summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorschwarze <>2016-12-28 20:36:33 +0000
committerschwarze <>2016-12-28 20:36:33 +0000
commit3b54e696d52d8b0453c06cb1ba1cfeab6871a91b (patch)
tree55a73145fe847f3e38473e38d34906fb1db1b975
parentcc707dd3ad7783747108fbea8ab0921b2b5632ff (diff)
downloadopenbsd-3b54e696d52d8b0453c06cb1ba1cfeab6871a91b.tar.gz
openbsd-3b54e696d52d8b0453c06cb1ba1cfeab6871a91b.tar.bz2
openbsd-3b54e696d52d8b0453c06cb1ba1cfeab6871a91b.zip
Write documentation for <openssl/x509v3.h> DER decoding and
encoding functions from scratch. All 46 functions are listed in OpenSSL doc/man3/d2i_X509.pod.
Diffstat
-rw-r--r--src/lib/libcrypto/man/Makefile9
-rw-r--r--src/lib/libcrypto/man/SXNET_new.358
-rw-r--r--src/lib/libcrypto/man/d2i_AUTHORITY_KEYID.369
-rw-r--r--src/lib/libcrypto/man/d2i_BASIC_CONSTRAINTS.394
-rw-r--r--src/lib/libcrypto/man/d2i_DIST_POINT.3177
-rw-r--r--src/lib/libcrypto/man/d2i_GENERAL_NAME.3140
-rw-r--r--src/lib/libcrypto/man/d2i_PKEY_USAGE_PERIOD.368
-rw-r--r--src/lib/libcrypto/man/d2i_POLICYINFO.3161
-rw-r--r--src/lib/libcrypto/man/d2i_PROXY_POLICY.393
9 files changed, 861 insertions, 8 deletions
diff --git a/src/lib/libcrypto/man/Makefile b/src/lib/libcrypto/man/Makefile
index 49990dff8d..6065762acd 100644
--- a/src/lib/libcrypto/man/Makefile
+++ b/src/lib/libcrypto/man/Makefile
@@ -1,4 +1,4 @@
1# $OpenBSD: Makefile,v 1.107 2016/12/28 13:45:30 schwarze Exp $ 1# $OpenBSD: Makefile,v 1.108 2016/12/28 20:36:33 schwarze Exp $
2 2
3.include <bsd.own.mk> 3.include <bsd.own.mk>
4 4
@@ -228,16 +228,23 @@ MAN= \
228 X509v3_get_ext_by_NID.3 \ 228 X509v3_get_ext_by_NID.3 \
229 crypto.3 \ 229 crypto.3 \
230 d2i_ASN1_OBJECT.3 \ 230 d2i_ASN1_OBJECT.3 \
231 d2i_AUTHORITY_KEYID.3 \
232 d2i_BASIC_CONSTRAINTS.3 \
231 d2i_DHparams.3 \ 233 d2i_DHparams.3 \
234 d2i_DIST_POINT.3 \
232 d2i_DSAPublicKey.3 \ 235 d2i_DSAPublicKey.3 \
233 d2i_ECPKParameters.3 \ 236 d2i_ECPKParameters.3 \
234 d2i_ESS_SIGNING_CERT.3 \ 237 d2i_ESS_SIGNING_CERT.3 \
238 d2i_GENERAL_NAME.3 \
235 d2i_OCSP_REQUEST.3 \ 239 d2i_OCSP_REQUEST.3 \
236 d2i_OCSP_RESPONSE.3 \ 240 d2i_OCSP_RESPONSE.3 \
237 d2i_PKCS12.3 \ 241 d2i_PKCS12.3 \
238 d2i_PKCS7.3 \ 242 d2i_PKCS7.3 \
239 d2i_PKCS8_PRIV_KEY_INFO.3 \ 243 d2i_PKCS8_PRIV_KEY_INFO.3 \
240 d2i_PKCS8PrivateKey_bio.3 \ 244 d2i_PKCS8PrivateKey_bio.3 \
245 d2i_PKEY_USAGE_PERIOD.3 \
246 d2i_POLICYINFO.3 \
247 d2i_PROXY_POLICY.3 \
241 d2i_PrivateKey.3 \ 248 d2i_PrivateKey.3 \
242 d2i_RSAPublicKey.3 \ 249 d2i_RSAPublicKey.3 \
243 d2i_TS_REQ.3 \ 250 d2i_TS_REQ.3 \
diff --git a/src/lib/libcrypto/man/SXNET_new.3 b/src/lib/libcrypto/man/SXNET_new.3
index 1484970113..cf6f692748 100644
--- a/src/lib/libcrypto/man/SXNET_new.3
+++ b/src/lib/libcrypto/man/SXNET_new.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SXNET_new.3,v 1.1 2016/12/24 01:00:48 schwarze Exp $ 1.\" $OpenBSD: SXNET_new.3,v 1.2 2016/12/28 20:36:33 schwarze Exp $
2.\" 2.\"
3.\" Copyright (c) 2016 Ingo Schwarze <schwarze@openbsd.org> 3.\" Copyright (c) 2016 Ingo Schwarze <schwarze@openbsd.org>
4.\" 4.\"
@@ -14,14 +14,18 @@
14.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 14.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 15.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16.\" 16.\"
17.Dd $Mdocdate: December 24 2016 $ 17.Dd $Mdocdate: December 28 2016 $
18.Dt SXNET_NEW 3 18.Dt SXNET_NEW 3
19.Os 19.Os
20.Sh NAME 20.Sh NAME
21.Nm SXNET_new , 21.Nm SXNET_new ,
22.Nm SXNET_free , 22.Nm SXNET_free ,
23.Nm SXNETID_new , 23.Nm SXNETID_new ,
24.Nm SXNETID_free 24.Nm SXNETID_free ,
25.Nm d2i_SXNET ,
26.Nm i2d_SXNET ,
27.Nm d2i_SXNETID ,
28.Nm i2d_SXNETID
25.Nd Thawte strong extranet X.509 extension 29.Nd Thawte strong extranet X.509 extension
26.Sh SYNOPSIS 30.Sh SYNOPSIS
27.In openssl/x509v3.h 31.In openssl/x509v3.h
@@ -33,6 +37,28 @@
33.Fn SXNETID_new void 37.Fn SXNETID_new void
34.Ft void 38.Ft void
35.Fn SXNETID_free "SXNETID *sxnetid" 39.Fn SXNETID_free "SXNETID *sxnetid"
40.Ft SXNET *
41.Fo d2i_SXNET
42.Fa "SXNET **val_out"
43.Fa "const unsigned char **der_in"
44.Fa "long length"
45.Fc
46.Ft int
47.Fo i2d_SXNET
48.Fa "SXNET *val_in"
49.Fa "unsigned char **der_out"
50.Fc
51.Ft SXNETID *
52.Fo d2i_SXNETID
53.Fa "SXNETID **val_out"
54.Fa "const unsigned char **der_in"
55.Fa "long length"
56.Fc
57.Ft int
58.Fo i2d_SXNETID
59.Fa "SXNETID *val_in"
60.Fa "unsigned char **der_out"
61.Fc
36.Sh DESCRIPTION 62.Sh DESCRIPTION
37.Fn SXNET_new 63.Fn SXNET_new
38allocates and initializes an empty 64allocates and initializes an empty
@@ -52,17 +78,35 @@ It is used inside
52.Fn SXNETID_free 78.Fn SXNETID_free
53frees 79frees
54.Fa sxnetid . 80.Fa sxnetid .
81.Pp
82The remaining functions decode and encode these objects
83using DER format.
84For details about the semantics, examples, caveats, and bugs, see
85.Xr ASN1_item_d2i 3 .
55.Sh RETURN VALUES 86.Sh RETURN VALUES
56.Fn SXNET_new 87.Fn SXNET_new
57and 88and
58.Fn SXNETID_new 89.Fn d2i_SXNET
59return the new 90return an
60.Vt SXNET 91.Vt SXNET
61or 92object or
93.Dv NULL
94if an error occurs.
95.Pp
96.Fn SXNETID_new
97and
98.Fn d2i_SXNETID
99return an
62.Vt SXNETID 100.Vt SXNETID
63object, respectively, or 101object or
64.Dv NULL 102.Dv NULL
65if an error occurs. 103if an error occurs.
104.Pp
105.Fn i2d_SXNET
106and
107.Fn i2d_SXNETID
108return the number of bytes successfully encoded or a negative value
109if an error occurs.
66.Sh SEE ALSO 110.Sh SEE ALSO
67.Xr X509_EXTENSION_new 3 , 111.Xr X509_EXTENSION_new 3 ,
68.Xr X509_new 3 112.Xr X509_new 3
diff --git a/src/lib/libcrypto/man/d2i_AUTHORITY_KEYID.3 b/src/lib/libcrypto/man/d2i_AUTHORITY_KEYID.3
new file mode 100644
index 0000000000..2f46454d8b
--- /dev/null
+++ b/src/lib/libcrypto/man/d2i_AUTHORITY_KEYID.3
@@ -0,0 +1,69 @@
1.\" $OpenBSD: d2i_AUTHORITY_KEYID.3,v 1.1 2016/12/28 20:36:33 schwarze Exp $
2.\"
3.\" Copyright (c) 2016 Ingo Schwarze <schwarze@openbsd.org>
4.\"
5.\" Permission to use, copy, modify, and distribute this software for any
6.\" purpose with or without fee is hereby granted, provided that the above
7.\" copyright notice and this permission notice appear in all copies.
8.\"
9.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16.\"
17.Dd $Mdocdate: December 28 2016 $
18.Dt D2I_AUTHORITY_KEYID 3
19.Os
20.Sh NAME
21.Nm d2i_AUTHORITY_KEYID ,
22.Nm i2d_AUTHORITY_KEYID
23.Nd decode and encode X.509 authority key identifiers
24.Sh SYNOPSIS
25.In openssl/x509v3.h
26.Ft AUTHORITY_KEYID *
27.Fo d2i_AUTHORITY_KEYID
28.Fa "AUTHORITY_KEYID **val_out"
29.Fa "const unsigned char **der_in"
30.Fa "long length"
31.Fc
32.Ft int
33.Fo i2d_AUTHORITY_KEYID
34.Fa "AUTHORITY_KEYID *val_in"
35.Fa "unsigned char **der_out"
36.Fc
37.Sh DESCRIPTION
38.Fn d2i_AUTHORITY_KEYID
39and
40.Fn i2d_AUTHORITY_KEYID
41decode and encode an ASN.1
42.Vt AuthorityKeyIdentifier
43structure defined in RFC 5280 section 4.2.1.1.
44For details about the semantics, examples, caveats, and bugs, see
45.Xr ASN1_item_d2i 3 .
46.Sh RETURN VALUES
47.Fn d2i_AUTHORITY_KEYID
48returns an
49.Vt AUTHORITY_KEYID
50object or
51.Dv NULL
52if an error occurs.
53.Pp
54.Fn i2d_AUTHORITY_KEYID
55returns the number of bytes successfully encoded or a negative value
56if an error occurs.
57.Sh SEE ALSO
58.Xr ASN1_item_d2i 3 ,
59.Xr AUTHORITY_KEYID_new 3 ,
60.Xr X509_EXTENSION_new 3
61.Sh STANDARDS
62RFC 5280: Internet X.509 Public Key Infrastructure Certificate and
63Certificate Revocation List (CRL) Profile:
64.Bl -dash -compact
65.It
66section 4.2.1.1: Certificate Extensions: Authority Key Identifier
67.It
68section 5.2.1: CRL Extensions: Authority Key Identifier
69.El
diff --git a/src/lib/libcrypto/man/d2i_BASIC_CONSTRAINTS.3 b/src/lib/libcrypto/man/d2i_BASIC_CONSTRAINTS.3
new file mode 100644
index 0000000000..968541627f
--- /dev/null
+++ b/src/lib/libcrypto/man/d2i_BASIC_CONSTRAINTS.3
@@ -0,0 +1,94 @@
1.\" $OpenBSD: d2i_BASIC_CONSTRAINTS.3,v 1.1 2016/12/28 20:36:33 schwarze Exp $
2.\"
3.\" Copyright (c) 2016 Ingo Schwarze <schwarze@openbsd.org>
4.\"
5.\" Permission to use, copy, modify, and distribute this software for any
6.\" purpose with or without fee is hereby granted, provided that the above
7.\" copyright notice and this permission notice appear in all copies.
8.\"
9.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16.\"
17.Dd $Mdocdate: December 28 2016 $
18.Dt D2I_BASIC_CONSTRAINTS 3
19.Os
20.Sh NAME
21.Nm d2i_BASIC_CONSTRAINTS ,
22.Nm i2d_BASIC_CONSTRAINTS ,
23.Nm d2i_EXTENDED_KEY_USAGE ,
24.Nm i2d_EXTENDED_KEY_USAGE
25.Nd decode and encode X.509 key usage purposes
26.Sh SYNOPSIS
27.In openssl/x509v3.h
28.Ft BASIC_CONSTRAINTS *
29.Fo d2i_BASIC_CONSTRAINTS
30.Fa "BASIC_CONSTRAINTS **val_out"
31.Fa "const unsigned char **der_in"
32.Fa "long length"
33.Fc
34.Ft int
35.Fo i2d_BASIC_CONSTRAINTS
36.Fa "BASIC_CONSTRAINTS *val_in"
37.Fa "unsigned char **der_out"
38.Fc
39.Ft EXTENDED_KEY_USAGE *
40.Fo d2i_EXTENDED_KEY_USAGE
41.Fa "EXTENDED_KEY_USAGE **val_out"
42.Fa "const unsigned char **der_in"
43.Fa "long length"
44.Fc
45.Ft int
46.Fo i2d_EXTENDED_KEY_USAGE
47.Fa "EXTENDED_KEY_USAGE *val_in"
48.Fa "unsigned char **der_out"
49.Fc
50.Sh DESCRIPTION
51These functions decode and encode data structures describing the
52intended purposes that the key contained in an X.509 certificate
53is to be used for.
54For details about the semantics, examples, caveats, and bugs, see
55.Xr ASN1_item_d2i 3 .
56.Pp
57.Fn d2i_BASIC_CONSTRAINTS
58and
59.Fn i2d_BASIC_CONSTRAINTS
60decode and encode an ASN.1
61.Vt BasicConstraints
62structure defined in RFC 5280 section 4.2.1.9.
63.Pp
64.Fn d2i_EXTENDED_KEY_USAGE
65and
66.Fn i2d_EXTENDED_KEY_USAGE
67decode and encode an ASN.1
68.Vt ExtKeyUsageSyntax
69structure defined in RFC 5280 section 4.2.1.12.
70.Sh RETURN VALUES
71.Fn d2i_BASIC_CONSTRAINTS
72and
73.Fn d2i_EXTENDED_KEY_USAGE
74return a
75.Vt BASIC_CONSTRAINTS
76or
77.Vt EXTENDED_KEY_USAGE
78object, respectively, or
79.Dv NULL
80if an error occurs.
81.Pp
82.Fn i2d_BASIC_CONSTRAINTS
83and
84.Fn i2d_EXTENDED_KEY_USAGE
85return the number of bytes successfully encoded or a negative value
86if an error occurs.
87.Sh SEE ALSO
88.Xr ASN1_item_d2i 3 ,
89.Xr BASIC_CONSTRAINTS_new 3 ,
90.Xr EXTENDED_KEY_USAGE_new 3 ,
91.Xr X509_EXTENSION_new 3
92.Sh STANDARDS
93RFC 5280: Internet X.509 Public Key Infrastructure Certificate and
94Certificate Revocation List (CRL) Profile
diff --git a/src/lib/libcrypto/man/d2i_DIST_POINT.3 b/src/lib/libcrypto/man/d2i_DIST_POINT.3
new file mode 100644
index 0000000000..8862d33635
--- /dev/null
+++ b/src/lib/libcrypto/man/d2i_DIST_POINT.3
@@ -0,0 +1,177 @@
1.\" $OpenBSD: d2i_DIST_POINT.3,v 1.1 2016/12/28 20:36:33 schwarze Exp $
2.\"
3.\" Copyright (c) 2016 Ingo Schwarze <schwarze@openbsd.org>
4.\"
5.\" Permission to use, copy, modify, and distribute this software for any
6.\" purpose with or without fee is hereby granted, provided that the above
7.\" copyright notice and this permission notice appear in all copies.
8.\"
9.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16.\"
17.Dd $Mdocdate: December 28 2016 $
18.Dt D2I_DIST_POINT 3
19.Os
20.Sh NAME
21.Nm d2i_DIST_POINT ,
22.Nm i2d_DIST_POINT ,
23.Nm d2i_CRL_DIST_POINTS ,
24.Nm i2d_CRL_DIST_POINTS ,
25.Nm d2i_DIST_POINT_NAME ,
26.Nm i2d_DIST_POINT_NAME ,
27.Nm d2i_ISSUING_DIST_POINT ,
28.Nm i2d_ISSUING_DIST_POINT ,
29.Nm d2i_ACCESS_DESCRIPTION ,
30.Nm i2d_ACCESS_DESCRIPTION ,
31.Nm d2i_AUTHORITY_INFO_ACCESS ,
32.Nm i2d_AUTHORITY_INFO_ACCESS
33.Nd decode and encode X.509 data access extensions
34.Sh SYNOPSIS
35.In openssl/x509v3.h
36.Ft DIST_POINT *
37.Fo d2i_DIST_POINT
38.Fa "DIST_POINT_NAME **val_out"
39.Fa "const unsigned char **der_in"
40.Fa "long length"
41.Fc
42.Ft int
43.Fo i2d_DIST_POINT
44.Fa "DIST_POINT *val_in"
45.Fa "unsigned char **der_out"
46.Fc
47.Ft CRL_DIST_POINTS *
48.Fo d2i_CRL_DIST_POINTS
49.Fa "CRL_DIST_POINTS_NAME **val_out"
50.Fa "const unsigned char **der_in"
51.Fa "long length"
52.Fc
53.Ft int
54.Fo i2d_CRL_DIST_POINTS
55.Fa "CRL_DIST_POINTS *val_in"
56.Fa "unsigned char **der_out"
57.Fc
58.Ft DIST_POINT_NAME *
59.Fo d2i_DIST_POINT_NAME
60.Fa "DIST_POINT_NAME_NAME **val_out"
61.Fa "const unsigned char **der_in"
62.Fa "long length"
63.Fc
64.Ft int
65.Fo i2d_DIST_POINT_NAME
66.Fa "DIST_POINT_NAME *val_in"
67.Fa "unsigned char **der_out"
68.Fc
69.Ft ISSUING_DIST_POINT *
70.Fo d2i_ISSUING_DIST_POINT
71.Fa "ISSUING_DIST_POINT_NAME **val_out"
72.Fa "const unsigned char **der_in"
73.Fa "long length"
74.Fc
75.Ft int
76.Fo i2d_ISSUING_DIST_POINT
77.Fa "ISSUING_DIST_POINT *val_in"
78.Fa "unsigned char **der_out"
79.Fc
80.Ft ACCESS_DESCRIPTION *
81.Fo d2i_ACCESS_DESCRIPTION
82.Fa "ACCESS_DESCRIPTION_NAME **val_out"
83.Fa "const unsigned char **der_in"
84.Fa "long length"
85.Fc
86.Ft int
87.Fo i2d_ACCESS_DESCRIPTION
88.Fa "ACCESS_DESCRIPTION *val_in"
89.Fa "unsigned char **der_out"
90.Fc
91.Ft AUTHORITY_INFO_ACCESS *
92.Fo d2i_AUTHORITY_INFO_ACCESS
93.Fa "AUTHORITY_INFO_ACCESS_NAME **val_out"
94.Fa "const unsigned char **der_in"
95.Fa "long length"
96.Fc
97.Ft int
98.Fo i2d_AUTHORITY_INFO_ACCESS
99.Fa "AUTHORITY_INFO_ACCESS *val_in"
100.Fa "unsigned char **der_out"
101.Fc
102.Sh DESCRIPTION
103These functions decode and encode X.509 extensions that communicate
104where to retrieve additional information online.
105For details about the semantics, examples, caveats, and bugs, see
106.Xr ASN1_item_d2i 3 .
107.Pp
108.Fn d2i_DIST_POINT
109and
110.Fn i2d_DIST_POINT
111decode and encode an ASN.1
112.Vt DistributionPoint
113structure defined in RFC 5280 section 4.2.1.13.
114.Pp
115.Fn d2i_CRL_DIST_POINTS
116and
117.Fn i2d_CRL_DIST_POINTS
118decode and encode an ASN.1
119.Vt CRLDistributionPoints
120structure defined in RFC 5280 section 4.2.1.13.
121.Pp
122.Fn d2i_DIST_POINT_NAME
123and
124.Fn i2d_DIST_POINT_NAME
125decode and encode an ASN.1
126.Vt DistributionPointName
127structure defined in RFC 5280 section 4.2.1.13.
128.Pp
129.Fn d2i_ISSUING_DIST_POINT
130and
131.Fn i2d_ISSUING_DIST_POINT
132decode and encode an ASN.1
133.Vt IssuingDistributionPoint
134structure defined in RFC 5280 section 5.2.5.
135.Pp
136.Fn d2i_ACCESS_DESCRIPTION
137and
138.Fn i2d_ACCESS_DESCRIPTION
139decode and encode an ASN.1
140.Vt AccessDescription
141structure defined in RFC 5280 section 4.2.2.1.
142.Pp
143.Fn d2i_AUTHORITY_INFO_ACCESS
144and
145.Fn i2d_AUTHORITY_INFO_ACCESS
146decode and encode an ASN.1
147.Vt AuthorityInfoAccessSyntax
148structure defined in RFC 5280 section 4.2.2.1.
149.Sh RETURN VALUES
150.Fn d2i_DIST_POINT ,
151.Fn d2i_CRL_DIST_POINTS ,
152.Fn d2i_DIST_POINT_NAME ,
153.Fn d2i_ISSUING_DIST_POINT ,
154.Fn d2i_ACCESS_DESCRIPTION ,
155and
156.Fn d2i_AUTHORITY_INFO_ACCESS
157return an object of the respective type or
158.Dv NULL
159if an error occurs.
160.Pp
161.Fn i2d_DIST_POINT ,
162.Fn i2d_CRL_DIST_POINTS ,
163.Fn i2d_DIST_POINT_NAME ,
164.Fn i2d_ISSUING_DIST_POINT ,
165.Fn i2d_ACCESS_DESCRIPTION ,
166and
167.Fn i2d_AUTHORITY_INFO_ACCESS
168return the number of bytes successfully encoded or a negative value
169if an error occurs.
170.Sh SEE ALSO
171.Xr ACCESS_DESCRIPTION_new 3 ,
172.Xr ASN1_item_d2i 3 ,
173.Xr DIST_POINT_new 3 ,
174.Xr X509_EXTENSION_new 3
175.Sh STANDARDS
176RFC 5280: Internet X.509 Public Key Infrastructure Certificate and
177Certificate Revocation List (CRL) Profile
diff --git a/src/lib/libcrypto/man/d2i_GENERAL_NAME.3 b/src/lib/libcrypto/man/d2i_GENERAL_NAME.3
new file mode 100644
index 0000000000..0340d1e51c
--- /dev/null
+++ b/src/lib/libcrypto/man/d2i_GENERAL_NAME.3
@@ -0,0 +1,140 @@
1.\" $OpenBSD: d2i_GENERAL_NAME.3,v 1.1 2016/12/28 20:36:33 schwarze Exp $
2.\"
3.\" Copyright (c) 2016 Ingo Schwarze <schwarze@openbsd.org>
4.\"
5.\" Permission to use, copy, modify, and distribute this software for any
6.\" purpose with or without fee is hereby granted, provided that the above
7.\" copyright notice and this permission notice appear in all copies.
8.\"
9.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16.\"
17.Dd $Mdocdate: December 28 2016 $
18.Dt D2I_GENERAL_NAME 3
19.Os
20.Sh NAME
21.Nm d2i_GENERAL_NAME ,
22.Nm i2d_GENERAL_NAME ,
23.Nm d2i_GENERAL_NAMES ,
24.Nm i2d_GENERAL_NAMES ,
25.Nm d2i_EDIPARTYNAME ,
26.Nm i2d_EDIPARTYNAME ,
27.Nm d2i_OTHERNAME ,
28.Nm i2d_OTHERNAME
29.Nd decode and encode names for use in X.509 extensions
30.Sh SYNOPSIS
31.In openssl/x509v3.h
32.Ft GENERAL_NAME *
33.Fo d2i_GENERAL_NAME
34.Fa "GENERAL_NAME **val_out"
35.Fa "const unsigned char **der_in"
36.Fa "long length"
37.Fc
38.Ft int
39.Fo i2d_GENERAL_NAME
40.Fa "GENERAL_NAME *val_in"
41.Fa "unsigned char **der_out"
42.Fc
43.Ft GENERAL_NAMES *
44.Fo d2i_GENERAL_NAMES
45.Fa "GENERAL_NAMES **val_out"
46.Fa "const unsigned char **der_in"
47.Fa "long length"
48.Fc
49.Ft int
50.Fo i2d_GENERAL_NAMES
51.Fa "GENERAL_NAMES *val_in"
52.Fa "unsigned char **der_out"
53.Fc
54.Ft EDIPARTYNAME *
55.Fo d2i_EDIPARTYNAME
56.Fa "EDIPARTYNAME **val_out"
57.Fa "const unsigned char **der_in"
58.Fa "long length"
59.Fc
60.Ft int
61.Fo i2d_EDIPARTYNAME
62.Fa "EDIPARTYNAME *val_in"
63.Fa "unsigned char **der_out"
64.Fc
65.Ft OTHERNAME *
66.Fo d2i_OTHERNAME
67.Fa "OTHERNAME **val_out"
68.Fa "const unsigned char **der_in"
69.Fa "long length"
70.Fc
71.Ft int
72.Fo i2d_OTHERNAME
73.Fa "OTHERNAME *val_in"
74.Fa "unsigned char **der_out"
75.Fc
76.Sh DESCRIPTION
77These functions decode and encode names that can be used in X.509
78extensions.
79For details about the semantics, examples, caveats, and bugs, see
80.Xr ASN1_item_d2i 3 .
81.Pp
82.Fn d2i_GENERAL_NAME
83and
84.Fn i2d_GENERAL_NAME
85decode and encode an ASN.1
86.Vt GeneralName
87structure defined in RFC 5280 section 4.2.1.6.
88.Pp
89.Fn d2i_GENERAL_NAMES
90and
91.Fn i2d_GENERAL_NAMES
92decode and encode an ASN.1
93.Vt GeneralNames
94structure defined in RFC 5280 section 4.2.1.6.
95.Pp
96.Fn d2i_EDIPARTYNAME
97and
98.Fn i2d_EDIPARTYNAME
99decode and encode an ASN.1
100.Vt EDIPartyName
101structure defined in RFC 5280 section 4.2.1.6.
102.Pp
103.Fn d2i_OTHERNAME
104and
105.Fn i2d_OTHERNAME
106decode and encode an ASN.1
107.Vt OtherName
108structure defined in RFC 5280 section 4.2.1.6.
109.Sh RETURN VALUES
110.Fn d2i_GENERAL_NAME ,
111.Fn d2i_GENERAL_NAMES ,
112.Fn d2i_EDIPARTYNAME ,
113and
114.Fn d2i_OTHERNAME
115return a
116.Vt GENERAL_NAME ,
117.Vt GENERAL_NAMES ,
118.Vt EDIPARTYNAME ,
119or
120.Vt OTHERNAME
121object, respectively, or
122.Dv NULL
123if an error occurs.
124.Pp
125.Fn i2d_GENERAL_NAME ,
126.Fn i2d_GENERAL_NAMES ,
127.Fn i2d_EDIPARTYNAME ,
128and
129.Fn i2d_OTHERNAME
130return the number of bytes successfully encoded or a negative value
131if an error occurs.
132.Sh SEE ALSO
133.Xr ASN1_item_d2i 3 ,
134.Xr d2i_X509_NAME 3 ,
135.Xr GENERAL_NAME_new 3 ,
136.Xr X509_EXTENSION_new 3
137.Sh STANDARDS
138RFC 5280: Internet X.509 Public Key Infrastructure Certificate and
139Certificate Revocation List (CRL) Profile,
140section 4.2: Certificate Extensions
diff --git a/src/lib/libcrypto/man/d2i_PKEY_USAGE_PERIOD.3 b/src/lib/libcrypto/man/d2i_PKEY_USAGE_PERIOD.3
new file mode 100644
index 0000000000..547b77970d
--- /dev/null
+++ b/src/lib/libcrypto/man/d2i_PKEY_USAGE_PERIOD.3
@@ -0,0 +1,68 @@
1.\" $OpenBSD: d2i_PKEY_USAGE_PERIOD.3,v 1.1 2016/12/28 20:36:33 schwarze Exp $
2.\"
3.\" Copyright (c) 2016 Ingo Schwarze <schwarze@openbsd.org>
4.\"
5.\" Permission to use, copy, modify, and distribute this software for any
6.\" purpose with or without fee is hereby granted, provided that the above
7.\" copyright notice and this permission notice appear in all copies.
8.\"
9.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16.\"
17.Dd $Mdocdate: December 28 2016 $
18.Dt D2I_PKEY_USAGE_PERIOD 3
19.Os
20.Sh NAME
21.Nm d2i_PKEY_USAGE_PERIOD ,
22.Nm i2d_PKEY_USAGE_PERIOD
23.Nd decode and encode X.509 key usage period extensions
24.Sh SYNOPSIS
25.In openssl/x509v3.h
26.Ft PKEY_USAGE_PERIOD *
27.Fo d2i_PKEY_USAGE_PERIOD
28.Fa "PKEY_USAGE_PERIOD **val_out"
29.Fa "const unsigned char **der_in"
30.Fa "long length"
31.Fc
32.Ft int
33.Fo i2d_PKEY_USAGE_PERIOD
34.Fa "PKEY_USAGE_PERIOD *val_in"
35.Fa "unsigned char **der_out"
36.Fc
37.Sh DESCRIPTION
38.Fn d2i_PKEY_USAGE_PERIOD
39and
40.Fn i2d_PKEY_USAGE_PERIOD
41decode and encode an ASN.1
42.Vt PrivateKeyUsagePeriod
43structure defined in RFC 3280 section 4.2.1.4.
44For details about the semantics, examples, caveats, and bugs, see
45.Xr ASN1_item_d2i 3 .
46.Sh RETURN VALUES
47.Fn d2i_PKEY_USAGE_PERIOD
48returns a
49.Vt PKEY_USAGE_PERIOD
50object or
51.Dv NULL
52if an error occurs.
53.Pp
54.Fn i2d_PKEY_USAGE_PERIOD
55returns the number of bytes successfully encoded or a negative value
56if an error occurs.
57.Sh SEE ALSO
58.Xr ASN1_item_d2i 3 ,
59.Xr PKEY_USAGE_PERIOD_new 3 ,
60.Xr X509_EXTENSION_new 3
61.Sh STANDARDS
62RFC 3280: Internet X.509 Public Key Infrastructure Certificate and
63Certificate Revocation List (CRL) Profile,
64section 4.2.1.4: Private Key Usage Period
65.Pp
66RFC 3280 was obsoleted by RFC 5280; see
67.Xr PKEY_USAGE_PERIOD_new 3
68for details.
diff --git a/src/lib/libcrypto/man/d2i_POLICYINFO.3 b/src/lib/libcrypto/man/d2i_POLICYINFO.3
new file mode 100644
index 0000000000..6a93059bc2
--- /dev/null
+++ b/src/lib/libcrypto/man/d2i_POLICYINFO.3
@@ -0,0 +1,161 @@
1.\" $OpenBSD: d2i_POLICYINFO.3,v 1.1 2016/12/28 20:36:33 schwarze Exp $
2.\"
3.\" Copyright (c) 2016 Ingo Schwarze <schwarze@openbsd.org>
4.\"
5.\" Permission to use, copy, modify, and distribute this software for any
6.\" purpose with or without fee is hereby granted, provided that the above
7.\" copyright notice and this permission notice appear in all copies.
8.\"
9.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16.\"
17.Dd $Mdocdate: December 28 2016 $
18.Dt D2I_POLICYINFO 3
19.Os
20.Sh NAME
21.Nm d2i_POLICYINFO ,
22.Nm i2d_POLICYINFO ,
23.Nm d2i_CERTIFICATEPOLICIES ,
24.Nm i2d_CERTIFICATEPOLICIES ,
25.Nm d2i_POLICYQUALINFO ,
26.Nm i2d_POLICYQUALINFO ,
27.Nm d2i_USERNOTICE ,
28.Nm i2d_USERNOTICE ,
29.Nm d2i_NOTICEREF ,
30.Nm i2d_NOTICEREF
31.Nd decode and encode X.509 certificate policies
32.Sh SYNOPSIS
33.In openssl/x509v3.h
34.Ft POLICYINFO *
35.Fo d2i_POLICYINFO
36.Fa "POLICYINFO **val_out"
37.Fa "const unsigned char **der_in"
38.Fa "long length"
39.Fc
40.Ft int
41.Fo i2d_POLICYINFO
42.Fa "POLICYINFO *val_in"
43.Fa "unsigned char **der_out"
44.Fc
45.Ft CERTIFICATEPOLICIES *
46.Fo d2i_CERTIFICATEPOLICIES
47.Fa "CERTIFICATEPOLICIES **val_out"
48.Fa "const unsigned char **der_in"
49.Fa "long length"
50.Fc
51.Ft int
52.Fo i2d_CERTIFICATEPOLICIES
53.Fa "CERTIFICATEPOLICIES *val_in"
54.Fa "unsigned char **der_out"
55.Fc
56.Ft POLICYQUALINFO *
57.Fo d2i_POLICYQUALINFO
58.Fa "POLICYQUALINFO **val_out"
59.Fa "const unsigned char **der_in"
60.Fa "long length"
61.Fc
62.Ft int
63.Fo i2d_POLICYQUALINFO
64.Fa "POLICYQUALINFO *val_in"
65.Fa "unsigned char **der_out"
66.Fc
67.Ft USERNOTICE *
68.Fo d2i_USERNOTICE
69.Fa "USERNOTICE **val_out"
70.Fa "const unsigned char **der_in"
71.Fa "long length"
72.Fc
73.Ft int
74.Fo i2d_USERNOTICE
75.Fa "USERNOTICE *val_in"
76.Fa "unsigned char **der_out"
77.Fc
78.Ft NOTICEREF *
79.Fo d2i_NOTICEREF
80.Fa "NOTICEREF **val_out"
81.Fa "const unsigned char **der_in"
82.Fa "long length"
83.Fc
84.Ft int
85.Fo i2d_NOTICEREF
86.Fa "NOTICEREF *val_in"
87.Fa "unsigned char **der_out"
88.Fc
89.Sh DESCRIPTION
90These functions decode and encode X.509 certificate policies.
91For details about the semantics, examples, caveats, and bugs, see
92.Xr ASN1_item_d2i 3 .
93.Pp
94.Fn d2i_POLICYINFO
95and
96.Fn i2d_POLICYINFO
97decode and encode an ASN.1
98.Vt PolicyInformation
99structure defined in RFC 5280 section 4.2.1.4.
100.Pp
101.Fn d2i_CERTIFICATEPOLICIES
102and
103.Fn i2d_CERTIFICATEPOLICIES
104decode and encode an ASN.1
105.Vt CertificatePolicies
106structure defined in RFC 5280 section 4.2.1.4.
107.Pp
108.Fn d2i_POLICYQUALINFO
109and
110.Fn i2d_POLICYQUALINFO
111decode and encode an ASN.1
112.Vt PolicyQualifierInfo
113structure defined in RFC 5280 section 4.2.1.4.
114.Pp
115.Fn d2i_USERNOTICE
116and
117.Fn i2d_USERNOTICE
118decode and encode an ASN.1
119.Vt UserNotice
120structure defined in RFC 5280 section 4.2.1.4.
121.Pp
122.Fn d2i_NOTICEREF
123and
124.Fn i2d_NOTICEREF
125decode and encode an ASN.1
126.Vt NoticeReference
127structure defined in RFC 5280 section 4.2.1.4.
128.Sh RETURN VALUES
129.Fn d2i_POLICYINFO ,
130.Fn d2i_CERTIFICATEPOLICIES ,
131.Fn d2i_POLICYQUALINFO ,
132.Fn d2i_USERNOTICE ,
133and
134.Fn d2i_NOTICEREF
135return a
136.Vt POLICYINFO ,
137.Vt CERTIFICATEPOLICIES ,
138.Vt POLICYQUALINFO ,
139.Vt USERNOTICE ,
140or
141.Vt NOTICEREF
142object, respectively, or
143.Dv NULL
144if an error occurs.
145.Pp
146.Fn i2d_POLICYINFO ,
147.Fn i2d_CERTIFICATEPOLICIES ,
148.Fn i2d_POLICYQUALINFO ,
149.Fn i2d_USERNOTICE ,
150and
151.Fn i2d_NOTICEREF
152return the number of bytes successfully encoded or a negative value
153if an error occurs.
154.Sh SEE ALSO
155.Xr ASN1_item_d2i 3 ,
156.Xr POLICYINFO_new 3 ,
157.Xr X509_EXTENSION_new 3
158.Sh STANDARDS
159RFC 5280: Internet X.509 Public Key Infrastructure Certificate and
160Certificate Revocation List (CRL) Profile,
161section 4.2.1.4: Certificate Policies
diff --git a/src/lib/libcrypto/man/d2i_PROXY_POLICY.3 b/src/lib/libcrypto/man/d2i_PROXY_POLICY.3
new file mode 100644
index 0000000000..0c447b1034
--- /dev/null
+++ b/src/lib/libcrypto/man/d2i_PROXY_POLICY.3
@@ -0,0 +1,93 @@
1.\" $OpenBSD: d2i_PROXY_POLICY.3,v 1.1 2016/12/28 20:36:33 schwarze Exp $
2.\"
3.\" Copyright (c) 2016 Ingo Schwarze <schwarze@openbsd.org>
4.\"
5.\" Permission to use, copy, modify, and distribute this software for any
6.\" purpose with or without fee is hereby granted, provided that the above
7.\" copyright notice and this permission notice appear in all copies.
8.\"
9.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16.\"
17.Dd $Mdocdate: December 28 2016 $
18.Dt D2I_PROXY_POLICY 3
19.Os
20.Sh NAME
21.Nm d2i_PROXY_POLICY ,
22.Nm i2d_PROXY_POLICY ,
23.Nm d2i_PROXY_CERT_INFO_EXTENSION ,
24.Nm i2d_PROXY_CERT_INFO_EXTENSION
25.Nd decode and encode X.509 proxy certificate extensions
26.Sh SYNOPSIS
27.In openssl/x509v3.h
28.Ft PROXY_POLICY *
29.Fo d2i_PROXY_POLICY
30.Fa "PROXY_POLICY **val_out"
31.Fa "const unsigned char **der_in"
32.Fa "long length"
33.Fc
34.Ft int
35.Fo i2d_PROXY_POLICY
36.Fa "PROXY_POLICY *val_in"
37.Fa "unsigned char **der_out"
38.Fc
39.Ft PROXY_CERT_INFO_EXTENSION *
40.Fo d2i_PROXY_CERT_INFO_EXTENSION
41.Fa "PROXY_CERT_INFO_EXTENSION **val_out"
42.Fa "const unsigned char **der_in"
43.Fa "long length"
44.Fc
45.Ft int
46.Fo i2d_PROXY_CERT_INFO_EXTENSION
47.Fa "PROXY_CERT_INFO_EXTENSION *val_in"
48.Fa "unsigned char **der_out"
49.Fc
50.Sh DESCRIPTION
51These functions encode and decode X.509 extensions that decide
52whether a certificate is a proxy certificate, and which policies
53apply to it.
54For details about the semantics, examples, caveats, and bugs, see
55.Xr ASN1_item_d2i 3 .
56.Pp
57.Fn d2i_PROXY_POLICY
58and
59.Fn i2d_PROXY_POLICY
60decode and encode an ASN.1
61.Vt ProxyPolicy
62structure defined in RFC 3820 section 3.8.
63.Pp
64.Fn d2i_PROXY_CERT_INFO_EXTENSION
65and
66.Fn i2d_PROXY_CERT_INFO_EXTENSION
67decode and encode an ASN.1
68.Vt ProxyCertInfo
69structure defined in RFC 3820 section 3.8.
70.Sh RETURN VALUES
71.Fn d2i_PROXY_POLICY
72and
73.Fn d2i_PROXY_CERT_INFO_EXTENSION
74return a
75.Vt PROXY_POLICY
76or
77.Vt PROXY_CERT_INFO_EXTENSION
78object, respectively, or
79.Dv NULL
80if an error occurs.
81.Pp
82.Fn i2d_PROXY_POLICY
83and
84.Fn i2d_PROXY_CERT_INFO_EXTENSION
85return the number of bytes successfully encoded or a negative value
86if an error occurs.
87.Sh SEE ALSO
88.Xr ASN1_item_d2i 3 ,
89.Xr PROXY_POLICY_new 3 ,
90.Xr X509_EXTENSION_new 3
91.Sh STANDARDS
92RFC 3820: Internet X.509 Public Key Infrastructure (PKI) Proxy
93Certificate Profile
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-21 01:00:05 +0000