1 files changed, 81 insertions, 5 deletions
diff --git a/src/lib/libcrypto/man/X509_get_pubkey.3 b/src/lib/libcrypto/man/X509_get_pubkey.3
index 62367d8b0d..ad9c1ab0f5 100644
--- a/src/lib/libcrypto/man/X509_get_pubkey.3
+++ b/src/lib/libcrypto/man/X509_get_pubkey.3
@@ -1,7 +1,25 @@
-.\" $OpenBSD: X509_get_pubkey.3,v 1.7 2019/06/14 13:59:32 schwarze Exp $
+.\" $OpenBSD: X509_get_pubkey.3,v 1.8 2020/06/19 14:31:29 schwarze Exp $
 .\" selective merge up to: OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400
+.\" X509_REQ_get0_pubkey and X509_REQ_get_X509_PUBKEY not yet in LibreSSL
 .\"
-.\" This file was written by Dr. Stephen Henson <steve@openssl.org>.
+.\" This file is a derived work.
+.\" The changes are covered by the following Copyright and license:
+.\"
+.\" Copyright (c) 2020 Ingo Schwarze <schwarze@openbsd.org>
+.\"
+.\" Permission to use, copy, modify, and distribute this software for any
+.\" purpose with or without fee is hereby granted, provided that the above
+.\" copyright notice and this permission notice appear in all copies.
+.\"
+.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+.\"
+.\" The original file was written by Dr. Stephen Henson <steve@openssl.org>.
 .\" Copyright (c) 2015 The OpenSSL Project.  All rights reserved.
 .\"
 .\" Redistribution and use in source and binary forms, with or without
@@ -48,7 +66,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: June 14 2019 $
+.Dd $Mdocdate: June 19 2020 $
 .Dt X509_GET_PUBKEY 3
 .Os
 .Sh NAME
@@ -56,6 +74,7 @@
 .Nm X509_get0_pubkey ,
 .Nm X509_set_pubkey ,
 .Nm X509_get_X509_PUBKEY ,
+.Nm X509_get0_pubkey_bitstr ,
 .Nm X509_REQ_get_pubkey ,
 .Nm X509_REQ_set_pubkey
 .Nd get or set certificate or certificate request public key
@@ -78,6 +97,10 @@
 .Fo X509_get_X509_PUBKEY
 .Fa "X509 *x"
 .Fc
+.Ft ASN1_BIT_STRING *
+.Fo X509_get0_pubkey_bitstr
+.Fa "const X509 *x"
+.Fc
 .Ft EVP_PKEY *
 .Fo X509_REQ_get_pubkey
 .Fa "X509_REQ *req"
@@ -103,13 +126,18 @@ so it must not be freed up after use.
 .Pp
 .Fn X509_get_X509_PUBKEY
 returns an internal pointer to the
-.Vt X509_PUBKEY
+.Vt SubjectPublicKeyInfo
-structure which encodes the certificate of
+structure contained in
 .Fa x .
 The returned value must not be freed up after use.
 .Fn X509_get_X509_PUBKEY
 is implemented as a macro.
 .Pp
+.Fn X509_get0_pubkey_bitstr
+returns an internal pointer to just the public key contained in this
+.Vt SubjectPublicKeyInfo
+structure, without the information about the algorithm used.
+.Pp
 .Fn X509_set_pubkey
 attempts to set the public key for certificate
 .Fa x
@@ -134,6 +162,7 @@ incremented to improve performance.
 .Fn X509_get_pubkey ,
 .Fn X509_get0_pubkey ,
 .Fn X509_get_X509_PUBKEY ,
+.Fn X509_get0_pubkey_bitstr ,
 and
 .Fn X509_REQ_get_pubkey
 return a public key or
@@ -153,6 +182,42 @@ and
 .Fn X509_REQ_set_pubkey ,
 the reason can be determined with
 .Xr ERR_get_error 3 .
+.Sh ERRORS
+.Fn X509_get_pubkey ,
+.Fn X509_get0_pubkey ,
+and
+.Fn X509_REQ_get_pubkey
+provide diagnostics as documented for
+.Xr X509_PUBKEY_get 3 .
+If
+.Fa x
+or
+.Fa req
+is
+.Dv NULL
+or contains no certificate information,
+they fail without pushing an error onto the stack.
+.Pp
+.Fn X509_get_X509_PUBKEY
+provides no diagnostics and crashes by accessing a
+.Dv NULL
+pointer if
+.Fa x
+is
+.Dv NULL
+or contains no certificate information,
+.Pp
+.Fn X509_get0_pubkey_bitstr
+provides no diagnostics
+and fails without pushing an error onto the stack if
+.Fa x
+is
+.Dv NULL ,
+but it crashes by accessing a
+.Dv NULL
+pointer if
+.Fa x
+contains no certificate information.
 .Sh SEE ALSO
 .Xr d2i_X509 3 ,
 .Xr X509_CRL_get0_by_serial 3 ,
@@ -166,6 +231,13 @@ the reason can be determined with
 .Xr X509_sign 3 ,
 .Xr X509_verify_cert 3 ,
 .Xr X509V3_get_d2i 3
+.Sh STANDARDS
+RFC 5280, Internet X.509 Public Key Infrastructure Certificate
+and Certificate Revocation List (CRL) Profile,
+section 4.1 Basic Certificate Fields
+.Pp
+RFC 2986: PKCS #10: Certification Request Syntax Specification,
+section 4.1 CertificationRequestInfo
 .Sh HISTORY
 .Fn X509_get_pubkey ,
 .Fn X509_set_pubkey ,
@@ -178,6 +250,10 @@ first appeared in SSLeay 0.8.0.
 These functions have been available since
 .Ox 2.4 .
 .Pp
+.Fn X509_get0_pubkey_bitstr
+first appeared in OpenSSL 0.9.7 and has been available since
+.Ox 3.4 .
+.Pp
 .Fn X509_get0_pubkey
 first appeared in OpenSSL 1.1.0 and has been available since
 .Ox 6.3 .

diff --git a/src/lib/libcrypto/man/X509_get_pubkey.3 b/src/lib/libcrypto/man/X509_get_pubkey.3 index 62367d8b0d..ad9c1ab0f5 100644 --- a/src/lib/libcrypto/man/X509_get_pubkey.3 +++ b/src/lib/libcrypto/man/X509_get_pubkey.3
@@ -1,7 +1,25 @@
1	.\" $OpenBSD: X509_get_pubkey.3,v 1.7 2019/06/14 13:59:32 schwarze Exp $	1	.\" $OpenBSD: X509_get_pubkey.3,v 1.8 2020/06/19 14:31:29 schwarze Exp $
2	.\" selective merge up to: OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400	2	.\" selective merge up to: OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400
		3	.\" X509_REQ_get0_pubkey and X509_REQ_get_X509_PUBKEY not yet in LibreSSL
3	.\"	4	.\"
4	.\" This file was written by Dr. Stephen Henson <steve@openssl.org>.	5	.\" This file is a derived work.
		6	.\" The changes are covered by the following Copyright and license:
		7	.\"
		8	.\" Copyright (c) 2020 Ingo Schwarze <schwarze@openbsd.org>
		9	.\"
		10	.\" Permission to use, copy, modify, and distribute this software for any
		11	.\" purpose with or without fee is hereby granted, provided that the above
		12	.\" copyright notice and this permission notice appear in all copies.
		13	.\"
		14	.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
		15	.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
		16	.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
		17	.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
		18	.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
		19	.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
		20	.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
		21	.\"
		22	.\" The original file was written by Dr. Stephen Henson <steve@openssl.org>.
5	.\" Copyright (c) 2015 The OpenSSL Project. All rights reserved.	23	.\" Copyright (c) 2015 The OpenSSL Project. All rights reserved.
6	.\"	24	.\"
7	.\" Redistribution and use in source and binary forms, with or without	25	.\" Redistribution and use in source and binary forms, with or without
@@ -48,7 +66,7 @@
48	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED	66	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49	.\" OF THE POSSIBILITY OF SUCH DAMAGE.	67	.\" OF THE POSSIBILITY OF SUCH DAMAGE.
50	.\"	68	.\"
51	.Dd $Mdocdate: June 14 2019 $	69	.Dd $Mdocdate: June 19 2020 $
52	.Dt X509_GET_PUBKEY 3	70	.Dt X509_GET_PUBKEY 3
53	.Os	71	.Os
54	.Sh NAME	72	.Sh NAME
@@ -56,6 +74,7 @@
56	.Nm X509_get0_pubkey ,	74	.Nm X509_get0_pubkey ,
57	.Nm X509_set_pubkey ,	75	.Nm X509_set_pubkey ,
58	.Nm X509_get_X509_PUBKEY ,	76	.Nm X509_get_X509_PUBKEY ,
		77	.Nm X509_get0_pubkey_bitstr ,
59	.Nm X509_REQ_get_pubkey ,	78	.Nm X509_REQ_get_pubkey ,
60	.Nm X509_REQ_set_pubkey	79	.Nm X509_REQ_set_pubkey
61	.Nd get or set certificate or certificate request public key	80	.Nd get or set certificate or certificate request public key
@@ -78,6 +97,10 @@
78	.Fo X509_get_X509_PUBKEY	97	.Fo X509_get_X509_PUBKEY
79	.Fa "X509 *x"	98	.Fa "X509 *x"
80	.Fc	99	.Fc
		100	.Ft ASN1_BIT_STRING *
		101	.Fo X509_get0_pubkey_bitstr
		102	.Fa "const X509 *x"
		103	.Fc
81	.Ft EVP_PKEY *	104	.Ft EVP_PKEY *
82	.Fo X509_REQ_get_pubkey	105	.Fo X509_REQ_get_pubkey
83	.Fa "X509_REQ *req"	106	.Fa "X509_REQ *req"
@@ -103,13 +126,18 @@ so it must not be freed up after use.
103	.Pp	126	.Pp
104	.Fn X509_get_X509_PUBKEY	127	.Fn X509_get_X509_PUBKEY
105	returns an internal pointer to the	128	returns an internal pointer to the
106	.Vt X509_PUBKEY	129	.Vt SubjectPublicKeyInfo
107	structure which encodes the certificate of	130	structure contained in
108	.Fa x .	131	.Fa x .
109	The returned value must not be freed up after use.	132	The returned value must not be freed up after use.
110	.Fn X509_get_X509_PUBKEY	133	.Fn X509_get_X509_PUBKEY
111	is implemented as a macro.	134	is implemented as a macro.
112	.Pp	135	.Pp
		136	.Fn X509_get0_pubkey_bitstr
		137	returns an internal pointer to just the public key contained in this
		138	.Vt SubjectPublicKeyInfo
		139	structure, without the information about the algorithm used.
		140	.Pp
113	.Fn X509_set_pubkey	141	.Fn X509_set_pubkey
114	attempts to set the public key for certificate	142	attempts to set the public key for certificate
115	.Fa x	143	.Fa x
@@ -134,6 +162,7 @@ incremented to improve performance.
134	.Fn X509_get_pubkey ,	162	.Fn X509_get_pubkey ,
135	.Fn X509_get0_pubkey ,	163	.Fn X509_get0_pubkey ,
136	.Fn X509_get_X509_PUBKEY ,	164	.Fn X509_get_X509_PUBKEY ,
		165	.Fn X509_get0_pubkey_bitstr ,
137	and	166	and
138	.Fn X509_REQ_get_pubkey	167	.Fn X509_REQ_get_pubkey
139	return a public key or	168	return a public key or
@@ -153,6 +182,42 @@ and
153	.Fn X509_REQ_set_pubkey ,	182	.Fn X509_REQ_set_pubkey ,
154	the reason can be determined with	183	the reason can be determined with
155	.Xr ERR_get_error 3 .	184	.Xr ERR_get_error 3 .
		185	.Sh ERRORS
		186	.Fn X509_get_pubkey ,
		187	.Fn X509_get0_pubkey ,
		188	and
		189	.Fn X509_REQ_get_pubkey
		190	provide diagnostics as documented for
		191	.Xr X509_PUBKEY_get 3 .
		192	If
		193	.Fa x
		194	or
		195	.Fa req
		196	is
		197	.Dv NULL
		198	or contains no certificate information,
		199	they fail without pushing an error onto the stack.
		200	.Pp
		201	.Fn X509_get_X509_PUBKEY
		202	provides no diagnostics and crashes by accessing a
		203	.Dv NULL
		204	pointer if
		205	.Fa x
		206	is
		207	.Dv NULL
		208	or contains no certificate information,
		209	.Pp
		210	.Fn X509_get0_pubkey_bitstr
		211	provides no diagnostics
		212	and fails without pushing an error onto the stack if
		213	.Fa x
		214	is
		215	.Dv NULL ,
		216	but it crashes by accessing a
		217	.Dv NULL
		218	pointer if
		219	.Fa x
		220	contains no certificate information.
156	.Sh SEE ALSO	221	.Sh SEE ALSO
157	.Xr d2i_X509 3 ,	222	.Xr d2i_X509 3 ,
158	.Xr X509_CRL_get0_by_serial 3 ,	223	.Xr X509_CRL_get0_by_serial 3 ,
@@ -166,6 +231,13 @@ the reason can be determined with
166	.Xr X509_sign 3 ,	231	.Xr X509_sign 3 ,
167	.Xr X509_verify_cert 3 ,	232	.Xr X509_verify_cert 3 ,
168	.Xr X509V3_get_d2i 3	233	.Xr X509V3_get_d2i 3
		234	.Sh STANDARDS
		235	RFC 5280, Internet X.509 Public Key Infrastructure Certificate
		236	and Certificate Revocation List (CRL) Profile,
		237	section 4.1 Basic Certificate Fields
		238	.Pp
		239	RFC 2986: PKCS #10: Certification Request Syntax Specification,
		240	section 4.1 CertificationRequestInfo
169	.Sh HISTORY	241	.Sh HISTORY
170	.Fn X509_get_pubkey ,	242	.Fn X509_get_pubkey ,
171	.Fn X509_set_pubkey ,	243	.Fn X509_set_pubkey ,
@@ -178,6 +250,10 @@ first appeared in SSLeay 0.8.0.
178	These functions have been available since	250	These functions have been available since
179	.Ox 2.4 .	251	.Ox 2.4 .
180	.Pp	252	.Pp
		253	.Fn X509_get0_pubkey_bitstr
		254	first appeared in OpenSSL 0.9.7 and has been available since
		255	.Ox 3.4 .
		256	.Pp
181	.Fn X509_get0_pubkey	257	.Fn X509_get0_pubkey
182	first appeared in OpenSSL 1.1.0 and has been available since	258	first appeared in OpenSSL 1.1.0 and has been available since
183	.Ox 6.3 .	259	.Ox 6.3 .