4 files changed, 195 insertions, 6 deletions
diff --git a/src/lib/libcrypto/man/Makefile b/src/lib/libcrypto/man/Makefile
index 39f9da3779..d76403010d 100644
--- a/src/lib/libcrypto/man/Makefile
+++ b/src/lib/libcrypto/man/Makefile
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.88 2016/12/22 14:06:51 schwarze Exp $
+# $OpenBSD: Makefile,v 1.89 2016/12/22 16:05:22 schwarze Exp $
 .include <bsd.own.mk>
@@ -141,8 +141,10 @@ MAN=	\
        PEM_read_bio_PrivateKey.3 \
        PEM_write_bio_PKCS7_stream.3 \
        PKCS12_create.3 \
+        PKCS12_new.3 \
        PKCS12_newpass.3 \
        PKCS12_parse.3 \
+        PKCS12_SAFEBAG_new.3 \
        PKCS5_PBKDF2_HMAC.3 \
        PKCS7_decrypt.3 \
        PKCS7_encrypt.3 \
diff --git a/src/lib/libcrypto/man/PKCS12_SAFEBAG_new.3 b/src/lib/libcrypto/man/PKCS12_SAFEBAG_new.3
new file mode 100644
index 0000000000..8cb6835194
--- /dev/null
+++ b/src/lib/libcrypto/man/PKCS12_SAFEBAG_new.3
@@ -0,0 +1,92 @@
+.\"     $OpenBSD: PKCS12_SAFEBAG_new.3,v 1.1 2016/12/22 16:05:22 schwarze Exp $
+.\"
+.\" Copyright (c) 2016 Ingo Schwarze <schwarze@openbsd.org>
+.\"
+.\" Permission to use, copy, modify, and distribute this software for any
+.\" purpose with or without fee is hereby granted, provided that the above
+.\" copyright notice and this permission notice appear in all copies.
+.\"
+.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+.\"
+.Dd $Mdocdate: December 22 2016 $
+.Dt PKCS12_SAFEBAG_NEW 3
+.Os
+.Sh NAME
+.Nm PKCS12_SAFEBAG_new ,
+.Nm PKCS12_SAFEBAG_free ,
+.Nm PKCS12_BAGS_new ,
+.Nm PKCS12_BAGS_free
+.Nd PKCS#12 container for one piece of information
+.Sh SYNOPSIS
+.In openssl/pkcs12.h
+.Ft PKCS12_SAFEBAG *
+.Fn PKCS12_SAFEBAG_new void
+.Ft void
+.Fn PKCS12_SAFEBAG_free "PKCS12_SAFEBAG *safebag"
+.Ft PKCS12_BAGS *
+.Fn PKCS12_BAGS_new void
+.Ft void
+.Fn PKCS12_BAGS_free "PKCS12_BAGS *bag"
+.Sh DESCRIPTION
+.Fn PKCS12_SAFEBAG_new
+allocates and initializes an empty
+.Vt PKCS12_SAFEBAG
+object, representing an ASN.1 SafeBag structure
+defined in RFC 7292 section 4.2.
+It can hold a pointer to a
+.Vt PKCS12_BAGS
+object together with a type identifier and optional attributes.
+.Fn PKCS12_SAFEBAG_free
+frees
+.Fa safebag .
+.Pp
+.Fn PKCS12_BAGS_new
+allocates and initializes an empty
+.Vt PKCS12_BAGS
+object, representing the bagValue field of an ASN.1 SafeBag structure.
+It is used in
+.Vt PKCS12_SAFEBAG
+and can hold a DER-encoded X.509 certificate,
+a base64-encoded SDSI certificate,
+a DER-encoded X.509 CRL,
+or other user-defined information.
+.Pp
+If an instance of
+.Vt PKCS12_SAFEBAG
+contains
+.Vt PKCS8_PRIV_KEY_INFO ,
+.Vt X509_SIG ,
+or nested
+.Vt PKCS12_SAFEBAG
+objects, the respective pointers are stored directly in the
+.Vt PKCS12_SAFEBAG
+object rather than in the contained
+.Vt PKCS12_BAGS
+object as required by RFC 7292.
+.Sh RETURN VALUES
+.Fn PKCS12_SAFEBAG_new
+and
+.Fn PKCS12_BAGS_new
+return the new
+.Vt PKCS12_SAFEBAG
+or
+.Vt PKCS12_BAGS
+object, respectively, or
+.Dv NULL
+if an error occurs.
+.Sh SEE ALSO
+.Xr PKCS12_new 3 ,
+.Xr PKCS8_PRIV_KEY_INFO_new 3 ,
+.Xr X509_ATTRIBUTE_new 3 ,
+.Xr X509_CRL_new 3 ,
+.Xr X509_new 3 ,
+.Xr X509_SIG_new 3
+.Sh STANDARDS
+RFC 7292: PKCS #12: Personal Information Exchange Syntax,
+section 4.2: The SafeBag Type
diff --git a/src/lib/libcrypto/man/PKCS12_new.3 b/src/lib/libcrypto/man/PKCS12_new.3
new file mode 100644
index 0000000000..426074c9b1
--- /dev/null
+++ b/src/lib/libcrypto/man/PKCS12_new.3
@@ -0,0 +1,87 @@
+.\"     $OpenBSD: PKCS12_new.3,v 1.1 2016/12/22 16:05:22 schwarze Exp $
+.\"
+.\" Copyright (c) 2016 Ingo Schwarze <schwarze@openbsd.org>
+.\"
+.\" Permission to use, copy, modify, and distribute this software for any
+.\" purpose with or without fee is hereby granted, provided that the above
+.\" copyright notice and this permission notice appear in all copies.
+.\"
+.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+.\"
+.Dd $Mdocdate: December 22 2016 $
+.Dt PKCS12_NEW 3
+.Os
+.Sh NAME
+.Nm PKCS12_new ,
+.Nm PKCS12_free ,
+.Nm PKCS12_MAC_DATA_new ,
+.Nm PKCS12_MAC_DATA_free
+.Nd PKCS#12 personal information exchange (PFX)
+.Sh SYNOPSIS
+.In openssl/pkcs12.h
+.Ft PKCS12 *
+.Fn PKCS12_new void
+.Ft void
+.Fn PKCS12_free "PKCS12 *pfx"
+.Ft PKCS12_MAC_DATA *
+.Fn PKCS12_MAC_DATA_new void
+.Ft void
+.Fn PKCS12_MAC_DATA_free "PKCS12_MAC_DATA *mac_data"
+.Sh DESCRIPTION
+.Fn PKCS12_new
+allocates and initializes an empty
+.Vt PKCS12
+object, representing an ASN.1 PFX (personal information exchange)
+structure defined in RFC 7292 section 4.
+It can hold a pointer to a
+.Vt PKCS7
+object described in
+.Xr PKCS7_new 3
+and optionally an instance of
+.Vt PKCS12_MAC_DATA
+described below.
+.Fn PKCS12_free
+frees
+.Fa pfx .
+.Pp
+.Fn PKCS12_MAC_DATA_new
+allocates and initializes an empty
+.Vt PKCS12_MAC_DATA
+object, representing an ASN.1 MacData structure
+defined in RFC 7292 section 4.
+It is used inside
+.Vt PKCS12
+and can hold a pointer to an
+.Vt X509_SIG
+object described in
+.Xr X509_SIG_new 3
+together with a salt value and an iteration count.
+.Fn PKCS12_MAC_DATA_free
+frees
+.Fa mac_data .
+.Sh RETURN VALUES
+.Fn PKCS12_new
+and
+.Fn PKCS12_MAC_DATA_new
+return the new
+.Vt PKCS12
+or
+.Vt PKCS12_MAC_DATA
+object, respectively, or
+.Dv NULL
+if an error occurs.
+.Sh SEE ALSO
+.Xr d2i_PKCS12 3 ,
+.Xr PKCS12_create 3 ,
+.Xr PKCS12_newpass 3 ,
+.Xr PKCS12_SAFEBAG_new 3 ,
+.Xr PKCS7_new 3 ,
+.Xr X509_SIG_new 3
+.Sh STANDARDS
+RFC 7292: PKCS #12: Personal Information Exchange Syntax
diff --git a/src/lib/libcrypto/man/X509_ATTRIBUTE_new.3 b/src/lib/libcrypto/man/X509_ATTRIBUTE_new.3
index 1410bd5c78..49aa238da7 100644
--- a/src/lib/libcrypto/man/X509_ATTRIBUTE_new.3
+++ b/src/lib/libcrypto/man/X509_ATTRIBUTE_new.3
@@ -1,4 +1,4 @@
-.\"     $OpenBSD: X509_ATTRIBUTE_new.3,v 1.1 2016/12/17 14:51:09 schwarze Exp $
+.\"     $OpenBSD: X509_ATTRIBUTE_new.3,v 1.2 2016/12/22 16:05:22 schwarze Exp $
 .\"
 .\" Copyright (c) 2016 Ingo Schwarze <schwarze@openbsd.org>
 .\"
@@ -14,7 +14,7 @@
 .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 .\"
-.Dd $Mdocdate: December 17 2016 $
+.Dd $Mdocdate: December 22 2016 $
 .Dt X509_ATTRIBUTE_NEW 3
 .Os
 .Sh NAME
@@ -36,11 +36,15 @@ used to represent any kind of property of any kind of directory entry.
 In OpenSSL, very few objects use it directly, most notably the
 .Vt X509_REQ_INFO
 object used for PKCS#10 certification requests described in
-.Xr X509_REQ_new 3
+.Xr X509_REQ_new 3 ,
-and the
+the
 .Vt PKCS8_PRIV_KEY_INFO
 object used for PKCS#8 private key information described in
-.Xr PKCS8_PRIV_KEY_INFO_new 3 .
+.Xr PKCS8_PRIV_KEY_INFO_new 3 ,
+and the
+.Vt PKCS12_SAFEBAG
+container object described in
+.Xr PKCS12_SAFEBAG_new 3 .
 .Pp
 .Fn X509_ATTRIBUTE_new
 allocates and initializes an empty
@@ -57,6 +61,7 @@ object or
 .Dv NULL
 if an error occurs.
 .Sh SEE ALSO
+.Xr PKCS12_SAFEBAG_new 3 ,
 .Xr PKCS8_PRIV_KEY_INFO_new 3 ,
 .Xr X509_EXTENSION_new 3 ,
 .Xr X509_REQ_new 3
@@ -72,6 +77,9 @@ section 4.1: CertificationRequestInfo
 .It For the specific use in the context of private key information:
 RFC 5208: Public-Key Cryptography Standards (PKCS) #8:
 Private-Key Information Syntax Specification
+.It For the specific definition in the context of PFX:
+RFC 7292: PKCS #12: Personal Information Exchange Syntax,
+section 4.2: The SafeBag Type
 .El
 .Sh BUGS
 A data type designed to hold arbitrary data is an oxymoron.

diff --git a/src/lib/libcrypto/man/Makefile b/src/lib/libcrypto/man/Makefile index 39f9da3779..d76403010d 100644 --- a/src/lib/libcrypto/man/Makefile +++ b/src/lib/libcrypto/man/Makefile
@@ -1,4 +1,4 @@
1	# $OpenBSD: Makefile,v 1.88 2016/12/22 14:06:51 schwarze Exp $	1	# $OpenBSD: Makefile,v 1.89 2016/12/22 16:05:22 schwarze Exp $
2		2
3	.include <bsd.own.mk>	3	.include <bsd.own.mk>
4		4
@@ -141,8 +141,10 @@ MAN= \
141	PEM_read_bio_PrivateKey.3 \	141	PEM_read_bio_PrivateKey.3 \
142	PEM_write_bio_PKCS7_stream.3 \	142	PEM_write_bio_PKCS7_stream.3 \
143	PKCS12_create.3 \	143	PKCS12_create.3 \
		144	PKCS12_new.3 \
144	PKCS12_newpass.3 \	145	PKCS12_newpass.3 \
145	PKCS12_parse.3 \	146	PKCS12_parse.3 \
		147	PKCS12_SAFEBAG_new.3 \
146	PKCS5_PBKDF2_HMAC.3 \	148	PKCS5_PBKDF2_HMAC.3 \
147	PKCS7_decrypt.3 \	149	PKCS7_decrypt.3 \
148	PKCS7_encrypt.3 \	150	PKCS7_encrypt.3 \


diff --git a/src/lib/libcrypto/man/PKCS12_SAFEBAG_new.3 b/src/lib/libcrypto/man/PKCS12_SAFEBAG_new.3 new file mode 100644 index 0000000000..8cb6835194 --- /dev/null +++ b/src/lib/libcrypto/man/PKCS12_SAFEBAG_new.3
@@ -0,0 +1,92 @@
		1	.\" $OpenBSD: PKCS12_SAFEBAG_new.3,v 1.1 2016/12/22 16:05:22 schwarze Exp $
		2	.\"
		3	.\" Copyright (c) 2016 Ingo Schwarze <schwarze@openbsd.org>
		4	.\"
		5	.\" Permission to use, copy, modify, and distribute this software for any
		6	.\" purpose with or without fee is hereby granted, provided that the above
		7	.\" copyright notice and this permission notice appear in all copies.
		8	.\"
		9	.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
		10	.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
		11	.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
		12	.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
		13	.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
		14	.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
		15	.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
		16	.\"
		17	.Dd $Mdocdate: December 22 2016 $
		18	.Dt PKCS12_SAFEBAG_NEW 3
		19	.Os
		20	.Sh NAME
		21	.Nm PKCS12_SAFEBAG_new ,
		22	.Nm PKCS12_SAFEBAG_free ,
		23	.Nm PKCS12_BAGS_new ,
		24	.Nm PKCS12_BAGS_free
		25	.Nd PKCS#12 container for one piece of information
		26	.Sh SYNOPSIS
		27	.In openssl/pkcs12.h
		28	.Ft PKCS12_SAFEBAG *
		29	.Fn PKCS12_SAFEBAG_new void
		30	.Ft void
		31	.Fn PKCS12_SAFEBAG_free "PKCS12_SAFEBAG *safebag"
		32	.Ft PKCS12_BAGS *
		33	.Fn PKCS12_BAGS_new void
		34	.Ft void
		35	.Fn PKCS12_BAGS_free "PKCS12_BAGS *bag"
		36	.Sh DESCRIPTION
		37	.Fn PKCS12_SAFEBAG_new
		38	allocates and initializes an empty
		39	.Vt PKCS12_SAFEBAG
		40	object, representing an ASN.1 SafeBag structure
		41	defined in RFC 7292 section 4.2.
		42	It can hold a pointer to a
		43	.Vt PKCS12_BAGS
		44	object together with a type identifier and optional attributes.
		45	.Fn PKCS12_SAFEBAG_free
		46	frees
		47	.Fa safebag .
		48	.Pp
		49	.Fn PKCS12_BAGS_new
		50	allocates and initializes an empty
		51	.Vt PKCS12_BAGS
		52	object, representing the bagValue field of an ASN.1 SafeBag structure.
		53	It is used in
		54	.Vt PKCS12_SAFEBAG
		55	and can hold a DER-encoded X.509 certificate,
		56	a base64-encoded SDSI certificate,
		57	a DER-encoded X.509 CRL,
		58	or other user-defined information.
		59	.Pp
		60	If an instance of
		61	.Vt PKCS12_SAFEBAG
		62	contains
		63	.Vt PKCS8_PRIV_KEY_INFO ,
		64	.Vt X509_SIG ,
		65	or nested
		66	.Vt PKCS12_SAFEBAG
		67	objects, the respective pointers are stored directly in the
		68	.Vt PKCS12_SAFEBAG
		69	object rather than in the contained
		70	.Vt PKCS12_BAGS
		71	object as required by RFC 7292.
		72	.Sh RETURN VALUES
		73	.Fn PKCS12_SAFEBAG_new
		74	and
		75	.Fn PKCS12_BAGS_new
		76	return the new
		77	.Vt PKCS12_SAFEBAG
		78	or
		79	.Vt PKCS12_BAGS
		80	object, respectively, or
		81	.Dv NULL
		82	if an error occurs.
		83	.Sh SEE ALSO
		84	.Xr PKCS12_new 3 ,
		85	.Xr PKCS8_PRIV_KEY_INFO_new 3 ,
		86	.Xr X509_ATTRIBUTE_new 3 ,
		87	.Xr X509_CRL_new 3 ,
		88	.Xr X509_new 3 ,
		89	.Xr X509_SIG_new 3
		90	.Sh STANDARDS
		91	RFC 7292: PKCS #12: Personal Information Exchange Syntax,
		92	section 4.2: The SafeBag Type


diff --git a/src/lib/libcrypto/man/PKCS12_new.3 b/src/lib/libcrypto/man/PKCS12_new.3 new file mode 100644 index 0000000000..426074c9b1 --- /dev/null +++ b/src/lib/libcrypto/man/PKCS12_new.3
@@ -0,0 +1,87 @@
		1	.\" $OpenBSD: PKCS12_new.3,v 1.1 2016/12/22 16:05:22 schwarze Exp $
		2	.\"
		3	.\" Copyright (c) 2016 Ingo Schwarze <schwarze@openbsd.org>
		4	.\"
		5	.\" Permission to use, copy, modify, and distribute this software for any
		6	.\" purpose with or without fee is hereby granted, provided that the above
		7	.\" copyright notice and this permission notice appear in all copies.
		8	.\"
		9	.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
		10	.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
		11	.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
		12	.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
		13	.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
		14	.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
		15	.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
		16	.\"
		17	.Dd $Mdocdate: December 22 2016 $
		18	.Dt PKCS12_NEW 3
		19	.Os
		20	.Sh NAME
		21	.Nm PKCS12_new ,
		22	.Nm PKCS12_free ,
		23	.Nm PKCS12_MAC_DATA_new ,
		24	.Nm PKCS12_MAC_DATA_free
		25	.Nd PKCS#12 personal information exchange (PFX)
		26	.Sh SYNOPSIS
		27	.In openssl/pkcs12.h
		28	.Ft PKCS12 *
		29	.Fn PKCS12_new void
		30	.Ft void
		31	.Fn PKCS12_free "PKCS12 *pfx"
		32	.Ft PKCS12_MAC_DATA *
		33	.Fn PKCS12_MAC_DATA_new void
		34	.Ft void
		35	.Fn PKCS12_MAC_DATA_free "PKCS12_MAC_DATA *mac_data"
		36	.Sh DESCRIPTION
		37	.Fn PKCS12_new
		38	allocates and initializes an empty
		39	.Vt PKCS12
		40	object, representing an ASN.1 PFX (personal information exchange)
		41	structure defined in RFC 7292 section 4.
		42	It can hold a pointer to a
		43	.Vt PKCS7
		44	object described in
		45	.Xr PKCS7_new 3
		46	and optionally an instance of
		47	.Vt PKCS12_MAC_DATA
		48	described below.
		49	.Fn PKCS12_free
		50	frees
		51	.Fa pfx .
		52	.Pp
		53	.Fn PKCS12_MAC_DATA_new
		54	allocates and initializes an empty
		55	.Vt PKCS12_MAC_DATA
		56	object, representing an ASN.1 MacData structure
		57	defined in RFC 7292 section 4.
		58	It is used inside
		59	.Vt PKCS12
		60	and can hold a pointer to an
		61	.Vt X509_SIG
		62	object described in
		63	.Xr X509_SIG_new 3
		64	together with a salt value and an iteration count.
		65	.Fn PKCS12_MAC_DATA_free
		66	frees
		67	.Fa mac_data .
		68	.Sh RETURN VALUES
		69	.Fn PKCS12_new
		70	and
		71	.Fn PKCS12_MAC_DATA_new
		72	return the new
		73	.Vt PKCS12
		74	or
		75	.Vt PKCS12_MAC_DATA
		76	object, respectively, or
		77	.Dv NULL
		78	if an error occurs.
		79	.Sh SEE ALSO
		80	.Xr d2i_PKCS12 3 ,
		81	.Xr PKCS12_create 3 ,
		82	.Xr PKCS12_newpass 3 ,
		83	.Xr PKCS12_SAFEBAG_new 3 ,
		84	.Xr PKCS7_new 3 ,
		85	.Xr X509_SIG_new 3
		86	.Sh STANDARDS
		87	RFC 7292: PKCS #12: Personal Information Exchange Syntax


diff --git a/src/lib/libcrypto/man/X509_ATTRIBUTE_new.3 b/src/lib/libcrypto/man/X509_ATTRIBUTE_new.3 index 1410bd5c78..49aa238da7 100644 --- a/src/lib/libcrypto/man/X509_ATTRIBUTE_new.3 +++ b/src/lib/libcrypto/man/X509_ATTRIBUTE_new.3
@@ -1,4 +1,4 @@
1	.\" $OpenBSD: X509_ATTRIBUTE_new.3,v 1.1 2016/12/17 14:51:09 schwarze Exp $	1	.\" $OpenBSD: X509_ATTRIBUTE_new.3,v 1.2 2016/12/22 16:05:22 schwarze Exp $
2	.\"	2	.\"
3	.\" Copyright (c) 2016 Ingo Schwarze <schwarze@openbsd.org>	3	.\" Copyright (c) 2016 Ingo Schwarze <schwarze@openbsd.org>
4	.\"	4	.\"
@@ -14,7 +14,7 @@
14	.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF	14	.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15	.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.	15	.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16	.\"	16	.\"
17	.Dd $Mdocdate: December 17 2016 $	17	.Dd $Mdocdate: December 22 2016 $
18	.Dt X509_ATTRIBUTE_NEW 3	18	.Dt X509_ATTRIBUTE_NEW 3
19	.Os	19	.Os
20	.Sh NAME	20	.Sh NAME
@@ -36,11 +36,15 @@ used to represent any kind of property of any kind of directory entry.
36	In OpenSSL, very few objects use it directly, most notably the	36	In OpenSSL, very few objects use it directly, most notably the
37	.Vt X509_REQ_INFO	37	.Vt X509_REQ_INFO
38	object used for PKCS#10 certification requests described in	38	object used for PKCS#10 certification requests described in
39	.Xr X509_REQ_new 3	39	.Xr X509_REQ_new 3 ,
40	and the	40	the
41	.Vt PKCS8_PRIV_KEY_INFO	41	.Vt PKCS8_PRIV_KEY_INFO
42	object used for PKCS#8 private key information described in	42	object used for PKCS#8 private key information described in
43	.Xr PKCS8_PRIV_KEY_INFO_new 3 .	43	.Xr PKCS8_PRIV_KEY_INFO_new 3 ,
		44	and the
		45	.Vt PKCS12_SAFEBAG
		46	container object described in
		47	.Xr PKCS12_SAFEBAG_new 3 .
44	.Pp	48	.Pp
45	.Fn X509_ATTRIBUTE_new	49	.Fn X509_ATTRIBUTE_new
46	allocates and initializes an empty	50	allocates and initializes an empty
@@ -57,6 +61,7 @@ object or
57	.Dv NULL	61	.Dv NULL
58	if an error occurs.	62	if an error occurs.
59	.Sh SEE ALSO	63	.Sh SEE ALSO
		64	.Xr PKCS12_SAFEBAG_new 3 ,
60	.Xr PKCS8_PRIV_KEY_INFO_new 3 ,	65	.Xr PKCS8_PRIV_KEY_INFO_new 3 ,
61	.Xr X509_EXTENSION_new 3 ,	66	.Xr X509_EXTENSION_new 3 ,
62	.Xr X509_REQ_new 3	67	.Xr X509_REQ_new 3
@@ -72,6 +77,9 @@ section 4.1: CertificationRequestInfo
72	.It For the specific use in the context of private key information:	77	.It For the specific use in the context of private key information:
73	RFC 5208: Public-Key Cryptography Standards (PKCS) #8:	78	RFC 5208: Public-Key Cryptography Standards (PKCS) #8:
74	Private-Key Information Syntax Specification	79	Private-Key Information Syntax Specification
		80	.It For the specific definition in the context of PFX:
		81	RFC 7292: PKCS #12: Personal Information Exchange Syntax,
		82	section 4.2: The SafeBag Type
75	.El	83	.El
76	.Sh BUGS	84	.Sh BUGS
77	A data type designed to hold arbitrary data is an oxymoron.	85	A data type designed to hold arbitrary data is an oxymoron.