summaryrefslogtreecommitdiff
path: root/src/lib
diff options
context:
space:
mode:
authorschwarze <>2021-11-18 10:09:24 +0000
committerschwarze <>2021-11-18 10:09:24 +0000
commit2a87395eaec3a79a5bc43d49a99f03caeb8235b3 (patch)
tree7ac4dbc91970f928b411de7d4a9eeeb149c3d38e /src/lib
parent8c1761a51aa50ec3f12696927791681f5d155db6 (diff)
downloadopenbsd-2a87395eaec3a79a5bc43d49a99f03caeb8235b3.tar.gz
openbsd-2a87395eaec3a79a5bc43d49a99f03caeb8235b3.tar.bz2
openbsd-2a87395eaec3a79a5bc43d49a99f03caeb8235b3.zip
In x509_vfy.h rev. 1.35 and x509_lu.c rev. 1.34, tb@ provided
X509_OBJECT_new(3) and X509_OBJECT_free(3); document them. While here, stop talking about storing storing EVP_PKEY objects and plain C strings in X509_OBJECT objects. LibreSSL never fully supported that, and it certainly no longer supports that now.
Diffstat (limited to 'src/lib')
-rw-r--r--src/lib/libcrypto/man/X509_OBJECT_get0_X509.359
-rw-r--r--src/lib/libcrypto/man/X509_new.35
2 files changed, 51 insertions, 13 deletions
diff --git a/src/lib/libcrypto/man/X509_OBJECT_get0_X509.3 b/src/lib/libcrypto/man/X509_OBJECT_get0_X509.3
index 9655e4b396..383c5ae580 100644
--- a/src/lib/libcrypto/man/X509_OBJECT_get0_X509.3
+++ b/src/lib/libcrypto/man/X509_OBJECT_get0_X509.3
@@ -1,5 +1,6 @@
1.\" $OpenBSD: X509_OBJECT_get0_X509.3,v 1.12 2021/11/12 11:41:50 schwarze Exp $ 1.\" $OpenBSD: X509_OBJECT_get0_X509.3,v 1.13 2021/11/18 10:09:24 schwarze Exp $
2.\" Copyright (c) 2018 Ingo Schwarze <schwarze@openbsd.org> 2.\"
3.\" Copyright (c) 2018, 2021 Ingo Schwarze <schwarze@openbsd.org>
3.\" 4.\"
4.\" Permission to use, copy, modify, and distribute this software for any 5.\" Permission to use, copy, modify, and distribute this software for any
5.\" purpose with or without fee is hereby granted, provided that the above 6.\" purpose with or without fee is hereby granted, provided that the above
@@ -13,13 +14,15 @@
13.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 14.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 15.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15.\" 16.\"
16.Dd $Mdocdate: November 12 2021 $ 17.Dd $Mdocdate: November 18 2021 $
17.Dt X509_OBJECT_GET0_X509 3 18.Dt X509_OBJECT_GET0_X509 3
18.Os 19.Os
19.Sh NAME 20.Sh NAME
20.Nm X509_OBJECT_get_type , 21.Nm X509_OBJECT_get_type ,
22.Nm X509_OBJECT_new ,
21.Nm X509_OBJECT_up_ref_count , 23.Nm X509_OBJECT_up_ref_count ,
22.Nm X509_OBJECT_free_contents , 24.Nm X509_OBJECT_free_contents ,
25.Nm X509_OBJECT_free ,
23.Nm X509_OBJECT_get0_X509 , 26.Nm X509_OBJECT_get0_X509 ,
24.Nm X509_OBJECT_get0_X509_CRL , 27.Nm X509_OBJECT_get0_X509_CRL ,
25.Nm X509_OBJECT_idx_by_subject , 28.Nm X509_OBJECT_idx_by_subject ,
@@ -32,6 +35,10 @@
32.Fo X509_OBJECT_get_type 35.Fo X509_OBJECT_get_type
33.Fa "const X509_OBJECT *obj" 36.Fa "const X509_OBJECT *obj"
34.Fc 37.Fc
38.Ft X509_OBJECT *
39.Fo X509_OBJECT_new
40.Fa void
41.Fc
35.Ft int 42.Ft int
36.Fo X509_OBJECT_up_ref_count 43.Fo X509_OBJECT_up_ref_count
37.Fa "X509_OBJECT *obj" 44.Fa "X509_OBJECT *obj"
@@ -40,6 +47,10 @@
40.Fo X509_OBJECT_free_contents 47.Fo X509_OBJECT_free_contents
41.Fa "X509_OBJECT *obj" 48.Fa "X509_OBJECT *obj"
42.Fc 49.Fc
50.Ft void
51.Fo X509_OBJECT_free
52.Fa "X509_OBJECT *obj"
53.Fc
43.Ft X509 * 54.Ft X509 *
44.Fo X509_OBJECT_get0_X509 55.Fo X509_OBJECT_get0_X509
45.Fa "const X509_OBJECT *obj" 56.Fa "const X509_OBJECT *obj"
@@ -70,13 +81,9 @@ The
70.Vt X509_OBJECT 81.Vt X509_OBJECT
71structure is a shallow wrapper around one 82structure is a shallow wrapper around one
72.Vt X509 83.Vt X509
73certificate object, one 84certificate object or one
74.Vt X509_CRL 85.Vt X509_CRL
75certificate revocation list object, one 86certificate revocation list object.
76.Vt EVP_PKEY
77private key object, or one
78.Vt char *
79string.
80The type of object stored at any given time can be inspected with 87The type of object stored at any given time can be inspected with
81.Fn X509_OBJECT_get_type . 88.Fn X509_OBJECT_get_type .
82.Pp 89.Pp
@@ -86,6 +93,15 @@ object uses one stack of
86.Vt X509_OBJECT 93.Vt X509_OBJECT
87structures as its main storage area. 94structures as its main storage area.
88.Pp 95.Pp
96.Fn X509_OBJECT_new
97allocates a new
98.Vt X509_OBJECT
99structure.
100It sets the object type to
101.Dv X509_LU_NONE
102and the pointer to the certificate or CRL to
103.Dv NULL .
104.Pp
89If 105If
90.Fa obj 106.Fa obj
91contains an 107contains an
@@ -119,6 +135,13 @@ does not free
119.Fa obj 135.Fa obj
120itself. 136itself.
121.Pp 137.Pp
138.Fn X509_OBJECT_free
139calls
140.Fn X509_OBJECT_free_contents
141and then frees the storage used for the
142.Fa obj
143itself.
144.Pp
122If 145If
123.Fa type 146.Fa type
124is 147is
@@ -158,12 +181,18 @@ if
158.Fa obj 181.Fa obj
159contains a certificate, 182contains a certificate,
160.Dv X509_LU_CRL 183.Dv X509_LU_CRL
161if it contains a certificate revocation list, 184if it contains a certificate revocation list, or
162or 0 if an error occurs. 185.Dv X509_LU_NONE
186if it contains neither.
163.Pp 187.Pp
164.Fn X509_OBJECT_up_ref_count 188.Fn X509_OBJECT_up_ref_count
165returns 1 on success and 0 on failure. 189returns 1 on success and 0 on failure.
166.Pp 190.Pp
191.Fn X509_OBJECT_new
192returns the new object or
193.Dv NULL
194if memory allocation fails.
195.Pp
167.Fn X509_OBJECT_get0_X509 196.Fn X509_OBJECT_get0_X509
168returns an internal pointer to the certificate contained in 197returns an internal pointer to the certificate contained in
169.Fa obj 198.Fa obj
@@ -224,9 +253,11 @@ is
224.Dv NULL 253.Dv NULL
225or no match is found. 254or no match is found.
226.Sh SEE ALSO 255.Sh SEE ALSO
256.Xr STACK_OF 3 ,
227.Xr X509_CRL_new 3 , 257.Xr X509_CRL_new 3 ,
228.Xr X509_LOOKUP_new 3 , 258.Xr X509_LOOKUP_new 3 ,
229.Xr X509_NAME_new 3 , 259.Xr X509_NAME_new 3 ,
260.Xr X509_new 3 ,
230.Xr X509_STORE_get0_objects 3 , 261.Xr X509_STORE_get0_objects 3 ,
231.Xr X509_STORE_get_by_subject 3 , 262.Xr X509_STORE_get_by_subject 3 ,
232.Xr X509_STORE_load_locations 3 , 263.Xr X509_STORE_load_locations 3 ,
@@ -251,3 +282,9 @@ and
251.Fn X509_OBJECT_get0_X509_CRL 282.Fn X509_OBJECT_get0_X509_CRL
252first appeared in OpenSSL 1.1.0 and have been available since 283first appeared in OpenSSL 1.1.0 and have been available since
253.Ox 6.3 . 284.Ox 6.3 .
285.Pp
286.Fn X509_OBJECT_new
287and
288.Fn X509_OBJECT_free
289first appeared in OpenSSL 1.1.0 and have been available since
290.Ox 7.1 .
diff --git a/src/lib/libcrypto/man/X509_new.3 b/src/lib/libcrypto/man/X509_new.3
index 296e9b8cfc..4b85f67eb0 100644
--- a/src/lib/libcrypto/man/X509_new.3
+++ b/src/lib/libcrypto/man/X509_new.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: X509_new.3,v 1.35 2021/11/09 16:23:04 schwarze Exp $ 1.\" $OpenBSD: X509_new.3,v 1.36 2021/11/18 10:09:24 schwarze Exp $
2.\" full merge up to: OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400 2.\" full merge up to: OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400
3.\" 3.\"
4.\" This file is a derived work. 4.\" This file is a derived work.
@@ -66,7 +66,7 @@
66.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 66.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
67.\" OF THE POSSIBILITY OF SUCH DAMAGE. 67.\" OF THE POSSIBILITY OF SUCH DAMAGE.
68.\" 68.\"
69.Dd $Mdocdate: November 9 2021 $ 69.Dd $Mdocdate: November 18 2021 $
70.Dt X509_NEW 3 70.Dt X509_NEW 3
71.Os 71.Os
72.Sh NAME 72.Sh NAME
@@ -227,6 +227,7 @@ if an error occurs.
227.Xr X509_LOOKUP_hash_dir 3 , 227.Xr X509_LOOKUP_hash_dir 3 ,
228.Xr X509_LOOKUP_new 3 , 228.Xr X509_LOOKUP_new 3 ,
229.Xr X509_NAME_new 3 , 229.Xr X509_NAME_new 3 ,
230.Xr X509_OBJECT_new 3 ,
230.Xr X509_PKEY_new 3 , 231.Xr X509_PKEY_new 3 ,
231.Xr X509_policy_check 3 , 232.Xr X509_policy_check 3 ,
232.Xr X509_policy_tree_level_count 3 , 233.Xr X509_policy_tree_level_count 3 ,
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-23 19:30:07 +0000