Rewrite and add d2i_X509_CRL_INFO(3), i2d_X509_CRL_INFO(3),

d2i_X509_REVOKED(3), and i2d_X509_CRL_INFO(3), all listed in
<openssl/x509.h> and in OpenSSL doc/man3/d2i_X509.pod.

1 files changed, 94 insertions, 67 deletions

diff --git a/src/lib/libcrypto/man/d2i_X509_CRL.3 b/src/lib/libcrypto/man/d2i_X509_CRL.3
index 1c8ca5c6b9..398af4cda4 100644
--- a/src/lib/libcrypto/man/d2i_X509_CRL.3
+++ b/src/lib/libcrypto/man/d2i_X509_CRL.3
@@ -1,55 +1,21 @@
-.\"     $OpenBSD: d2i_X509_CRL.3,v 1.4 2016/12/08 20:22:08 jmc Exp $
+.\"     $OpenBSD: d2i_X509_CRL.3,v 1.5 2016/12/28 14:59:39 schwarze Exp $
 .\"     OpenSSL bb9ad09e Jun 6 00:43:05 2016 -0400
 .\"
-.\" This file was written by Dr. Stephen Henson <steve@openssl.org>.
-.\" Copyright (c) 2002, 2005, 2009, 2013, 2015 The OpenSSL Project.
-.\" All rights reserved.
+.\" Copyright (c) 2016 Ingo Schwarze <schwarze@openbsd.org>
 .\"
-.\" Redistribution and use in source and binary forms, with or without
-.\" modification, are permitted provided that the following conditions
-.\" are met:
+.\" Permission to use, copy, modify, and distribute this software for any
+.\" purpose with or without fee is hereby granted, provided that the above
+.\" copyright notice and this permission notice appear in all copies.
 .\"
-.\" 1. Redistributions of source code must retain the above copyright
-.\"    notice, this list of conditions and the following disclaimer.
+.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 .\"
-.\" 2. Redistributions in binary form must reproduce the above copyright
-.\"    notice, this list of conditions and the following disclaimer in
-.\"    the documentation and/or other materials provided with the
-.\"    distribution.
-.\"
-.\" 3. All advertising materials mentioning features or use of this
-.\"    software must display the following acknowledgment:
-.\"    "This product includes software developed by the OpenSSL Project
-.\"    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
-.\"
-.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
-.\"    endorse or promote products derived from this software without
-.\"    prior written permission. For written permission, please contact
-.\"    openssl-core@openssl.org.
-.\"
-.\" 5. Products derived from this software may not be called "OpenSSL"
-.\"    nor may "OpenSSL" appear in their names without prior written
-.\"    permission of the OpenSSL Project.
-.\"
-.\" 6. Redistributions of any form whatsoever must retain the following
-.\"    acknowledgment:
-.\"    "This product includes software developed by the OpenSSL Project
-.\"    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
-.\"
-.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
-.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
-.\" PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
-.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
-.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
-.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
-.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
-.\" OF THE POSSIBILITY OF SUCH DAMAGE.
-.\"
-.Dd $Mdocdate: December 8 2016 $
+.Dd $Mdocdate: December 28 2016 $
 .Dt D2I_X509_CRL 3
 .Os
 .Sh NAME
@@ -58,47 +24,108 @@
 .Nm d2i_X509_CRL_bio ,
 .Nm d2i_X509_CRL_fp ,
 .Nm i2d_X509_CRL_bio ,
-.Nm i2d_X509_CRL_fp
-.Nd PKCS#10 certificate request functions
+.Nm i2d_X509_CRL_fp ,
+.Nm d2i_X509_CRL_INFO ,
+.Nm i2d_X509_CRL_INFO ,
+.Nm d2i_X509_REVOKED ,
+.Nm i2d_X509_REVOKED
+.Nd decode and encode X.509 certificate revocation lists
 .Sh SYNOPSIS
 .In openssl/x509.h
 .Ft X509_CRL *
 .Fo d2i_X509_CRL
-.Fa "X509_CRL **a"
-.Fa "const unsigned char **pp"
+.Fa "X509_CRL **val_out"
+.Fa "const unsigned char **der_in"
 .Fa "long length"
 .Fc
 .Ft int
 .Fo i2d_X509_CRL
-.Fa "X509_CRL *a"
-.Fa "unsigned char **pp"
+.Fa "X509_CRL *val_in"
+.Fa "unsigned char **der_out"
 .Fc
 .Ft X509_CRL *
 .Fo d2i_X509_CRL_bio
-.Fa "BIO *bp"
-.Fa "X509_CRL **x"
+.Fa "BIO *in_bio"
+.Fa "X509_CRL **der_out"
 .Fc
 .Ft X509_CRL *
 .Fo d2i_X509_CRL_fp
-.Fa "FILE *fp"
-.Fa "X509_CRL **x"
+.Fa "FILE *in_fp"
+.Fa "X509_CRL **der_out"
 .Fc
 .Ft int
 .Fo i2d_X509_CRL_bio
-.Fa "BIO *bp"
-.Fa "X509_CRL *x"
+.Fa "BIO *out_bio"
+.Fa "X509_CRL *der_in"
 .Fc
 .Ft int
 .Fo i2d_X509_CRL_fp
-.Fa "FILE *fp"
-.Fa "X509_CRL *x"
+.Fa "FILE *out_fp"
+.Fa "X509_CRL *der_in"
+.Fc
+.Ft X509_CRL_INFO *
+.Fo d2i_X509_CRL_INFO
+.Fa "X509_CRL_INFO **val_out"
+.Fa "const unsigned char **der_in"
+.Fa "long length"
+.Fc
+.Ft int
+.Fo i2d_X509_CRL_INFO
+.Fa "X509_CRL_INFO *val_in"
+.Fa "unsigned char **der_out"
+.Fc
+.Ft X509_REVOKED *
+.Fo d2i_X509_REVOKED
+.Fa "X509_REVOKED **val_out"
+.Fa "const unsigned char **der_in"
+.Fa "long length"
+.Fc
+.Ft int
+.Fo i2d_X509_REVOKED
+.Fa "X509_REVOKED *val_in"
+.Fa "unsigned char **der_out"
 .Fc
 .Sh DESCRIPTION
-These functions decode and encode an X509 CRL (certificate revocation
-list).
-They otherwise behave in a way similar to
-.Xr d2i_X509 3
+These functions decode and encode X.509 certificate revocation lists.
+For details about the semantics, examples, caveats, and bugs, see
+.Xr ASN1_item_d2i 3 .
+.Pp
+.Fn d2i_X509_CRL
+and
+.Fn i2d_X509_CRL
+decode and encode an ASN.1
+.Vt CertificateList
+structure defined in RFC 5280 section 5.1.
+.Fn d2i_X509_CRL_bio ,
+.Fn d2i_X509_CRL_fp ,
+.Fn i2d_X509_CRL_bio ,
+and
+.Fn i2d_X509_CRL_fp
+are similar except that they decode or encode using a
+.Vt BIO
+or
+.Vt FILE
+pointer.
+.Pp
+.Fn d2i_X509_CRL_INFO
+and
+.Fn i2d_X509_CRL_INFO
+decode and encode an ASN.1
+.Vt TBSCertList
+structure defined in RFC 5280 section 5.1.
+.Pp
+.Fn d2i_X509_REVOKED
 and
-.Xr i2d_X509 3 .
+.Fn i2d_X509_REVOKED
+decode and encode an ASN.1 structure representing one element of
+the revokedCertificates field of the ASN.1
+.Vt TBSCertList
+structure.
 .Sh SEE ALSO
-.Xr d2i_X509 3
+.Xr ASN1_item_d2i 3 ,
+.Xr X509_CRL_new 3 ,
+.Xr X509_REVOKED_new 3
+.Sh STANDARDS
+RFC 5280: Internet X.509 Public Key Infrastructure Certificate and
+Certificate Revocation List (CRL) Profile,
+section 5: CRL and CRL Extensions Profile