some cleanup:

* state the common, general purpose up front * more precision regarding which ASN.1 types and fields are involved * mark up the ASN.1 type and field names * add the missing STANDARDS section * and minor wording improvements
author: schwarze <> 2019-08-13 23:54:16 +0000
committer: schwarze <> 2019-08-13 23:54:16 +0000
commit: 8ad58c7f842195e4d0a8cacccf8ae561aeed3a62 (patch)
tree: d375555a03dc7283f2c022a689f3f8542eb1a24e /src
parent: 905f50a45d405a3dc0eb477ab3b933f63ee790d1 (diff)
download: openbsd-8ad58c7f842195e4d0a8cacccf8ae561aeed3a62.tar.gz
openbsd-8ad58c7f842195e4d0a8cacccf8ae561aeed3a62.tar.bz2
openbsd-8ad58c7f842195e4d0a8cacccf8ae561aeed3a62.zip
1 files changed, 62 insertions, 29 deletions
diff --git a/src/lib/libcrypto/man/CMS_add1_recipient_cert.3 b/src/lib/libcrypto/man/CMS_add1_recipient_cert.3
index d8aacb203c..4ba15c41c0 100644
--- a/src/lib/libcrypto/man/CMS_add1_recipient_cert.3
+++ b/src/lib/libcrypto/man/CMS_add1_recipient_cert.3
@@ -1,7 +1,24 @@
-.\" $OpenBSD: CMS_add1_recipient_cert.3,v 1.4 2019/08/11 12:46:38 schwarze Exp $
+.\" $OpenBSD: CMS_add1_recipient_cert.3,v 1.5 2019/08/13 23:54:16 schwarze Exp $
 .\" full merge up to: OpenSSL e9b77246 Jan 20 19:58:49 2017 +0100
 .\"
-.\" This file was written by Dr. Stephen Henson <steve@openssl.org>.
+.\" This file is a derived work.
+.\" The changes are covered by the following Copyright and license:
+.\"
+.\" Copyright (c) 2019 Ingo Schwarze <schwarze@openbsd.org>
+.\"
+.\" Permission to use, copy, modify, and distribute this software for any
+.\" purpose with or without fee is hereby granted, provided that the above
+.\" copyright notice and this permission notice appear in all copies.
+.\"
+.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+.\"
+.\" The original file was written by Dr. Stephen Henson <steve@openssl.org>.
 .\" Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
 .\"
 .\" Redistribution and use in source and binary forms, with or without
@@ -48,19 +65,19 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: August 11 2019 $
+.Dd $Mdocdate: August 13 2019 $
 .Dt CMS_ADD1_RECIPIENT_CERT 3
 .Os
 .Sh NAME
 .Nm CMS_add1_recipient_cert ,
 .Nm CMS_add0_recipient_key
-.Nd add recipients to a CMS enveloped data structure
+.Nd add recipients to a CMS EnvelopedData structure
 .Sh SYNOPSIS
 .In openssl/cms.h
 .Ft CMS_RecipientInfo *
 .Fo CMS_add1_recipient_cert
 .Fa "CMS_ContentInfo *cms"
-.Fa "X509 *recip"
+.Fa "X509 *certificate"
 .Fa "unsigned int flags"
 .Fc
 .Ft CMS_RecipientInfo *
@@ -76,17 +93,29 @@
 .Fa "ASN1_TYPE *otherType"
 .Fc
 .Sh DESCRIPTION
+These functions add a new
+.Vt RecipientInfo
+structure to the
+.Fa recipientInfos
+field of the
+.Vt EnvelopedData
+structure
+.Fa cms ,
+which should have been obtained from an initial call to
+.Xr CMS_encrypt 3
+with the flag
+.Dv CMS_PARTIAL
+set.
+.Pp
 .Fn CMS_add1_recipient_cert
 adds the recipient
-.Fa recip
+.Fa certificate
-to the
+as a
-.Vt CMS_ContentInfo
+.Vt KeyTransRecipientInfo
-enveloped data structure
+structure.
-.Fa cms
-as a KeyTransRecipientInfo structure.
 .Pp
 .Fn CMS_add0_recipient_key
-adds the symmetric key
+adds the symmetric
 .Fa key
 of length
 .Fa keylen
@@ -101,25 +130,18 @@ and the optional values
 .Fa otherTypeId
 and
 .Fa otherType
-to the
+as a
-.Vt CMS_ContentInfo
+.Vt KEKRecipientInfo
-enveloped data structure
+structure.
-.Fa cms
-as a KEKRecipientInfo structure.
-.Pp
-The
-.Vt CMS_ContentInfo
-structure should be obtained from an initial call to
-.Xr CMS_encrypt 3
-with the flag
-.Dv CMS_PARTIAL
-set.
 .Pp
-The main purpose of this function is to provide finer control over a CMS
+The main purpose of these functions is to provide finer control over a CMS
-enveloped data structure where the simpler
+.Vt EnvelopedData
+structure where the simpler
 .Xr CMS_encrypt 3
 function defaults are not appropriate,
-for example if one or more KEKRecipientInfo structures need to be added.
+for example if one or more
+.Vt KEKRecipientInfo
+structures need to be added.
 New attributes can also be added using the returned
 .Vt CMS_RecipientInfo
 structure and the CMS attribute utility functions.
@@ -128,7 +150,7 @@ By default, recipient certificates are identified using issuer
 name and serial number.
 If the flag
 .Dv CMS_USE_KEYID
-is set, it will use the subject key identifier value instead.
+is set, the subject key identifier value is used instead.
 An error occurs if all recipient certificates do not have a subject key
 identifier extension.
 .Pp
@@ -156,8 +178,19 @@ structure just added or
 if an error occurs.
 .Sh SEE ALSO
 .Xr CMS_decrypt 3 ,
+.Xr CMS_encrypt 3 ,
 .Xr CMS_final 3 ,
 .Xr ERR_get_error 3
+.Sh STANDARDS
+RFC 5652: Cryptographic Message Syntax
+.Bl -dash -compact -offset indent
+.It
+section 6.1: EnvelopedData Type
+.It
+section 6.2.1: KeyTransRecipientInfo Type
+.It
+section 6.2.3: KEKRecipientInfo Type
+.El
 .Sh HISTORY
 .Fn CMS_add1_recipient_cert
 and
author	schwarze <>	2019-08-13 23:54:16 +0000
committer	schwarze <>	2019-08-13 23:54:16 +0000
commit	8ad58c7f842195e4d0a8cacccf8ae561aeed3a62 (patch)
tree	d375555a03dc7283f2c022a689f3f8542eb1a24e /src
parent	905f50a45d405a3dc0eb477ab3b933f63ee790d1 (diff)
download	openbsd-8ad58c7f842195e4d0a8cacccf8ae561aeed3a62.tar.gz openbsd-8ad58c7f842195e4d0a8cacccf8ae561aeed3a62.tar.bz2 openbsd-8ad58c7f842195e4d0a8cacccf8ae561aeed3a62.zip

diff --git a/src/lib/libcrypto/man/CMS_add1_recipient_cert.3 b/src/lib/libcrypto/man/CMS_add1_recipient_cert.3 index d8aacb203c..4ba15c41c0 100644 --- a/src/lib/libcrypto/man/CMS_add1_recipient_cert.3 +++ b/src/lib/libcrypto/man/CMS_add1_recipient_cert.3
@@ -1,7 +1,24 @@
1	.\" $OpenBSD: CMS_add1_recipient_cert.3,v 1.4 2019/08/11 12:46:38 schwarze Exp $	1	.\" $OpenBSD: CMS_add1_recipient_cert.3,v 1.5 2019/08/13 23:54:16 schwarze Exp $
2	.\" full merge up to: OpenSSL e9b77246 Jan 20 19:58:49 2017 +0100	2	.\" full merge up to: OpenSSL e9b77246 Jan 20 19:58:49 2017 +0100
3	.\"	3	.\"
4	.\" This file was written by Dr. Stephen Henson <steve@openssl.org>.	4	.\" This file is a derived work.
		5	.\" The changes are covered by the following Copyright and license:
		6	.\"
		7	.\" Copyright (c) 2019 Ingo Schwarze <schwarze@openbsd.org>
		8	.\"
		9	.\" Permission to use, copy, modify, and distribute this software for any
		10	.\" purpose with or without fee is hereby granted, provided that the above
		11	.\" copyright notice and this permission notice appear in all copies.
		12	.\"
		13	.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
		14	.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
		15	.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
		16	.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
		17	.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
		18	.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
		19	.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
		20	.\"
		21	.\" The original file was written by Dr. Stephen Henson <steve@openssl.org>.
5	.\" Copyright (c) 2008 The OpenSSL Project. All rights reserved.	22	.\" Copyright (c) 2008 The OpenSSL Project. All rights reserved.
6	.\"	23	.\"
7	.\" Redistribution and use in source and binary forms, with or without	24	.\" Redistribution and use in source and binary forms, with or without
@@ -48,19 +65,19 @@
48	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED	65	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49	.\" OF THE POSSIBILITY OF SUCH DAMAGE.	66	.\" OF THE POSSIBILITY OF SUCH DAMAGE.
50	.\"	67	.\"
51	.Dd $Mdocdate: August 11 2019 $	68	.Dd $Mdocdate: August 13 2019 $
52	.Dt CMS_ADD1_RECIPIENT_CERT 3	69	.Dt CMS_ADD1_RECIPIENT_CERT 3
53	.Os	70	.Os
54	.Sh NAME	71	.Sh NAME
55	.Nm CMS_add1_recipient_cert ,	72	.Nm CMS_add1_recipient_cert ,
56	.Nm CMS_add0_recipient_key	73	.Nm CMS_add0_recipient_key
57	.Nd add recipients to a CMS enveloped data structure	74	.Nd add recipients to a CMS EnvelopedData structure
58	.Sh SYNOPSIS	75	.Sh SYNOPSIS
59	.In openssl/cms.h	76	.In openssl/cms.h
60	.Ft CMS_RecipientInfo *	77	.Ft CMS_RecipientInfo *
61	.Fo CMS_add1_recipient_cert	78	.Fo CMS_add1_recipient_cert
62	.Fa "CMS_ContentInfo *cms"	79	.Fa "CMS_ContentInfo *cms"
63	.Fa "X509 *recip"	80	.Fa "X509 *certificate"
64	.Fa "unsigned int flags"	81	.Fa "unsigned int flags"
65	.Fc	82	.Fc
66	.Ft CMS_RecipientInfo *	83	.Ft CMS_RecipientInfo *
@@ -76,17 +93,29 @@
76	.Fa "ASN1_TYPE *otherType"	93	.Fa "ASN1_TYPE *otherType"
77	.Fc	94	.Fc
78	.Sh DESCRIPTION	95	.Sh DESCRIPTION
		96	These functions add a new
		97	.Vt RecipientInfo
		98	structure to the
		99	.Fa recipientInfos
		100	field of the
		101	.Vt EnvelopedData
		102	structure
		103	.Fa cms ,
		104	which should have been obtained from an initial call to
		105	.Xr CMS_encrypt 3
		106	with the flag
		107	.Dv CMS_PARTIAL
		108	set.
		109	.Pp
79	.Fn CMS_add1_recipient_cert	110	.Fn CMS_add1_recipient_cert
80	adds the recipient	111	adds the recipient
81	.Fa recip	112	.Fa certificate
82	to the	113	as a
83	.Vt CMS_ContentInfo	114	.Vt KeyTransRecipientInfo
84	enveloped data structure	115	structure.
85	.Fa cms
86	as a KeyTransRecipientInfo structure.
87	.Pp	116	.Pp
88	.Fn CMS_add0_recipient_key	117	.Fn CMS_add0_recipient_key
89	adds the symmetric key	118	adds the symmetric
90	.Fa key	119	.Fa key
91	of length	120	of length
92	.Fa keylen	121	.Fa keylen
@@ -101,25 +130,18 @@ and the optional values
101	.Fa otherTypeId	130	.Fa otherTypeId
102	and	131	and
103	.Fa otherType	132	.Fa otherType
104	to the	133	as a
105	.Vt CMS_ContentInfo	134	.Vt KEKRecipientInfo
106	enveloped data structure	135	structure.
107	.Fa cms
108	as a KEKRecipientInfo structure.
109	.Pp
110	The
111	.Vt CMS_ContentInfo
112	structure should be obtained from an initial call to
113	.Xr CMS_encrypt 3
114	with the flag
115	.Dv CMS_PARTIAL
116	set.
117	.Pp	136	.Pp
118	The main purpose of this function is to provide finer control over a CMS	137	The main purpose of these functions is to provide finer control over a CMS
119	enveloped data structure where the simpler	138	.Vt EnvelopedData
		139	structure where the simpler
120	.Xr CMS_encrypt 3	140	.Xr CMS_encrypt 3
121	function defaults are not appropriate,	141	function defaults are not appropriate,
122	for example if one or more KEKRecipientInfo structures need to be added.	142	for example if one or more
		143	.Vt KEKRecipientInfo
		144	structures need to be added.
123	New attributes can also be added using the returned	145	New attributes can also be added using the returned
124	.Vt CMS_RecipientInfo	146	.Vt CMS_RecipientInfo
125	structure and the CMS attribute utility functions.	147	structure and the CMS attribute utility functions.
@@ -128,7 +150,7 @@ By default, recipient certificates are identified using issuer
128	name and serial number.	150	name and serial number.
129	If the flag	151	If the flag
130	.Dv CMS_USE_KEYID	152	.Dv CMS_USE_KEYID
131	is set, it will use the subject key identifier value instead.	153	is set, the subject key identifier value is used instead.
132	An error occurs if all recipient certificates do not have a subject key	154	An error occurs if all recipient certificates do not have a subject key
133	identifier extension.	155	identifier extension.
134	.Pp	156	.Pp
@@ -156,8 +178,19 @@ structure just added or
156	if an error occurs.	178	if an error occurs.
157	.Sh SEE ALSO	179	.Sh SEE ALSO
158	.Xr CMS_decrypt 3 ,	180	.Xr CMS_decrypt 3 ,
		181	.Xr CMS_encrypt 3 ,
159	.Xr CMS_final 3 ,	182	.Xr CMS_final 3 ,
160	.Xr ERR_get_error 3	183	.Xr ERR_get_error 3
		184	.Sh STANDARDS
		185	RFC 5652: Cryptographic Message Syntax
		186	.Bl -dash -compact -offset indent
		187	.It
		188	section 6.1: EnvelopedData Type
		189	.It
		190	section 6.2.1: KeyTransRecipientInfo Type
		191	.It
		192	section 6.2.3: KEKRecipientInfo Type
		193	.El
161	.Sh HISTORY	194	.Sh HISTORY
162	.Fn CMS_add1_recipient_cert	195	.Fn CMS_add1_recipient_cert
163	and	196	and