diff options
| author | schwarze <> | 2016-12-14 16:07:05 +0000 |
|---|---|---|
| committer | schwarze <> | 2016-12-14 16:07:05 +0000 |
| commit | 32b4ff922ae5e9fd5df5a4cdc8faae725fcb0681 (patch) | |
| tree | 3f7a3346efc6ac72d864906d4ac94115fd11cab0 /src/lib | |
| parent | 94e8040f4ec3560df5a4f4f3ffa38f3916b008b1 (diff) | |
| download | openbsd-32b4ff922ae5e9fd5df5a4cdc8faae725fcb0681.tar.gz openbsd-32b4ff922ae5e9fd5df5a4cdc8faae725fcb0681.tar.bz2 openbsd-32b4ff922ae5e9fd5df5a4cdc8faae725fcb0681.zip | |
Document X509_NAME_ENTRY_new(3) and X509_NAME_ENTRY_free(3),
both listed in <openssl/x509.h> and in OpenSSL doc/man3/X509_dup.h.
Note that the OpenSSL documentation specifies the wrong header file.
Explain what X509_NAME_ENTRY represents.
Simplify and clarify some wording.
Sort parts of the text into a more logical order.
Delete an irrelevant cross reference and add some relevant ones.
Add a STANDARDS section.
Diffstat (limited to 'src/lib')
| -rw-r--r-- | src/lib/libcrypto/man/X509_NAME_ENTRY_get_object.3 | 100 |
1 files changed, 74 insertions, 26 deletions
diff --git a/src/lib/libcrypto/man/X509_NAME_ENTRY_get_object.3 b/src/lib/libcrypto/man/X509_NAME_ENTRY_get_object.3 index 70e605abb7..a3cb7c0c67 100644 --- a/src/lib/libcrypto/man/X509_NAME_ENTRY_get_object.3 +++ b/src/lib/libcrypto/man/X509_NAME_ENTRY_get_object.3 | |||
| @@ -1,7 +1,24 @@ | |||
| 1 | .\" $OpenBSD: X509_NAME_ENTRY_get_object.3,v 1.3 2016/12/05 12:07:57 schwarze Exp $ | 1 | .\" $OpenBSD: X509_NAME_ENTRY_get_object.3,v 1.4 2016/12/14 16:07:05 schwarze Exp $ |
| 2 | .\" OpenSSL aebb9aac Jul 19 09:27:53 2016 -0400 | 2 | .\" OpenSSL aebb9aac Jul 19 09:27:53 2016 -0400 |
| 3 | .\" | 3 | .\" |
| 4 | .\" This file was written by Dr. Stephen Henson <steve@openssl.org>. | 4 | .\" This file is a derived work. |
| 5 | .\" The changes are covered by the following Copyright and license: | ||
| 6 | .\" | ||
| 7 | .\" Copyright (c) 2016 Ingo Schwarze <schwarze@openbsd.org> | ||
| 8 | .\" | ||
| 9 | .\" Permission to use, copy, modify, and distribute this software for any | ||
| 10 | .\" purpose with or without fee is hereby granted, provided that the above | ||
| 11 | .\" copyright notice and this permission notice appear in all copies. | ||
| 12 | .\" | ||
| 13 | .\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES | ||
| 14 | .\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF | ||
| 15 | .\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR | ||
| 16 | .\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES | ||
| 17 | .\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN | ||
| 18 | .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF | ||
| 19 | .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | ||
| 20 | .\" | ||
| 21 | .\" The original file was written by Dr. Stephen Henson <steve@openssl.org>. | ||
| 5 | .\" Copyright (c) 2002, 2005, 2006 The OpenSSL Project. All rights reserved. | 22 | .\" Copyright (c) 2002, 2005, 2006 The OpenSSL Project. All rights reserved. |
| 6 | .\" | 23 | .\" |
| 7 | .\" Redistribution and use in source and binary forms, with or without | 24 | .\" Redistribution and use in source and binary forms, with or without |
| @@ -48,10 +65,12 @@ | |||
| 48 | .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | 65 | .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED |
| 49 | .\" OF THE POSSIBILITY OF SUCH DAMAGE. | 66 | .\" OF THE POSSIBILITY OF SUCH DAMAGE. |
| 50 | .\" | 67 | .\" |
| 51 | .Dd $Mdocdate: December 5 2016 $ | 68 | .Dd $Mdocdate: December 14 2016 $ |
| 52 | .Dt X509_NAME_ENTRY_GET_OBJECT 3 | 69 | .Dt X509_NAME_ENTRY_GET_OBJECT 3 |
| 53 | .Os | 70 | .Os |
| 54 | .Sh NAME | 71 | .Sh NAME |
| 72 | .Nm X509_NAME_ENTRY_new , | ||
| 73 | .Nm X509_NAME_ENTRY_free , | ||
| 55 | .Nm X509_NAME_ENTRY_get_object , | 74 | .Nm X509_NAME_ENTRY_get_object , |
| 56 | .Nm X509_NAME_ENTRY_get_data , | 75 | .Nm X509_NAME_ENTRY_get_data , |
| 57 | .Nm X509_NAME_ENTRY_set_object , | 76 | .Nm X509_NAME_ENTRY_set_object , |
| @@ -59,9 +78,17 @@ | |||
| 59 | .Nm X509_NAME_ENTRY_create_by_txt , | 78 | .Nm X509_NAME_ENTRY_create_by_txt , |
| 60 | .Nm X509_NAME_ENTRY_create_by_NID , | 79 | .Nm X509_NAME_ENTRY_create_by_NID , |
| 61 | .Nm X509_NAME_ENTRY_create_by_OBJ | 80 | .Nm X509_NAME_ENTRY_create_by_OBJ |
| 62 | .Nd X509_NAME_ENTRY utility functions | 81 | .\" In the following line, "X.501" is not a typo. |
| 82 | .\" This object defined in X.501, not in X.509. | ||
| 83 | .Nd X.501 relative distinguished name | ||
| 63 | .Sh SYNOPSIS | 84 | .Sh SYNOPSIS |
| 64 | .In openssl/x509.h | 85 | .In openssl/x509.h |
| 86 | .Ft X509_NAME_ENTRY * | ||
| 87 | .Fn X509_NAME_ENTRY_new void | ||
| 88 | .Ft void | ||
| 89 | .Fo X509_NAME_ENTRY_free | ||
| 90 | .Fa "X509_NAME_ENTRY* ne" | ||
| 91 | .Fc | ||
| 65 | .Ft ASN1_OBJECT * | 92 | .Ft ASN1_OBJECT * |
| 66 | .Fo X509_NAME_ENTRY_get_object | 93 | .Fo X509_NAME_ENTRY_get_object |
| 67 | .Fa "X509_NAME_ENTRY *ne" | 94 | .Fa "X509_NAME_ENTRY *ne" |
| @@ -107,22 +134,43 @@ | |||
| 107 | .Fa "int len" | 134 | .Fa "int len" |
| 108 | .Fc | 135 | .Fc |
| 109 | .Sh DESCRIPTION | 136 | .Sh DESCRIPTION |
| 137 | An X.501 RelativeDistinguishedName is a set of field type and | ||
| 138 | value pairs. It is the building block for constructing X.501 Name | ||
| 139 | objects. | ||
| 140 | This implementation only supports sets with one element, so an | ||
| 141 | .Vt X509_NAME_ENTRY | ||
| 142 | object contains only one field type and one value. | ||
| 143 | .Pp | ||
| 144 | .Fn X509_NAME_ENTRY_new | ||
| 145 | allocates and initializes an empty | ||
| 146 | .Vt X509_NAME_ENTRY | ||
| 147 | object, representing an ASN.1 RelativeDistinguishedName structure | ||
| 148 | defined in RFC 5280 section 4.1.2.4. | ||
| 149 | .Pp | ||
| 150 | .Fn X509_NAME_ENTRY_free | ||
| 151 | frees | ||
| 152 | .Fa ne | ||
| 153 | and the type and value contained in it. | ||
| 154 | .Pp | ||
| 110 | .Fn X509_NAME_ENTRY_get_object | 155 | .Fn X509_NAME_ENTRY_get_object |
| 111 | retrieves the field name of | 156 | retrieves the field type of |
| 112 | .Fa ne | 157 | .Fa ne |
| 113 | in an | 158 | in an |
| 114 | .Vt ASN1_OBJECT | 159 | .Vt ASN1_OBJECT |
| 115 | structure. | 160 | structure. |
| 116 | .Pp | ||
| 117 | .Fn X509_NAME_ENTRY_get_data | 161 | .Fn X509_NAME_ENTRY_get_data |
| 118 | retrieves the field value of | 162 | retrieves the field value of |
| 119 | .Fa ne | 163 | .Fa ne |
| 120 | in an | 164 | in an |
| 121 | .Vt ASN1_STRING | 165 | .Vt ASN1_STRING |
| 122 | structure. | 166 | structure. |
| 167 | These two functions can be used to examine an | ||
| 168 | .Vt X509_NAME_ENTRY | ||
| 169 | object as returned by | ||
| 170 | .Xr X509_NAME_get_entry 3 . | ||
| 123 | .Pp | 171 | .Pp |
| 124 | .Fn X509_NAME_ENTRY_set_object | 172 | .Fn X509_NAME_ENTRY_set_object |
| 125 | sets the field name of | 173 | sets the field type of |
| 126 | .Fa ne | 174 | .Fa ne |
| 127 | to | 175 | to |
| 128 | .Fa obj . | 176 | .Fa obj . |
| @@ -145,29 +193,20 @@ create and return an | |||
| 145 | .Vt X509_NAME_ENTRY | 193 | .Vt X509_NAME_ENTRY |
| 146 | structure. | 194 | structure. |
| 147 | .Pp | 195 | .Pp |
| 196 | Except for | ||
| 148 | .Fn X509_NAME_ENTRY_get_object | 197 | .Fn X509_NAME_ENTRY_get_object |
| 149 | and | 198 | and |
| 150 | .Fn X509_NAME_ENTRY_get_data | 199 | .Fn X509_NAME_ENTRY_get_data , |
| 151 | can be used to examine an | 200 | these functions are rarely used because |
| 152 | .Vt X509_NAME_ENTRY | ||
| 153 | function as returned by | ||
| 154 | .Xr X509_NAME_get_entry 3 | ||
| 155 | for example. | ||
| 156 | .Pp | ||
| 157 | .Fn X509_NAME_ENTRY_create_by_txt , | ||
| 158 | .Fn X509_NAME_ENTRY_create_by_OBJ , | ||
| 159 | .Fn X509_NAME_ENTRY_create_by_NID , | ||
| 160 | and | ||
| 161 | .Fn X509_NAME_ENTRY_set_data | ||
| 162 | are seldom used in practice because | ||
| 163 | .Vt X509_NAME_ENTRY | 201 | .Vt X509_NAME_ENTRY |
| 164 | structures are almost always part of | 202 | structures are almost always part of |
| 165 | .Vt X509_NAME | 203 | .Vt X509_NAME |
| 166 | structures and the corresponding X509_NAME functions are typically | 204 | structures and the functions described in |
| 167 | used to create and add new entries in a single operation. | 205 | .Xr X509_NAME_add_entry_by_txt 3 |
| 206 | are typically used to create and add new entries in a single operation. | ||
| 168 | .Pp | 207 | .Pp |
| 169 | The arguments of these functions support similar options to the | 208 | The arguments of these functions support similar options to the |
| 170 | similarly named ones of the corresponding X509_NAME functions such as | 209 | similarly named ones described in |
| 171 | .Xr X509_NAME_add_entry_by_txt 3 . | 210 | .Xr X509_NAME_add_entry_by_txt 3 . |
| 172 | So for example | 211 | So for example |
| 173 | .Fa type | 212 | .Fa type |
| @@ -175,9 +214,18 @@ can be set to | |||
| 175 | .Dv MBSTRING_ASC , | 214 | .Dv MBSTRING_ASC , |
| 176 | but in the case of | 215 | but in the case of |
| 177 | .Fn X509_NAME_ENTRY_set_data | 216 | .Fn X509_NAME_ENTRY_set_data |
| 178 | the field name must be set first so the relevant field information | 217 | the field type must be set first so the relevant field information |
| 179 | can be looked up internally. | 218 | can be looked up internally. |
| 180 | .Sh SEE ALSO | 219 | .Sh SEE ALSO |
| 181 | .Xr d2i_X509_NAME 3 , | ||
| 182 | .Xr ERR_get_error 3 , | 220 | .Xr ERR_get_error 3 , |
| 183 | .Xr OBJ_nid2obj 3 | 221 | .Xr OBJ_nid2obj 3 , |
| 222 | .Xr X509_NAME_add_entry 3 , | ||
| 223 | .Xr X509_NAME_get_entry 3 , | ||
| 224 | .Xr X509_NAME_new 3 | ||
| 225 | .Sh STANDARDS | ||
| 226 | RFC 5280: Internet X.509 Public Key Infrastructure Certificate and | ||
| 227 | Certificate Revocation List (CRL) Profile | ||
| 228 | .Pp | ||
| 229 | ITU-T Recommendation X.501, also known as ISO/IEC 9594-2: Information | ||
| 230 | Technology Open Systems Interconnection The Directory: Models, | ||
| 231 | section 9.3: Relative distinguished name | ||