T>, ErrorStack> {
         unsafe {
             let dh = cvt_p(ffi::EVP_PKEY_get1_DH(self.as_ptr()))?;
@@ -174,10 +166,7 @@ impl<T> PKeyRef<T> {
     }
 
     /// Returns a copy of the internal elliptic curve key.
-    ///
+    #[corresponds(EVP_PKEY_get1_EC_KEY)]
-    /// This corresponds to [`EVP_PKEY_get1_EC_KEY`].
-    ///
-    /// [`EVP_PKEY_get1_EC_KEY`]: https://www.openssl.org/docs/man1.1.0/crypto/EVP_PKEY_get1_EC_KEY.html
     pub fn ec_key(&self) -> Result<EcKey<T>, ErrorStack> {
         unsafe {
             let ec_key = cvt_p(ffi::EVP_PKEY_get1_EC_KEY(self.as_ptr()))?;
@@ -186,19 +175,13 @@ impl<T> PKeyRef<T> {
     }
 
     /// Returns the `Id` that represents the type of this key.
-    ///
+    #[corresponds(EVP_PKEY_id)]
-    /// This corresponds to [`EVP_PKEY_id`].
-    ///
-    /// [`EVP_PKEY_id`]: https://www.openssl.org/docs/man1.1.0/crypto/EVP_PKEY_id.html
     pub fn id(&self) -> Id {
         unsafe { Id::from_raw(ffi::EVP_PKEY_id(self.as_ptr())) }
     }
 
     /// Returns the maximum size of a signature in bytes.
-    ///
+    #[corresponds(EVP_PKEY_size)]
-    /// This corresponds to [`EVP_PKEY_size`].
-    ///
-    /// [`EVP_PKEY_size`]: https://www.openssl.org/docs/man1.1.1/man3/EVP_PKEY_size.html
     pub fn size(&self) -> usize {
         unsafe { ffi::EVP_PKEY_size(self.as_ptr()) as usize }
     }
@@ -212,20 +195,14 @@ where
         /// Serializes the public key into a PEM-encoded SubjectPublicKeyInfo structure.
         ///
         /// The output will have a header of `-----BEGIN PUBLIC KEY-----`.
-        ///
+        #[corresponds(PEM_write_bio_PUBKEY)]
-        /// This corresponds to [`PEM_write_bio_PUBKEY`].
-        ///
-        /// [`PEM_write_bio_PUBKEY`]: https://www.openssl.org/docs/man1.1.0/crypto/PEM_write_bio_PUBKEY.html
         public_key_to_pem,
         ffi::PEM_write_bio_PUBKEY
     }
 
     to_der! {
         /// Serializes the public key into a DER-encoded SubjectPublicKeyInfo structure.
-        ///
+        #[corresponds(i2d_PUBKEY)]
-        /// This corresponds to [`i2d_PUBKEY`].
-        ///
-        /// [`i2d_PUBKEY`]: https://www.openssl.org/docs/man1.1.0/crypto/i2d_PUBKEY.html
         public_key_to_der,
         ffi::i2d_PUBKEY
     }
@@ -255,28 +232,19 @@ where
         /// Serializes the private key to a PEM-encoded PKCS#8 PrivateKeyInfo structure.
         ///
         /// The output will have a header of `-----BEGIN PRIVATE KEY-----`.
-        ///
+        #[corresponds(PEM_write_bio_PKCS8PrivateKey)]
-        /// This corresponds to [`PEM_write_bio_PKCS8PrivateKey`].
-        ///
-        /// [`PEM_write_bio_PKCS8PrivateKey`]: https://www.openssl.org/docs/man1.0.2/crypto/PEM_write_bio_PKCS8PrivateKey.html
         private_key_to_pem_pkcs8,
         /// Serializes the private key to a PEM-encoded PKCS#8 EncryptedPrivateKeyInfo structure.
         ///
         /// The output will have a header of `-----BEGIN ENCRYPTED PRIVATE KEY-----`.
-        ///
+        #[corresponds(PEM_write_bio_PKCS8PrivateKey)]
-        /// This corresponds to [`PEM_write_bio_PKCS8PrivateKey`].
-        ///
-        /// [`PEM_write_bio_PKCS8PrivateKey`]: https://www.openssl.org/docs/man1.0.2/crypto/PEM_write_bio_PKCS8PrivateKey.html
         private_key_to_pem_pkcs8_passphrase,
         ffi::PEM_write_bio_PKCS8PrivateKey
     }
 
     to_der! {
         /// Serializes the private key to a DER-encoded key type specific format.
-        ///
+        #[corresponds(i2d_PrivateKey)]
-        /// This corresponds to [`i2d_PrivateKey`].
-        ///
-        /// [`i2d_PrivateKey`]: https://www.openssl.org/docs/man1.0.2/crypto/i2d_PrivateKey.html
         private_key_to_der,
         ffi::i2d_PrivateKey
     }
@@ -285,16 +253,10 @@ where
     // "identical to the corresponding PEM function", and it's declared in pem.h.
     private_key_to_pem! {
         /// Serializes the private key to a DER-encoded PKCS#8 PrivateKeyInfo structure.
-        ///
+        #[corresponds(i2d_PKCS8PrivateKey_bio)]
-        /// This corresponds to [`i2d_PKCS8PrivateKey_bio`].
-        ///
-        /// [`i2d_PKCS8PrivateKey_bio`]: https://www.openssl.org/docs/man1.1.1/man3/i2d_PKCS8PrivateKey_bio.html
         private_key_to_der_pkcs8,
         /// Serializes the private key to a DER-encoded PKCS#8 EncryptedPrivateKeyInfo structure.
-        ///
+        #[corresponds(i2d_PKCS8PrivateKey_bio)]
-        /// This corresponds to [`i2d_PKCS8PrivateKey_bio`].
-        ///
-        /// [`i2d_PKCS8PrivateKey_bio`]: https://www.openssl.org/docs/man1.1.1/man3/i2d_PKCS8PrivateKey_bio.html
         private_key_to_der_pkcs8_passphrase,
         ffi::i2d_PKCS8PrivateKey_bio
     }
@@ -325,10 +287,7 @@ impl<T> Clone for PKey<T> {
 
 impl<T> PKey<T> {
     /// Creates a new `PKey` containing an RSA key.
-    ///
+    #[corresponds(EVP_PKEY_assign_RSA)]
-    /// This corresponds to [`EVP_PKEY_assign_RSA`].
-    ///
-    /// [`EVP_PKEY_assign_RSA`]: https://www.openssl.org/docs/man1.1.0/crypto/EVP_PKEY_assign_RSA.html
     pub fn from_rsa(rsa: Rsa<T>) -> Result<PKey<T>, ErrorStack> {
         unsafe {
             let evp = cvt_p(ffi::EVP_PKEY_new())?;
@@ -344,10 +303,7 @@ impl<T> PKey<T> {
     }
 
     /// Creates a new `PKey` containing an elliptic curve key.
-    ///
+    #[corresponds(EVP_PKEY_assign_EC_KEY)]
-    /// This corresponds to [`EVP_PKEY_assign_EC_KEY`].
-    ///
-    /// [`EVP_PKEY_assign_EC_KEY`]: https://www.openssl.org/docs/man1.1.0/crypto/EVP_PKEY_assign_EC_KEY.html
     pub fn from_ec_key(ec_key: EcKey<T>) -> Result<PKey<T>, ErrorStack> {
         unsafe {
             let evp = cvt_p(ffi::EVP_PKEY_new())?;
@@ -366,26 +322,17 @@ impl<T> PKey<T> {
 impl PKey<Private> {
     private_key_from_pem! {
         /// Deserializes a private key from a PEM-encoded key type specific format.
-        ///
+        #[corresponds(PEM_read_bio_PrivateKey)]
-        /// This corresponds to [`PEM_read_bio_PrivateKey`].
-        ///
-        /// [`PEM_read_bio_PrivateKey`]: https://www.openssl.org/docs/man1.1.0/crypto/PEM_read_bio_PrivateKey.html
         private_key_from_pem,
 
         /// Deserializes a private key from a PEM-encoded encrypted key type specific format.
-        ///
+        #[corresponds(PEM_read_bio_PrivateKey)]
-        /// This corresponds to [`PEM_read_bio_PrivateKey`].
-        ///
-        /// [`PEM_read_bio_PrivateKey`]: https://www.openssl.org/docs/man1.1.0/crypto/PEM_read_bio_PrivateKey.html
         private_key_from_pem_passphrase,
 
         /// Deserializes a private key from a PEM-encoded encrypted key type specific format.
         ///
         /// The callback should fill the password into the provided buffer and return its length.
-        ///
+        #[corresponds(PEM_read_bio_PrivateKey)]
-        /// This corresponds to [`PEM_read_bio_PrivateKey`].
-        ///
-        /// [`PEM_read_bio_PrivateKey`]: https://www.openssl.org/docs/man1.1.0/crypto/PEM_read_bio_PrivateKey.html
         private_key_from_pem_callback,
         PKey<Private>,
         ffi::PEM_read_bio_PrivateKey
@@ -397,10 +344,7 @@ impl PKey<Private> {
         /// This function will automatically attempt to detect the underlying key format, and
         /// supports the unencrypted PKCS#8 PrivateKeyInfo structures as well as key type specific
         /// formats.
-        ///
+        #[corresponds(d2i_AutoPrivateKey)]
-        /// This corresponds to [`d2i_AutoPrivateKey`].
-        ///
-        /// [`d2i_AutoPrivateKey`]: https://www.openssl.org/docs/man1.0.2/crypto/d2i_AutoPrivateKey.html
         private_key_from_der,
         PKey<Private>,
         ffi::d2i_AutoPrivateKey,
@@ -481,10 +425,7 @@ impl PKey<Public> {
         /// Decodes a PEM-encoded SubjectPublicKeyInfo structure.
         ///
         /// The input should have a header of `-----BEGIN PUBLIC KEY-----`.
-        ///
+        #[corresponds(PEM_read_bio_PUBKEY)]
-        /// This corresponds to [`PEM_read_bio_PUBKEY`].
-        ///
-        /// [`PEM_read_bio_PUBKEY`]: https://www.openssl.org/docs/man1.0.2/crypto/PEM_read_bio_PUBKEY.html
         public_key_from_pem,
         PKey<Public>,
         ffi::PEM_read_bio_PUBKEY
@@ -492,10 +433,7 @@ impl PKey<Public> {
 
     from_der! {
         /// Decodes a DER-encoded SubjectPublicKeyInfo structure.
-        ///
+        #[corresponds(d2i_PUBKEY)]
-        /// This corresponds to [`d2i_PUBKEY`].
-        ///
-        /// [`d2i_PUBKEY`]: https://www.openssl.org/docs/man1.1.0/crypto/d2i_PUBKEY.html
         public_key_from_der,
         PKey<Public>,
         ffi::d2i_PUBKEY,

boring/src/rsa.rs

@@ -26,6 +26,7 @@
 use crate::ffi;
 use foreign_types::{ForeignType, ForeignTypeRef};
 use libc::c_int;
+use openssl_macros::corresponds;
 use std::fmt;
 use std::mem;
 use std::ptr;
@@ -113,28 +114,19 @@ where
         /// Serializes the private key to a PEM-encoded PKCS#1 RSAPrivateKey structure.
         ///
         /// The output will have a header of `-----BEGIN RSA PRIVATE KEY-----`.
-        ///
+        #[corresponds(PEM_write_bio_RSAPrivateKey)]
-        /// This corresponds to [`PEM_write_bio_RSAPrivateKey`].
-        ///
-        /// [`PEM_write_bio_RSAPrivateKey`]: https://www.openssl.org/docs/man1.1.0/crypto/PEM_write_bio_RSAPrivateKey.html
         private_key_to_pem,
         /// Serializes the private key to a PEM-encoded encrypted PKCS#1 RSAPrivateKey structure.
         ///
         /// The output will have a header of `-----BEGIN RSA PRIVATE KEY-----`.
-        ///
+        #[corresponds(PEM_write_bio_RSAPrivateKey)]
-        /// This corresponds to [`PEM_write_bio_RSAPrivateKey`].
-        ///
-        /// [`PEM_write_bio_RSAPrivateKey`]: https://www.openssl.org/docs/man1.1.0/crypto/PEM_write_bio_RSAPrivateKey.html
         private_key_to_pem_passphrase,
         ffi::PEM_write_bio_RSAPrivateKey
     }
 
     to_der! {
         /// Serializes the private key to a DER-encoded PKCS#1 RSAPrivateKey structure.
-        ///
+        #[corresponds(i2d_RSAPrivateKey)]
-        /// This corresponds to [`i2d_RSAPrivateKey`].
-        ///
-        /// [`i2d_RSAPrivateKey`]: https://www.openssl.org/docs/man1.0.2/crypto/i2d_RSAPrivateKey.html
         private_key_to_der,
         ffi::i2d_RSAPrivateKey
     }
@@ -194,10 +186,7 @@ where
     }
 
     /// Returns a reference to the private exponent of the key.
-    ///
+    #[corresponds(RSA_get0_key)]
-    /// This corresponds to [`RSA_get0_key`].
-    ///
-    /// [`RSA_get0_key`]: https://www.openssl.org/docs/man1.1.0/crypto/RSA_get0_key.html
     pub fn d(&self) -> &BigNumRef {
         unsafe {
             let mut d = ptr::null();
@@ -207,10 +196,7 @@ where
     }
 
     /// Returns a reference to the first factor of the exponent of the key.
-    ///
+    #[corresponds(RSA_get0_factors)]
-    /// This corresponds to [`RSA_get0_factors`].
-    ///
-    /// [`RSA_get0_factors`]: https://www.openssl.org/docs/man1.1.0/crypto/RSA_get0_key.html
     pub fn p(&self) -> Option<&BigNumRef> {
         unsafe {
             let mut p = ptr::null();
@@ -224,10 +210,7 @@ where
     }
 
     /// Returns a reference to the second factor of the exponent of the key.
-    ///
+    #[corresponds(RSA_get0_factors)]
-    /// This corresponds to [`RSA_get0_factors`].
-    ///
-    /// [`RSA_get0_factors`]: https://www.openssl.org/docs/man1.1.0/crypto/RSA_get0_key.html
     pub fn q(&self) -> Option<&BigNumRef> {
         unsafe {
             let mut q = ptr::null();
@@ -241,10 +224,7 @@ where
     }
 
     /// Returns a reference to the first exponent used for CRT calculations.
-    ///
+    #[corresponds(RSA_get0_crt_params)]
-    /// This corresponds to [`RSA_get0_crt_params`].
-    ///
-    /// [`RSA_get0_crt_params`]: https://www.openssl.org/docs/man1.1.0/crypto/RSA_get0_key.html
     pub fn dmp1(&self) -> Option<&BigNumRef> {
         unsafe {
             let mut dp = ptr::null();
@@ -258,10 +238,7 @@ where
     }
 
     /// Returns a reference to the second exponent used for CRT calculations.
-    ///
+    #[corresponds(RSA_get0_crt_params)]
-    /// This corresponds to [`RSA_get0_crt_params`].
-    ///
-    /// [`RSA_get0_crt_params`]: https://www.openssl.org/docs/man1.1.0/crypto/RSA_get0_key.html
     pub fn dmq1(&self) -> Option<&BigNumRef> {
         unsafe {
             let mut dq = ptr::null();
@@ -275,10 +252,7 @@ where
     }
 
     /// Returns a reference to the coefficient used for CRT calculations.
-    ///
+    #[corresponds(RSA_get0_crt_params)]
-    /// This corresponds to [`RSA_get0_crt_params`].
-    ///
-    /// [`RSA_get0_crt_params`]: https://www.openssl.org/docs/man1.1.0/crypto/RSA_get0_key.html
     pub fn iqmp(&self) -> Option<&BigNumRef> {
         unsafe {
             let mut qi = ptr::null();
@@ -292,10 +266,7 @@ where
     }
 
     /// Validates RSA parameters for correctness
-    ///
+    #[corresponds(RSA_check_key)]
-    /// This corresponds to [`RSA_check_key`].
-    ///
-    /// [`RSA_check_key`]: https://www.openssl.org/docs/man1.1.0/crypto/RSA_check_key.html
     #[allow(clippy::unnecessary_cast)]
     pub fn check_key(&self) -> Result<bool, ErrorStack> {
         unsafe {
@@ -317,20 +288,14 @@ where
         /// Serializes the public key into a PEM-encoded SubjectPublicKeyInfo structure.
         ///
         /// The output will have a header of `-----BEGIN PUBLIC KEY-----`.
-        ///
+        #[corresponds(PEM_write_bio_RSA_PUBKEY)]
-        /// This corresponds to [`PEM_write_bio_RSA_PUBKEY`].
-        ///
-        /// [`PEM_write_bio_RSA_PUBKEY`]: https://www.openssl.org/docs/man1.0.2/crypto/pem.html
         public_key_to_pem,
         ffi::PEM_write_bio_RSA_PUBKEY
     }
 
     to_der! {
         /// Serializes the public key into a DER-encoded SubjectPublicKeyInfo structure.
-        ///
+        #[corresponds(i2d_RSA_PUBKEY)]
-        /// This corresponds to [`i2d_RSA_PUBKEY`].
-        ///
-        /// [`i2d_RSA_PUBKEY`]: https://www.openssl.org/docs/man1.1.0/crypto/i2d_RSA_PUBKEY.html
         public_key_to_der,
         ffi::i2d_RSA_PUBKEY
     }
@@ -339,29 +304,20 @@ where
         /// Serializes the public key into a PEM-encoded PKCS#1 RSAPublicKey structure.
         ///
         /// The output will have a header of `-----BEGIN RSA PUBLIC KEY-----`.
-        ///
+        #[corresponds(PEM_write_bio_RSAPublicKey)]
-        /// This corresponds to [`PEM_write_bio_RSAPublicKey`].
-        ///
-        /// [`PEM_write_bio_RSAPublicKey`]: https://www.openssl.org/docs/man1.0.2/crypto/pem.html
         public_key_to_pem_pkcs1,
         ffi::PEM_write_bio_RSAPublicKey
     }
 
     to_der! {
         /// Serializes the public key into a DER-encoded PKCS#1 RSAPublicKey structure.
-        ///
+        #[corresponds(i2d_RSAPublicKey)]
-        /// This corresponds to [`i2d_RSAPublicKey`].
-        ///
-        /// [`i2d_RSAPublicKey`]: https://www.openssl.org/docs/man1.0.2/crypto/i2d_RSAPublicKey.html
         public_key_to_der_pkcs1,
         ffi::i2d_RSAPublicKey
     }
 
     /// Returns the size of the modulus in bytes.
-    ///
+    #[corresponds(RSA_size)]
-    /// This corresponds to [`RSA_size`].
-    ///
-    /// [`RSA_size`]: https://www.openssl.org/docs/man1.1.0/crypto/RSA_size.html
     #[allow(clippy::unnecessary_cast)]
     pub fn size(&self) -> u32 {
         unsafe { ffi::RSA_size(self.as_ptr()) as u32 }
@@ -420,10 +376,7 @@ where
     }
 
     /// Returns a reference to the modulus of the key.
-    ///
+    #[corresponds(RSA_get0_key)]
-    /// This corresponds to [`RSA_get0_key`].
-    ///
-    /// [`RSA_get0_key`]: https://www.openssl.org/docs/man1.1.0/crypto/RSA_get0_key.html
     pub fn n(&self) -> &BigNumRef {
         unsafe {
             let mut n = ptr::null();
@@ -433,10 +386,7 @@ where
     }
 
     /// Returns a reference to the public exponent of the key.
-    ///
+    #[corresponds(RSA_get0_key)]
-    /// This corresponds to [`RSA_get0_key`].
-    ///
-    /// [`RSA_get0_key`]: https://www.openssl.org/docs/man1.1.0/crypto/RSA_get0_key.html
     pub fn e(&self) -> &BigNumRef {
         unsafe {
             let mut e = ptr::null();
@@ -451,10 +401,7 @@ impl Rsa<Public> {
     ///
     /// `n` is the modulus common to both public and private key.
     /// `e` is the public exponent.
-    ///
+    #[corresponds(RSA_new)]
-    /// This corresponds to [`RSA_new`] and uses [`RSA_set0_key`].
-    ///
-    /// [`RSA_new`]: https://www.openssl.org/docs/man1.1.0/crypto/RSA_new.html
     /// [`RSA_set0_key`]: https://www.openssl.org/docs/man1.1.0/crypto/RSA_set0_key.html
     pub fn from_public_components(n: BigNum, e: BigNum) -> Result<Rsa<Public>, ErrorStack> {
         unsafe {
@@ -469,10 +416,7 @@ impl Rsa<Public> {
         /// Decodes a PEM-encoded SubjectPublicKeyInfo structure containing an RSA key.
         ///
         /// The input should have a header of `-----BEGIN PUBLIC KEY-----`.
-        ///
+        #[corresponds(PEM_read_bio_RSA_PUBKEY)]
-        /// This corresponds to [`PEM_read_bio_RSA_PUBKEY`].
-        ///
-        /// [`PEM_read_bio_RSA_PUBKEY`]: https://www.openssl.org/docs/man1.0.2/crypto/PEM_read_bio_RSA_PUBKEY.html
         public_key_from_pem,
         Rsa<Public>,
         ffi::PEM_read_bio_RSA_PUBKEY
@@ -482,10 +426,7 @@ impl Rsa<Public> {
         /// Decodes a PEM-encoded PKCS#1 RSAPublicKey structure.
         ///
         /// The input should have a header of `-----BEGIN RSA PUBLIC KEY-----`.
-        ///
+        #[corresponds(PEM_read_bio_RSAPublicKey)]
-        /// This corresponds to [`PEM_read_bio_RSAPublicKey`].
-        ///
-        /// [`PEM_read_bio_RSAPublicKey`]: https://www.openssl.org/docs/man1.0.2/crypto/PEM_read_bio_RSAPublicKey.html
         public_key_from_pem_pkcs1,
         Rsa<Public>,
         ffi::PEM_read_bio_RSAPublicKey
@@ -493,10 +434,7 @@ impl Rsa<Public> {
 
     from_der! {
         /// Decodes a DER-encoded SubjectPublicKeyInfo structure containing an RSA key.
-        ///
+        #[corresponds(d2i_RSA_PUBKEY)]
-        /// This corresponds to [`d2i_RSA_PUBKEY`].
-        ///
-        /// [`d2i_RSA_PUBKEY`]: https://www.openssl.org/docs/man1.0.2/crypto/d2i_RSA_PUBKEY.html
         public_key_from_der,
         Rsa<Public>,
         ffi::d2i_RSA_PUBKEY,
@@ -505,10 +443,7 @@ impl Rsa<Public> {
 
     from_der! {
         /// Decodes a DER-encoded PKCS#1 RSAPublicKey structure.
-        ///
+        #[corresponds(d2i_RSAPublicKey)]
-        /// This corresponds to [`d2i_RSAPublicKey`].
-        ///
-        /// [`d2i_RSAPublicKey`]: https://www.openssl.org/docs/man1.0.2/crypto/d2i_RSA_PUBKEY.html
         public_key_from_der_pkcs1,
         Rsa<Public>,
         ffi::d2i_RSAPublicKey,
@@ -525,10 +460,7 @@ impl RsaPrivateKeyBuilder {
     ///
     /// `n` is the modulus common to both public and private key.
     /// `e` is the public exponent and `d` is the private exponent.
-    ///
+    #[corresponds(RSA_new)]
-    /// This corresponds to [`RSA_new`] and uses [`RSA_set0_key`].
-    ///
-    /// [`RSA_new`]: https://www.openssl.org/docs/man1.1.0/crypto/RSA_new.html
     /// [`RSA_set0_key`]: https://www.openssl.org/docs/man1.1.0/crypto/RSA_set0_key.html
     pub fn new(n: BigNum, e: BigNum, d: BigNum) -> Result<RsaPrivateKeyBuilder, ErrorStack> {
         unsafe {
@@ -545,10 +477,8 @@ impl RsaPrivateKeyBuilder {
     ///
     /// `p` and `q` are the first and second factors of `n`.
     ///
-    /// This correspond to [`RSA_set0_factors`].
-    ///
-    /// [`RSA_set0_factors`]: https://www.openssl.org/docs/man1.1.0/crypto/RSA_set0_factors.html
     // FIXME should be infallible
+    #[corresponds(RSA_set0_factors)]
     pub fn set_factors(self, p: BigNum, q: BigNum) -> Result<RsaPrivateKeyBuilder, ErrorStack> {
         unsafe {
             RSA_set0_factors(self.rsa.as_ptr(), p.as_ptr(), q.as_ptr());
@@ -562,10 +492,8 @@ impl RsaPrivateKeyBuilder {
     /// `dmp1`, `dmq1`, and `iqmp` are the exponents and coefficient for
     /// CRT calculations which is used to speed up RSA operations.
     ///
-    /// This correspond to [`RSA_set0_crt_params`].
-    ///
-    /// [`RSA_set0_crt_params`]: https://www.openssl.org/docs/man1.1.0/crypto/RSA_set0_crt_params.html
     // FIXME should be infallible
+    #[corresponds(RSA_set0_crt_params)]
     pub fn set_crt_params(
         self,
         dmp1: BigNum,
@@ -615,10 +543,7 @@ impl Rsa<Private> {
     /// Generates a public/private key pair with the specified size.
     ///
     /// The public exponent will be 65537.
-    ///
+    #[corresponds(RSA_generate_key_ex)]
-    /// This corresponds to [`RSA_generate_key_ex`].
-    ///
-    /// [`RSA_generate_key_ex`]: https://www.openssl.org/docs/man1.1.0/crypto/RSA_generate_key_ex.html
     pub fn generate(bits: u32) -> Result<Rsa<Private>, ErrorStack> {
         let e = BigNum::from_u32(ffi::RSA_F4 as u32)?;
         Rsa::generate_with_e(bits, &e)
@@ -627,10 +552,7 @@ impl Rsa<Private> {
     /// Generates a public/private key pair with the specified size and a custom exponent.
     ///
     /// Unless you have specific needs and know what you're doing, use `Rsa::generate` instead.
-    ///
+    #[corresponds(RSA_generate_key_ex)]
-    /// This corresponds to [`RSA_generate_key_ex`].
-    ///
-    /// [`RSA_generate_key_ex`]: https://www.openssl.org/docs/man1.1.0/crypto/RSA_generate_key_ex.html
     pub fn generate_with_e(bits: u32, e: &BigNumRef) -> Result<Rsa<Private>, ErrorStack> {
         unsafe {
             let rsa = Rsa::from_ptr(cvt_p(ffi::RSA_new())?);
@@ -647,26 +569,17 @@ impl Rsa<Private> {
     // FIXME these need to identify input formats
     private_key_from_pem! {
         /// Deserializes a private key from a PEM-encoded PKCS#1 RSAPrivateKey structure.
-        ///
+        #[corresponds(PEM_read_bio_RSAPrivateKey)]
-        /// This corresponds to [`PEM_read_bio_RSAPrivateKey`].
-        ///
-        /// [`PEM_read_bio_RSAPrivateKey`]: https://www.openssl.org/docs/man1.1.0/crypto/PEM_read_bio_RSAPrivateKey.html
         private_key_from_pem,
 
         /// Deserializes a private key from a PEM-encoded encrypted PKCS#1 RSAPrivateKey structure.
-        ///
+        #[corresponds(PEM_read_bio_RSAPrivateKey)]
-        /// This corresponds to [`PEM_read_bio_RSAPrivateKey`].
-        ///
-        /// [`PEM_read_bio_RSAPrivateKey`]: https://www.openssl.org/docs/man1.1.0/crypto/PEM_read_bio_RSAPrivateKey.html
         private_key_from_pem_passphrase,
 
         /// Deserializes a private key from a PEM-encoded encrypted PKCS#1 RSAPrivateKey structure.
         ///
         /// The callback should fill the password into the provided buffer and return its length.
-        ///
+        #[corresponds(PEM_read_bio_RSAPrivateKey)]
-        /// This corresponds to [`PEM_read_bio_RSAPrivateKey`].
-        ///
-        /// [`PEM_read_bio_RSAPrivateKey`]: https://www.openssl.org/docs/man1.1.0/crypto/PEM_read_bio_RSAPrivateKey.html
         private_key_from_pem_callback,
         Rsa<Private>,
         ffi::PEM_read_bio_RSAPrivateKey
@@ -674,10 +587,7 @@ impl Rsa<Private> {
 
     from_der! {
         /// Decodes a DER-encoded PKCS#1 RSAPrivateKey structure.
-        ///
+        #[corresponds(d2i_RSAPrivateKey)]
-        /// This corresponds to [`d2i_RSAPrivateKey`].
-        ///
-        /// [`d2i_RSAPrivateKey`]: https://www.openssl.org/docs/man1.0.2/crypto/d2i_RSA_PUBKEY.html
         private_key_from_der,
         Rsa<Private>,
         ffi::d2i_RSAPrivateKey,

boring/src/sign.rs

@@ -37,6 +37,7 @@
 use crate::ffi;
 use foreign_types::ForeignTypeRef;
 use libc::c_int;
+use openssl_macros::corresponds;
 use std::io::{self, Write};
 use std::marker::PhantomData;
 use std::ptr;
@@ -96,10 +97,7 @@ impl<'a> Signer<'a> {
     ///
     /// This cannot be used with Ed25519 or Ed448 keys. Please refer to
     /// `new_without_digest`.
-    ///
+    #[corresponds(EVP_DigestSignInit)]
-    /// OpenSSL documentation at [`EVP_DigestSignInit`].
-    ///
-    /// [`EVP_DigestSignInit`]: https://www.openssl.org/docs/manmaster/man3/EVP_DigestSignInit.html
     pub fn new<T>(type_: MessageDigest, pkey: &'a PKeyRef<T>) -> Result<Signer<'a>, ErrorStack>
     where
         T: HasPrivate,
@@ -111,10 +109,7 @@ impl<'a> Signer<'a> {
     ///
     /// This is the only way to create a `Verifier` for Ed25519 or Ed448 keys.
     /// It can also be used to create a CMAC.
-    ///
+    #[corresponds(EVP_DigestSignInit)]
-    /// OpenSSL documentation at [`EVP_DigestSignInit`].
-    ///
-    /// [`EVP_DigestSignInit`]: https://www.openssl.org/docs/manmaster/man3/EVP_DigestSignInit.html
     pub fn new_without_digest<T>(pkey: &'a PKeyRef<T>) -> Result<Signer<'a>, ErrorStack>
     where
         T: HasPrivate,
@@ -159,8 +154,7 @@ impl<'a> Signer<'a> {
     /// Returns the RSA padding mode in use.
     ///
     /// This is only useful for RSA keys.
-    ///
+    #[corresponds(EVP_PKEY_CTX_get_rsa_padding)]
-    /// This corresponds to `EVP_PKEY_CTX_get_rsa_padding`.
     pub fn rsa_padding(&self) -> Result<Padding, ErrorStack> {
         unsafe {
             let mut pad = 0;
@@ -172,10 +166,7 @@ impl<'a> Signer<'a> {
     /// Sets the RSA padding mode.
     ///
     /// This is only useful for RSA keys.
-    ///
+    #[corresponds(EVP_PKEY_CTX_set_rsa_padding)]
-    /// This corresponds to [`EVP_PKEY_CTX_set_rsa_padding`].
-    ///
-    /// [`EVP_PKEY_CTX_set_rsa_padding`]: https://www.openssl.org/docs/man1.1.0/crypto/EVP_PKEY_CTX_set_rsa_padding.html
     pub fn set_rsa_padding(&mut self, padding: Padding) -> Result<(), ErrorStack> {
         unsafe {
             cvt(ffi::EVP_PKEY_CTX_set_rsa_padding(
@@ -189,10 +180,7 @@ impl<'a> Signer<'a> {
     /// Sets the RSA PSS salt length.
     ///
     /// This is only useful for RSA keys.
-    ///
+    #[corresponds(EVP_PKEY_CTX_set_rsa_pss_saltlen)]
-    /// This corresponds to [`EVP_PKEY_CTX_set_rsa_pss_saltlen`].
-    ///
-    /// [`EVP_PKEY_CTX_set_rsa_pss_saltlen`]: https://www.openssl.org/docs/man1.1.0/crypto/EVP_PKEY_CTX_set_rsa_pss_saltlen.html
     pub fn set_rsa_pss_saltlen(&mut self, len: RsaPssSaltlen) -> Result<(), ErrorStack> {
         unsafe {
             cvt(ffi::EVP_PKEY_CTX_set_rsa_pss_saltlen(
@@ -206,10 +194,7 @@ impl<'a> Signer<'a> {
     /// Sets the RSA MGF1 algorithm.
     ///
     /// This is only useful for RSA keys.
-    ///
+    #[corresponds(EVP_PKEY_CTX_set_rsa_mgf1_md)]
-    /// This corresponds to [`EVP_PKEY_CTX_set_rsa_mgf1_md`].
-    ///
-    /// [`EVP_PKEY_CTX_set_rsa_mgf1_md`]: https://www.openssl.org/docs/manmaster/man7/RSA-PSS.html
     pub fn set_rsa_mgf1_md(&mut self, md: MessageDigest) -> Result<(), ErrorStack> {
         unsafe {
             cvt(ffi::EVP_PKEY_CTX_set_rsa_mgf1_md(
@@ -224,10 +209,7 @@ impl<'a> Signer<'a> {
     ///
     /// Please note that PureEdDSA (Ed25519 and Ed448 keys) do not support streaming.
     /// Use `sign_oneshot` instead.
-    ///
+    #[corresponds(EVP_DigestUpdate)]
-    /// OpenSSL documentation at [`EVP_DigestUpdate`].
-    ///
-    /// [`EVP_DigestUpdate`]: https://www.openssl.org/docs/manmaster/man3/EVP_DigestInit.html
     pub fn update(&mut self, buf: &[u8]) -> Result<(), ErrorStack> {
         unsafe {
             cvt(ffi::EVP_DigestUpdate(
@@ -243,10 +225,7 @@ impl<'a> Signer<'a> {
     ///
     /// The actual signature may be shorter than this value. Check the return value of
     /// `sign` to get the exact length.
-    ///
+    #[corresponds(EVP_DigestSignFinal)]
-    /// OpenSSL documentation at [`EVP_DigestSignFinal`].
-    ///
-    /// [`EVP_DigestSignFinal`]: https://www.openssl.org/docs/man1.1.0/crypto/EVP_DigestSignFinal.html
     pub fn len(&self) -> Result<usize, ErrorStack> {
         self.len_intern()
     }
@@ -269,10 +248,7 @@ impl<'a> Signer<'a> {
     ///
     /// This method will fail if the buffer is not large enough for the signature. Use the `len`
     /// method to get an upper bound on the required size.
-    ///
+    #[corresponds(EVP_DigestSignFinal)]
-    /// OpenSSL documentation at [`EVP_DigestSignFinal`].
-    ///
-    /// [`EVP_DigestSignFinal`]: https://www.openssl.org/docs/man1.1.0/crypto/EVP_DigestSignFinal.html
     pub fn sign(&self, buf: &mut [u8]) -> Result<usize, ErrorStack> {
         unsafe {
             let mut len = buf.len();
@@ -303,10 +279,7 @@ impl<'a> Signer<'a> {
     ///
     /// This method will fail if the buffer is not large enough for the signature. Use the `len`
     /// method to get an upper bound on the required size.
-    ///
+    #[corresponds(EVP_DigestSign)]
-    /// OpenSSL documentation at [`EVP_DigestSign`].
-    ///
-    /// [`EVP_DigestSign`]: https://www.openssl.org/docs/man1.1.1/man3/EVP_DigestSign.html
     pub fn sign_oneshot(
         &mut self,
         sig_buf: &mut [u8],
@@ -372,10 +345,7 @@ impl<'a> Verifier<'a> {
     ///
     /// This cannot be used with Ed25519 or Ed448 keys. Please refer to
     /// `new_without_digest`.
-    ///
+    #[corresponds(EVP_DigestVerifyInit)]
-    /// OpenSSL documentation at [`EVP_DigestVerifyInit`].
-    ///
-    /// [`EVP_DigestVerifyInit`]: https://www.openssl.org/docs/manmaster/man3/EVP_DigestVerifyInit.html
     pub fn new<T>(type_: MessageDigest, pkey: &'a PKeyRef<T>) -> Result<Verifier<'a>, ErrorStack>
     where
         T: HasPublic,
@@ -386,10 +356,7 @@ impl<'a> Verifier<'a> {
     /// Creates a new `Verifier` without a digest.
     ///
     /// This is the only way to create a `Verifier` for Ed25519 or Ed448 keys.
-    ///
+    #[corresponds(EVP_DigestVerifyInit)]
-    /// OpenSSL documentation at [`EVP_DigestVerifyInit`].
-    ///
-    /// [`EVP_DigestVerifyInit`]: https://www.openssl.org/docs/manmaster/man3/EVP_DigestVerifyInit.html
     pub fn new_without_digest<T>(pkey: &'a PKeyRef<T>) -> Result<Verifier<'a>, ErrorStack>
     where
         T: HasPublic,
@@ -434,8 +401,7 @@ impl<'a> Verifier<'a> {
     /// Returns the RSA padding mode in use.
     ///
     /// This is only useful for RSA keys.
-    ///
+    #[corresponds(EVP_PKEY_CTX_get_rsa_padding)]
-    /// This corresponds to `EVP_PKEY_CTX_get_rsa_padding`.
     pub fn rsa_padding(&self) -> Result<Padding, ErrorStack> {
         unsafe {
             let mut pad = 0;
@@ -447,10 +413,7 @@ impl<'a> Verifier<'a> {
     /// Sets the RSA padding mode.
     ///
     /// This is only useful for RSA keys.
-    ///
+    #[corresponds(EVP_PKEY_CTX_set_rsa_padding)]
-    /// This corresponds to [`EVP_PKEY_CTX_set_rsa_padding`].
-    ///
-    /// [`EVP_PKEY_CTX_set_rsa_padding`]: https://www.openssl.org/docs/man1.1.0/crypto/EVP_PKEY_CTX_set_rsa_padding.html
     pub fn set_rsa_padding(&mut self, padding: Padding) -> Result<(), ErrorStack> {
         unsafe {
             cvt(ffi::EVP_PKEY_CTX_set_rsa_padding(
@@ -464,10 +427,7 @@ impl<'a> Verifier<'a> {
     /// Sets the RSA PSS salt length.
     ///
     /// This is only useful for RSA keys.
-    ///
+    #[corresponds(EVP_PKEY_CTX_set_rsa_pss_saltlen)]
-    /// This corresponds to [`EVP_PKEY_CTX_set_rsa_pss_saltlen`].
-    ///
-    /// [`EVP_PKEY_CTX_set_rsa_pss_saltlen`]: https://www.openssl.org/docs/man1.1.0/crypto/EVP_PKEY_CTX_set_rsa_pss_saltlen.html
     pub fn set_rsa_pss_saltlen(&mut self, len: RsaPssSaltlen) -> Result<(), ErrorStack> {
         unsafe {
             cvt(ffi::EVP_PKEY_CTX_set_rsa_pss_saltlen(
@@ -481,10 +441,7 @@ impl<'a> Verifier<'a> {
     /// Sets the RSA MGF1 algorithm.
     ///
     /// This is only useful for RSA keys.
-    ///
+    #[corresponds(EVP_PKEY_CTX_set_rsa_mgf1_md)]
-    /// This corresponds to [`EVP_PKEY_CTX_set_rsa_mgf1_md`].
-    ///
-    /// [`EVP_PKEY_CTX_set_rsa_mgf1_md`]: https://www.openssl.org/docs/manmaster/man7/RSA-PSS.html
     pub fn set_rsa_mgf1_md(&mut self, md: MessageDigest) -> Result<(), ErrorStack> {
         unsafe {
             cvt(ffi::EVP_PKEY_CTX_set_rsa_mgf1_md(
@@ -499,10 +456,7 @@ impl<'a> Verifier<'a> {
     ///
     /// Please note that PureEdDSA (Ed25519 and Ed448 keys) do not support streaming.
     /// Use `verify_oneshot` instead.
-    ///
+    #[corresponds(EVP_DigestUpdate)]
-    /// OpenSSL documentation at [`EVP_DigestUpdate`].
-    ///
-    /// [`EVP_DigestUpdate`]: https://www.openssl.org/docs/manmaster/man3/EVP_DigestInit.html
     pub fn update(&mut self, buf: &[u8]) -> Result<(), ErrorStack> {
         unsafe {
             cvt(ffi::EVP_DigestUpdate(
@@ -515,10 +469,7 @@ impl<'a> Verifier<'a> {
     }
 
     /// Determines if the data fed into the `Verifier` matches the provided signature.
-    ///
+    #[corresponds(EVP_DigestVerifyFinal)]
-    /// OpenSSL documentation at [`EVP_DigestVerifyFinal`].
-    ///
-    /// [`EVP_DigestVerifyFinal`]: https://www.openssl.org/docs/manmaster/man3/EVP_DigestVerifyFinal.html
     pub fn verify(&self, signature: &[u8]) -> Result<bool, ErrorStack> {
         unsafe {
             let r =
@@ -535,10 +486,7 @@ impl<'a> Verifier<'a> {
     }
 
     /// Determines if the data given in buf matches the provided signature.
-    ///
+    #[corresponds(EVP_DigestVerify)]
-    /// OpenSSL documentation at [`EVP_DigestVerify`].
-    ///
-    /// [`EVP_DigestVerify`]: https://www.openssl.org/docs/man1.1.1/man3/EVP_DigestVerify.html
     pub fn verify_oneshot(&mut self, signature: &[u8], buf: &[u8]) -> Result<bool, ErrorStack> {
         unsafe {
             let r = ffi::EVP_DigestVerify(

boring/src/ssl/mod.rs

@@ -730,10 +730,6 @@ impl SslCurve {
     pub const P256_KYBER768_DRAFT00: SslCurve = SslCurve(ffi::SSL_CURVE_P256_KYBER768_DRAFT00 as _);
 
     /// Returns the curve name
-    ///
-    /// This corresponds to [`SSL_get_curve_name`]
-    ///
-    /// [`SSL_get_curve_name`]: https://commondatastorage.googleapis.com/chromium-boringssl-docs/ssl.h.html#SSL_get_curve_name
     #[corresponds(SSL_get_curve_name)]
     pub fn name(&self) -> Option<&'static str> {
         unsafe {
@@ -808,10 +804,8 @@ impl CompliancePolicy {
 ///
 /// It will select the first protocol supported by the server which is also supported by the client.
 ///
-/// This corresponds to [`SSL_select_next_proto`].
-///
 /// [`SslContextBuilder::set_alpn_protos`]: struct.SslContextBuilder.html#method.set_alpn_protos
-/// [`SSL_select_next_proto`]: https://www.openssl.org/docs/man1.1.0/ssl/SSL_CTX_set_alpn_protos.html
+#[corresponds(SSL_select_next_proto)]
 pub fn select_next_proto<'a>(server: &[u8], client: &'a [u8]) -> Option<&'a [u8]> {
     if server.is_empty() || client.is_empty() {
         return None;
@@ -2244,10 +2238,7 @@ pub struct ClientHello<'ssl>(&'ssl ffi::SSL_CLIENT_HELLO);
 
 impl ClientHello<'_> {
     /// Returns the data of a given extension, if present.
-    ///
+    #[corresponds(SSL_early_callback_ctx_extension_get)]
-    /// This corresponds to [`SSL_early_callback_ctx_extension_get`].
-    ///
-    /// [`SSL_early_callback_ctx_extension_get`]: https://commondatastorage.googleapis.com/chromium-boringssl-docs/ssl.h.html#SSL_early_callback_ctx_extension_get
     pub fn get_extension(&self, ext_type: ExtensionType) -> Option<&[u8]> {
         unsafe {
             let mut ptr = ptr::null();
@@ -2466,10 +2457,7 @@ impl Clone for SslSession {
 impl SslSession {
     from_der! {
         /// Deserializes a DER-encoded session structure.
-        ///
+        #[corresponds(d2i_SSL_SESSION)]
-        /// This corresponds to [`d2i_SSL_SESSION`].
-        ///
-        /// [`d2i_SSL_SESSION`]: https://www.openssl.org/docs/man1.0.2/ssl/d2i_SSL_SESSION.html
         from_der,
         SslSession,
         ffi::d2i_SSL_SESSION,
@@ -2540,10 +2528,7 @@ impl SslSessionRef {
 
     to_der! {
         /// Serializes the session into a DER-encoded structure.
-        ///
+        #[corresponds(i2d_SSL_SESSION)]
-        /// This corresponds to [`i2d_SSL_SESSION`].
-        ///
-        /// [`i2d_SSL_SESSION`]: https://www.openssl.org/docs/man1.0.2/ssl/i2d_SSL_SESSION.html
         to_der,
         ffi::i2d_SSL_SESSION
     }
@@ -2942,10 +2927,7 @@ impl SslRef {
     }
 
     /// Configures whether ClientHello extensions should be permuted.
-    ///
+    #[corresponds(SSL_set_permute_extensions)]
-    /// This corresponds to [`SSL_set_permute_extensions`].
-    ///
-    /// [`SSL_set_permute_extensions`]: https://commondatastorage.googleapis.com/chromium-boringssl-docs/ssl.h.html#SSL_set_permute_extensions
     ///
     /// Note: This is gated to non-fips because the fips feature builds with a separate
     /// version of BoringSSL which doesn't yet include these APIs.
@@ -3770,10 +3752,7 @@ impl<S> MidHandshakeSslStream<S> {
     }
 
     /// Restarts the handshake process.
-    ///
+    #[corresponds(SSL_do_handshake)]
-    /// This corresponds to [`SSL_do_handshake`].
-    ///
-    /// [`SSL_do_handshake`]: https://www.openssl.org/docs/manmaster/man3/SSL_do_handshake.html
     pub fn handshake(mut self) -> Result<SslStream<S>, HandshakeError<S>> {
         let ret = unsafe { ffi::SSL_do_handshake(self.stream.ssl.as_ptr()) };
         if ret > 0 {

boring/src/symm.rs

@@ -54,6 +54,7 @@
 
 use crate::ffi;
 use libc::{c_int, c_uint};
+use openssl_macros::corresponds;
 use std::cmp;
 use std::ptr;
 
@@ -77,10 +78,7 @@ pub struct Cipher(*const ffi::EVP_CIPHER);
 
 impl Cipher {
     /// Looks up the cipher for a certain nid.
-    ///
+    #[corresponds(EVP_get_cipherbynid)]
-    /// This corresponds to [`EVP_get_cipherbynid`]
-    ///
-    /// [`EVP_get_cipherbynid`]: https://www.openssl.org/docs/man1.0.2/crypto/EVP_get_cipherbyname.html
     pub fn from_nid(nid: Nid) -> Option<Cipher> {
         let ptr = unsafe { ffi::EVP_get_cipherbyname(ffi::OBJ_nid2sn(nid.as_raw())) };
         if ptr.is_null() {

boring/src/x509/mod.rs

@@ -864,10 +864,7 @@ impl X509NameBuilder {
     }
 
     /// Add a field entry by str.
-    ///
+    #[corresponds(X509_NAME_add_entry_by_txt)]
-    /// This corresponds to [`X509_NAME_add_entry_by_txt`].
-    ///
-    /// [`X509_NAME_add_entry_by_txt`]: https://www.openssl.org/docs/man1.1.0/crypto/X509_NAME_add_entry_by_txt.html
     pub fn append_entry_by_text(&mut self, field: &str, value: &str) -> Result<(), ErrorStack> {
         unsafe {
             let field = CString::new(field).unwrap();
@@ -886,10 +883,7 @@ impl X509NameBuilder {
     }
 
     /// Add a field entry by str with a specific type.
-    ///
+    #[corresponds(X509_NAME_add_entry_by_txt)]
-    /// This corresponds to [`X509_NAME_add_entry_by_txt`].
-    ///
-    /// [`X509_NAME_add_entry_by_txt`]: https://www.openssl.org/docs/man1.1.0/crypto/X509_NAME_add_entry_by_txt.html
     pub fn append_entry_by_text_with_type(
         &mut self,
         field: &str,
@@ -913,10 +907,7 @@ impl X509NameBuilder {
     }
 
     /// Add a field entry by NID.
-    ///
+    #[corresponds(X509_NAME_add_entry_by_NID)]
-    /// This corresponds to [`X509_NAME_add_entry_by_NID`].
-    ///
-    /// [`X509_NAME_add_entry_by_NID`]: https://www.openssl.org/docs/man1.1.0/crypto/X509_NAME_add_entry_by_NID.html
     pub fn append_entry_by_nid(&mut self, field: Nid, value: &str) -> Result<(), ErrorStack> {
         unsafe {
             assert!(value.len() <= ValueLen::MAX as usize);
@@ -934,10 +925,7 @@ impl X509NameBuilder {
     }
 
     /// Add a field entry by NID with a specific type.
-    ///
+    #[corresponds(X509_NAME_add_entry_by_NID)]
-    /// This corresponds to [`X509_NAME_add_entry_by_NID`].
-    ///
-    /// [`X509_NAME_add_entry_by_NID`]: https://www.openssl.org/docs/man1.1.0/crypto/X509_NAME_add_entry_by_NID.html
     pub fn append_entry_by_nid_with_type(
         &mut self,
         field: Nid,
@@ -997,10 +985,7 @@ impl X509Name {
 
     from_der! {
         /// Deserializes a DER-encoded X509 name structure.
-        ///
+        #[corresponds(d2i_X509_NAME)]
-        /// This corresponds to [`d2i_X509_NAME`].
-        ///
-        /// [`d2i_X509_NAME`]: https://www.openssl.org/docs/manmaster/man3/d2i_X509_NAME.html
         from_der,
         X509Name,
         ffi::d2i_X509_NAME,
@@ -1047,10 +1032,7 @@ impl X509NameRef {
 
     to_der! {
         /// Serializes the certificate into a DER-encoded X509 name structure.
-        ///
+        #[corresponds(i2d_X509_NAME)]
-        /// This corresponds to [`i2d_X509_NAME`].
-        ///
-        /// [`i2d_X509_NAME`]: https://www.openssl.org/docs/man1.1.0/crypto/i2d_X509_NAME.html
         to_der,
         ffi::i2d_X509_NAME
     }
@@ -1110,10 +1092,7 @@ foreign_type_and_impl_send_sync! {
 
 impl X509NameEntryRef {
     /// Returns the field value of an `X509NameEntry`.
-    ///
+    #[corresponds(X509_NAME_ENTRY_get_data)]
-    /// This corresponds to [`X509_NAME_ENTRY_get_data`].
-    ///
-    /// [`X509_NAME_ENTRY_get_data`]: https://www.openssl.org/docs/man1.1.0/crypto/X509_NAME_ENTRY_get_data.html
     pub fn data(&self) -> &Asn1StringRef {
         unsafe {
             let data = ffi::X509_NAME_ENTRY_get_data(self.as_ptr());
@@ -1123,10 +1102,7 @@ impl X509NameEntryRef {
 
     /// Returns the `Asn1Object` value of an `X509NameEntry`.
     /// This is useful for finding out about the actual `Nid` when iterating over all `X509NameEntries`.
-    ///
+    #[corresponds(X509_NAME_ENTRY_get_object)]
-    /// This corresponds to [`X509_NAME_ENTRY_get_object`].
-    ///
-    /// [`X509_NAME_ENTRY_get_object`]: https://www.openssl.org/docs/man1.1.0/crypto/X509_NAME_ENTRY_get_object.html
     pub fn object(&self) -> &Asn1ObjectRef {
         unsafe {
             let object = ffi::X509_NAME_ENTRY_get_object(self.as_ptr());
@@ -1167,10 +1143,7 @@ impl X509ReqBuilder {
     }
 
     /// Set the issuer name.
-    ///
+    #[corresponds(X509_REQ_set_subject_name)]
-    /// This corresponds to [`X509_REQ_set_subject_name`].
-    ///
-    /// [`X509_REQ_set_subject_name`]: https://www.openssl.org/docs/man1.1.0/crypto/X509_REQ_set_subject_name.html
     pub fn set_subject_name(&mut self, subject_name: &X509NameRef) -> Result<(), ErrorStack> {
         unsafe {
             cvt(ffi::X509_REQ_set_subject_name(
@@ -1182,10 +1155,7 @@ impl X509ReqBuilder {
     }
 
     /// Set the public key.
-    ///
+    #[corresponds(X509_REQ_set_pubkey)]
-    /// This corresponds to [`X509_REQ_set_pubkey`].
-    ///
-    /// [`X509_REQ_set_pubkey`]: https://www.openssl.org/docs/man1.1.0/crypto/X509_REQ_set_pubkey.html
     pub fn set_pubkey<T>(&mut self, key: &PKeyRef<T>) -> Result<(), ErrorStack>
     where
         T: HasPublic,
@@ -1232,10 +1202,7 @@ impl X509ReqBuilder {
     }
 
     /// Sign the request using a private key.
-    ///
+    #[corresponds(X509_REQ_sign)]
-    /// This corresponds to [`X509_REQ_sign`].
-    ///
-    /// [`X509_REQ_sign`]: https://www.openssl.org/docs/man1.1.0/crypto/X509_REQ_sign.html
     pub fn sign<T>(&mut self, key: &PKeyRef<T>, hash: MessageDigest) -> Result<(), ErrorStack>
     where
         T: HasPrivate,
@@ -1274,10 +1241,7 @@ impl X509Req {
         /// Deserializes a PEM-encoded PKCS#10 certificate request structure.
         ///
         /// The input should have a header of `-----BEGIN CERTIFICATE REQUEST-----`.
-        ///
+        #[corresponds(PEM_read_bio_X509_REQ)]
-        /// This corresponds to [`PEM_read_bio_X509_REQ`].
-        ///
-        /// [`PEM_read_bio_X509_REQ`]: https://www.openssl.org/docs/man1.0.2/crypto/PEM_read_bio_X509_REQ.html
         from_pem,
         X509Req,
         ffi::PEM_read_bio_X509_REQ
@@ -1285,10 +1249,7 @@ impl X509Req {
 
     from_der! {
         /// Deserializes a DER-encoded PKCS#10 certificate request structure.
-        ///
+        #[corresponds(d2i_X509_REQ)]
-        /// This corresponds to [`d2i_X509_REQ`].
-        ///
-        /// [`d2i_X509_REQ`]: https://www.openssl.org/docs/man1.1.0/crypto/d2i_X509_REQ.html
         from_der,
         X509Req,
         ffi::d2i_X509_REQ,
@@ -1301,38 +1262,26 @@ impl X509ReqRef {
         /// Serializes the certificate request to a PEM-encoded PKCS#10 structure.
         ///
         /// The output will have a header of `-----BEGIN CERTIFICATE REQUEST-----`.
-        ///
+        #[corresponds(PEM_write_bio_X509_REQ)]
-        /// This corresponds to [`PEM_write_bio_X509_REQ`].
-        ///
-        /// [`PEM_write_bio_X509_REQ`]: https://www.openssl.org/docs/man1.0.2/crypto/PEM_write_bio_X509_REQ.html
         to_pem,
         ffi::PEM_write_bio_X509_REQ
     }
 
     to_der! {
         /// Serializes the certificate request to a DER-encoded PKCS#10 structure.
-        ///
+        #[corresponds(i2d_X509_REQ)]
-        /// This corresponds to [`i2d_X509_REQ`].
-        ///
-        /// [`i2d_X509_REQ`]: https://www.openssl.org/docs/man1.0.2/crypto/i2d_X509_REQ.html
         to_der,
         ffi::i2d_X509_REQ
     }
 
     /// Returns the numerical value of the version field of the certificate request.
-    ///
+    #[corresponds(X509_REQ_get_version)]
-    /// This corresponds to [`X509_REQ_get_version`]
-    ///
-    /// [`X509_REQ_get_version`]: https://www.openssl.org/docs/man1.1.0/crypto/X509_REQ_get_version.html
     pub fn version(&self) -> i32 {
         unsafe { X509_REQ_get_version(self.as_ptr()) as i32 }
     }
 
     /// Returns the subject name of the certificate request.
-    ///
+    #[corresponds(X509_REQ_get_subject_name)]
-    /// This corresponds to [`X509_REQ_get_subject_name`]
-    ///
-    /// [`X509_REQ_get_subject_name`]: https://www.openssl.org/docs/man1.1.0/crypto/X509_REQ_get_subject_name.html
     pub fn subject_name(&self) -> &X509NameRef {
         unsafe {
             let name = X509_REQ_get_subject_name(self.as_ptr());
@@ -1423,10 +1372,7 @@ impl X509VerifyError {
     }
 
     /// Return a human readable error string from the verification error.
-    ///
+    #[corresponds(X509_verify_cert_error_string)]
-    /// This corresponds to [`X509_verify_cert_error_string`].
-    ///
-    /// [`X509_verify_cert_error_string`]: https://www.openssl.org/docs/man1.1.0/crypto/X509_verify_cert_error_string.html
     #[allow(clippy::trivially_copy_pass_by_ref)]
     pub fn error_string(&self) -> &'static str {
         ffi::init();

boring/src/x509/store.rs

@@ -105,10 +105,7 @@ impl X509StoreBuilderRef {
     }
 
     /// Returns a mutable reference to the X509 verification configuration.
-    ///
+    #[corresponds(X509_STORE_get0_param)]
-    /// This corresponds to [`X509_STORE_get0_param`].
-    ///
-    /// [`SSL_get0_param`]: https://www.openssl.org/docs/manmaster/man3/X509_STORE_get0_param.html
     pub fn verify_param_mut(&mut self) -> &mut X509VerifyParamRef {
         unsafe { X509VerifyParamRef::from_ptr_mut(ffi::X509_STORE_get0_param(self.as_ptr())) }
     }