document PEM_ASN1_read(3) and PEM_ASN1_read_bio(3);

tweaks and OK tb@
author: schwarze <> 2020-06-12 11:37:42 +0000
committer: schwarze <> 2020-06-12 11:37:42 +0000
commit: 2cba49230cf52f81752d62f2b58037520c8f0941 (patch)
tree: 4a14a7bce99ded95ff18678d951d99cd5a455738
parent: a62588f56a55f2f2d239f35e37ce930a37347a40 (diff)
download: openbsd-2cba49230cf52f81752d62f2b58037520c8f0941.tar.gz
openbsd-2cba49230cf52f81752d62f2b58037520c8f0941.tar.bz2
openbsd-2cba49230cf52f81752d62f2b58037520c8f0941.zip
5 files changed, 236 insertions, 7 deletions
diff --git a/src/lib/libcrypto/man/Makefile b/src/lib/libcrypto/man/Makefile
index 05b1a54c86..c613fdc293 100644
--- a/src/lib/libcrypto/man/Makefile
+++ b/src/lib/libcrypto/man/Makefile
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.167 2020/06/10 11:43:07 schwarze Exp $
+# $OpenBSD: Makefile,v 1.168 2020/06/12 11:37:42 schwarze Exp $
 .include <bsd.own.mk>
@@ -203,6 +203,7 @@ MAN=	\
        OPENSSL_malloc.3 \
        OPENSSL_sk_new.3 \
        OpenSSL_add_all_algorithms.3 \
+        PEM_ASN1_read.3 \
        PEM_bytes_read_bio.3 \
        PEM_read.3 \
        PEM_read_bio_PrivateKey.3 \
diff --git a/src/lib/libcrypto/man/PEM_ASN1_read.3 b/src/lib/libcrypto/man/PEM_ASN1_read.3
new file mode 100644
index 0000000000..cea0c2df68
--- /dev/null
+++ b/src/lib/libcrypto/man/PEM_ASN1_read.3
@@ -0,0 +1,171 @@
+.\" $OpenBSD: PEM_ASN1_read.3,v 1.1 2020/06/12 11:37:42 schwarze Exp $
+.\"
+.\" Copyright (c) 2020 Ingo Schwarze <schwarze@openbsd.org>
+.\"
+.\" Permission to use, copy, modify, and distribute this software for any
+.\" purpose with or without fee is hereby granted, provided that the above
+.\" copyright notice and this permission notice appear in all copies.
+.\"
+.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+.\"
+.Dd $Mdocdate: June 12 2020 $
+.Dt PEM_ASN1_READ 3
+.Os
+.Sh NAME
+.Nm d2i_of_void ,
+.Nm PEM_ASN1_read ,
+.Nm PEM_ASN1_read_bio
+.Nd PEM and DER decode an arbitrary ASN.1 value
+.Sh SYNOPSIS
+.In openssl/pem.h
+.Ft typedef void *
+.Fo d2i_of_void
+.Fa "void **val_out"
+.Fa "const unsigned char **der_in"
+.Fa "long length"
+.Fc
+.Ft void *
+.Fo PEM_ASN1_read
+.Fa "d2i_of_void *d2i"
+.Fa "const char *name"
+.Fa "FILE *in_fp"
+.Fa "void **val_out"
+.Fa "pem_password_cb *cb"
+.Fa "void *u"
+.Fc
+.Ft void *
+.Fo PEM_ASN1_read_bio
+.Fa "d2i_of_void *d2i"
+.Fa "const char *name"
+.Fa "BIO *in_bp"
+.Fa "void **val_out"
+.Fa "pem_password_cb *cb"
+.Fa "void *u"
+.Fc
+.Sh DESCRIPTION
+These functions read one object from
+.Fa in_fp
+or
+.Fa in_bp
+and perform both PEM and DER decoding.
+They are needed when more specific decoding functions
+like those documented in
+.Xr PEM_read_bio_PrivateKey 3
+and
+.Xr PEM_read_SSL_SESSION 3
+are inadequate for the type
+.Fa name .
+.Pp
+For PEM decoding,
+.Xr PEM_bytes_read_bio 3
+is called internally.
+Consequently, the first object of type
+.Fa name
+is returned and preceding objects of other types are discarded.
+If necessary, data is decrypted, using
+.Fa cb
+and/or
+.Fa u
+if they are not
+.Dv NULL ,
+as described in the
+.Xr pem_password_cb 3
+manual page.
+.Pp
+For subsequent DER decoding, pass a
+.Fa d2i
+callback function that is adequate for the type
+.Fa name ,
+typically returning a pointer of a type more specific than
+.Ft void * .
+For example,
+.Xr d2i_ASN1_TYPE 3
+can always be used and its manual page describes the required
+behaviour of the callback function to be passed.
+Normally, passing a more specific function is more useful;
+candidate functions can be found with
+.Ql man -k Nm~^d2i_ .
+.Pp
+For the
+.Fa name
+argument, the
+.Dv PEM_STRING_*
+string constants defined in
+.In openssl/pem.h
+can be used.
+.Pp
+The
+.Fa val_out
+argument is useless and its many dangers are described in detail in the
+.Xr d2i_ASN1_TYPE 3
+manual page.
+To reduce the risk of bugs, always passing
+.Dv NULL
+is recommended.
+.Sh RETURN VALUES
+These functions return a pointer to the decoded object or
+.Dv NULL
+if an error occurs.
+They fail if
+.Xr PEM_bytes_read_bio 3
+fails, for example because of invalid syntax in the input, an unknown
+encryption, or an invalid passphrase entered by the user.
+They also fail if
+.Fa d2i
+returns
+.Dv NULL ,
+for example due to DER decoding errors.
+.Pp
+.Fn PEM_ASN1_read
+may also fail if memory is exhausted.
+.Sh EXAMPLES
+Typical usage of
+.Fn PEM_ASN1_read
+is demonstrated by the implementation of the more specific function
+to PEM and DER decode an X.509 certificate:
+.Bd -literal -offset 2n
+X509 *
+PEM_read_X509(FILE *fp, X509 **val_out, pem_password_cb *cb, void *u)
+{
+        return PEM_ASN1_read((d2i_of_void *)d2i_X509, PEM_STRING_X509,
+            fp, (void **)val_out, cb, u);
+}
+.Ed
+.Sh ERRORS
+Diagnostics that can be retrieved with
+.Xr ERR_get_error 3 ,
+.Xr ERR_GET_REASON 3 ,
+and
+.Xr ERR_reason_error_string 3
+include:
+.Bl -tag -width Ds
+.It Dv ERR_R_BUF_LIB Qq "BUF lib"
+.Fn PEM_ASN1_read
+failed to set up a temporary BIO,
+for example because memory was exhausted.
+.It Dv ERR_R_ASN1_LIB Qq "ASN1 lib"
+.Fa d2i
+returned
+.Dv NULL ,
+for example due to a DER syntax error.
+.El
+.Pp
+Additional types of errors can result from
+.Xr PEM_bytes_read_bio 3 .
+.Sh SEE ALSO
+.Xr BIO_new 3 ,
+.Xr d2i_ASN1_TYPE 3 ,
+.Xr PEM_bytes_read_bio 3 ,
+.Xr PEM_read 3 ,
+.Xr PEM_read_bio_PrivateKey 3 ,
+.Xr PEM_read_SSL_SESSION 3
+.Sh HISTORY
+These functions first appeared in SSLeay 0.5.1
+and have been available since
+.Ox 2.4 .
diff --git a/src/lib/libcrypto/man/PEM_bytes_read_bio.3 b/src/lib/libcrypto/man/PEM_bytes_read_bio.3
index b3cb143cf6..63b8a58d90 100644
--- a/src/lib/libcrypto/man/PEM_bytes_read_bio.3
+++ b/src/lib/libcrypto/man/PEM_bytes_read_bio.3
@@ -1,4 +1,4 @@
-.\"     $OpenBSD: PEM_bytes_read_bio.3,v 1.2 2018/03/22 21:08:22 schwarze Exp $
+.\"     $OpenBSD: PEM_bytes_read_bio.3,v 1.3 2020/06/12 11:37:42 schwarze Exp $
 .\"     OpenSSL PEM_bytes_read_bio.pod 7671342e Feb 29 15:47:12 2016 -0600
 .\"
 .\" This file was written by Benjamin Kaduk <bkaduk at akamai dot com>.
@@ -48,7 +48,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: March 22 2018 $
+.Dd $Mdocdate: June 12 2020 $
 .Dt PEM_BYTES_READ_BIO 3
 .Os
 .Sh NAME
@@ -86,6 +86,8 @@ The password callback
 and rock
 .Fa u
 are used to obtain the decryption passphrase, if applicable.
+For more details, see
+.Xr pem_password_cb 3 .
 .Pp
 Some data types have compatibility aliases, such as a file containing
 X509 CERTIFICATE matching a request for the deprecated type CERTIFICATE.
@@ -107,7 +109,53 @@ The caller must free the storage pointed to by
 .Sh RETURN VALUES
 .Fn PEM_bytes_read_bio
 returns 1 for success or 0 for failure.
+.Sh ERRORS
+Diagnostics that can be retrieved with
+.Xr ERR_get_error 3 ,
+.Xr ERR_GET_REASON 3 ,
+and
+.Xr ERR_reason_error_string 3
+include:
+.Bl -tag -width Ds
+.It Dv PEM_R_NO_START_LINE Qq no start line
+No more PEM objects were found in the input.
+This can happen when the input contains no PEM objects at all,
+or only objects that do not match the type
+.Fa name .
+.It Dv PEM_R_NOT_PROC_TYPE Qq not proc type
+The first PEM header does not start with
+.Qq "Proc-Type: " .
+.It Dv PEM_R_NOT_ENCRYPTED Qq not encrypted
+The Proc-Type header differs from
+.Qq 4,ENCRYPTED .
+.It Dv PEM_R_SHORT_HEADER Qq short header
+The Proc-Type header is the last header line.
+.It Dv PEM_R_NOT_DEK_INFO Qq not dek info
+The second PEM header does not start with
+.Qq "DEK-Info: " .
+.It Dv PEM_R_UNSUPPORTED_ENCRYPTION Qq unsupported encryption
+The cipher name given in the DEK-Info header is unknown to
+.Xr EVP_get_cipherbyname 3 .
+.It Dv PEM_R_BAD_IV_CHARS Qq "bad iv chars"
+The word following the cipher name in the DEK-Info header
+contains bytes that are not hexadecimal digits.
+This also happens when the initialization vector is missing or too short.
+.It Dv PEM_R_BAD_PASSWORD_READ Qq bad password read
+.Fa cb
+reported failure.
+This may for example happen when the user mistypes the password.
+.It Dv PEM_R_BAD_DECRYPT Qq bad decrypt
+.Xr EVP_DecryptInit_ex 3 ,
+.Xr EVP_DecryptUpdate 3 ,
+or
+.Xr EVP_DecryptFinal_ex 3
+failed.
+.El
+.Pp
+Additional types of errors can result from
+.Xr PEM_read_bio 3 .
 .Sh SEE ALSO
+.Xr PEM_ASN1_read 3 ,
 .Xr PEM_read 3 ,
 .Xr PEM_read_bio_PrivateKey 3
 .Sh HISTORY
diff --git a/src/lib/libcrypto/man/PEM_read.3 b/src/lib/libcrypto/man/PEM_read.3
index 5648aa0145..1469ccd558 100644
--- a/src/lib/libcrypto/man/PEM_read.3
+++ b/src/lib/libcrypto/man/PEM_read.3
@@ -1,4 +1,4 @@
-.\"     $OpenBSD: PEM_read.3,v 1.9 2019/06/10 14:58:48 schwarze Exp $
+.\"     $OpenBSD: PEM_read.3,v 1.10 2020/06/12 11:37:42 schwarze Exp $
 .\"     OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400
 .\"
 .\" This file was written by Viktor Dukhovni
@@ -49,7 +49,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: June 10 2019 $
+.Dd $Mdocdate: June 12 2020 $
 .Dt PEM_READ 3
 .Os
 .Sh NAME
@@ -279,8 +279,11 @@ is likely meaningless if these functions fail.
 .Sh SEE ALSO
 .Xr crypto 3 ,
 .Xr d2i_PKCS8PrivateKey_bio 3 ,
+.Xr PEM_ASN1_read 3 ,
 .Xr PEM_bytes_read_bio 3 ,
 .Xr PEM_read_bio_PrivateKey 3 ,
+.Xr PEM_read_SSL_SESSION 3 ,
+.Xr PEM_write_bio_CMS_stream 3 ,
 .Xr PEM_write_bio_PKCS7_stream 3
 .Sh HISTORY
 .Fn PEM_write ,
diff --git a/src/lib/libcrypto/man/PEM_read_bio_PrivateKey.3 b/src/lib/libcrypto/man/PEM_read_bio_PrivateKey.3
index cf45356cfa..3799baa040 100644
--- a/src/lib/libcrypto/man/PEM_read_bio_PrivateKey.3
+++ b/src/lib/libcrypto/man/PEM_read_bio_PrivateKey.3
@@ -1,4 +1,4 @@
-.\" $OpenBSD: PEM_read_bio_PrivateKey.3,v 1.16 2019/11/02 15:25:34 schwarze Exp $
+.\" $OpenBSD: PEM_read_bio_PrivateKey.3,v 1.17 2020/06/12 11:37:42 schwarze Exp $
 .\" full merge up to:
 .\" OpenSSL man3/PEM_read_bio_PrivateKey.pod 18bad535 Apr 9 15:13:55 2019 +0100
 .\" OpenSSL man3/PEM_read_CMS.pod 83cf7abf May 29 13:07:08 2018 +0100
@@ -51,7 +51,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: November 2 2019 $
+.Dd $Mdocdate: June 12 2020 $
 .Dt PEM_READ_BIO_PRIVATEKEY 3
 .Os
 .Sh NAME
@@ -770,6 +770,9 @@ will be used to collectively refer to the
 and
 .Fn PEM_write_TYPE
 functions.
+If no set of specific functions exists for a given type,
+.Xr PEM_ASN1_read 3
+can be used instead.
 .Pp
 The
 .Sy PrivateKey
@@ -1266,8 +1269,11 @@ pass_cb(char *buf, int size, int rwflag, void *u)
 .Sh SEE ALSO
 .Xr BIO_new 3 ,
 .Xr DSA_new 3 ,
+.Xr PEM_ASN1_read 3 ,
 .Xr PEM_bytes_read_bio 3 ,
 .Xr PEM_read 3 ,
+.Xr PEM_read_SSL_SESSION 3 ,
+.Xr PEM_write_bio_CMS_stream 3 ,
 .Xr PEM_write_bio_PKCS7_stream 3 ,
 .Xr RSA_new 3 ,
 .Xr X509_CRL_new 3 ,
author	schwarze <>	2020-06-12 11:37:42 +0000
committer	schwarze <>	2020-06-12 11:37:42 +0000
commit	2cba49230cf52f81752d62f2b58037520c8f0941 (patch)
tree	4a14a7bce99ded95ff18678d951d99cd5a455738
parent	a62588f56a55f2f2d239f35e37ce930a37347a40 (diff)
download	openbsd-2cba49230cf52f81752d62f2b58037520c8f0941.tar.gz openbsd-2cba49230cf52f81752d62f2b58037520c8f0941.tar.bz2 openbsd-2cba49230cf52f81752d62f2b58037520c8f0941.zip

diff --git a/src/lib/libcrypto/man/Makefile b/src/lib/libcrypto/man/Makefile index 05b1a54c86..c613fdc293 100644 --- a/src/lib/libcrypto/man/Makefile +++ b/src/lib/libcrypto/man/Makefile
@@ -1,4 +1,4 @@
1	# $OpenBSD: Makefile,v 1.167 2020/06/10 11:43:07 schwarze Exp $	1	# $OpenBSD: Makefile,v 1.168 2020/06/12 11:37:42 schwarze Exp $
2		2
3	.include <bsd.own.mk>	3	.include <bsd.own.mk>
4		4
@@ -203,6 +203,7 @@ MAN= \
203	OPENSSL_malloc.3 \	203	OPENSSL_malloc.3 \
204	OPENSSL_sk_new.3 \	204	OPENSSL_sk_new.3 \
205	OpenSSL_add_all_algorithms.3 \	205	OpenSSL_add_all_algorithms.3 \
		206	PEM_ASN1_read.3 \
206	PEM_bytes_read_bio.3 \	207	PEM_bytes_read_bio.3 \
207	PEM_read.3 \	208	PEM_read.3 \
208	PEM_read_bio_PrivateKey.3 \	209	PEM_read_bio_PrivateKey.3 \


diff --git a/src/lib/libcrypto/man/PEM_ASN1_read.3 b/src/lib/libcrypto/man/PEM_ASN1_read.3 new file mode 100644 index 0000000000..cea0c2df68 --- /dev/null +++ b/src/lib/libcrypto/man/PEM_ASN1_read.3
@@ -0,0 +1,171 @@
		1	.\" $OpenBSD: PEM_ASN1_read.3,v 1.1 2020/06/12 11:37:42 schwarze Exp $
		2	.\"
		3	.\" Copyright (c) 2020 Ingo Schwarze <schwarze@openbsd.org>
		4	.\"
		5	.\" Permission to use, copy, modify, and distribute this software for any
		6	.\" purpose with or without fee is hereby granted, provided that the above
		7	.\" copyright notice and this permission notice appear in all copies.
		8	.\"
		9	.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
		10	.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
		11	.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
		12	.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
		13	.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
		14	.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
		15	.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
		16	.\"
		17	.Dd $Mdocdate: June 12 2020 $
		18	.Dt PEM_ASN1_READ 3
		19	.Os
		20	.Sh NAME
		21	.Nm d2i_of_void ,
		22	.Nm PEM_ASN1_read ,
		23	.Nm PEM_ASN1_read_bio
		24	.Nd PEM and DER decode an arbitrary ASN.1 value
		25	.Sh SYNOPSIS
		26	.In openssl/pem.h
		27	.Ft typedef void *
		28	.Fo d2i_of_void
		29	.Fa "void **val_out"
		30	.Fa "const unsigned char **der_in"
		31	.Fa "long length"
		32	.Fc
		33	.Ft void *
		34	.Fo PEM_ASN1_read
		35	.Fa "d2i_of_void *d2i"
		36	.Fa "const char *name"
		37	.Fa "FILE *in_fp"
		38	.Fa "void **val_out"
		39	.Fa "pem_password_cb *cb"
		40	.Fa "void *u"
		41	.Fc
		42	.Ft void *
		43	.Fo PEM_ASN1_read_bio
		44	.Fa "d2i_of_void *d2i"
		45	.Fa "const char *name"
		46	.Fa "BIO *in_bp"
		47	.Fa "void **val_out"
		48	.Fa "pem_password_cb *cb"
		49	.Fa "void *u"
		50	.Fc
		51	.Sh DESCRIPTION
		52	These functions read one object from
		53	.Fa in_fp
		54	or
		55	.Fa in_bp
		56	and perform both PEM and DER decoding.
		57	They are needed when more specific decoding functions
		58	like those documented in
		59	.Xr PEM_read_bio_PrivateKey 3
		60	and
		61	.Xr PEM_read_SSL_SESSION 3
		62	are inadequate for the type
		63	.Fa name .
		64	.Pp
		65	For PEM decoding,
		66	.Xr PEM_bytes_read_bio 3
		67	is called internally.
		68	Consequently, the first object of type
		69	.Fa name
		70	is returned and preceding objects of other types are discarded.
		71	If necessary, data is decrypted, using
		72	.Fa cb
		73	and/or
		74	.Fa u
		75	if they are not
		76	.Dv NULL ,
		77	as described in the
		78	.Xr pem_password_cb 3
		79	manual page.
		80	.Pp
		81	For subsequent DER decoding, pass a
		82	.Fa d2i
		83	callback function that is adequate for the type
		84	.Fa name ,
		85	typically returning a pointer of a type more specific than
		86	.Ft void * .
		87	For example,
		88	.Xr d2i_ASN1_TYPE 3
		89	can always be used and its manual page describes the required
		90	behaviour of the callback function to be passed.
		91	Normally, passing a more specific function is more useful;
		92	candidate functions can be found with
		93	.Ql man -k Nm~^d2i_ .
		94	.Pp
		95	For the
		96	.Fa name
		97	argument, the
		98	.Dv PEM_STRING_*
		99	string constants defined in
		100	.In openssl/pem.h
		101	can be used.
		102	.Pp
		103	The
		104	.Fa val_out
		105	argument is useless and its many dangers are described in detail in the
		106	.Xr d2i_ASN1_TYPE 3
		107	manual page.
		108	To reduce the risk of bugs, always passing
		109	.Dv NULL
		110	is recommended.
		111	.Sh RETURN VALUES
		112	These functions return a pointer to the decoded object or
		113	.Dv NULL
		114	if an error occurs.
		115	They fail if
		116	.Xr PEM_bytes_read_bio 3
		117	fails, for example because of invalid syntax in the input, an unknown
		118	encryption, or an invalid passphrase entered by the user.
		119	They also fail if
		120	.Fa d2i
		121	returns
		122	.Dv NULL ,
		123	for example due to DER decoding errors.
		124	.Pp
		125	.Fn PEM_ASN1_read
		126	may also fail if memory is exhausted.
		127	.Sh EXAMPLES
		128	Typical usage of
		129	.Fn PEM_ASN1_read
		130	is demonstrated by the implementation of the more specific function
		131	to PEM and DER decode an X.509 certificate:
		132	.Bd -literal -offset 2n
		133	X509 *
		134	PEM_read_X509(FILE fp, X509 val_out, pem_password_cb cb, void *u)
		135	{
		136	return PEM_ASN1_read((d2i_of_void *)d2i_X509, PEM_STRING_X509,
		137	fp, (void **)val_out, cb, u);
		138	}
		139	.Ed
		140	.Sh ERRORS
		141	Diagnostics that can be retrieved with
		142	.Xr ERR_get_error 3 ,
		143	.Xr ERR_GET_REASON 3 ,
		144	and
		145	.Xr ERR_reason_error_string 3
		146	include:
		147	.Bl -tag -width Ds
		148	.It Dv ERR_R_BUF_LIB Qq "BUF lib"
		149	.Fn PEM_ASN1_read
		150	failed to set up a temporary BIO,
		151	for example because memory was exhausted.
		152	.It Dv ERR_R_ASN1_LIB Qq "ASN1 lib"
		153	.Fa d2i
		154	returned
		155	.Dv NULL ,
		156	for example due to a DER syntax error.
		157	.El
		158	.Pp
		159	Additional types of errors can result from
		160	.Xr PEM_bytes_read_bio 3 .
		161	.Sh SEE ALSO
		162	.Xr BIO_new 3 ,
		163	.Xr d2i_ASN1_TYPE 3 ,
		164	.Xr PEM_bytes_read_bio 3 ,
		165	.Xr PEM_read 3 ,
		166	.Xr PEM_read_bio_PrivateKey 3 ,
		167	.Xr PEM_read_SSL_SESSION 3
		168	.Sh HISTORY
		169	These functions first appeared in SSLeay 0.5.1
		170	and have been available since
		171	.Ox 2.4 .


diff --git a/src/lib/libcrypto/man/PEM_bytes_read_bio.3 b/src/lib/libcrypto/man/PEM_bytes_read_bio.3 index b3cb143cf6..63b8a58d90 100644 --- a/src/lib/libcrypto/man/PEM_bytes_read_bio.3 +++ b/src/lib/libcrypto/man/PEM_bytes_read_bio.3
@@ -1,4 +1,4 @@
1	.\" $OpenBSD: PEM_bytes_read_bio.3,v 1.2 2018/03/22 21:08:22 schwarze Exp $	1	.\" $OpenBSD: PEM_bytes_read_bio.3,v 1.3 2020/06/12 11:37:42 schwarze Exp $
2	.\" OpenSSL PEM_bytes_read_bio.pod 7671342e Feb 29 15:47:12 2016 -0600	2	.\" OpenSSL PEM_bytes_read_bio.pod 7671342e Feb 29 15:47:12 2016 -0600
3	.\"	3	.\"
4	.\" This file was written by Benjamin Kaduk <bkaduk at akamai dot com>.	4	.\" This file was written by Benjamin Kaduk <bkaduk at akamai dot com>.
@@ -48,7 +48,7 @@
48	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED	48	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49	.\" OF THE POSSIBILITY OF SUCH DAMAGE.	49	.\" OF THE POSSIBILITY OF SUCH DAMAGE.
50	.\"	50	.\"
51	.Dd $Mdocdate: March 22 2018 $	51	.Dd $Mdocdate: June 12 2020 $
52	.Dt PEM_BYTES_READ_BIO 3	52	.Dt PEM_BYTES_READ_BIO 3
53	.Os	53	.Os
54	.Sh NAME	54	.Sh NAME
@@ -86,6 +86,8 @@ The password callback
86	and rock	86	and rock
87	.Fa u	87	.Fa u
88	are used to obtain the decryption passphrase, if applicable.	88	are used to obtain the decryption passphrase, if applicable.
		89	For more details, see
		90	.Xr pem_password_cb 3 .
89	.Pp	91	.Pp
90	Some data types have compatibility aliases, such as a file containing	92	Some data types have compatibility aliases, such as a file containing
91	X509 CERTIFICATE matching a request for the deprecated type CERTIFICATE.	93	X509 CERTIFICATE matching a request for the deprecated type CERTIFICATE.
@@ -107,7 +109,53 @@ The caller must free the storage pointed to by
107	.Sh RETURN VALUES	109	.Sh RETURN VALUES
108	.Fn PEM_bytes_read_bio	110	.Fn PEM_bytes_read_bio
109	returns 1 for success or 0 for failure.	111	returns 1 for success or 0 for failure.
		112	.Sh ERRORS
		113	Diagnostics that can be retrieved with
		114	.Xr ERR_get_error 3 ,
		115	.Xr ERR_GET_REASON 3 ,
		116	and
		117	.Xr ERR_reason_error_string 3
		118	include:
		119	.Bl -tag -width Ds
		120	.It Dv PEM_R_NO_START_LINE Qq no start line
		121	No more PEM objects were found in the input.
		122	This can happen when the input contains no PEM objects at all,
		123	or only objects that do not match the type
		124	.Fa name .
		125	.It Dv PEM_R_NOT_PROC_TYPE Qq not proc type
		126	The first PEM header does not start with
		127	.Qq "Proc-Type: " .
		128	.It Dv PEM_R_NOT_ENCRYPTED Qq not encrypted
		129	The Proc-Type header differs from
		130	.Qq 4,ENCRYPTED .
		131	.It Dv PEM_R_SHORT_HEADER Qq short header
		132	The Proc-Type header is the last header line.
		133	.It Dv PEM_R_NOT_DEK_INFO Qq not dek info
		134	The second PEM header does not start with
		135	.Qq "DEK-Info: " .
		136	.It Dv PEM_R_UNSUPPORTED_ENCRYPTION Qq unsupported encryption
		137	The cipher name given in the DEK-Info header is unknown to
		138	.Xr EVP_get_cipherbyname 3 .
		139	.It Dv PEM_R_BAD_IV_CHARS Qq "bad iv chars"
		140	The word following the cipher name in the DEK-Info header
		141	contains bytes that are not hexadecimal digits.
		142	This also happens when the initialization vector is missing or too short.
		143	.It Dv PEM_R_BAD_PASSWORD_READ Qq bad password read
		144	.Fa cb
		145	reported failure.
		146	This may for example happen when the user mistypes the password.
		147	.It Dv PEM_R_BAD_DECRYPT Qq bad decrypt
		148	.Xr EVP_DecryptInit_ex 3 ,
		149	.Xr EVP_DecryptUpdate 3 ,
		150	or
		151	.Xr EVP_DecryptFinal_ex 3
		152	failed.
		153	.El
		154	.Pp
		155	Additional types of errors can result from
		156	.Xr PEM_read_bio 3 .
110	.Sh SEE ALSO	157	.Sh SEE ALSO
		158	.Xr PEM_ASN1_read 3 ,
111	.Xr PEM_read 3 ,	159	.Xr PEM_read 3 ,
112	.Xr PEM_read_bio_PrivateKey 3	160	.Xr PEM_read_bio_PrivateKey 3
113	.Sh HISTORY	161	.Sh HISTORY


diff --git a/src/lib/libcrypto/man/PEM_read.3 b/src/lib/libcrypto/man/PEM_read.3 index 5648aa0145..1469ccd558 100644 --- a/src/lib/libcrypto/man/PEM_read.3 +++ b/src/lib/libcrypto/man/PEM_read.3
@@ -1,4 +1,4 @@
1	.\" $OpenBSD: PEM_read.3,v 1.9 2019/06/10 14:58:48 schwarze Exp $	1	.\" $OpenBSD: PEM_read.3,v 1.10 2020/06/12 11:37:42 schwarze Exp $
2	.\" OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400	2	.\" OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400
3	.\"	3	.\"
4	.\" This file was written by Viktor Dukhovni	4	.\" This file was written by Viktor Dukhovni
@@ -49,7 +49,7 @@
49	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED	49	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50	.\" OF THE POSSIBILITY OF SUCH DAMAGE.	50	.\" OF THE POSSIBILITY OF SUCH DAMAGE.
51	.\"	51	.\"
52	.Dd $Mdocdate: June 10 2019 $	52	.Dd $Mdocdate: June 12 2020 $
53	.Dt PEM_READ 3	53	.Dt PEM_READ 3
54	.Os	54	.Os
55	.Sh NAME	55	.Sh NAME
@@ -279,8 +279,11 @@ is likely meaningless if these functions fail.
279	.Sh SEE ALSO	279	.Sh SEE ALSO
280	.Xr crypto 3 ,	280	.Xr crypto 3 ,
281	.Xr d2i_PKCS8PrivateKey_bio 3 ,	281	.Xr d2i_PKCS8PrivateKey_bio 3 ,
		282	.Xr PEM_ASN1_read 3 ,
282	.Xr PEM_bytes_read_bio 3 ,	283	.Xr PEM_bytes_read_bio 3 ,
283	.Xr PEM_read_bio_PrivateKey 3 ,	284	.Xr PEM_read_bio_PrivateKey 3 ,
		285	.Xr PEM_read_SSL_SESSION 3 ,
		286	.Xr PEM_write_bio_CMS_stream 3 ,
284	.Xr PEM_write_bio_PKCS7_stream 3	287	.Xr PEM_write_bio_PKCS7_stream 3
285	.Sh HISTORY	288	.Sh HISTORY
286	.Fn PEM_write ,	289	.Fn PEM_write ,


diff --git a/src/lib/libcrypto/man/PEM_read_bio_PrivateKey.3 b/src/lib/libcrypto/man/PEM_read_bio_PrivateKey.3 index cf45356cfa..3799baa040 100644 --- a/src/lib/libcrypto/man/PEM_read_bio_PrivateKey.3 +++ b/src/lib/libcrypto/man/PEM_read_bio_PrivateKey.3
@@ -1,4 +1,4 @@
1	.\" $OpenBSD: PEM_read_bio_PrivateKey.3,v 1.16 2019/11/02 15:25:34 schwarze Exp $	1	.\" $OpenBSD: PEM_read_bio_PrivateKey.3,v 1.17 2020/06/12 11:37:42 schwarze Exp $
2	.\" full merge up to:	2	.\" full merge up to:
3	.\" OpenSSL man3/PEM_read_bio_PrivateKey.pod 18bad535 Apr 9 15:13:55 2019 +0100	3	.\" OpenSSL man3/PEM_read_bio_PrivateKey.pod 18bad535 Apr 9 15:13:55 2019 +0100
4	.\" OpenSSL man3/PEM_read_CMS.pod 83cf7abf May 29 13:07:08 2018 +0100	4	.\" OpenSSL man3/PEM_read_CMS.pod 83cf7abf May 29 13:07:08 2018 +0100
@@ -51,7 +51,7 @@
51	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED	51	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
52	.\" OF THE POSSIBILITY OF SUCH DAMAGE.	52	.\" OF THE POSSIBILITY OF SUCH DAMAGE.
53	.\"	53	.\"
54	.Dd $Mdocdate: November 2 2019 $	54	.Dd $Mdocdate: June 12 2020 $
55	.Dt PEM_READ_BIO_PRIVATEKEY 3	55	.Dt PEM_READ_BIO_PRIVATEKEY 3
56	.Os	56	.Os
57	.Sh NAME	57	.Sh NAME
@@ -770,6 +770,9 @@ will be used to collectively refer to the
770	and	770	and
771	.Fn PEM_write_TYPE	771	.Fn PEM_write_TYPE
772	functions.	772	functions.
		773	If no set of specific functions exists for a given type,
		774	.Xr PEM_ASN1_read 3
		775	can be used instead.
773	.Pp	776	.Pp
774	The	777	The
775	.Sy PrivateKey	778	.Sy PrivateKey
@@ -1266,8 +1269,11 @@ pass_cb(char buf, int size, int rwflag, void u)
1266	.Sh SEE ALSO	1269	.Sh SEE ALSO
1267	.Xr BIO_new 3 ,	1270	.Xr BIO_new 3 ,
1268	.Xr DSA_new 3 ,	1271	.Xr DSA_new 3 ,
		1272	.Xr PEM_ASN1_read 3 ,
1269	.Xr PEM_bytes_read_bio 3 ,	1273	.Xr PEM_bytes_read_bio 3 ,
1270	.Xr PEM_read 3 ,	1274	.Xr PEM_read 3 ,
		1275	.Xr PEM_read_SSL_SESSION 3 ,
		1276	.Xr PEM_write_bio_CMS_stream 3 ,
1271	.Xr PEM_write_bio_PKCS7_stream 3 ,	1277	.Xr PEM_write_bio_PKCS7_stream 3 ,
1272	.Xr RSA_new 3 ,	1278	.Xr RSA_new 3 ,
1273	.Xr X509_CRL_new 3 ,	1279	.Xr X509_CRL_new 3 ,