Document OCSP_SINGLERESP_new(3), OCSP_SINGLERESP_free(3),

OCSP_CERTSTATUS_new(3), OCSP_CERTSTATUS_free(3), OCSP_REVOKEDINFO_new(3), and OCSP_REVOKEDINFO_free(3), all in <openssl/ocsp.h> and in OpenSSL doc/man3/X509_dup.pod. Note that the OpenSSL documentation specifies the wrong header file. Add some information about what these objects actually represent, along with the pertinent STANDARDS reference.
author: schwarze <> 2016-12-12 20:10:04 +0000
committer: schwarze <> 2016-12-12 20:10:04 +0000
commit: 3cc9506ba9a0a2ac61e1b0990b65470390468857 (patch)
tree: 4b5cc895f2cc281c9d62a94f9b2bf29609e84c6a /src/lib
parent: ad66f778ac030fef08a6451194211724a877f664 (diff)
download: openbsd-3cc9506ba9a0a2ac61e1b0990b65470390468857.tar.gz
openbsd-3cc9506ba9a0a2ac61e1b0990b65470390468857.tar.bz2
openbsd-3cc9506ba9a0a2ac61e1b0990b65470390468857.zip
1 files changed, 90 insertions, 3 deletions
diff --git a/src/lib/libcrypto/man/OCSP_resp_find_status.3 b/src/lib/libcrypto/man/OCSP_resp_find_status.3
index 99d52a109b..eca0a2c15f 100644
--- a/src/lib/libcrypto/man/OCSP_resp_find_status.3
+++ b/src/lib/libcrypto/man/OCSP_resp_find_status.3
@@ -1,7 +1,24 @@
-.\"     $OpenBSD: OCSP_resp_find_status.3,v 1.2 2016/12/06 14:54:55 schwarze Exp $
+.\"     $OpenBSD: OCSP_resp_find_status.3,v 1.3 2016/12/12 20:10:04 schwarze Exp $
 .\"     OpenSSL c952780c Jun 21 07:03:34 2016 -0400
 .\"
-.\" This file was written by Dr. Stephen Henson <steve@openssl.org>.
+.\" This file is a derived work.
+.\" The changes are covered by the following Copyright and license:
+.\"
+.\" Copyright (c) 2016 Ingo Schwarze <schwarze@openbsd.org>
+.\"
+.\" Permission to use, copy, modify, and distribute this software for any
+.\" purpose with or without fee is hereby granted, provided that the above
+.\" copyright notice and this permission notice appear in all copies.
+.\"
+.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+.\"
+.\" The original file was written by Dr. Stephen Henson <steve@openssl.org>.
 .\" Copyright (c) 2014 The OpenSSL Project.  All rights reserved.
 .\"
 .\" Redistribution and use in source and binary forms, with or without
@@ -48,10 +65,16 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: December 6 2016 $
+.Dd $Mdocdate: December 12 2016 $
 .Dt OCSP_RESP_FIND_STATUS 3
 .Os
 .Sh NAME
+.Nm OCSP_SINGLERESP_new ,
+.Nm OCSP_SINGLERESP_free ,
+.Nm OCSP_CERTSTATUS_new ,
+.Nm OCSP_CERTSTATUS_free ,
+.Nm OCSP_REVOKEDINFO_new ,
+.Nm OCSP_REVOKEDINFO_free ,
 .Nm OCSP_resp_find_status ,
 .Nm OCSP_resp_count ,
 .Nm OCSP_resp_get0 ,
@@ -61,6 +84,18 @@
 .Nd OCSP response utility functions
 .Sh SYNOPSIS
 .In openssl/ocsp.h
+.Ft OCSP_SINGLERESP *
+.Fn OCSP_SINGLERESP_new void
+.Ft void
+.Fn OCSP_SINGLERESP_free "OCSP_SINGLERESP *single"
+.Ft OCSP_CERTSTATUS *
+.Fn OCSP_CERTSTATUS_new void
+.Ft void
+.Fn OCSP_CERTSTATUS_free "OCSP_CERTSTATUS *certstatus"
+.Ft OCSP_REVOKEDINFO *
+.Fn OCSP_REVOKEDINFO_new void
+.Ft void
+.Fn OCSP_REVOKEDINFO_free "OCSP_REVOKEDINFO *revokedinfo"
 .Ft int
 .Fo OCSP_resp_find_status
 .Fa "OCSP_BASICRESP *bs"
@@ -102,6 +137,42 @@
 .Fa "long maxsec"
 .Fc
 .Sh DESCRIPTION
+.Fn OCSP_SINGLERESP_new
+allocates and initializes an empty
+.Vt OCSP_SINGLERESP
+object, representing an ASN.1 SingleResponse structure defined in RFC 6960.
+Each such object can store the server's answer regarding the validity
+of one individual certificate.
+Such objects are used inside the
+.Vt OCSP_RESPDATA
+of
+.Vt OCSP_BASICRESP
+objects, which are described in
+.Xr OCSP_BASICRESP_new 3 .
+.Fn OCSP_SINGLERESP_free
+frees
+.Fa single .
+.Pp
+.Fn OCSP_CERTSTATUS_new
+allocates and initializes an empty
+.Vt OCSP_CERTSTATUS
+object, representing an ASN.1 CertStatus structure defined in RFC 6960.
+Such an object is used inside
+.Vt OCSP_SINGLERESP .
+.Fn OCSP_CERTSTATUS_free
+frees
+.Fa certstatus .
+.Pp
+.Fn OCSP_REVOKEDINFO_new
+allocates and initializes an empty
+.Vt OCSP_REVOKEDINFO
+object, representing an ASN.1 RevokedInfo structure defined in RFC 6960.
+Such an object is used inside
+.Vt OCSP_CERTSTATUS .
+.Fn OCSP_REVOKEDINFO_free
+frees
+.Fa revokedinfo .
+.Pp
 .Fn OCSP_resp_find_status
 searches
 .Fa bs
@@ -241,6 +312,19 @@ Any or all of these parameters can be set to
 .Dv NULL
 if their value is not required.
 .Sh RETURN VALUES
+.Fn OCSP_SINGLERESP_new ,
+.Fn OCSP_CERTSTATUS_new ,
+and
+.Fn OCSP_REVOKEDINFO_new
+return a pointer to an empty
+.Vt OCSP_SINGLERESP ,
+.Vt OCSP_CERTSTATUS ,
+or
+.Vt OCSP_REVOKEDINFO
+object, respectively, or
+.Dv NULL
+if an error occurred.
+.Pp
 .Fn OCSP_resp_find_status
 returns 1 if
 .Fa id
@@ -282,3 +366,6 @@ or -1 if an error occurred.
 .Xr OCSP_REQUEST_new 3 ,
 .Xr OCSP_response_status 3 ,
 .Xr OCSP_sendreq_new 3
+.Sh STANDARDS
+RFC 6960: X.509 Internet Public Key Infrastructure Online Certificate
+Status Protocol, section 4.2: Response Syntax
author	schwarze <>	2016-12-12 20:10:04 +0000
committer	schwarze <>	2016-12-12 20:10:04 +0000
commit	3cc9506ba9a0a2ac61e1b0990b65470390468857 (patch)
tree	4b5cc895f2cc281c9d62a94f9b2bf29609e84c6a /src/lib
parent	ad66f778ac030fef08a6451194211724a877f664 (diff)
download	openbsd-3cc9506ba9a0a2ac61e1b0990b65470390468857.tar.gz openbsd-3cc9506ba9a0a2ac61e1b0990b65470390468857.tar.bz2 openbsd-3cc9506ba9a0a2ac61e1b0990b65470390468857.zip

diff --git a/src/lib/libcrypto/man/OCSP_resp_find_status.3 b/src/lib/libcrypto/man/OCSP_resp_find_status.3 index 99d52a109b..eca0a2c15f 100644 --- a/src/lib/libcrypto/man/OCSP_resp_find_status.3 +++ b/src/lib/libcrypto/man/OCSP_resp_find_status.3
@@ -1,7 +1,24 @@
1	.\" $OpenBSD: OCSP_resp_find_status.3,v 1.2 2016/12/06 14:54:55 schwarze Exp $	1	.\" $OpenBSD: OCSP_resp_find_status.3,v 1.3 2016/12/12 20:10:04 schwarze Exp $
2	.\" OpenSSL c952780c Jun 21 07:03:34 2016 -0400	2	.\" OpenSSL c952780c Jun 21 07:03:34 2016 -0400
3	.\"	3	.\"
4	.\" This file was written by Dr. Stephen Henson <steve@openssl.org>.	4	.\" This file is a derived work.
		5	.\" The changes are covered by the following Copyright and license:
		6	.\"
		7	.\" Copyright (c) 2016 Ingo Schwarze <schwarze@openbsd.org>
		8	.\"
		9	.\" Permission to use, copy, modify, and distribute this software for any
		10	.\" purpose with or without fee is hereby granted, provided that the above
		11	.\" copyright notice and this permission notice appear in all copies.
		12	.\"
		13	.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
		14	.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
		15	.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
		16	.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
		17	.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
		18	.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
		19	.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
		20	.\"
		21	.\" The original file was written by Dr. Stephen Henson <steve@openssl.org>.
5	.\" Copyright (c) 2014 The OpenSSL Project. All rights reserved.	22	.\" Copyright (c) 2014 The OpenSSL Project. All rights reserved.
6	.\"	23	.\"
7	.\" Redistribution and use in source and binary forms, with or without	24	.\" Redistribution and use in source and binary forms, with or without
@@ -48,10 +65,16 @@
48	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED	65	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49	.\" OF THE POSSIBILITY OF SUCH DAMAGE.	66	.\" OF THE POSSIBILITY OF SUCH DAMAGE.
50	.\"	67	.\"
51	.Dd $Mdocdate: December 6 2016 $	68	.Dd $Mdocdate: December 12 2016 $
52	.Dt OCSP_RESP_FIND_STATUS 3	69	.Dt OCSP_RESP_FIND_STATUS 3
53	.Os	70	.Os
54	.Sh NAME	71	.Sh NAME
		72	.Nm OCSP_SINGLERESP_new ,
		73	.Nm OCSP_SINGLERESP_free ,
		74	.Nm OCSP_CERTSTATUS_new ,
		75	.Nm OCSP_CERTSTATUS_free ,
		76	.Nm OCSP_REVOKEDINFO_new ,
		77	.Nm OCSP_REVOKEDINFO_free ,
55	.Nm OCSP_resp_find_status ,	78	.Nm OCSP_resp_find_status ,
56	.Nm OCSP_resp_count ,	79	.Nm OCSP_resp_count ,
57	.Nm OCSP_resp_get0 ,	80	.Nm OCSP_resp_get0 ,
@@ -61,6 +84,18 @@
61	.Nd OCSP response utility functions	84	.Nd OCSP response utility functions
62	.Sh SYNOPSIS	85	.Sh SYNOPSIS
63	.In openssl/ocsp.h	86	.In openssl/ocsp.h
		87	.Ft OCSP_SINGLERESP *
		88	.Fn OCSP_SINGLERESP_new void
		89	.Ft void
		90	.Fn OCSP_SINGLERESP_free "OCSP_SINGLERESP *single"
		91	.Ft OCSP_CERTSTATUS *
		92	.Fn OCSP_CERTSTATUS_new void
		93	.Ft void
		94	.Fn OCSP_CERTSTATUS_free "OCSP_CERTSTATUS *certstatus"
		95	.Ft OCSP_REVOKEDINFO *
		96	.Fn OCSP_REVOKEDINFO_new void
		97	.Ft void
		98	.Fn OCSP_REVOKEDINFO_free "OCSP_REVOKEDINFO *revokedinfo"
64	.Ft int	99	.Ft int
65	.Fo OCSP_resp_find_status	100	.Fo OCSP_resp_find_status
66	.Fa "OCSP_BASICRESP *bs"	101	.Fa "OCSP_BASICRESP *bs"
@@ -102,6 +137,42 @@
102	.Fa "long maxsec"	137	.Fa "long maxsec"
103	.Fc	138	.Fc
104	.Sh DESCRIPTION	139	.Sh DESCRIPTION
		140	.Fn OCSP_SINGLERESP_new
		141	allocates and initializes an empty
		142	.Vt OCSP_SINGLERESP
		143	object, representing an ASN.1 SingleResponse structure defined in RFC 6960.
		144	Each such object can store the server's answer regarding the validity
		145	of one individual certificate.
		146	Such objects are used inside the
		147	.Vt OCSP_RESPDATA
		148	of
		149	.Vt OCSP_BASICRESP
		150	objects, which are described in
		151	.Xr OCSP_BASICRESP_new 3 .
		152	.Fn OCSP_SINGLERESP_free
		153	frees
		154	.Fa single .
		155	.Pp
		156	.Fn OCSP_CERTSTATUS_new
		157	allocates and initializes an empty
		158	.Vt OCSP_CERTSTATUS
		159	object, representing an ASN.1 CertStatus structure defined in RFC 6960.
		160	Such an object is used inside
		161	.Vt OCSP_SINGLERESP .
		162	.Fn OCSP_CERTSTATUS_free
		163	frees
		164	.Fa certstatus .
		165	.Pp
		166	.Fn OCSP_REVOKEDINFO_new
		167	allocates and initializes an empty
		168	.Vt OCSP_REVOKEDINFO
		169	object, representing an ASN.1 RevokedInfo structure defined in RFC 6960.
		170	Such an object is used inside
		171	.Vt OCSP_CERTSTATUS .
		172	.Fn OCSP_REVOKEDINFO_free
		173	frees
		174	.Fa revokedinfo .
		175	.Pp
105	.Fn OCSP_resp_find_status	176	.Fn OCSP_resp_find_status
106	searches	177	searches
107	.Fa bs	178	.Fa bs
@@ -241,6 +312,19 @@ Any or all of these parameters can be set to
241	.Dv NULL	312	.Dv NULL
242	if their value is not required.	313	if their value is not required.
243	.Sh RETURN VALUES	314	.Sh RETURN VALUES
		315	.Fn OCSP_SINGLERESP_new ,
		316	.Fn OCSP_CERTSTATUS_new ,
		317	and
		318	.Fn OCSP_REVOKEDINFO_new
		319	return a pointer to an empty
		320	.Vt OCSP_SINGLERESP ,
		321	.Vt OCSP_CERTSTATUS ,
		322	or
		323	.Vt OCSP_REVOKEDINFO
		324	object, respectively, or
		325	.Dv NULL
		326	if an error occurred.
		327	.Pp
244	.Fn OCSP_resp_find_status	328	.Fn OCSP_resp_find_status
245	returns 1 if	329	returns 1 if
246	.Fa id	330	.Fa id
@@ -282,3 +366,6 @@ or -1 if an error occurred.
282	.Xr OCSP_REQUEST_new 3 ,	366	.Xr OCSP_REQUEST_new 3 ,
283	.Xr OCSP_response_status 3 ,	367	.Xr OCSP_response_status 3 ,
284	.Xr OCSP_sendreq_new 3	368	.Xr OCSP_sendreq_new 3
		369	.Sh STANDARDS
		370	RFC 6960: X.509 Internet Public Key Infrastructure Online Certificate
		371	Status Protocol, section 4.2: Response Syntax