some cleanup:

* add missing STANDARDS section * avoid repetitions and jumping back and forth among functions * describe the difference between 0 and 1 more precisely and more concisely * mark up the ASN.1 type and field names
author: schwarze <> 2019-08-12 21:29:43 +0000
committer: schwarze <> 2019-08-12 21:29:43 +0000
commit: 905f50a45d405a3dc0eb477ab3b933f63ee790d1 (patch)
tree: d3b99add2ea44b786f7f5f8ca84daa98da897342 /src
parent: f9a54060a744c5374581649e5ff3f5e7b490895d (diff)
download: openbsd-905f50a45d405a3dc0eb477ab3b933f63ee790d1.tar.gz
openbsd-905f50a45d405a3dc0eb477ab3b933f63ee790d1.tar.bz2
openbsd-905f50a45d405a3dc0eb477ab3b933f63ee790d1.zip
1 files changed, 75 insertions, 44 deletions
diff --git a/src/lib/libcrypto/man/CMS_add0_cert.3 b/src/lib/libcrypto/man/CMS_add0_cert.3
index 80808c1785..6f87fcb142 100644
--- a/src/lib/libcrypto/man/CMS_add0_cert.3
+++ b/src/lib/libcrypto/man/CMS_add0_cert.3
@@ -1,7 +1,24 @@
-.\" $OpenBSD: CMS_add0_cert.3,v 1.4 2019/08/11 12:46:38 schwarze Exp $
+.\" $OpenBSD: CMS_add0_cert.3,v 1.5 2019/08/12 21:29:43 schwarze Exp $
 .\" full merge up to: OpenSSL e9b77246 Jan 20 19:58:49 2017 +0100
 .\"
-.\" This file was written by Dr. Stephen Henson <steve@openssl.org>.
+.\" This file is a derived work.
+.\" The changes are covered by the following Copyright and license:
+.\"
+.\" Copyright (c) 2019 Ingo Schwarze <schwarze@openbsd.org>
+.\"
+.\" Permission to use, copy, modify, and distribute this software for any
+.\" purpose with or without fee is hereby granted, provided that the above
+.\" copyright notice and this permission notice appear in all copies.
+.\"
+.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+.\"
+.\" The original file was written by Dr. Stephen Henson <steve@openssl.org>.
 .\" Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
 .\"
 .\" Redistribution and use in source and binary forms, with or without
@@ -48,7 +65,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: August 11 2019 $
+.Dd $Mdocdate: August 12 2019 $
 .Dt CMS_ADD0_CERT 3
 .Os
 .Sh NAME
@@ -64,12 +81,12 @@
 .Ft int
 .Fo CMS_add0_cert
 .Fa "CMS_ContentInfo *cms"
-.Fa "X509 *cert"
+.Fa "X509 *certificate"
 .Fc
 .Ft int
 .Fo CMS_add1_cert
 .Fa "CMS_ContentInfo *cms"
-.Fa "X509 *cert"
+.Fa "X509 *certificate"
 .Fc
 .Ft STACK_OF(X509) *
 .Fo CMS_get1_certs
@@ -91,61 +108,67 @@
 .Fc
 .Sh DESCRIPTION
 .Fn CMS_add0_cert
-and
+adds the
-.Fn CMS_add1_cert
+.Fa certificate
-add the certificate
+to the
-.Fa cert
+.Fa certificates
-to
+field of
-.Fa cms .
 .Fa cms
-must be of type signed data or enveloped data.
+if it is of the type
+.Vt SignedData
+or to the
+.Fa originatorInfo.certs
+field if it is of the type
+.Vt EnvelopedData .
+.Fn CMS_add1_cert
+does the same and also increments the reference count of the
+.Fa certificate
+with
+.Xr X509_up_ref 3
+in case of success.
 .Pp
 .Fn CMS_get1_certs
 returns all certificates in
 .Fa cms .
 .Pp
 .Fn CMS_add0_crl
-and
+adds the
+.Fa crl
+to the
+.Fa crls
+field of
+.Fa cms
+if it is of the type
+.Vt SignedData
+or to the
+.Fa originatorInfo.crls
+field if it is of the type
+.Vt EnvelopedData .
 .Fn CMS_add1_crl
-add the CRL
+does the same and also increments the reference count of the
 .Fa crl
-to
+with
-.Fa cms .
+.Xr X509_CRL_up_ref 3
+in case of success.
+.Pp
 .Fn CMS_get1_crls
 returns any CRLs in
 .Fa cms .
 .Pp
-The
+An error occurs if
-.Vt CMS_ContentInfo
-structure
 .Fa cms
-must be of type signed data or enveloped data or an error will be
+is of any type other than
-returned.
+.Vt SignedData
-.Pp
+or
-The signed data certificates and CRLs are added to the
+.Vt EnvelopedData .
-.Sy certificates
-and
-.Sy crls
-fields of the SignedData structure.
-For enveloped data, they are added to
-.Sy OriginatorInfo .
 .Pp
-As the
+The same
-.Sq 0
+.Fa certificate
-in the function name implies,
+or
-.Fn CMS_add0_cert
+.Fa crl
-adds
+must not be added to the same
-.Fa cert
-internally to
 .Fa cms
-and it must not be freed up after the call, as opposed to
+structure more than once.
-.Fn CMS_add1_cert
-where
-.Fa cert
-must be freed up.
-.Pp
-The same certificate or CRL must not be added to the same cms structure
-more than once.
 .Sh RETURN VALUES
 .Fn CMS_add0_cert ,
 .Fn CMS_add1_cert ,
@@ -167,6 +190,14 @@ type is invalid.
 .Xr CMS_encrypt 3 ,
 .Xr CMS_sign 3 ,
 .Xr ERR_get_error 3
+.Sh STANDARDS
+RFC 5652: Cryptographic Message Syntax
+.Bl -dash -compact -offset indent
+.It
+section 5.1: SignedData Type
+.It
+section 6.1: EnvelopedData Type
+.El
 .Sh HISTORY
 .Fn CMS_add0_cert ,
 .Fn CMS_add1_cert ,
author	schwarze <>	2019-08-12 21:29:43 +0000
committer	schwarze <>	2019-08-12 21:29:43 +0000
commit	905f50a45d405a3dc0eb477ab3b933f63ee790d1 (patch)
tree	d3b99add2ea44b786f7f5f8ca84daa98da897342 /src
parent	f9a54060a744c5374581649e5ff3f5e7b490895d (diff)
download	openbsd-905f50a45d405a3dc0eb477ab3b933f63ee790d1.tar.gz openbsd-905f50a45d405a3dc0eb477ab3b933f63ee790d1.tar.bz2 openbsd-905f50a45d405a3dc0eb477ab3b933f63ee790d1.zip

diff --git a/src/lib/libcrypto/man/CMS_add0_cert.3 b/src/lib/libcrypto/man/CMS_add0_cert.3 index 80808c1785..6f87fcb142 100644 --- a/src/lib/libcrypto/man/CMS_add0_cert.3 +++ b/src/lib/libcrypto/man/CMS_add0_cert.3
@@ -1,7 +1,24 @@
1	.\" $OpenBSD: CMS_add0_cert.3,v 1.4 2019/08/11 12:46:38 schwarze Exp $	1	.\" $OpenBSD: CMS_add0_cert.3,v 1.5 2019/08/12 21:29:43 schwarze Exp $
2	.\" full merge up to: OpenSSL e9b77246 Jan 20 19:58:49 2017 +0100	2	.\" full merge up to: OpenSSL e9b77246 Jan 20 19:58:49 2017 +0100
3	.\"	3	.\"
4	.\" This file was written by Dr. Stephen Henson <steve@openssl.org>.	4	.\" This file is a derived work.
		5	.\" The changes are covered by the following Copyright and license:
		6	.\"
		7	.\" Copyright (c) 2019 Ingo Schwarze <schwarze@openbsd.org>
		8	.\"
		9	.\" Permission to use, copy, modify, and distribute this software for any
		10	.\" purpose with or without fee is hereby granted, provided that the above
		11	.\" copyright notice and this permission notice appear in all copies.
		12	.\"
		13	.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
		14	.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
		15	.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
		16	.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
		17	.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
		18	.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
		19	.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
		20	.\"
		21	.\" The original file was written by Dr. Stephen Henson <steve@openssl.org>.
5	.\" Copyright (c) 2008 The OpenSSL Project. All rights reserved.	22	.\" Copyright (c) 2008 The OpenSSL Project. All rights reserved.
6	.\"	23	.\"
7	.\" Redistribution and use in source and binary forms, with or without	24	.\" Redistribution and use in source and binary forms, with or without
@@ -48,7 +65,7 @@
48	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED	65	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49	.\" OF THE POSSIBILITY OF SUCH DAMAGE.	66	.\" OF THE POSSIBILITY OF SUCH DAMAGE.
50	.\"	67	.\"
51	.Dd $Mdocdate: August 11 2019 $	68	.Dd $Mdocdate: August 12 2019 $
52	.Dt CMS_ADD0_CERT 3	69	.Dt CMS_ADD0_CERT 3
53	.Os	70	.Os
54	.Sh NAME	71	.Sh NAME
@@ -64,12 +81,12 @@
64	.Ft int	81	.Ft int
65	.Fo CMS_add0_cert	82	.Fo CMS_add0_cert
66	.Fa "CMS_ContentInfo *cms"	83	.Fa "CMS_ContentInfo *cms"
67	.Fa "X509 *cert"	84	.Fa "X509 *certificate"
68	.Fc	85	.Fc
69	.Ft int	86	.Ft int
70	.Fo CMS_add1_cert	87	.Fo CMS_add1_cert
71	.Fa "CMS_ContentInfo *cms"	88	.Fa "CMS_ContentInfo *cms"
72	.Fa "X509 *cert"	89	.Fa "X509 *certificate"
73	.Fc	90	.Fc
74	.Ft STACK_OF(X509) *	91	.Ft STACK_OF(X509) *
75	.Fo CMS_get1_certs	92	.Fo CMS_get1_certs
@@ -91,61 +108,67 @@
91	.Fc	108	.Fc
92	.Sh DESCRIPTION	109	.Sh DESCRIPTION
93	.Fn CMS_add0_cert	110	.Fn CMS_add0_cert
94	and	111	adds the
95	.Fn CMS_add1_cert	112	.Fa certificate
96	add the certificate	113	to the
97	.Fa cert	114	.Fa certificates
98	to	115	field of
99	.Fa cms .
100	.Fa cms	116	.Fa cms
101	must be of type signed data or enveloped data.	117	if it is of the type
		118	.Vt SignedData
		119	or to the
		120	.Fa originatorInfo.certs
		121	field if it is of the type
		122	.Vt EnvelopedData .
		123	.Fn CMS_add1_cert
		124	does the same and also increments the reference count of the
		125	.Fa certificate
		126	with
		127	.Xr X509_up_ref 3
		128	in case of success.
102	.Pp	129	.Pp
103	.Fn CMS_get1_certs	130	.Fn CMS_get1_certs
104	returns all certificates in	131	returns all certificates in
105	.Fa cms .	132	.Fa cms .
106	.Pp	133	.Pp
107	.Fn CMS_add0_crl	134	.Fn CMS_add0_crl
108	and	135	adds the
		136	.Fa crl
		137	to the
		138	.Fa crls
		139	field of
		140	.Fa cms
		141	if it is of the type
		142	.Vt SignedData
		143	or to the
		144	.Fa originatorInfo.crls
		145	field if it is of the type
		146	.Vt EnvelopedData .
109	.Fn CMS_add1_crl	147	.Fn CMS_add1_crl
110	add the CRL	148	does the same and also increments the reference count of the
111	.Fa crl	149	.Fa crl
112	to	150	with
113	.Fa cms .	151	.Xr X509_CRL_up_ref 3
		152	in case of success.
		153	.Pp
114	.Fn CMS_get1_crls	154	.Fn CMS_get1_crls
115	returns any CRLs in	155	returns any CRLs in
116	.Fa cms .	156	.Fa cms .
117	.Pp	157	.Pp
118	The	158	An error occurs if
119	.Vt CMS_ContentInfo
120	structure
121	.Fa cms	159	.Fa cms
122	must be of type signed data or enveloped data or an error will be	160	is of any type other than
123	returned.	161	.Vt SignedData
124	.Pp	162	or
125	The signed data certificates and CRLs are added to the	163	.Vt EnvelopedData .
126	.Sy certificates
127	and
128	.Sy crls
129	fields of the SignedData structure.
130	For enveloped data, they are added to
131	.Sy OriginatorInfo .
132	.Pp	164	.Pp
133	As the	165	The same
134	.Sq 0	166	.Fa certificate
135	in the function name implies,	167	or
136	.Fn CMS_add0_cert	168	.Fa crl
137	adds	169	must not be added to the same
138	.Fa cert
139	internally to
140	.Fa cms	170	.Fa cms
141	and it must not be freed up after the call, as opposed to	171	structure more than once.
142	.Fn CMS_add1_cert
143	where
144	.Fa cert
145	must be freed up.
146	.Pp
147	The same certificate or CRL must not be added to the same cms structure
148	more than once.
149	.Sh RETURN VALUES	172	.Sh RETURN VALUES
150	.Fn CMS_add0_cert ,	173	.Fn CMS_add0_cert ,
151	.Fn CMS_add1_cert ,	174	.Fn CMS_add1_cert ,
@@ -167,6 +190,14 @@ type is invalid.
167	.Xr CMS_encrypt 3 ,	190	.Xr CMS_encrypt 3 ,
168	.Xr CMS_sign 3 ,	191	.Xr CMS_sign 3 ,
169	.Xr ERR_get_error 3	192	.Xr ERR_get_error 3
		193	.Sh STANDARDS
		194	RFC 5652: Cryptographic Message Syntax
		195	.Bl -dash -compact -offset indent
		196	.It
		197	section 5.1: SignedData Type
		198	.It
		199	section 6.1: EnvelopedData Type
		200	.El
170	.Sh HISTORY	201	.Sh HISTORY
171	.Fn CMS_add0_cert ,	202	.Fn CMS_add0_cert ,
172	.Fn CMS_add1_cert ,	203	.Fn CMS_add1_cert ,