diff options
| author | schwarze <> | 2016-12-23 23:50:04 +0000 |
|---|---|---|
| committer | schwarze <> | 2016-12-23 23:50:04 +0000 |
| commit | bfd27824b943b6045fabc1f6650da87562ce625d (patch) | |
| tree | 7673a40c929f25be14c510ff9a5d4ba26606671c /src/lib | |
| parent | 656b3490c873d5d671b861401aa6119784d5e3ba (diff) | |
| download | openbsd-bfd27824b943b6045fabc1f6650da87562ce625d.tar.gz openbsd-bfd27824b943b6045fabc1f6650da87562ce625d.tar.bz2 openbsd-bfd27824b943b6045fabc1f6650da87562ce625d.zip | |
Write new PKEY_USAGE_PERIOD_new(3) manual page from scratch,
documenting the dubious RFC 3280 PrivateKeyUsagePeriod extension.
Both functions are listed in <openssl/x509v3.h>
and in OpenSSL doc/man3/X509_dup.pod.
OpenSSL documentation specifies the wrong header file.
Diffstat (limited to 'src/lib')
| -rw-r--r-- | src/lib/libcrypto/man/Makefile | 3 | ||||
| -rw-r--r-- | src/lib/libcrypto/man/PKEY_USAGE_PERIOD_new.3 | 65 |
2 files changed, 67 insertions, 1 deletions
diff --git a/src/lib/libcrypto/man/Makefile b/src/lib/libcrypto/man/Makefile index 5f6719c73a..191f3f2882 100644 --- a/src/lib/libcrypto/man/Makefile +++ b/src/lib/libcrypto/man/Makefile | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | # $OpenBSD: Makefile,v 1.98 2016/12/23 23:19:57 schwarze Exp $ | 1 | # $OpenBSD: Makefile,v 1.99 2016/12/23 23:50:04 schwarze Exp $ |
| 2 | 2 | ||
| 3 | .include <bsd.own.mk> | 3 | .include <bsd.own.mk> |
| 4 | 4 | ||
| @@ -160,6 +160,7 @@ MAN= \ | |||
| 160 | PKCS7_sign_add_signer.3 \ | 160 | PKCS7_sign_add_signer.3 \ |
| 161 | PKCS7_verify.3 \ | 161 | PKCS7_verify.3 \ |
| 162 | PKCS8_PRIV_KEY_INFO_new.3 \ | 162 | PKCS8_PRIV_KEY_INFO_new.3 \ |
| 163 | PKEY_USAGE_PERIOD_new.3 \ | ||
| 163 | POLICYINFO_new.3 \ | 164 | POLICYINFO_new.3 \ |
| 164 | PROXY_POLICY_new.3 \ | 165 | PROXY_POLICY_new.3 \ |
| 165 | RAND_add.3 \ | 166 | RAND_add.3 \ |
diff --git a/src/lib/libcrypto/man/PKEY_USAGE_PERIOD_new.3 b/src/lib/libcrypto/man/PKEY_USAGE_PERIOD_new.3 new file mode 100644 index 0000000000..fff35198a9 --- /dev/null +++ b/src/lib/libcrypto/man/PKEY_USAGE_PERIOD_new.3 | |||
| @@ -0,0 +1,65 @@ | |||
| 1 | .\" $OpenBSD: PKEY_USAGE_PERIOD_new.3,v 1.1 2016/12/23 23:50:04 schwarze Exp $ | ||
| 2 | .\" | ||
| 3 | .\" Copyright (c) 2016 Ingo Schwarze <schwarze@openbsd.org> | ||
| 4 | .\" | ||
| 5 | .\" Permission to use, copy, modify, and distribute this software for any | ||
| 6 | .\" purpose with or without fee is hereby granted, provided that the above | ||
| 7 | .\" copyright notice and this permission notice appear in all copies. | ||
| 8 | .\" | ||
| 9 | .\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES | ||
| 10 | .\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF | ||
| 11 | .\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR | ||
| 12 | .\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES | ||
| 13 | .\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN | ||
| 14 | .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF | ||
| 15 | .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | ||
| 16 | .\" | ||
| 17 | .Dd $Mdocdate: December 23 2016 $ | ||
| 18 | .Dt PKEY_USAGE_PERIOD_NEW 3 | ||
| 19 | .Os | ||
| 20 | .Sh NAME | ||
| 21 | .Nm PKEY_USAGE_PERIOD_new , | ||
| 22 | .Nm PKEY_USAGE_PERIOD_free | ||
| 23 | .Nd X.509 certificate private key usage period extension | ||
| 24 | .Sh SYNOPSIS | ||
| 25 | .In openssl/x509v3.h | ||
| 26 | .Ft PKEY_USAGE_PERIOD * | ||
| 27 | .Fn PKEY_USAGE_PERIOD_new void | ||
| 28 | .Ft void | ||
| 29 | .Fn PKEY_USAGE_PERIOD_free "PKEY_USAGE_PERIOD *period" | ||
| 30 | .Sh DESCRIPTION | ||
| 31 | .Fn PKEY_USAGE_PERIOD_new | ||
| 32 | allocates and initializes an empty | ||
| 33 | .Vt PKEY_USAGE_PERIOD | ||
| 34 | object, representing an ASN.1 PrivateKeyUsagePeriod structure | ||
| 35 | defined in RFC 3280 section 4.2.1.4. | ||
| 36 | It could be used in | ||
| 37 | .Vt X509 | ||
| 38 | certificates to specifiy a validity period for the private key | ||
| 39 | that differed from the validity period of the certificate. | ||
| 40 | .Pp | ||
| 41 | .Fn PKEY_USAGE_PERIOD_free | ||
| 42 | frees | ||
| 43 | .Fa period . | ||
| 44 | .Sh RETURN VALUES | ||
| 45 | .Fn PKEY_USAGE_PERIOD_new | ||
| 46 | returns the new | ||
| 47 | .Vt PKEY_USAGE_PERIOD | ||
| 48 | object or | ||
| 49 | .Dv NULL | ||
| 50 | if an error occurs. | ||
| 51 | .Sh SEE ALSO | ||
| 52 | .Xr EXTENDED_KEY_USAGE_new 3 , | ||
| 53 | .Xr X509_CINF_new 3 , | ||
| 54 | .Xr X509_EXTENSION_new 3 , | ||
| 55 | .Xr X509_new 3 | ||
| 56 | .Sh STANDARDS | ||
| 57 | RFC 3280: Internet X.509 Public Key Infrastructure Certificate and | ||
| 58 | Certificate Revocation List (CRL) Profile, | ||
| 59 | section 4.2.1.4: Private Key Usage Period | ||
| 60 | .Pp | ||
| 61 | RFC 3280 was obsoleted by RFC 5280, which says: "Section 4.2.1.4 | ||
| 62 | in RFC 3280, which specified the PrivateKeyUsagePeriod certificate | ||
| 63 | extension but deprecated its use, was removed. Use of this ISO | ||
| 64 | standard extension is neither deprecated nor recommended for use | ||
| 65 | in the Internet PKI." | ||