Add documentation for s2i_ASN1_INTEGER and related functions

These functions convert strings to internal objects and vice versa. This is a best effort, probably with a lot of room for improvement, which can happen in tree if anyone cares. It's better than nothing. Nothing in turn would be significantly better than the utter garbage a related project has managed to land as part of their efforts towards significant documentation improvements in a recent major relase. This leaves a dangling reference to the misnamed X509V3_METHOD_get_nid(3) which I may or may not fill in the future. I am unsure about the HISTORY section's precision, but that's what I got from cvs history. All these functions are about a quarter century old (and it shows), so I don't think it matters very much.
author: tb <> 2023-04-20 16:15:29 +0000
committer: tb <> 2023-04-20 16:15:29 +0000
commit: c4b22405d730006befe5f8dfeb5f0bd1bd35255a (patch)
tree: 999afb33516e2b8ee0feee0a0a284cee27a52598 /src/lib
parent: 88cad374cc9df3202c8725ab01d3afbec20e6e83 (diff)
download: openbsd-c4b22405d730006befe5f8dfeb5f0bd1bd35255a.tar.gz
openbsd-c4b22405d730006befe5f8dfeb5f0bd1bd35255a.tar.bz2
openbsd-c4b22405d730006befe5f8dfeb5f0bd1bd35255a.zip
1 files changed, 195 insertions, 0 deletions
diff --git a/src/lib/libcrypto/man/s2i_ASN1_INTEGER.3 b/src/lib/libcrypto/man/s2i_ASN1_INTEGER.3
new file mode 100644
index 0000000000..83633d684b
--- /dev/null
+++ b/src/lib/libcrypto/man/s2i_ASN1_INTEGER.3
@@ -0,0 +1,195 @@
+.\" $OpenBSD: s2i_ASN1_INTEGER.3,v 1.1 2023/04/20 16:15:29 tb Exp $
+.\"
+.\" Copyright (c) 2023 Theo Buehler <tb@openbsd.org>
+.\"
+.\" Permission to use, copy, modify, and distribute this software for any
+.\" purpose with or without fee is hereby granted, provided that the above
+.\" copyright notice and this permission notice appear in all copies.
+.\"
+.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+.\"
+.Dd $Mdocdate: April 20 2023 $
+.Dt I2S_ASN1_ENUMERATED 3
+.Os
+.Sh NAME
+.Nm i2s_ASN1_ENUMERATED ,
+.Nm i2s_ASN1_ENUMERATED_TABLE ,
+.Nm i2s_ASN1_INTEGER ,
+.Nm s2i_ASN1_INTEGER ,
+.Nm i2s_ASN1_OCTET_STRING ,
+.Nm s2i_ASN1_OCTET_STRING
+.Nd ASN.1 data type conversion utilities for certificate extensions
+.Sh SYNOPSIS
+.In openssl/asn1.h
+.In openssl/x509v3.h
+.Ft "char *"
+.Fo i2s_ASN1_ENUMERATED
+.Fa "X509V3_EXT_METHOD *method"
+.Fa "const ASN1_ENUMERATED *a"
+.Fc
+.Ft "char *"
+.Fo i2s_ASN1_INTEGER
+.Fa "X509V3_EXT_METHOD *method"
+.Fa "const ASN1_INTEGER *a"
+.Fc
+.Ft "ASN1_INTEGER *"
+.Fo s2i_ASN1_INTEGER
+.Fa "X509V3_EXT_METHOD *method"
+.Fa "const char *value"
+.Fc
+.Ft "char *"
+.Fo i2s_ASN1_OCTET_STRING
+.Fa "X509V3_EXT_METHOD *method"
+.Fa "const ASN1_OCTET_STRING *aos"
+.Fc
+.Ft "ASN1_OCTET_STRING *"
+.Fo s2i_ASN1_OCTET_STRING
+.Fa "X509V3_EXT_METHOD *method"
+.Fa "X509V3_CTX *ctx"
+.Fa "const char *value"
+.Fc
+.Ft "char *"
+.Fo i2s_ASN1_ENUMERATED_TABLE
+.Fa "X509V3_EXT_METHOD *method"
+.Fa "const ASN1_ENUMERATED *aenum"
+.Fc
+.Sh DESCRIPTION
+These functions convert to and from
+.Vt ASN1_ENUMERATED ,
+.Vt ASN1_INTEGER ,
+and
+.Vt ASN1_OCTET_STRING
+objects.
+They are primarily used internally for parsing configuration files and
+displaying of X.509v3 certificate extensions.
+With the exception of
+.Fn i2s_ASN1_ENUMERATED_TABLE ,
+these functions ignore the
+.Fa method
+argument.
+Any object or string returned by these functions must be freed by the caller.
+.Pp
+.Fn i2s_ASN1_ENUMERATED
+and
+.Fn i2s_ASN1_INTEGER
+first convert
+.Fa a
+into a
+.Vt BIGNUM
+object with
+.Xr ASN1_ENUMERATED_to_BN 3
+or
+.Xr ASN1_INTEGER_to_BN 3
+and then derive a string representation using
+.Xr BN_bn2dec 3
+or
+.Xr BN_bn2hex 3 .
+Decimal representation is used if the number has less than 128 bits,
+otherwise hexadecimal representation is used to avoid excessive conversion cost.
+.Pp
+.Fn s2i_ASN1_INTEGER
+converts a NUL-terminated decimal or hexadecimal string representation of
+an integer into an
+.Vt ASN1_INTEGER
+object.
+A sign prefix of
+.Sq -
+indicates a negative number
+and
+.Sq 0x
+and
+.Sq 0X
+indicate hexadecimal representation,
+otherwise decimal representation is assumed.
+After skipping the sign and base prefixes, an intermediate conversion into a
+.Vt BIGNUM
+is performed using
+.Xr BN_dec2bn 3
+or
+.Xr BN_hex2bn 3
+and the
+.Vt ASN1_INTEGER
+is then obtained with
+.Xr BN_to_ASN1_INTEGER 3 .
+.Pp
+.Fn i2s_ASN1_OCTET_STRING
+converts the octets in
+.Fa aos
+into a string where the octets are represented by pairs of colon-separated
+hexadecimal digits.
+.Pp
+.Fn s2i_ASN1_OCTET_STRING
+converts the NUL-terminated string
+.Fa str
+into an
+.Vt ASN1_OCTET_STRING .
+The
+.Fa method
+and
+.Fa ctx
+arguments are ignored.
+Every pair of hexadecimal digits is converted into an octet, while
+any number of colons separating two pairs are ignored.
+.Pp
+.Fn i2s_ASN1_ENUMERATED_TABLE
+uses strings provided in the usr_data field of the non-NULL
+.Fa method
+to convert the value of
+.Fa a
+into a string.
+If no such string is available,
+.Fa a
+is passed to
+.Fn i2s_ASN1_ENUMERATED .
+The
+.Fa method
+argument can be provided by application programs or it can be a
+default method obtained from
+.Xr X509V3_METHOD_get_nid 3 .
+The default
+.Fa methods
+corresponding to the following
+.Fa nid
+arguments have strings configured in their usr_data field:
+.Pp
+.Bl -column NID_netscape_cert_type "Netscape certificate type (obsolete)" -compact
+.It Dv NID_crl_reason           Ta reason codes, RFC 5280, 5.3.1
+.It Dv NID_key_usage            Ta key usage, RFC 5280, 4.2.1.3
+.It Dv NID_netscape_cert_type   Ta Netscape certificate type (obsolete)
+.El
+.Sh RETURN VALUES
+.Fn i2s_ASN1_ENUMERATED ,
+.Fn i2s_ASN1_ENUMERATED_TABLE ,
+.Fn i2s_ASN1_INTEGER ,
+and
+.Fn i2s_ASN1_OCTET_STRING
+return a NUL-terminated string, or NULL on error,
+usually memory allocation failure.
+.Pp
+.Fn s2i_ASN1_INTEGER
+returns an
+.Vt ASN1_INTEGER ,
+or NULL on error.
+.Pp
+.Fn s2i_ASN1_OCTET_STRING
+returns an
+.Vt ASN1_OCTET_STRING ,
+or NULL on error.
+.Pp
+Error codes can be obtained by
+.Xr ERR_get_error 3 .
+.Sh SEE ALSO
+.Xr ASN1_INTEGER_new 3 ,
+.Xr ASN1_INTEGER_to_BN 3 ,
+.Xr ASN1_OCTET_STRING_new 3 ,
+.Xr X509V3_get_d2i 3
+.Sh HISTORY
+These functions first appeared in OpenSSL 0.9.4 and
+have been available since
+.Ox 2.6 .
author	tb <>	2023-04-20 16:15:29 +0000
committer	tb <>	2023-04-20 16:15:29 +0000
commit	c4b22405d730006befe5f8dfeb5f0bd1bd35255a (patch)
tree	999afb33516e2b8ee0feee0a0a284cee27a52598 /src/lib
parent	88cad374cc9df3202c8725ab01d3afbec20e6e83 (diff)
download	openbsd-c4b22405d730006befe5f8dfeb5f0bd1bd35255a.tar.gz openbsd-c4b22405d730006befe5f8dfeb5f0bd1bd35255a.tar.bz2 openbsd-c4b22405d730006befe5f8dfeb5f0bd1bd35255a.zip

diff --git a/src/lib/libcrypto/man/s2i_ASN1_INTEGER.3 b/src/lib/libcrypto/man/s2i_ASN1_INTEGER.3 new file mode 100644 index 0000000000..83633d684b --- /dev/null +++ b/src/lib/libcrypto/man/s2i_ASN1_INTEGER.3
@@ -0,0 +1,195 @@
	1	.\" $OpenBSD: s2i_ASN1_INTEGER.3,v 1.1 2023/04/20 16:15:29 tb Exp $
	2	.\"
	3	.\" Copyright (c) 2023 Theo Buehler <tb@openbsd.org>
	4	.\"
	5	.\" Permission to use, copy, modify, and distribute this software for any
	6	.\" purpose with or without fee is hereby granted, provided that the above
	7	.\" copyright notice and this permission notice appear in all copies.
	8	.\"
	9	.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
	10	.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
	11	.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
	12	.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
	13	.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
	14	.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
	15	.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
	16	.\"
	17	.Dd $Mdocdate: April 20 2023 $
	18	.Dt I2S_ASN1_ENUMERATED 3
	19	.Os
	20	.Sh NAME
	21	.Nm i2s_ASN1_ENUMERATED ,
	22	.Nm i2s_ASN1_ENUMERATED_TABLE ,
	23	.Nm i2s_ASN1_INTEGER ,
	24	.Nm s2i_ASN1_INTEGER ,
	25	.Nm i2s_ASN1_OCTET_STRING ,
	26	.Nm s2i_ASN1_OCTET_STRING
	27	.Nd ASN.1 data type conversion utilities for certificate extensions
	28	.Sh SYNOPSIS
	29	.In openssl/asn1.h
	30	.In openssl/x509v3.h
	31	.Ft "char *"
	32	.Fo i2s_ASN1_ENUMERATED
	33	.Fa "X509V3_EXT_METHOD *method"
	34	.Fa "const ASN1_ENUMERATED *a"
	35	.Fc
	36	.Ft "char *"
	37	.Fo i2s_ASN1_INTEGER
	38	.Fa "X509V3_EXT_METHOD *method"
	39	.Fa "const ASN1_INTEGER *a"
	40	.Fc
	41	.Ft "ASN1_INTEGER *"
	42	.Fo s2i_ASN1_INTEGER
	43	.Fa "X509V3_EXT_METHOD *method"
	44	.Fa "const char *value"
	45	.Fc
	46	.Ft "char *"
	47	.Fo i2s_ASN1_OCTET_STRING
	48	.Fa "X509V3_EXT_METHOD *method"
	49	.Fa "const ASN1_OCTET_STRING *aos"
	50	.Fc
	51	.Ft "ASN1_OCTET_STRING *"
	52	.Fo s2i_ASN1_OCTET_STRING
	53	.Fa "X509V3_EXT_METHOD *method"
	54	.Fa "X509V3_CTX *ctx"
	55	.Fa "const char *value"
	56	.Fc
	57	.Ft "char *"
	58	.Fo i2s_ASN1_ENUMERATED_TABLE
	59	.Fa "X509V3_EXT_METHOD *method"
	60	.Fa "const ASN1_ENUMERATED *aenum"
	61	.Fc
	62	.Sh DESCRIPTION
	63	These functions convert to and from
	64	.Vt ASN1_ENUMERATED ,
	65	.Vt ASN1_INTEGER ,
	66	and
	67	.Vt ASN1_OCTET_STRING
	68	objects.
	69	They are primarily used internally for parsing configuration files and
	70	displaying of X.509v3 certificate extensions.
	71	With the exception of
	72	.Fn i2s_ASN1_ENUMERATED_TABLE ,
	73	these functions ignore the
	74	.Fa method
	75	argument.
	76	Any object or string returned by these functions must be freed by the caller.
	77	.Pp
	78	.Fn i2s_ASN1_ENUMERATED
	79	and
	80	.Fn i2s_ASN1_INTEGER
	81	first convert
	82	.Fa a
	83	into a
	84	.Vt BIGNUM
	85	object with
	86	.Xr ASN1_ENUMERATED_to_BN 3
	87	or
	88	.Xr ASN1_INTEGER_to_BN 3
	89	and then derive a string representation using
	90	.Xr BN_bn2dec 3
	91	or
	92	.Xr BN_bn2hex 3 .
	93	Decimal representation is used if the number has less than 128 bits,
	94	otherwise hexadecimal representation is used to avoid excessive conversion cost.
	95	.Pp
	96	.Fn s2i_ASN1_INTEGER
	97	converts a NUL-terminated decimal or hexadecimal string representation of
	98	an integer into an
	99	.Vt ASN1_INTEGER
	100	object.
	101	A sign prefix of
	102	.Sq -
	103	indicates a negative number
	104	and
	105	.Sq 0x
	106	and
	107	.Sq 0X
	108	indicate hexadecimal representation,
	109	otherwise decimal representation is assumed.
	110	After skipping the sign and base prefixes, an intermediate conversion into a
	111	.Vt BIGNUM
	112	is performed using
	113	.Xr BN_dec2bn 3
	114	or
	115	.Xr BN_hex2bn 3
	116	and the
	117	.Vt ASN1_INTEGER
	118	is then obtained with
	119	.Xr BN_to_ASN1_INTEGER 3 .
	120	.Pp
	121	.Fn i2s_ASN1_OCTET_STRING
	122	converts the octets in
	123	.Fa aos
	124	into a string where the octets are represented by pairs of colon-separated
	125	hexadecimal digits.
	126	.Pp
	127	.Fn s2i_ASN1_OCTET_STRING
	128	converts the NUL-terminated string
	129	.Fa str
	130	into an
	131	.Vt ASN1_OCTET_STRING .
	132	The
	133	.Fa method
	134	and
	135	.Fa ctx
	136	arguments are ignored.
	137	Every pair of hexadecimal digits is converted into an octet, while
	138	any number of colons separating two pairs are ignored.
	139	.Pp
	140	.Fn i2s_ASN1_ENUMERATED_TABLE
	141	uses strings provided in the usr_data field of the non-NULL
	142	.Fa method
	143	to convert the value of
	144	.Fa a
	145	into a string.
	146	If no such string is available,
	147	.Fa a
	148	is passed to
	149	.Fn i2s_ASN1_ENUMERATED .
	150	The
	151	.Fa method
	152	argument can be provided by application programs or it can be a
	153	default method obtained from
	154	.Xr X509V3_METHOD_get_nid 3 .
	155	The default
	156	.Fa methods
	157	corresponding to the following
	158	.Fa nid
	159	arguments have strings configured in their usr_data field:
	160	.Pp
	161	.Bl -column NID_netscape_cert_type "Netscape certificate type (obsolete)" -compact
	162	.It Dv NID_crl_reason Ta reason codes, RFC 5280, 5.3.1
	163	.It Dv NID_key_usage Ta key usage, RFC 5280, 4.2.1.3
	164	.It Dv NID_netscape_cert_type Ta Netscape certificate type (obsolete)
	165	.El
	166	.Sh RETURN VALUES
	167	.Fn i2s_ASN1_ENUMERATED ,
	168	.Fn i2s_ASN1_ENUMERATED_TABLE ,
	169	.Fn i2s_ASN1_INTEGER ,
	170	and
	171	.Fn i2s_ASN1_OCTET_STRING
	172	return a NUL-terminated string, or NULL on error,
	173	usually memory allocation failure.
	174	.Pp
	175	.Fn s2i_ASN1_INTEGER
	176	returns an
	177	.Vt ASN1_INTEGER ,
	178	or NULL on error.
	179	.Pp
	180	.Fn s2i_ASN1_OCTET_STRING
	181	returns an
	182	.Vt ASN1_OCTET_STRING ,
	183	or NULL on error.
	184	.Pp
	185	Error codes can be obtained by
	186	.Xr ERR_get_error 3 .
	187	.Sh SEE ALSO
	188	.Xr ASN1_INTEGER_new 3 ,
	189	.Xr ASN1_INTEGER_to_BN 3 ,
	190	.Xr ASN1_OCTET_STRING_new 3 ,
	191	.Xr X509V3_get_d2i 3
	192	.Sh HISTORY
	193	These functions first appeared in OpenSSL 0.9.4 and
	194	have been available since
	195	.Ox 2.6 .