diff options
| author | schwarze <> | 2023-09-13 14:18:21 +0000 |
|---|---|---|
| committer | schwarze <> | 2023-09-13 14:18:21 +0000 |
| commit | e234d71eb8af3432d2e1dd3376729df59773a8c4 (patch) | |
| tree | b269767971023a12798a3b47b31fdd348060b31a /src/lib | |
| parent | 712cf7820fa5dfb2b4cdd0ddcef2a7088da91472 (diff) | |
| download | openbsd-e234d71eb8af3432d2e1dd3376729df59773a8c4.tar.gz openbsd-e234d71eb8af3432d2e1dd3376729df59773a8c4.tar.bz2 openbsd-e234d71eb8af3432d2e1dd3376729df59773a8c4.zip | |
Various improvements:
* Document the ASN1_PKEY_CTRL_DEFAULT_MD_NID control operation.
* Mention that EVP_PKEY_asn1_new(3) sets ASN1_PKEY_DYNAMIC.
* Fix the description of EVP_PKEY_asn1_copy(3), which was totally wrong.
* Warn about the crazy ASN1_PKEY_DYNAMIC handling in EVP_PKEY_asn1_free(3).
* Be more precise about EVP_PKEY_asn1_new(3) RETURN VALUES.
Diffstat (limited to 'src/lib')
| -rw-r--r-- | src/lib/libcrypto/man/EVP_PKEY_asn1_new.3 | 78 |
1 files changed, 63 insertions, 15 deletions
diff --git a/src/lib/libcrypto/man/EVP_PKEY_asn1_new.3 b/src/lib/libcrypto/man/EVP_PKEY_asn1_new.3 index aa6e016dfd..82a109c57d 100644 --- a/src/lib/libcrypto/man/EVP_PKEY_asn1_new.3 +++ b/src/lib/libcrypto/man/EVP_PKEY_asn1_new.3 | |||
| @@ -1,8 +1,25 @@ | |||
| 1 | .\" $OpenBSD: EVP_PKEY_asn1_new.3,v 1.9 2023/08/27 13:15:29 schwarze Exp $ | 1 | .\" $OpenBSD: EVP_PKEY_asn1_new.3,v 1.10 2023/09/13 14:18:21 schwarze Exp $ |
| 2 | .\" selective merge up to: | 2 | .\" selective merge up to: |
| 3 | .\" OpenSSL man3/EVP_PKEY_ASN1_METHOD b0004708 Nov 1 00:45:24 2017 +0800 | 3 | .\" OpenSSL man3/EVP_PKEY_ASN1_METHOD b0004708 Nov 1 00:45:24 2017 +0800 |
| 4 | .\" | 4 | .\" |
| 5 | .\" This file was written by Richard Levitte <levitte@openssl.org> | 5 | .\" This file is a derived work. |
| 6 | .\" The changes are covered by the following Copyright and license: | ||
| 7 | .\" | ||
| 8 | .\" Copyright (c) 2023 Ingo Schwarze <schwarze@openbsd.org> | ||
| 9 | .\" | ||
| 10 | .\" Permission to use, copy, modify, and distribute this software for any | ||
| 11 | .\" purpose with or without fee is hereby granted, provided that the above | ||
| 12 | .\" copyright notice and this permission notice appear in all copies. | ||
| 13 | .\" | ||
| 14 | .\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES | ||
| 15 | .\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF | ||
| 16 | .\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR | ||
| 17 | .\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES | ||
| 18 | .\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN | ||
| 19 | .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF | ||
| 20 | .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | ||
| 21 | .\" | ||
| 22 | .\" The original file was written by Richard Levitte <levitte@openssl.org> | ||
| 6 | .\" and Paul Yang <yang.yang@baishancloud.com>. | 23 | .\" and Paul Yang <yang.yang@baishancloud.com>. |
| 7 | .\" Copyright (c) 2017 The OpenSSL Project. All rights reserved. | 24 | .\" Copyright (c) 2017 The OpenSSL Project. All rights reserved. |
| 8 | .\" | 25 | .\" |
| @@ -50,7 +67,7 @@ | |||
| 50 | .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | 67 | .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED |
| 51 | .\" OF THE POSSIBILITY OF SUCH DAMAGE. | 68 | .\" OF THE POSSIBILITY OF SUCH DAMAGE. |
| 52 | .\" | 69 | .\" |
| 53 | .Dd $Mdocdate: August 27 2023 $ | 70 | .Dd $Mdocdate: September 13 2023 $ |
| 54 | .Dt EVP_PKEY_ASN1_NEW 3 | 71 | .Dt EVP_PKEY_ASN1_NEW 3 |
| 55 | .Os | 72 | .Os |
| 56 | .Sh NAME | 73 | .Sh NAME |
| @@ -345,11 +362,34 @@ and | |||
| 345 | .Ed | 362 | .Ed |
| 346 | .Pp | 363 | .Pp |
| 347 | Add extra algorithm specific control. | 364 | Add extra algorithm specific control. |
| 348 | This method is called by | 365 | .Pp |
| 349 | .Xr EVP_PKEY_get_default_digest_nid 3 , | 366 | If the |
| 367 | .Fa op | ||
| 368 | argument is | ||
| 369 | .Dv ASN1_PKEY_CTRL_DEFAULT_MD_NID , | ||
| 370 | the | ||
| 371 | .Fa pkey_ctrl | ||
| 372 | method is supposed to write the message digest NID | ||
| 373 | for public key signature operations with the given | ||
| 374 | .Fa pkey | ||
| 375 | to | ||
| 376 | .Pf * Fa arg2 | ||
| 377 | as documented in the | ||
| 378 | .Xr EVP_PKEY_get_default_digest_nid 3 | ||
| 379 | manual page. | ||
| 380 | .Pp | ||
| 381 | The | ||
| 382 | .Fa pkey_ctrl | ||
| 383 | method is also called by | ||
| 350 | .Fn PKCS7_SIGNER_INFO_set , | 384 | .Fn PKCS7_SIGNER_INFO_set , |
| 351 | .Fn PKCS7_RECIP_INFO_set , | 385 | .Fn PKCS7_RECIP_INFO_set , |
| 352 | and other functions. | 386 | and other functions. |
| 387 | .\" TODO: | ||
| 388 | .\" ASN1_PKEY_CTRL_CMS_ENVELOPE in cms_env.c rsa_ameth.c | ||
| 389 | .\" ASN1_PKEY_CTRL_CMS_RI_TYPE in cms_env.c dsa_ameth.c ec_ameth.c rsa_ameth.c | ||
| 390 | .\" ASN1_PKEY_CTRL_CMS_SIGN in cms_sd.c dsa_ameth.c ec_ameth.c rsa_ameth.c | ||
| 391 | .\" ASN1_PKEY_CTRL_PKCS7_ENCRYPT in pk7_lib.c rsa_ameth.c | ||
| 392 | .\" ASN1_PKEY_CTRL_PKCS7_SIGN in pk7_lib.c dsa_ameth.c ec_ameth.c rsa_ameth.c | ||
| 353 | .Bd -unfilled | 393 | .Bd -unfilled |
| 354 | .Ft int Fn (*pkey_check) "const EVP_PKEY *pk" | 394 | .Ft int Fn (*pkey_check) "const EVP_PKEY *pk" |
| 355 | .Ft int Fn (*pkey_public_check) "const EVP_PKEY *pk" | 395 | .Ft int Fn (*pkey_public_check) "const EVP_PKEY *pk" |
| @@ -378,7 +418,7 @@ It is called by | |||
| 378 | .Fn EVP_PKEY_asn1_new | 418 | .Fn EVP_PKEY_asn1_new |
| 379 | creates and returns a new | 419 | creates and returns a new |
| 380 | .Vt EVP_PKEY_ASN1_METHOD | 420 | .Vt EVP_PKEY_ASN1_METHOD |
| 381 | object, and associates the given | 421 | object, marks it as dynamically allocated, and associates the given |
| 382 | .Fa id , | 422 | .Fa id , |
| 383 | .Fa flags , | 423 | .Fa flags , |
| 384 | .Fa pem_str | 424 | .Fa pem_str |
| @@ -404,20 +444,28 @@ See | |||
| 404 | for more information. | 444 | for more information. |
| 405 | .Pp | 445 | .Pp |
| 406 | .Fn EVP_PKEY_asn1_copy | 446 | .Fn EVP_PKEY_asn1_copy |
| 407 | copies an | 447 | copies all function pointers from |
| 408 | .Vt EVP_PKEY_ASN1_METHOD | ||
| 409 | object from | ||
| 410 | .Fa src | 448 | .Fa src |
| 411 | to | 449 | to |
| 412 | .Fa dst . | 450 | .Fa dst . |
| 451 | The data in | ||
| 452 | .Fa dst | ||
| 453 | that can be set with | ||
| 454 | .Fn EVP_PKEY_asn1_new | ||
| 455 | \(em NIDs, flags, and strings \(em | ||
| 456 | remains unchanged. | ||
| 413 | This function is not thread safe, it is recommended to only use this when | 457 | This function is not thread safe, it is recommended to only use this when |
| 414 | initializing the application. | 458 | initializing the application. |
| 415 | .Pp | 459 | .Pp |
| 416 | .Fn EVP_PKEY_asn1_free | 460 | .Fn EVP_PKEY_asn1_free |
| 417 | frees an existing | 461 | frees the dynamically allocated |
| 418 | .Vt EVP_PKEY_ASN1_METHOD | 462 | .Fa ameth |
| 419 | pointed by | 463 | including all memory it refers to. |
| 420 | .Fa ameth . | 464 | If |
| 465 | .Fa ameth | ||
| 466 | is | ||
| 467 | .Dv NULL | ||
| 468 | of not marked as dynamically allocated, no action occurs. | ||
| 421 | .Pp | 469 | .Pp |
| 422 | .Fn EVP_PKEY_asn1_add0 | 470 | .Fn EVP_PKEY_asn1_add0 |
| 423 | adds | 471 | adds |
| @@ -456,11 +504,11 @@ set the diverse methods of the given | |||
| 456 | object. | 504 | object. |
| 457 | .Sh RETURN VALUES | 505 | .Sh RETURN VALUES |
| 458 | .Fn EVP_PKEY_asn1_new | 506 | .Fn EVP_PKEY_asn1_new |
| 459 | returns a pointer to an | 507 | returns a pointer to the new |
| 460 | .Vt EVP_PKEY_ASN1_METHOD | 508 | .Vt EVP_PKEY_ASN1_METHOD |
| 461 | object or | 509 | object or |
| 462 | .Dv NULL | 510 | .Dv NULL |
| 463 | on error. | 511 | if memory allocation fails. |
| 464 | .Pp | 512 | .Pp |
| 465 | .Fn EVP_PKEY_asn1_add0 | 513 | .Fn EVP_PKEY_asn1_add0 |
| 466 | and | 514 | and |