42 files changed, 2611 insertions, 127 deletions
diff --git a/src/lib/libcrypto/doc/EVP_DigestSignInit.pod b/src/lib/libcrypto/doc/EVP_DigestSignInit.pod
new file mode 100644
index 0000000000..37d960e3b2
--- /dev/null
+++ b/src/lib/libcrypto/doc/EVP_DigestSignInit.pod
@@ -0,0 +1,87 @@
+=pod
+=head1 NAME
+EVP_DigestSignInit, EVP_DigestSignUpdate, EVP_DigestSignFinal - EVP signing functions
+=head1 SYNOPSIS
+ #include <openssl/evp.h>
+ int EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
+                        const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey);
+ int EVP_DigestSignUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt);
+ int EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen);
+=head1 DESCRIPTION
+The EVP signature routines are a high level interface to digital signatures.
+EVP_DigestSignInit() sets up signing context B<ctx> to use digest B<type> from
+ENGINE B<impl> and private key B<pkey>. B<ctx> must be initialized with
+EVP_MD_CTX_init() before calling this function. If B<pctx> is not NULL the
+EVP_PKEY_CTX of the signing operation will be written to B<*pctx>: this can
+be used to set alternative signing options.
+EVP_DigestSignUpdate() hashes B<cnt> bytes of data at B<d> into the
+signature context B<ctx>. This function can be called several times on the
+same B<ctx> to include additional data. This function is currently implemented
+usig a macro.
+EVP_DigestSignFinal() signs the data in B<ctx> places the signature in B<sig>.
+If B<sig> is B<NULL> then the maximum size of the output buffer is written to
+the B<siglen> parameter. If B<sig> is not B<NULL> then before the call the
+B<siglen> parameter should contain the length of the B<sig> buffer, if the
+call is successful the signature is written to B<sig> and the amount of data
+written to B<siglen>.
+=head1 RETURN VALUES
+EVP_DigestSignInit() EVP_DigestSignUpdate() and EVP_DigestSignaFinal() return
+1 for success and 0 or a negative value for failure. In particular a return
+value of -2 indicates the operation is not supported by the public key
+algorithm.
+The error codes can be obtained from L<ERR_get_error(3)|ERR_get_error(3)>.
+=head1 NOTES
+The B<EVP> interface to digital signatures should almost always be used in
+preference to the low level interfaces. This is because the code then becomes
+transparent to the algorithm used and much more flexible.
+In previous versions of OpenSSL there was a link between message digest types
+and public key algorithms. This meant that "clone" digests such as EVP_dss1()
+needed to be used to sign using SHA1 and DSA. This is no longer necessary and
+the use of clone digest is now discouraged.
+For some key types and parameters the random number generator must be seeded
+or the operation will fail. 
+The call to EVP_DigestSignFinal() internally finalizes a copy of the digest
+context. This means that calls to EVP_DigestSignUpdate() and
+EVP_DigestSignFinal() can be called later to digest and sign additional data.
+Since only a copy of the digest context is ever finalized the context must
+be cleaned up after use by calling EVP_MD_CTX_cleanup() or a memory leak
+will occur.
+The use of EVP_PKEY_size() with these functions is discouraged because some
+signature operations may have a signature length which depends on the
+parameters set. As a result EVP_PKEY_size() would have to return a value
+which indicates the maximum possible signature for any set of parameters.
+=head1 SEE ALSO
+L<EVP_DigestVerifyInit(3)|EVP_DigestVerifyInit(3)>,
+L<EVP_DigestInit(3)|EVP_DigestInit(3)>, L<err(3)|err(3)>,
+L<evp(3)|evp(3)>, L<hmac(3)|hmac(3)>, L<md2(3)|md2(3)>,
+L<md5(3)|md5(3)>, L<mdc2(3)|mdc2(3)>, L<ripemd(3)|ripemd(3)>,
+L<sha(3)|sha(3)>, L<dgst(1)|dgst(1)>
+=head1 HISTORY
+EVP_DigestSignInit(), EVP_DigestSignUpdate() and EVP_DigestSignFinal() 
+were first added to OpenSSL 1.0.0.
+=cut
diff --git a/src/lib/libcrypto/doc/EVP_DigestVerifyInit.pod b/src/lib/libcrypto/doc/EVP_DigestVerifyInit.pod
new file mode 100644
index 0000000000..f224488978
--- /dev/null
+++ b/src/lib/libcrypto/doc/EVP_DigestVerifyInit.pod
@@ -0,0 +1,82 @@
+=pod
+=head1 NAME
+EVP_DigestVerifyInit, EVP_DigestVerifyUpdate, EVP_DigestVerifyFinal - EVP signature verification functions
+=head1 SYNOPSIS
+ #include <openssl/evp.h>
+ int EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
+                        const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey);
+ int EVP_DigestVerifyUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt);
+ int EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, unsigned char *sig, size_t siglen);
+=head1 DESCRIPTION
+The EVP signature routines are a high level interface to digital signatures.
+EVP_DigestVerifyInit() sets up verification context B<ctx> to use digest
+B<type> from ENGINE B<impl> and public key B<pkey>. B<ctx> must be initialized
+with EVP_MD_CTX_init() before calling this function. If B<pctx> is not NULL the
+EVP_PKEY_CTX of the verification operation will be written to B<*pctx>: this
+can be used to set alternative verification options.
+EVP_DigestVerifyUpdate() hashes B<cnt> bytes of data at B<d> into the
+verification context B<ctx>. This function can be called several times on the
+same B<ctx> to include additional data. This function is currently implemented
+using a macro.
+EVP_DigestVerifyFinal() verifies the data in B<ctx> against the signature in
+B<sig> of length B<siglen>.
+=head1 RETURN VALUES
+EVP_DigestVerifyInit() and EVP_DigestVerifyUpdate() return 1 for success and 0
+or a negative value for failure. In particular a return value of -2 indicates
+the operation is not supported by the public key algorithm.
+Unlike other functions the return value 0 from EVP_DigestVerifyFinal() only
+indicates that the signature did not not verify successfully (that is tbs did
+not match the original data or the signature was of invalid form) it is not an
+indication of a more serious error.
+The error codes can be obtained from L<ERR_get_error(3)|ERR_get_error(3)>.
+=head1 NOTES
+The B<EVP> interface to digital signatures should almost always be used in
+preference to the low level interfaces. This is because the code then becomes
+transparent to the algorithm used and much more flexible.
+In previous versions of OpenSSL there was a link between message digest types
+and public key algorithms. This meant that "clone" digests such as EVP_dss1()
+needed to be used to sign using SHA1 and DSA. This is no longer necessary and
+the use of clone digest is now discouraged.
+For some key types and parameters the random number generator must be seeded
+or the operation will fail. 
+The call to EVP_DigestVerifyFinal() internally finalizes a copy of the digest
+context. This means that calls to EVP_VerifyUpdate() and EVP_VerifyFinal() can
+be called later to digest and verify additional data.
+Since only a copy of the digest context is ever finalized the context must
+be cleaned up after use by calling EVP_MD_CTX_cleanup() or a memory leak
+will occur.
+=head1 SEE ALSO
+L<EVP_DigestSignInit(3)|EVP_DigestSignInit(3)>,
+L<EVP_DigestInit(3)|EVP_DigestInit(3)>, L<err(3)|err(3)>,
+L<evp(3)|evp(3)>, L<hmac(3)|hmac(3)>, L<md2(3)|md2(3)>,
+L<md5(3)|md5(3)>, L<mdc2(3)|mdc2(3)>, L<ripemd(3)|ripemd(3)>,
+L<sha(3)|sha(3)>, L<dgst(1)|dgst(1)>
+=head1 HISTORY
+EVP_DigestVerifyInit(), EVP_DigestVerifyUpdate() and EVP_DigestVerifyFinal() 
+were first added to OpenSSL 1.0.0.
+=cut
diff --git a/src/lib/libcrypto/doc/EVP_PKEY_CTX_ctrl.pod b/src/lib/libcrypto/doc/EVP_PKEY_CTX_ctrl.pod
new file mode 100644
index 0000000000..f2f455990f
--- /dev/null
+++ b/src/lib/libcrypto/doc/EVP_PKEY_CTX_ctrl.pod
@@ -0,0 +1,128 @@
+=pod
+=head1 NAME
+EVP_PKEY_ctrl, EVP_PKEY_ctrl_str - algorithm specific control operations
+=head1 SYNOPSIS
+ #include <openssl/evp.h>
+ int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                                int cmd, int p1, void *p2);
+ int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
+                                                const char *value);
+ int EVP_PKEY_get_default_digest_nid(EVP_PKEY *pkey, int *pnid);
+ #include <openssl/rsa.h>
+ int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_set_rsa_padding(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_set_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_rsa_rsa_keygen_bits(EVP_PKEY_CTX *ctx, int mbits);
+ int EVP_PKEY_CTX_set_rsa_keygen_pubexp(EVP_PKEY_CTX *ctx, BIGNUM *pubexp);
+ #include <openssl/dsa.h>
+ int EVP_PKEY_CTX_set_dsa_paramgen_bits(EVP_PKEY_CTX *ctx, int nbits);
+ #include <openssl/dh.h>
+ int EVP_PKEY_CTX_set_dh_paramgen_prime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_generator(EVP_PKEY_CTX *ctx, int gen);
+ #include <openssl/ec.h>
+ int EVP_PKEY_CTX_set_ec_paramgen_curve_nid(EVP_PKEY_CTX *ctx, int nid);
+=head1 DESCRIPTION
+The function EVP_PKEY_CTX_ctrl() sends a control operation to the context
+B<ctx>. The key type used must match B<keytype> if it is not -1. The parameter
+B<optype> is a mask indicating which operations the control can be applied to.
+The control command is indicated in B<cmd> and any additional arguments in
+B<p1> and B<p2>.
+Applications will not normally call EVP_PKEY_CTX_ctrl() directly but will
+instead call one of the algorithm specific macros below.
+The function EVP_PKEY_ctrl_str() allows an application to send an algorithm
+specific control operation to a context B<ctx> in string form. This is
+intended to be used for options specified on the command line or in text
+files. The commands supported are documented in the openssl utility
+command line pages for the option B<-pkeyopt> which is supported by the
+B<pkeyutl>, B<genpkey> and B<req> commands.
+All the remaining "functions" are implemented as macros.
+The EVP_PKEY_CTX_set_signature_md() macro sets the message digest type used
+in a signature. It can be used with any public key algorithm supporting
+signature operations.
+The macro EVP_PKEY_CTX_set_rsa_padding() sets the RSA padding mode for B<ctx>.
+The B<pad> parameter can take the value RSA_PKCS1_PADDING for PKCS#1 padding,
+RSA_SSLV23_PADDING for SSLv23 padding, RSA_NO_PADDING for no padding,
+RSA_PKCS1_OAEP_PADDING for OAEP padding (encrypt and decrypt only),
+RSA_X931_PADDING for X9.31 padding (signature operations only) and 
+RSA_PKCS1_PSS_PADDING (sign and verify only).
+Two RSA padding modes behave differently if EVP_PKEY_CTX_set_signature_md()
+is used. If this macro is called for PKCS#1 padding the plaintext buffer is
+an actual digest value and is encapsulated in a DigestInfo structure according
+to PKCS#1 when signing and this structure is expected (and stripped off) when
+verifying. If this control is not used with RSA and PKCS#1 padding then the
+supplied data is used directly and not encapsulated. In the case of X9.31
+padding for RSA the algorithm identifier byte is added or checked and removed
+if this control is called. If it is not called then the first byte of the plaintext buffer is expected to be the algorithm identifier byte.
+The EVP_PKEY_CTX_set_rsa_pss_saltlen() macro sets the RSA PSS salt length to
+B<len> as its name implies it is only supported for PSS padding.  Two special
+values are supported: -1 sets the salt length to the digest length. When
+signing -2 sets the salt length to the maximum permissible value. When
+verifying -2 causes the salt length to be automatically determined based on the
+B<PSS> block structure. If this macro is not called a salt length value of -2
+is used by default.
+The EVP_PKEY_CTX_set_rsa_rsa_keygen_bits() macro sets the RSA key length for
+RSA key genration to B<bits>. If not specified 1024 bits is used.
+The EVP_PKEY_CTX_set_rsa_keygen_pubexp() macro sets the public exponent value
+for RSA key generation to B<pubexp> currently it should be an odd integer. The
+B<pubexp> pointer is used internally by this function so it should not be 
+modified or free after the call. If this macro is not called then 65537 is used.
+The macro EVP_PKEY_CTX_set_dsa_paramgen_bits() sets the number of bits used
+for DSA parameter generation to B<bits>. If not specified 1024 is used.
+The macro EVP_PKEY_CTX_set_dh_paramgen_prime_len() sets the length of the DH
+prime parameter B<p> for DH parameter generation. If this macro is not called
+then 1024 is used.
+The EVP_PKEY_CTX_set_dh_paramgen_generator() macro sets DH generator to B<gen>
+for DH parameter generation. If not specified 2 is used.
+The EVP_PKEY_CTX_set_ec_paramgen_curve_nid() sets the EC curve for EC parameter
+generation to B<nid>. For EC parameter generation this macro must be called
+or an error occurs because there is no default curve.
+=head1 RETURN VALUES
+EVP_PKEY_CTX_ctrl() and its macros return a positive value for success and 0
+or a negative value for failure. In particular a return value of -2
+indicates the operation is not supported by the public key algorithm.
+=head1 SEE ALSO
+L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>,
+L<EVP_PKEY_encrypt(3)|EVP_PKEY_encrypt(3)>,
+L<EVP_PKEY_decrypt(3)|EVP_PKEY_decrypt(3)>,
+L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>,
+L<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)>,
+L<EVP_PKEY_verifyrecover(3)|EVP_PKEY_verifyrecover(3)>,
+L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)> 
+L<EVP_PKEY_keygen(3)|EVP_PKEY_keygen(3)> 
+=head1 HISTORY
+These functions were first added to OpenSSL 1.0.0.
+=cut
diff --git a/src/lib/libcrypto/doc/EVP_PKEY_CTX_new.pod b/src/lib/libcrypto/doc/EVP_PKEY_CTX_new.pod
new file mode 100644
index 0000000000..a9af867580
--- /dev/null
+++ b/src/lib/libcrypto/doc/EVP_PKEY_CTX_new.pod
@@ -0,0 +1,52 @@
+=pod
+=head1 NAME
+EVP_PKEY_CTX_new, EVP_PKEY_CTX_new_id, EVP_PKEY_CTX_dup, EVP_PKEY_CTX_free - public key algorithm context functions.
+=head1 SYNOPSIS
+ #include <openssl/evp.h>
+ EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e);
+ EVP_PKEY_CTX *EVP_PKEY_CTX_new_id(int id, ENGINE *e);
+ EVP_PKEY_CTX *EVP_PKEY_CTX_dup(EVP_PKEY_CTX *ctx);
+ void EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx);
+=head1 DESCRIPTION
+The EVP_PKEY_CTX_new() function allocates public key algorithm context using
+the algorithm specified in B<pkey> and ENGINE B<e>.
+The EVP_PKEY_CTX_new_id() function allocates public key algorithm context
+using the algorithm specified by B<id> and ENGINE B<e>. It is normally used
+when no B<EVP_PKEY> structure is associated with the operations, for example
+during parameter generation of key genration for some algorithms.
+EVP_PKEY_CTX_dup() duplicates the context B<ctx>.
+EVP_PKEY_CTX_free() frees up the context B<ctx>.
+=head1 NOTES
+The B<EVP_PKEY_CTX> structure is an opaque public key algorithm context used
+by the OpenSSL high level public key API. Contexts B<MUST NOT> be shared between
+threads: that is it is not permissible to use the same context simultaneously
+in two threads.
+=head1 RETURN VALUES
+EVP_PKEY_CTX_new(), EVP_PKEY_CTX_new_id(), EVP_PKEY_CTX_dup() returns either
+the newly allocated B<EVP_PKEY_CTX> structure of B<NULL> if an error occurred.
+EVP_PKEY_CTX_free() does not return a value.
+=head1 SEE ALSO
+L<EVP_PKEY_new(3)|EVP_PKEY_new(3)>
+=head1 HISTORY
+These functions were first added to OpenSSL 1.0.0.
+=cut
diff --git a/src/lib/libcrypto/doc/EVP_PKEY_cmp.pod b/src/lib/libcrypto/doc/EVP_PKEY_cmp.pod
new file mode 100644
index 0000000000..4f8185e36c
--- /dev/null
+++ b/src/lib/libcrypto/doc/EVP_PKEY_cmp.pod
@@ -0,0 +1,61 @@
+=pod
+=head1 NAME
+EVP_PKEY_copy_parameters, EVP_PKEY_missing_parameters, EVP_PKEY_cmp_parameters, EVP_PKEY_cmp - public key parameter and comparison functions
+=head1 SYNOPSIS
+ #include <openssl/evp.h>
+ int EVP_PKEY_missing_parameters(const EVP_PKEY *pkey);
+ int EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from);
+ int EVP_PKEY_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b);
+ int EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b);
+=head1 DESCRIPTION
+The function EVP_PKEY_missing_parameters() returns 1 if the public key
+parameters of B<pkey> are missing and 0 if they are present or the algorithm
+doesn't use parameters.
+The function EVP_PKEY_copy_parameters() copies the parameters from key
+B<from> to key B<to>.
+The funcion EVP_PKEY_cmp_parameters() compares the parameters of keys
+B<a> and B<b>.
+The funcion EVP_PKEY_cmp() compares the public key components and paramters
+(if present) of keys B<a> and B<b>.
+=head1 NOTES
+The main purpose of the functions EVP_PKEY_missing_parameters() and
+EVP_PKEY_copy_parameters() is to handle public keys in certificates where the
+parameters are sometimes omitted from a public key if they are inherited from
+the CA that signed it.
+Since OpenSSL private keys contain public key components too the function
+EVP_PKEY_cmp() can also be used to determine if a private key matches
+a public key.
+=head1 RETURN VALUES
+The function EVP_PKEY_missing_parameters() returns 1 if the public key
+parameters of B<pkey> are missing and 0 if they are present or the algorithm
+doesn't use parameters.
+These functions EVP_PKEY_copy_parameters() returns 1 for success and 0 for
+failure.
+The function EVP_PKEY_cmp_parameters() and EVP_PKEY_cmp() return 1 if the
+keys match, 0 if they don't match, -1 if the key types are different and
+-2 if the operation is not supported.
+=head1 SEE ALSO
+L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>,
+L<EVP_PKEY_keygen(3)|EVP_PKEY_keygen(3)> 
+=cut
diff --git a/src/lib/libcrypto/doc/EVP_PKEY_decrypt.pod b/src/lib/libcrypto/doc/EVP_PKEY_decrypt.pod
new file mode 100644
index 0000000000..42b2a8c44e
--- /dev/null
+++ b/src/lib/libcrypto/doc/EVP_PKEY_decrypt.pod
@@ -0,0 +1,93 @@
+=pod
+=head1 NAME
+EVP_PKEY_decrypt_init, EVP_PKEY_decrypt - decrypt using a public key algorithm
+=head1 SYNOPSIS
+ #include <openssl/evp.h>
+ int EVP_PKEY_decrypt_init(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_decrypt(EVP_PKEY_CTX *ctx,
+                        unsigned char *out, size_t *outlen,
+                        const unsigned char *in, size_t inlen);
+=head1 DESCRIPTION
+The EVP_PKEY_decrypt_init() function initializes a public key algorithm
+context using key B<pkey> for a decryption operation.
+The EVP_PKEY_decrypt() function performs a public key decryption operation
+using B<ctx>. The data to be decrypted is specified using the B<in> and
+B<inlen> parameters. If B<out> is B<NULL> then the maximum size of the output
+buffer is written to the B<outlen> parameter. If B<out> is not B<NULL> then
+before the call the B<outlen> parameter should contain the length of the
+B<out> buffer, if the call is successful the decrypted data is written to
+B<out> and the amount of data written to B<outlen>.
+=head1 NOTES
+After the call to EVP_PKEY_decrypt_init() algorithm specific control
+operations can be performed to set any appropriate parameters for the
+operation.
+The function EVP_PKEY_decrypt() can be called more than once on the same
+context if several operations are performed using the same parameters.
+=head1 RETURN VALUES
+EVP_PKEY_decrypt_init() and EVP_PKEY_decrypt() return 1 for success and 0
+or a negative value for failure. In particular a return value of -2
+indicates the operation is not supported by the public key algorithm.
+=head1 EXAMPLE
+Decrypt data using OAEP (for RSA keys):
+ #include <openssl/evp.h>
+ #include <openssl/rsa.h>
+ EVP_PKEY_CTX *ctx;
+ unsigned char *out, *in;
+ size_t outlen, inlen; 
+ EVP_PKEY *key;
+ /* NB: assumes key in, inlen are already set up
+  * and that key is an RSA private key
+  */
+ ctx = EVP_PKEY_CTX_new(key);
+ if (!ctx)
+        /* Error occurred */
+ if (EVP_PKEY_decrypt_init(ctx) <= 0)
+        /* Error */
+ if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_OAEP_PADDING) <= 0)
+        /* Error */
+ /* Determine buffer length */
+ if (EVP_PKEY_decrypt(ctx, NULL, &outlen, in, inlen) <= 0)
+        /* Error */
+ out = OPENSSL_malloc(outlen);
+ if (!out)
+        /* malloc failure */
+ 
+ if (EVP_PKEY_decrypt(ctx, out, &outlen, in, inlen) <= 0)
+        /* Error */
+ /* Decrypted data is outlen bytes written to buffer out */
+=head1 SEE ALSO
+L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>,
+L<EVP_PKEY_encrypt(3)|EVP_PKEY_encrypt(3)>,
+L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>,
+L<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)>,
+L<EVP_PKEY_verifyrecover(3)|EVP_PKEY_verifyrecover(3)>,
+L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)> 
+=head1 HISTORY
+These functions were first added to OpenSSL 1.0.0.
+=cut
diff --git a/src/lib/libcrypto/doc/EVP_PKEY_derive.pod b/src/lib/libcrypto/doc/EVP_PKEY_derive.pod
new file mode 100644
index 0000000000..d9d6d76c72
--- /dev/null
+++ b/src/lib/libcrypto/doc/EVP_PKEY_derive.pod
@@ -0,0 +1,93 @@
+=pod
+=head1 NAME
+EVP_PKEY_derive_init, EVP_PKEY_derive_set_peer, EVP_PKEY_derive - derive public key algorithm shared secret.
+=head1 SYNOPSIS
+ #include <openssl/evp.h>
+ int EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer);
+ int EVP_PKEY_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);
+=head1 DESCRIPTION
+The EVP_PKEY_derive_init() function initializes a public key algorithm
+context using key B<pkey> for shared secret derivation.
+The EVP_PKEY_derive_set_peer() function sets the peer key: this will normally
+be a public key.
+The EVP_PKEY_derive() derives a shared secret using B<ctx>.
+If B<key> is B<NULL> then the maximum size of the output buffer is written to
+the B<keylen> parameter. If B<key> is not B<NULL> then before the call the
+B<keylen> parameter should contain the length of the B<key> buffer, if the call
+is successful the shared secret is written to B<key> and the amount of data
+written to B<keylen>.
+=head1 NOTES
+After the call to EVP_PKEY_derive_init() algorithm specific control
+operations can be performed to set any appropriate parameters for the
+operation.
+The function EVP_PKEY_derive() can be called more than once on the same
+context if several operations are performed using the same parameters.
+=head1 RETURN VALUES
+EVP_PKEY_derive_init() and EVP_PKEY_derive() return 1 for success and 0
+or a negative value for failure. In particular a return value of -2
+indicates the operation is not supported by the public key algorithm.
+=head1 EXAMPLE
+Derive shared secret (for example DH or EC keys):
+ #include <openssl/evp.h>
+ #include <openssl/rsa.h>
+ EVP_PKEY_CTX *ctx;
+ unsigned char *skey;
+ size_t skeylen;
+ EVP_PKEY *pkey, *peerkey;
+ /* NB: assumes pkey, peerkey have been already set up */
+ ctx = EVP_PKEY_CTX_new(pkey);
+ if (!ctx)
+        /* Error occurred */
+ if (EVP_PKEY_derive_init(ctx) <= 0)
+        /* Error */
+ if (EVP_PKEY_derive_set_peer(ctx, peerkey) <= 0)
+        /* Error */
+ /* Determine buffer length */
+ if (EVP_PKEY_derive(ctx, NULL, &skeylen) <= 0)
+        /* Error */
+ skey = OPENSSL_malloc(skeylen);
+ if (!skey)
+        /* malloc failure */
+ 
+ if (EVP_PKEY_derive(ctx, skey, &skeylen) <= 0)
+        /* Error */
+ /* Shared secret is skey bytes written to buffer skey */
+=head1 SEE ALSO
+L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>,
+L<EVP_PKEY_encrypt(3)|EVP_PKEY_encrypt(3)>,
+L<EVP_PKEY_decrypt(3)|EVP_PKEY_decrypt(3)>,
+L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>,
+L<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)>,
+L<EVP_PKEY_verifyrecover(3)|EVP_PKEY_verifyrecover(3)>,
+=head1 HISTORY
+These functions were first added to OpenSSL 1.0.0.
+=cut
diff --git a/src/lib/libcrypto/doc/EVP_PKEY_encrypt.pod b/src/lib/libcrypto/doc/EVP_PKEY_encrypt.pod
new file mode 100644
index 0000000000..91c9c5d0a5
--- /dev/null
+++ b/src/lib/libcrypto/doc/EVP_PKEY_encrypt.pod
@@ -0,0 +1,93 @@
+=pod
+=head1 NAME
+EVP_PKEY_encrypt_init, EVP_PKEY_encrypt - encrypt using a public key algorithm
+=head1 SYNOPSIS
+ #include <openssl/evp.h>
+ int EVP_PKEY_encrypt_init(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_encrypt(EVP_PKEY_CTX *ctx,
+                        unsigned char *out, size_t *outlen,
+                        const unsigned char *in, size_t inlen);
+=head1 DESCRIPTION
+The EVP_PKEY_encrypt_init() function initializes a public key algorithm
+context using key B<pkey> for an encryption operation.
+The EVP_PKEY_encrypt() function performs a public key encryption operation
+using B<ctx>. The data to be encrypted is specified using the B<in> and
+B<inlen> parameters. If B<out> is B<NULL> then the maximum size of the output
+buffer is written to the B<outlen> parameter. If B<out> is not B<NULL> then
+before the call the B<outlen> parameter should contain the length of the
+B<out> buffer, if the call is successful the encrypted data is written to
+B<out> and the amount of data written to B<outlen>.
+=head1 NOTES
+After the call to EVP_PKEY_encrypt_init() algorithm specific control
+operations can be performed to set any appropriate parameters for the
+operation.
+The function EVP_PKEY_encrypt() can be called more than once on the same
+context if several operations are performed using the same parameters.
+=head1 RETURN VALUES
+EVP_PKEY_encrypt_init() and EVP_PKEY_encrypt() return 1 for success and 0
+or a negative value for failure. In particular a return value of -2
+indicates the operation is not supported by the public key algorithm.
+=head1 EXAMPLE
+Encrypt data using OAEP (for RSA keys):
+ #include <openssl/evp.h>
+ #include <openssl/rsa.h>
+ EVP_PKEY_CTX *ctx;
+ unsigned char *out, *in;
+ size_t outlen, inlen; 
+ EVP_PKEY *key;
+ /* NB: assumes key in, inlen are already set up
+  * and that key is an RSA public key
+  */
+ ctx = EVP_PKEY_CTX_new(key);
+ if (!ctx)
+        /* Error occurred */
+ if (EVP_PKEY_encrypt_init(ctx) <= 0)
+        /* Error */
+ if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_OAEP_PADDING) <= 0)
+        /* Error */
+ /* Determine buffer length */
+ if (EVP_PKEY_encrypt(ctx, NULL, &outlen, in, inlen) <= 0)
+        /* Error */
+ out = OPENSSL_malloc(outlen);
+ if (!out)
+        /* malloc failure */
+ 
+ if (EVP_PKEY_encrypt(ctx, out, &outlen, in, inlen) <= 0)
+        /* Error */
+ /* Encrypted data is outlen bytes written to buffer out */
+=head1 SEE ALSO
+L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>,
+L<EVP_PKEY_decrypt(3)|EVP_PKEY_decrypt(3)>,
+L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>,
+L<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)>,
+L<EVP_PKEY_verifyrecover(3)|EVP_PKEY_verifyrecover(3)>,
+L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)> 
+=head1 HISTORY
+These functions were first added to OpenSSL 1.0.0.
+=cut
diff --git a/src/lib/libcrypto/doc/EVP_PKEY_get_default_digest.pod b/src/lib/libcrypto/doc/EVP_PKEY_get_default_digest.pod
new file mode 100644
index 0000000000..1a9c7954c5
--- /dev/null
+++ b/src/lib/libcrypto/doc/EVP_PKEY_get_default_digest.pod
@@ -0,0 +1,41 @@
+=pod
+=head1 NAME
+EVP_PKEY_get_default_digest_nid - get default signature digest
+=head1 SYNOPSIS
+ #include <openssl/evp.h>
+ int EVP_PKEY_get_default_digest_nid(EVP_PKEY *pkey, int *pnid);
+=head1 DESCRIPTION
+The EVP_PKEY_get_default_digest_nid() function sets B<pnid> to the default
+message digest NID for the public key signature operations associated with key
+B<pkey>.
+=head1 NOTES
+For all current standard OpenSSL public key algorithms SHA1 is returned.
+=head1 RETURN VALUES
+The EVP_PKEY_get_default_digest_nid() function returns 1 if the message digest
+is advisory (that is other digests can be used) and 2 if it is mandatory (other
+digests can not be used).  It returns 0 or a negative value for failure. In
+particular a return value of -2 indicates the operation is not supported by the
+public key algorithm.
+=head1 SEE ALSO
+L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>,
+L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>,
+L<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)>,
+L<EVP_PKEY_verifyrecover(3)|EVP_PKEY_verifyrecover(3)>,
+=head1 HISTORY
+This function was first added to OpenSSL 1.0.0.
+=cut
diff --git a/src/lib/libcrypto/doc/EVP_PKEY_keygen.pod b/src/lib/libcrypto/doc/EVP_PKEY_keygen.pod
new file mode 100644
index 0000000000..37c6fe9503
--- /dev/null
+++ b/src/lib/libcrypto/doc/EVP_PKEY_keygen.pod
@@ -0,0 +1,161 @@
+=pod
+=head1 NAME
+EVP_PKEY_keygen_init, EVP_PKEY_keygen, EVP_PKEY_paramgen_init, EVP_PKEY_paramgen, EVP_PKEY_CTX_set_cb, EVP_PKEY_CTX_get_cb, EVP_PKEY_CTX_get_keygen_info, EVP_PKEVP_PKEY_CTX_set_app_data, EVP_PKEY_CTX_get_app_data - key and parameter generation functions
+=head1 SYNOPSIS
+ #include <openssl/evp.h>
+ int EVP_PKEY_keygen_init(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey);
+ int EVP_PKEY_paramgen_init(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey);
+ typedef int EVP_PKEY_gen_cb(EVP_PKEY_CTX *ctx);
+ void EVP_PKEY_CTX_set_cb(EVP_PKEY_CTX *ctx, EVP_PKEY_gen_cb *cb);
+ EVP_PKEY_gen_cb *EVP_PKEY_CTX_get_cb(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_get_keygen_info(EVP_PKEY_CTX *ctx, int idx);
+ void EVP_PKEY_CTX_set_app_data(EVP_PKEY_CTX *ctx, void *data);
+ void *EVP_PKEY_CTX_get_app_data(EVP_PKEY_CTX *ctx);
+=head1 DESCRIPTION
+The EVP_PKEY_keygen_init() function initializes a public key algorithm
+context using key B<pkey> for a key genration operation.
+The EVP_PKEY_keygen() function performs a key generation operation, the 
+generated key is written to B<ppkey>.
+The functions EVP_PKEY_paramgen_init() and EVP_PKEY_paramgen() are similar
+except parameters are generated.
+The function EVP_PKEY_set_cb() sets the key or parameter generation callback
+to B<cb>. The function EVP_PKEY_CTX_get_cb() returns the key or parameter
+generation callback.
+The function EVP_PKEY_CTX_get_keygen_info() returns parameters associated
+with the generation operation. If B<idx> is -1 the total number of
+parameters available is returned. Any non negative value returns the value of
+that parameter. EVP_PKEY_CTX_gen_keygen_info() with a non-negative value for
+B<idx> should only be called within the generation callback.
+If the callback returns 0 then the key genration operation is aborted and an
+error occurs. This might occur during a time consuming operation where
+a user clicks on a "cancel" button.
+The functions EVP_PKEY_CTX_set_app_data() and EVP_PKEY_CTX_get_app_data() set
+and retrieve an opaque pointer. This can be used to set some application
+defined value which can be retrieved in the callback: for example a handle
+which is used to update a "progress dialog".
+=head1 NOTES
+After the call to EVP_PKEY_keygen_init() or EVP_PKEY_paramgen_init() algorithm
+specific control operations can be performed to set any appropriate parameters
+for the operation.
+The functions EVP_PKEY_keygen() and EVP_PKEY_paramgen() can be called more than
+once on the same context if several operations are performed using the same
+parameters.
+The meaning of the parameters passed to the callback will depend on the
+algorithm and the specifiic implementation of the algorithm. Some might not
+give any useful information at all during key or parameter generation. Others
+might not even call the callback.
+The operation performed by key or parameter generation depends on the algorithm
+used. In some cases (e.g. EC with a supplied named curve) the "generation"
+option merely sets the appropriate fields in an EVP_PKEY structure.
+In OpenSSL an EVP_PKEY structure containing a private key also contains the
+public key components and parameters (if any). An OpenSSL private key is
+equivalent to what some libraries call a "key pair". A private key can be used
+in functions which require the use of a public key or parameters.
+=head1 RETURN VALUES
+EVP_PKEY_keygen_init(), EVP_PKEY_paramgen_init(), EVP_PKEY_keygen() and
+EVP_PKEY_paramgen() return 1 for success and 0 or a negative value for failure.
+In particular a return value of -2 indicates the operation is not supported by
+the public key algorithm.
+=head1 EXAMPLES
+Generate a 2048 bit RSA key:
+ #include <openssl/evp.h>
+ #include <openssl/rsa.h>
+ EVP_PKEY_CTX *ctx;
+ EVP_PKEY *pkey = NULL;
+ ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL);
+ if (!ctx)
+        /* Error occurred */
+ if (EVP_PKEY_keygen_init(ctx) <= 0)
+        /* Error */
+ if (EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, 2048) <= 0)
+        /* Error */
+ /* Generate key */
+ if (EVP_PKEY_keygen(ctx, &pkey) <= 0)
+        /* Error */
+Generate a key from a set of parameters:
+ #include <openssl/evp.h>
+ #include <openssl/rsa.h>
+ EVP_PKEY_CTX *ctx;
+ EVP_PKEY *pkey = NULL, *param;
+ /* Assumed param is set up already */
+ ctx = EVP_PKEY_CTX_new(param);
+ if (!ctx)
+        /* Error occurred */
+ if (EVP_PKEY_keygen_init(ctx) <= 0)
+        /* Error */
+ /* Generate key */
+ if (EVP_PKEY_keygen(ctx, &pkey) <= 0)
+        /* Error */
+Example of generation callback for OpenSSL public key implementations:
+ /* Application data is a BIO to output status to */
+ EVP_PKEY_CTX_set_app_data(ctx, status_bio);
+ static int genpkey_cb(EVP_PKEY_CTX *ctx)
+        {
+        char c='*';
+        BIO *b = EVP_PKEY_CTX_get_app_data(ctx);
+        int p;
+        p = EVP_PKEY_CTX_get_keygen_info(ctx, 0);
+        if (p == 0) c='.';
+        if (p == 1) c='+';
+        if (p == 2) c='*';
+        if (p == 3) c='\n';
+        BIO_write(b,&c,1);
+        (void)BIO_flush(b);
+        return 1;
+        }
+=head1 SEE ALSO
+L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>,
+L<EVP_PKEY_encrypt(3)|EVP_PKEY_encrypt(3)>,
+L<EVP_PKEY_decrypt(3)|EVP_PKEY_decrypt(3)>,
+L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>,
+L<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)>,
+L<EVP_PKEY_verifyrecover(3)|EVP_PKEY_verifyrecover(3)>,
+L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)> 
+=head1 HISTORY
+These functions were first added to OpenSSL 1.0.0.
+=cut
diff --git a/src/lib/libcrypto/doc/EVP_PKEY_print_private.pod b/src/lib/libcrypto/doc/EVP_PKEY_print_private.pod
new file mode 100644
index 0000000000..ce9d70d7a7
--- /dev/null
+++ b/src/lib/libcrypto/doc/EVP_PKEY_print_private.pod
@@ -0,0 +1,53 @@
+=pod
+=head1 NAME
+EVP_PKEY_print_public, EVP_PKEY_print_private, EVP_PKEY_print_params - public key algorithm printing routines.
+=head1 SYNOPSIS
+ #include <openssl/evp.h>
+ int EVP_PKEY_print_public(BIO *out, const EVP_PKEY *pkey,
+                                int indent, ASN1_PCTX *pctx);
+ int EVP_PKEY_print_private(BIO *out, const EVP_PKEY *pkey,
+                                int indent, ASN1_PCTX *pctx);
+ int EVP_PKEY_print_params(BIO *out, const EVP_PKEY *pkey,
+                                int indent, ASN1_PCTX *pctx);
+=head1 DESCRIPTION
+The functions EVP_PKEY_print_public(), EVP_PKEY_print_private() and
+EVP_PKEY_print_params() print out the public, private or parameter components
+of key B<pkey> respectively. The key is sent to BIO B<out> in human readable
+form. The parameter B<indent> indicated how far the printout should be indented.
+The B<pctx> parameter allows the print output to be finely tuned by using
+ASN1 printing options. If B<pctx> is set to NULL then default values will
+be used.
+=head1 NOTES
+Currently no public key algorithms include any options in the B<pctx> parameter 
+parameter.
+If the key does not include all the components indicated by the function then
+only those contained in the key will be printed. For example passing a public
+key to EVP_PKEY_print_private() will only print the public components.
+=head1 RETURN VALUES
+These functions all return 1 for success and 0 or a negative value for failure.
+In particular a return value of -2 indicates the operation is not supported by
+the public key algorithm.
+=head1 SEE ALSO
+L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>,
+L<EVP_PKEY_keygen(3)|EVP_PKEY_keygen(3)> 
+=head1 HISTORY
+These functions were first added to OpenSSL 1.0.0.
+=cut
diff --git a/src/lib/libcrypto/doc/EVP_PKEY_sign.pod b/src/lib/libcrypto/doc/EVP_PKEY_sign.pod
new file mode 100644
index 0000000000..2fb52c3486
--- /dev/null
+++ b/src/lib/libcrypto/doc/EVP_PKEY_sign.pod
@@ -0,0 +1,96 @@
+=pod
+=head1 NAME
+EVP_PKEY_sign_init, EVP_PKEY_sign - sign using a public key algorithm
+=head1 SYNOPSIS
+ #include <openssl/evp.h>
+ int EVP_PKEY_sign_init(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_sign(EVP_PKEY_CTX *ctx,
+                        unsigned char *sig, size_t *siglen,
+                        const unsigned char *tbs, size_t tbslen);
+=head1 DESCRIPTION
+The EVP_PKEY_sign_init() function initializes a public key algorithm
+context using key B<pkey> for a signing operation.
+The EVP_PKEY_sign() function performs a public key signing operation
+using B<ctx>. The data to be signed is specified using the B<tbs> and
+B<tbslen> parameters. If B<sig> is B<NULL> then the maximum size of the output
+buffer is written to the B<siglen> parameter. If B<sig> is not B<NULL> then
+before the call the B<siglen> parameter should contain the length of the
+B<sig> buffer, if the call is successful the signature is written to
+B<sig> and the amount of data written to B<siglen>.
+=head1 NOTES
+After the call to EVP_PKEY_sign_init() algorithm specific control
+operations can be performed to set any appropriate parameters for the
+operation.
+The function EVP_PKEY_sign() can be called more than once on the same
+context if several operations are performed using the same parameters.
+=head1 RETURN VALUES
+EVP_PKEY_sign_init() and EVP_PKEY_sign() return 1 for success and 0
+or a negative value for failure. In particular a return value of -2
+indicates the operation is not supported by the public key algorithm.
+=head1 EXAMPLE
+Sign data using RSA with PKCS#1 padding and SHA256 digest:
+ #include <openssl/evp.h>
+ #include <openssl/rsa.h>
+ EVP_PKEY_CTX *ctx;
+ unsigned char *md, *sig;
+ size_t mdlen, siglen; 
+ EVP_PKEY *signing_key;
+ /* NB: assumes signing_key, md and mdlen are already set up
+  * and that signing_key is an RSA private key
+  */
+ ctx = EVP_PKEY_CTX_new(signing_key);
+ if (!ctx)
+        /* Error occurred */
+ if (EVP_PKEY_sign_init(ctx) <= 0)
+        /* Error */
+ if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING) <= 0)
+        /* Error */
+ if (EVP_PKEY_CTX_set_signature_md(ctx, EVP_sha256()) <= 0)
+        /* Error */
+ /* Determine buffer length */
+ if (EVP_PKEY_sign(ctx, NULL, &siglen, md, mdlen) <= 0)
+        /* Error */
+ sig = OPENSSL_malloc(siglen);
+ if (!sig)
+        /* malloc failure */
+ 
+ if (EVP_PKEY_sign(ctx, sig, &siglen, md, mdlen) <= 0)
+        /* Error */
+ /* Signature is siglen bytes written to buffer sig */
+=head1 SEE ALSO
+L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>,
+L<EVP_PKEY_encrypt(3)|EVP_PKEY_encrypt(3)>,
+L<EVP_PKEY_decrypt(3)|EVP_PKEY_decrypt(3)>,
+L<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)>,
+L<EVP_PKEY_verifyrecover(3)|EVP_PKEY_verifyrecover(3)>,
+L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)> 
+=head1 HISTORY
+These functions were first added to OpenSSL 1.0.0.
+=cut
diff --git a/src/lib/libcrypto/doc/EVP_PKEY_verify.pod b/src/lib/libcrypto/doc/EVP_PKEY_verify.pod
new file mode 100644
index 0000000000..10633da3f2
--- /dev/null
+++ b/src/lib/libcrypto/doc/EVP_PKEY_verify.pod
@@ -0,0 +1,91 @@
+=pod
+=head1 NAME
+EVP_PKEY_verify_init, EVP_PKEY_verify - signature verification using a public key algorithm
+=head1 SYNOPSIS
+ #include <openssl/evp.h>
+ int EVP_PKEY_verify_init(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_verify(EVP_PKEY_CTX *ctx,
+                        const unsigned char *sig, size_t siglen,
+                        const unsigned char *tbs, size_t tbslen);
+=head1 DESCRIPTION
+The EVP_PKEY_verify_init() function initializes a public key algorithm
+context using key B<pkey> for a signature verification operation.
+The EVP_PKEY_verify() function performs a public key verification operation
+using B<ctx>. The signature is specified using the B<sig> and
+B<siglen> parameters. The verified data (i.e. the data believed originally
+signed) is specified using the B<tbs> and B<tbslen> parameters.
+=head1 NOTES
+After the call to EVP_PKEY_verify_init() algorithm specific control
+operations can be performed to set any appropriate parameters for the
+operation.
+The function EVP_PKEY_verify() can be called more than once on the same
+context if several operations are performed using the same parameters.
+=head1 RETURN VALUES
+EVP_PKEY_verify_init() and EVP_PKEY_verify() return 1 if the verification was
+successful and 0 if it failed. Unlike other functions the return value 0 from
+EVP_PKEY_verify() only indicates that the signature did not not verify
+successfully (that is tbs did not match the original data or the signature was
+of invalid form) it is not an indication of a more serious error.
+A negative value indicates an error other that signature verification failure.
+In particular a return value of -2 indicates the operation is not supported by
+the public key algorithm.
+=head1 EXAMPLE
+Verify signature using PKCS#1 and SHA256 digest:
+ #include <openssl/evp.h>
+ #include <openssl/rsa.h>
+ EVP_PKEY_CTX *ctx;
+ unsigned char *md, *sig;
+ size_t mdlen, siglen; 
+ EVP_PKEY *verify_key;
+ /* NB: assumes verify_key, sig, siglen md and mdlen are already set up
+  * and that verify_key is an RSA public key
+  */
+ ctx = EVP_PKEY_CTX_new(verify_key);
+ if (!ctx)
+        /* Error occurred */
+ if (EVP_PKEY_verify_init(ctx) <= 0)
+        /* Error */
+ if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING) <= 0)
+        /* Error */
+ if (EVP_PKEY_CTX_set_signature_md(ctx, EVP_sha256()) <= 0)
+        /* Error */
+ /* Perform operation */
+ ret = EVP_PKEY_verify(ctx, md, mdlen, sig, siglen);
+ /* ret == 1 indicates success, 0 verify failure and < 0 for some
+  * other error.
+  */
+=head1 SEE ALSO
+L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>,
+L<EVP_PKEY_encrypt(3)|EVP_PKEY_encrypt(3)>,
+L<EVP_PKEY_decrypt(3)|EVP_PKEY_decrypt(3)>,
+L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>,
+L<EVP_PKEY_verifyrecover(3)|EVP_PKEY_verifyrecover(3)>,
+L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)> 
+=head1 HISTORY
+These functions were first added to OpenSSL 1.0.0.
+=cut
diff --git a/src/lib/libcrypto/doc/OBJ_nid2obj.pod b/src/lib/libcrypto/doc/OBJ_nid2obj.pod
index 7dcc07923f..1e45dd40f6 100644
--- a/src/lib/libcrypto/doc/OBJ_nid2obj.pod
+++ b/src/lib/libcrypto/doc/OBJ_nid2obj.pod
@@ -8,6 +8,8 @@ functions
 =head1 SYNOPSIS
+ #include <openssl/objects.h>
 ASN1_OBJECT * OBJ_nid2obj(int n);
 const char *  OBJ_nid2ln(int n);
 const char *  OBJ_nid2sn(int n);
diff --git a/src/lib/libcrypto/doc/PEM_write_bio_CMS_stream.pod b/src/lib/libcrypto/doc/PEM_write_bio_CMS_stream.pod
new file mode 100644
index 0000000000..e070c45c2e
--- /dev/null
+++ b/src/lib/libcrypto/doc/PEM_write_bio_CMS_stream.pod
@@ -0,0 +1,41 @@
+=pod
+=head1 NAME
+ PEM_write_bio_CMS_stream - output CMS_ContentInfo structure in PEM format.
+=head1 SYNOPSIS
+ #include <openssl/cms.h>
+ #include <openssl/pem.h>
+ int PEM_write_bio_CMS_stream(BIO *out, CMS_ContentInfo *cms, BIO *data, int flags);
+=head1 DESCRIPTION
+PEM_write_bio_CMS_stream() outputs a CMS_ContentInfo structure in PEM format.
+It is otherwise identical to the function SMIME_write_CMS().
+=head1 NOTES
+This function is effectively a version of the PEM_write_bio_CMS() supporting
+streaming.
+=head1 RETURN VALUES
+PEM_write_bio_CMS_stream() returns 1 for success or 0 for failure.
+=head1 SEE ALSO
+L<ERR_get_error(3)|ERR_get_error(3)>, L<CMS_sign(3)|CMS_sign(3)>,
+L<CMS_verify(3)|CMS_verify(3)>, L<CMS_encrypt(3)|CMS_encrypt(3)>
+L<CMS_decrypt(3)|CMS_decrypt(3)>,
+L<SMIME_write_CMS(3)|SMIME_write_CMS(3)>,
+L<i2d_CMS_bio_stream(3)|i2d_CMS_bio_stream(3)>
+=head1 HISTORY
+PEM_write_bio_CMS_stream() was added to OpenSSL 1.0.0
+=cut
diff --git a/src/lib/libcrypto/doc/PEM_write_bio_PKCS7_stream.pod b/src/lib/libcrypto/doc/PEM_write_bio_PKCS7_stream.pod
new file mode 100644
index 0000000000..16fc9b6845
--- /dev/null
+++ b/src/lib/libcrypto/doc/PEM_write_bio_PKCS7_stream.pod
@@ -0,0 +1,41 @@
+=pod
+=head1 NAME
+PEM_write_bio_PKCS7_stream - output PKCS7 structure in PEM format.
+=head1 SYNOPSIS
+ #include <openssl/pkcs7.h>
+ #include <openssl/pem.h>
+ int PEM_write_bio_PKCS7_stream(BIO *out, PKCS7 *p7, BIO *data, int flags);
+=head1 DESCRIPTION
+PEM_write_bio_PKCS7_stream() outputs a PKCS7 structure in PEM format.
+It is otherwise identical to the function SMIME_write_PKCS7().
+=head1 NOTES
+This function is effectively a version of the PEM_write_bio_PKCS7() supporting
+streaming.
+=head1 RETURN VALUES
+PEM_write_bio_PKCS7_stream() returns 1 for success or 0 for failure.
+=head1 SEE ALSO
+L<ERR_get_error(3)|ERR_get_error(3)>, L<PKCS7_sign(3)|PKCS7_sign(3)>,
+L<PKCS7_verify(3)|PKCS7_verify(3)>, L<PKCS7_encrypt(3)|PKCS7_encrypt(3)>
+L<PKCS7_decrypt(3)|PKCS7_decrypt(3)>,
+L<SMIME_write_PKCS7(3)|SMIME_write_PKCS7(3)>,
+L<i2d_PKCS7_bio_stream(3)|i2d_PKCS7_bio_stream(3)>
+=head1 HISTORY
+PEM_write_bio_PKCS7_stream() was added to OpenSSL 1.0.0
+=cut
diff --git a/src/lib/libcrypto/doc/PKCS12_parse.pod b/src/lib/libcrypto/doc/PKCS12_parse.pod
index 51344f883a..c54cf2ad61 100644
--- a/src/lib/libcrypto/doc/PKCS12_parse.pod
+++ b/src/lib/libcrypto/doc/PKCS12_parse.pod
@@ -20,24 +20,31 @@ certificate to B<*cert> and any additional certificates to B<*ca>.
 =head1 NOTES
-The parameters B<pkey> and B<cert> cannot be B<NULL>. B<ca> can be <NULL>
+The parameters B<pkey> and B<cert> cannot be B<NULL>. B<ca> can be <NULL> in
-in which case additional certificates will be discarded. B<*ca> can also
+which case additional certificates will be discarded. B<*ca> can also be a
-be a valid STACK in which case additional certificates are appended to
+valid STACK in which case additional certificates are appended to B<*ca>. If
-B<*ca>. If B<*ca> is B<NULL> a new STACK will be allocated.
+B<*ca> is B<NULL> a new STACK will be allocated.
-The B<friendlyName> and B<localKeyID> attributes (if present) on each certificate
+The B<friendlyName> and B<localKeyID> attributes (if present) on each
-will be stored in the B<alias> and B<keyid> attributes of the B<X509> structure.
+certificate will be stored in the B<alias> and B<keyid> attributes of the
+B<X509> structure.
+=head1 RETURN VALUES
+PKCS12_parse() returns 1 for success and zero if an error occurred.
+The error can be obtained from L<ERR_get_error(3)|ERR_get_error(3)>
 =head1 BUGS
-Only a single private key and corresponding certificate is returned by this function.
+Only a single private key and corresponding certificate is returned by this
-More complex PKCS#12 files with multiple private keys will only return the first
+function. More complex PKCS#12 files with multiple private keys will only
-match.
+return the first match.
-Only B<friendlyName> and B<localKeyID> attributes are currently stored in certificates.
+Only B<friendlyName> and B<localKeyID> attributes are currently stored in
-Other attributes are discarded.
+certificates. Other attributes are discarded.
-Attributes currently cannot be store in the private key B<EVP_PKEY> structure.
+Attributes currently cannot be stored in the private key B<EVP_PKEY> structure.
 =head1 SEE ALSO
diff --git a/src/lib/libcrypto/doc/PKCS7_decrypt.pod b/src/lib/libcrypto/doc/PKCS7_decrypt.pod
index b0ca067b89..325699d0b6 100644
--- a/src/lib/libcrypto/doc/PKCS7_decrypt.pod
+++ b/src/lib/libcrypto/doc/PKCS7_decrypt.pod
@@ -6,7 +6,9 @@ PKCS7_decrypt - decrypt content from a PKCS#7 envelopedData structure
 =head1 SYNOPSIS
-int PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data, int flags);
+ #include <openssl/pkcs7.h>
+ int PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data, int flags);
 =head1 DESCRIPTION
diff --git a/src/lib/libcrypto/doc/PKCS7_encrypt.pod b/src/lib/libcrypto/doc/PKCS7_encrypt.pod
index 1a507b22a2..2cd925a7e0 100644
--- a/src/lib/libcrypto/doc/PKCS7_encrypt.pod
+++ b/src/lib/libcrypto/doc/PKCS7_encrypt.pod
@@ -6,7 +6,9 @@ PKCS7_encrypt - create a PKCS#7 envelopedData structure
 =head1 SYNOPSIS
-PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher, int flags);
+ #include <openssl/pkcs7.h>
+ PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher, int flags);
 =head1 DESCRIPTION
@@ -16,43 +18,55 @@ B<cipher> is the symmetric cipher to use. B<flags> is an optional set of flags.
 =head1 NOTES
-Only RSA keys are supported in PKCS#7 and envelopedData so the recipient certificates
+Only RSA keys are supported in PKCS#7 and envelopedData so the recipient
-supplied to this function must all contain RSA public keys, though they do not have to
+certificates supplied to this function must all contain RSA public keys, though
-be signed using the RSA algorithm.
+they do not have to be signed using the RSA algorithm.
-EVP_des_ede3_cbc() (triple DES) is the algorithm of choice for S/MIME use because
+EVP_des_ede3_cbc() (triple DES) is the algorithm of choice for S/MIME use
-most clients will support it.
+because most clients will support it.
-Some old "export grade" clients may only support weak encryption using 40 or 64 bit
+Some old "export grade" clients may only support weak encryption using 40 or 64
-RC2. These can be used by passing EVP_rc2_40_cbc() and EVP_rc2_64_cbc() respectively.
+bit RC2. These can be used by passing EVP_rc2_40_cbc() and EVP_rc2_64_cbc()
+respectively.
-The algorithm passed in the B<cipher> parameter must support ASN1 encoding of its
+The algorithm passed in the B<cipher> parameter must support ASN1 encoding of
-parameters. 
+its parameters. 
-Many browsers implement a "sign and encrypt" option which is simply an S/MIME 
+Many browsers implement a "sign and encrypt" option which is simply an S/MIME
 envelopedData containing an S/MIME signed message. This can be readily produced
 by storing the S/MIME signed message in a memory BIO and passing it to
 PKCS7_encrypt().
 The following flags can be passed in the B<flags> parameter.
-If the B<PKCS7_TEXT> flag is set MIME headers for type B<text/plain> are prepended
+If the B<PKCS7_TEXT> flag is set MIME headers for type B<text/plain> are
-to the data.
+prepended to the data.
-Normally the supplied content is translated into MIME canonical format (as required
+Normally the supplied content is translated into MIME canonical format (as
-by the S/MIME specifications) if B<PKCS7_BINARY> is set no translation occurs. This
+required by the S/MIME specifications) if B<PKCS7_BINARY> is set no translation
-option should be used if the supplied data is in binary format otherwise the translation
+occurs. This option should be used if the supplied data is in binary format
-will corrupt it. If B<PKCS7_BINARY> is set then B<PKCS7_TEXT> is ignored.
+otherwise the translation will corrupt it. If B<PKCS7_BINARY> is set then
+B<PKCS7_TEXT> is ignored.
-=head1 RETURN VALUES
+If the B<PKCS7_STREAM> flag is set a partial B<PKCS7> structure is output
+suitable for streaming I/O: no data is read from the BIO B<in>.
-PKCS7_encrypt() returns either a valid PKCS7 structure or NULL if an error occurred.
+=head1 NOTES
-The error can be obtained from ERR_get_error(3).
-=head1 BUGS
+If the flag B<PKCS7_STREAM> is set the returned B<PKCS7> structure is B<not>
+complete and outputting its contents via a function that does not
+properly finalize the B<PKCS7> structure will give unpredictable 
+results.
-The lack of single pass processing and need to hold all data in memory as
+Several functions including SMIME_write_PKCS7(), i2d_PKCS7_bio_stream(),
-mentioned in PKCS7_sign() also applies to PKCS7_verify().
+PEM_write_bio_PKCS7_stream() finalize the structure. Alternatively finalization
+can be performed by obtaining the streaming ASN1 B<BIO> directly using
+BIO_new_PKCS7().
+=head1 RETURN VALUES
+PKCS7_encrypt() returns either a PKCS7 structure or NULL if an error occurred.
+The error can be obtained from ERR_get_error(3).
 =head1 SEE ALSO
@@ -61,5 +75,6 @@ L<ERR_get_error(3)|ERR_get_error(3)>, L<PKCS7_decrypt(3)|PKCS7_decrypt(3)>
 =head1 HISTORY
 PKCS7_decrypt() was added to OpenSSL 0.9.5
+The B<PKCS7_STREAM> flag was first supported in OpenSSL 1.0.0.
 =cut
diff --git a/src/lib/libcrypto/doc/PKCS7_sign.pod b/src/lib/libcrypto/doc/PKCS7_sign.pod
index ffd0c734b0..64a35144f8 100644
--- a/src/lib/libcrypto/doc/PKCS7_sign.pod
+++ b/src/lib/libcrypto/doc/PKCS7_sign.pod
@@ -6,14 +6,16 @@ PKCS7_sign - create a PKCS#7 signedData structure
 =head1 SYNOPSIS
-PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, BIO *data, int flags);
+ #include <openssl/pkcs7.h>
+ PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, BIO *data, int flags);
 =head1 DESCRIPTION
-PKCS7_sign() creates and returns a PKCS#7 signedData structure. B<signcert>
+PKCS7_sign() creates and returns a PKCS#7 signedData structure. B<signcert> is
-is the certificate to sign with, B<pkey> is the corresponsding private key.
+the certificate to sign with, B<pkey> is the corresponsding private key.
-B<certs> is an optional additional set of certificates to include in the
+B<certs> is an optional additional set of certificates to include in the PKCS#7
-PKCS#7 structure (for example any intermediate CAs in the chain). 
+structure (for example any intermediate CAs in the chain). 
 The data to be signed is read from BIO B<data>.
@@ -21,72 +23,83 @@ B<flags> is an optional set of flags.
 =head1 NOTES
-Any of the following flags (ored together) can be passed in the B<flags> parameter.
+Any of the following flags (ored together) can be passed in the B<flags>
+parameter.
 Many S/MIME clients expect the signed content to include valid MIME headers. If
 the B<PKCS7_TEXT> flag is set MIME headers for type B<text/plain> are prepended
 to the data.
 If B<PKCS7_NOCERTS> is set the signer's certificate will not be included in the
-PKCS7 structure, the signer's certificate must still be supplied in the B<signcert>
+PKCS7 structure, the signer's certificate must still be supplied in the
-parameter though. This can reduce the size of the signature if the signers certificate
+B<signcert> parameter though. This can reduce the size of the signature if the
-can be obtained by other means: for example a previously signed message.
+signers certificate can be obtained by other means: for example a previously
+signed message.
-The data being signed is included in the PKCS7 structure, unless B<PKCS7_DETACHED> 
-is set in which case it is omitted. This is used for PKCS7 detached signatures
+The data being signed is included in the PKCS7 structure, unless
-which are used in S/MIME plaintext signed messages for example.
+B<PKCS7_DETACHED> is set in which case it is omitted. This is used for PKCS7
+detached signatures which are used in S/MIME plaintext signed messages for
+example.
+Normally the supplied content is translated into MIME canonical format (as
+required by the S/MIME specifications) if B<PKCS7_BINARY> is set no translation
+occurs. This option should be used if the supplied data is in binary format
+otherwise the translation will corrupt it.
+The signedData structure includes several PKCS#7 autenticatedAttributes
+including the signing time, the PKCS#7 content type and the supported list of
+ciphers in an SMIMECapabilities attribute. If B<PKCS7_NOATTR> is set then no
+authenticatedAttributes will be used. If B<PKCS7_NOSMIMECAP> is set then just
+the SMIMECapabilities are omitted.
-Normally the supplied content is translated into MIME canonical format (as required
+If present the SMIMECapabilities attribute indicates support for the following
-by the S/MIME specifications) if B<PKCS7_BINARY> is set no translation occurs. This
+algorithms: triple DES, 128 bit RC2, 64 bit RC2, DES and 40 bit RC2. If any of
-option should be used if the supplied data is in binary format otherwise the translation
+these algorithms is disabled then it will not be included.
-will corrupt it.
-The signedData structure includes several PKCS#7 autenticatedAttributes including
+If the flags B<PKCS7_STREAM> is set then the returned B<PKCS7> structure is
-the signing time, the PKCS#7 content type and the supported list of ciphers in
+just initialized ready to perform the signing operation. The signing is however
-an SMIMECapabilities attribute. If B<PKCS7_NOATTR> is set then no authenticatedAttributes
+B<not> performed and the data to be signed is not read from the B<data>
-will be used. If B<PKCS7_NOSMIMECAP> is set then just the SMIMECapabilities are
+parameter. Signing is deferred until after the data has been written. In this
-omitted.
+way data can be signed in a single pass.
-If present the SMIMECapabilities attribute indicates support for the following
+If the B<PKCS7_PARTIAL> flag is set a partial B<PKCS7> structure is output to
-algorithms: triple DES, 128 bit RC2, 64 bit RC2, DES and 40 bit RC2. If any
+which additional signers and capabilities can be added before finalization.
-of these algorithms is disabled then it will not be included.
-If the flags B<PKCS7_PARTSIGN> is set then the returned B<PKCS7> structure
-is just initialized ready to perform the signing operation. The signing
-is however B<not> performed and the data to be signed is not read from
-the B<data> parameter. Signing is deferred until after the data has been
-written. In this way data can be signed in a single pass. Currently the
-flag B<PKCS7_DETACHED> B<must> also be set.
 =head1 NOTES
-Currently the flag B<PKCS7_PARTSIGN> is only supported for detached
+If the flag B<PKCS7_STREAM> is set the returned B<PKCS7> structure is B<not>
-data. If this flag is set the returned B<PKCS7> structure is B<not>
+complete and outputting its contents via a function that does not properly
-complete and outputting its contents via a function that does not
+finalize the B<PKCS7> structure will give unpredictable results.
-properly finalize the B<PKCS7> structure will give unpredictable 
-results.
-At present only the SMIME_write_PKCS7() function properly finalizes the
+Several functions including SMIME_write_PKCS7(), i2d_PKCS7_bio_stream(),
-structure.
+PEM_write_bio_PKCS7_stream() finalize the structure. Alternatively finalization
+can be performed by obtaining the streaming ASN1 B<BIO> directly using
+BIO_new_PKCS7().
-=head1 BUGS
+If a signer is specified it will use the default digest for the signing
+algorithm. This is B<SHA1> for both RSA and DSA keys.
+In OpenSSL 1.0.0 the B<certs>, B<signcert> and B<pkey> parameters can all be
+B<NULL> if the B<PKCS7_PARTIAL> flag is set. One or more signers can be added
+using the function B<PKCS7_sign_add_signer()>. B<PKCS7_final()> must also be
+called to finalize the structure if streaming is not enabled. Alternative
+signing digests can also be specified using this method.
-PKCS7_sign() is somewhat limited. It does not support multiple signers, some
+In OpenSSL 1.0.0 if B<signcert> and B<pkey> are NULL then a certificates only
-advanced attributes such as counter signatures are not supported.
+PKCS#7 structure is output.
-The SHA1 digest algorithm is currently always used.
+In versions of OpenSSL before 1.0.0 the B<signcert> and B<pkey> parameters must
+B<NOT> be NULL.
-When the signed data is not detached it will be stored in memory within the
+=head1 BUGS
-B<PKCS7> structure. This effectively limits the size of messages which can be
-signed due to memory restraints. There should be a way to sign data without
-having to hold it all in memory, this would however require fairly major
-revisions of the OpenSSL ASN1 code.
+Some advanced attributes such as counter signatures are not supported.
 =head1 RETURN VALUES
-PKCS7_sign() returns either a valid PKCS7 structure or NULL if an error occurred.
+PKCS7_sign() returns either a valid PKCS7 structure or NULL if an error
-The error can be obtained from ERR_get_error(3).
+occurred.  The error can be obtained from ERR_get_error(3).
 =head1 SEE ALSO
@@ -96,6 +109,8 @@ L<ERR_get_error(3)|ERR_get_error(3)>, L<PKCS7_verify(3)|PKCS7_verify(3)>
 PKCS7_sign() was added to OpenSSL 0.9.5
-The B<PKCS7_PARTSIGN> flag was added in OpenSSL 0.9.8
+The B<PKCS7_PARTIAL> flag was added in OpenSSL 1.0.0
+The B<PKCS7_STREAM> flag was added in OpenSSL 1.0.0
 =cut
diff --git a/src/lib/libcrypto/doc/PKCS7_sign_add_signer.pod b/src/lib/libcrypto/doc/PKCS7_sign_add_signer.pod
new file mode 100644
index 0000000000..ebec4d57de
--- /dev/null
+++ b/src/lib/libcrypto/doc/PKCS7_sign_add_signer.pod
@@ -0,0 +1,87 @@
+=pod
+=head1 NAME
+PKCS7_sign_add_signer - add a signer PKCS7 signed data structure.
+=head1 SYNOPSIS
+ #include <openssl/pkcs7.h>
+ PKCS7_SIGNER_INFO *PKCS7_sign_add_signer(PKCS7 *p7, X509 *signcert, EVP_PKEY *pkey, const EVP_MD *md, int flags);
+=head1 DESCRIPTION
+PKCS7_sign_add_signer() adds a signer with certificate B<signcert> and private
+key B<pkey> using message digest B<md> to a PKCS7 signed data structure
+B<p7>.
+The PKCS7 structure should be obtained from an initial call to PKCS7_sign()
+with the flag B<PKCS7_PARTIAL> set or in the case or re-signing a valid PKCS7
+signed data structure.
+If the B<md> parameter is B<NULL> then the default digest for the public
+key algorithm will be used.
+Unless the B<PKCS7_REUSE_DIGEST> flag is set the returned PKCS7 structure
+is not complete and must be finalized either by streaming (if applicable) or
+a call to PKCS7_final().
+=head1 NOTES
+The main purpose of this function is to provide finer control over a PKCS#7
+signed data structure where the simpler PKCS7_sign() function defaults are
+not appropriate. For example if multiple signers or non default digest
+algorithms are needed.
+Any of the following flags (ored together) can be passed in the B<flags>
+parameter.
+If B<PKCS7_REUSE_DIGEST> is set then an attempt is made to copy the content
+digest value from the PKCS7 struture: to add a signer to an existing structure.
+An error occurs if a matching digest value cannot be found to copy. The
+returned PKCS7 structure will be valid and finalized when this flag is set.
+If B<PKCS7_PARTIAL> is set in addition to B<PKCS7_REUSE_DIGEST> then the 
+B<PKCS7_SIGNER_INO> structure will not be finalized so additional attributes
+can be added. In this case an explicit call to PKCS7_SIGNER_INFO_sign() is
+needed to finalize it.
+If B<PKCS7_NOCERTS> is set the signer's certificate will not be included in the
+PKCS7 structure, the signer's certificate must still be supplied in the
+B<signcert> parameter though. This can reduce the size of the signature if the
+signers certificate can be obtained by other means: for example a previously
+signed message.
+The signedData structure includes several PKCS#7 autenticatedAttributes
+including the signing time, the PKCS#7 content type and the supported list of
+ciphers in an SMIMECapabilities attribute. If B<PKCS7_NOATTR> is set then no
+authenticatedAttributes will be used. If B<PKCS7_NOSMIMECAP> is set then just
+the SMIMECapabilities are omitted.
+If present the SMIMECapabilities attribute indicates support for the following
+algorithms: triple DES, 128 bit RC2, 64 bit RC2, DES and 40 bit RC2. If any of
+these algorithms is disabled then it will not be included.
+PKCS7_sign_add_signers() returns an internal pointer to the PKCS7_SIGNER_INFO
+structure just added, this can be used to set additional attributes 
+before it is finalized.
+=head1 RETURN VALUES
+PKCS7_sign_add_signers() returns an internal pointer to the PKCS7_SIGNER_INFO
+structure just added or NULL if an error occurs.
+=head1 SEE ALSO
+L<ERR_get_error(3)|ERR_get_error(3)>, L<PKCS7_sign(3)|PKCS7_sign(3)>,
+L<PKCS7_final(3)|PKCS7_final(3)>,
+=head1 HISTORY
+PPKCS7_sign_add_signer() was added to OpenSSL 1.0.0
+=cut
diff --git a/src/lib/libcrypto/doc/PKCS7_verify.pod b/src/lib/libcrypto/doc/PKCS7_verify.pod
index 3490b5dc82..7c10a4cc3c 100644
--- a/src/lib/libcrypto/doc/PKCS7_verify.pod
+++ b/src/lib/libcrypto/doc/PKCS7_verify.pod
@@ -6,9 +6,11 @@ PKCS7_verify - verify a PKCS#7 signedData structure
 =head1 SYNOPSIS
-int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, BIO *indata, BIO *out, int flags);
+ #include <openssl/pkcs7.h>
-STACK_OF(X509) *PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags);
+ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, BIO *indata, BIO *out, int flags);
+ STACK_OF(X509) *PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags);
 =head1 DESCRIPTION
diff --git a/src/lib/libcrypto/doc/SMIME_read_CMS.pod b/src/lib/libcrypto/doc/SMIME_read_CMS.pod
new file mode 100644
index 0000000000..acc5524c14
--- /dev/null
+++ b/src/lib/libcrypto/doc/SMIME_read_CMS.pod
@@ -0,0 +1,70 @@
+=pod
+=head1 NAME
+ SMIME_read_CMS - parse S/MIME message.
+=head1 SYNOPSIS
+ #include <openssl/cms.h>
+ CMS_ContentInfo *SMIME_read_CMS(BIO *in, BIO **bcont);
+=head1 DESCRIPTION
+SMIME_read_CMS() parses a message in S/MIME format.
+B<in> is a BIO to read the message from.
+If cleartext signing is used then the content is saved in a memory bio which is
+written to B<*bcont>, otherwise B<*bcont> is set to NULL.
+The parsed CMS_ContentInfo structure is returned or NULL if an
+error occurred.
+=head1 NOTES
+If B<*bcont> is not NULL then the message is clear text signed. B<*bcont> can
+then be passed to CMS_verify() with the B<CMS_DETACHED> flag set.
+Otherwise the type of the returned structure can be determined
+using CMS_get0_type().
+To support future functionality if B<bcont> is not NULL B<*bcont> should be
+initialized to NULL. For example:
+ BIO *cont = NULL;
+ CMS_ContentInfo *cms;
+ cms = SMIME_read_CMS(in, &cont);
+=head1 BUGS
+The MIME parser used by SMIME_read_CMS() is somewhat primitive.  While it will
+handle most S/MIME messages more complex compound formats may not work.
+The parser assumes that the CMS_ContentInfo structure is always base64 encoded
+and will not handle the case where it is in binary format or uses quoted
+printable format.
+The use of a memory BIO to hold the signed content limits the size of message
+which can be processed due to memory restraints: a streaming single pass option
+should be available.
+=head1 RETURN VALUES
+SMIME_read_CMS() returns a valid B<CMS_ContentInfo> structure or B<NULL>
+if an error occurred. The error can be obtained from ERR_get_error(3).
+=head1 SEE ALSO
+L<ERR_get_error(3)|ERR_get_error(3)>, L<CMS_type(3)|CMS_type(3)>
+L<SMIME_read_CMS(3)|SMIME_read_CMS(3)>, L<CMS_sign(3)|CMS_sign(3)>,
+L<CMS_verify(3)|CMS_verify(3)>, L<CMS_encrypt(3)|CMS_encrypt(3)>
+L<CMS_decrypt(3)|CMS_decrypt(3)>
+=head1 HISTORY
+SMIME_read_CMS() was added to OpenSSL 0.9.8
+=cut
diff --git a/src/lib/libcrypto/doc/SMIME_read_PKCS7.pod b/src/lib/libcrypto/doc/SMIME_read_PKCS7.pod
index ffafa37887..9d46715941 100644
--- a/src/lib/libcrypto/doc/SMIME_read_PKCS7.pod
+++ b/src/lib/libcrypto/doc/SMIME_read_PKCS7.pod
@@ -6,7 +6,9 @@ SMIME_read_PKCS7 - parse S/MIME message.
 =head1 SYNOPSIS
-PKCS7 *SMIME_read_PKCS7(BIO *in, BIO **bcont);
+ #include <openssl/pkcs7.h>
+ PKCS7 *SMIME_read_PKCS7(BIO *in, BIO **bcont);
 =head1 DESCRIPTION
diff --git a/src/lib/libcrypto/doc/SMIME_write_CMS.pod b/src/lib/libcrypto/doc/SMIME_write_CMS.pod
new file mode 100644
index 0000000000..04bedfb429
--- /dev/null
+++ b/src/lib/libcrypto/doc/SMIME_write_CMS.pod
@@ -0,0 +1,64 @@
+=pod
+=head1 NAME
+ SMIME_write_CMS - convert CMS structure to S/MIME format.
+=head1 SYNOPSIS
+ #include <openssl/cms.h>
+ int SMIME_write_CMS(BIO *out, CMS_ContentInfo *cms, BIO *data, int flags);
+=head1 DESCRIPTION
+SMIME_write_CMS() adds the appropriate MIME headers to a CMS
+structure to produce an S/MIME message.
+B<out> is the BIO to write the data to. B<cms> is the appropriate
+B<CMS_ContentInfo> structure. If streaming is enabled then the content must be
+supplied in the B<data> argument. B<flags> is an optional set of flags.
+=head1 NOTES
+The following flags can be passed in the B<flags> parameter.
+If B<CMS_DETACHED> is set then cleartext signing will be used, this option only
+makes sense for SignedData where B<CMS_DETACHED> is also set when CMS_sign() is
+called.
+If the B<CMS_TEXT> flag is set MIME headers for type B<text/plain> are added to
+the content, this only makes sense if B<CMS_DETACHED> is also set.
+If the B<CMS_STREAM> flag is set streaming is performed. This flag should only
+be set if B<CMS_STREAM> was also set in the previous call to a CMS_ContentInfo
+creation function.
+If cleartext signing is being used and B<CMS_STREAM> not set then the data must
+be read twice: once to compute the signature in CMS_sign() and once to output
+the S/MIME message.
+If streaming is performed the content is output in BER format using indefinite
+length constructed encoding except in the case of signed data with detached
+content where the content is absent and DER format is used.
+=head1 BUGS
+SMIME_write_CMS() always base64 encodes CMS structures, there should be an
+option to disable this.
+=head1 RETURN VALUES
+SMIME_write_CMS() returns 1 for success or 0 for failure.
+=head1 SEE ALSO
+L<ERR_get_error(3)|ERR_get_error(3)>, L<CMS_sign(3)|CMS_sign(3)>,
+L<CMS_verify(3)|CMS_verify(3)>, L<CMS_encrypt(3)|CMS_encrypt(3)>
+L<CMS_decrypt(3)|CMS_decrypt(3)>
+=head1 HISTORY
+SMIME_write_CMS() was added to OpenSSL 0.9.8
+=cut
diff --git a/src/lib/libcrypto/doc/SMIME_write_PKCS7.pod b/src/lib/libcrypto/doc/SMIME_write_PKCS7.pod
index 61945b3887..ca6bd02763 100644
--- a/src/lib/libcrypto/doc/SMIME_write_PKCS7.pod
+++ b/src/lib/libcrypto/doc/SMIME_write_PKCS7.pod
@@ -6,17 +6,18 @@ SMIME_write_PKCS7 - convert PKCS#7 structure to S/MIME format.
 =head1 SYNOPSIS
-int SMIME_write_PKCS7(BIO *out, PKCS7 *p7, BIO *data, int flags);
+ #include <openssl/pkcs7.h>
+ int SMIME_write_PKCS7(BIO *out, PKCS7 *p7, BIO *data, int flags);
 =head1 DESCRIPTION
 SMIME_write_PKCS7() adds the appropriate MIME headers to a PKCS#7
 structure to produce an S/MIME message.
-B<out> is the BIO to write the data to. B<p7> is the appropriate
+B<out> is the BIO to write the data to. B<p7> is the appropriate B<PKCS7>
-B<PKCS7> structure. If cleartext signing (B<multipart/signed>) is
+structure. If streaming is enabled then the content must be supplied in the
-being used then the signed data must be supplied in the B<data> 
+B<data> argument. B<flags> is an optional set of flags.
-argument. B<flags> is an optional set of flags.
 =head1 NOTES
@@ -30,15 +31,18 @@ If the B<PKCS7_TEXT> flag is set MIME headers for type B<text/plain>
 are added to the content, this only makes sense if B<PKCS7_DETACHED>
 is also set.
-If the B<PKCS7_PARTSIGN> flag is set the signed data is finalized
+If the B<PKCS7_STREAM> flag is set streaming is performed. This flag should
-and output along with the content. This flag should only be set
+only be set if B<PKCS7_STREAM> was also set in the previous call to
-if B<PKCS7_DETACHED> is also set and the previous call to PKCS7_sign()
+PKCS7_sign() or B<PKCS7_encrypt()>.
-also set these flags.
-If cleartext signing is being used and B<PKCS7_PARTSIGN> not set then
+If cleartext signing is being used and B<PKCS7_STREAM> not set then
 the data must be read twice: once to compute the signature in PKCS7_sign()
 and once to output the S/MIME message.
+If streaming is performed the content is output in BER format using indefinite
+length constructuted encoding except in the case of signed data with detached
+content where the content is absent and DER format is used.
 =head1 BUGS
 SMIME_write_PKCS7() always base64 encodes PKCS#7 structures, there
diff --git a/src/lib/libcrypto/doc/X509_NAME_ENTRY_get_object.pod b/src/lib/libcrypto/doc/X509_NAME_ENTRY_get_object.pod
index 11b35f6fd3..41902c0d45 100644
--- a/src/lib/libcrypto/doc/X509_NAME_ENTRY_get_object.pod
+++ b/src/lib/libcrypto/doc/X509_NAME_ENTRY_get_object.pod
@@ -9,15 +9,17 @@ X509_NAME_ENTRY_create_by_OBJ - X509_NAME_ENTRY utility functions
 =head1 SYNOPSIS
-ASN1_OBJECT * X509_NAME_ENTRY_get_object(X509_NAME_ENTRY *ne);
+ #include <openssl/x509.h>
-ASN1_STRING * X509_NAME_ENTRY_get_data(X509_NAME_ENTRY *ne);
-int X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne, ASN1_OBJECT *obj);
+ ASN1_OBJECT * X509_NAME_ENTRY_get_object(X509_NAME_ENTRY *ne);
-int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type, const unsigned char *bytes, int len);
+ ASN1_STRING * X509_NAME_ENTRY_get_data(X509_NAME_ENTRY *ne);
-X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_txt(X509_NAME_ENTRY **ne, const char *field, int type, const unsigned char *bytes, int len);
+ int X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne, ASN1_OBJECT *obj);
-X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid, int type,unsigned char *bytes, int len);
+ int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type, const unsigned char *bytes, int len);
-X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(X509_NAME_ENTRY **ne, ASN1_OBJECT *obj, int type, const unsigned char *bytes, int len);
+ X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_txt(X509_NAME_ENTRY **ne, const char *field, int type, const unsigned char *bytes, int len);
+ X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid, int type,unsigned char *bytes, int len);
+ X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(X509_NAME_ENTRY **ne, ASN1_OBJECT *obj, int type, const unsigned char *bytes, int len);
 =head1 DESCRIPTION
diff --git a/src/lib/libcrypto/doc/X509_NAME_add_entry_by_txt.pod b/src/lib/libcrypto/doc/X509_NAME_add_entry_by_txt.pod
index e2ab4b0d2b..1afd008cb3 100644
--- a/src/lib/libcrypto/doc/X509_NAME_add_entry_by_txt.pod
+++ b/src/lib/libcrypto/doc/X509_NAME_add_entry_by_txt.pod
@@ -7,15 +7,17 @@ X509_NAME_add_entry, X509_NAME_delete_entry - X509_NAME modification functions
 =head1 SYNOPSIS
-int X509_NAME_add_entry_by_txt(X509_NAME *name, const char *field, int type, const unsigned char *bytes, int len, int loc, int set);
+ #include <openssl/x509.h>
-int X509_NAME_add_entry_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, int type, unsigned char *bytes, int len, int loc, int set);
+ int X509_NAME_add_entry_by_txt(X509_NAME *name, const char *field, int type, const unsigned char *bytes, int len, int loc, int set);
-int X509_NAME_add_entry_by_NID(X509_NAME *name, int nid, int type, unsigned char *bytes, int len, int loc, int set);
+ int X509_NAME_add_entry_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, int type, unsigned char *bytes, int len, int loc, int set);
-int X509_NAME_add_entry(X509_NAME *name,X509_NAME_ENTRY *ne, int loc, int set);
+ int X509_NAME_add_entry_by_NID(X509_NAME *name, int nid, int type, unsigned char *bytes, int len, int loc, int set);
-X509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name, int loc);
+ int X509_NAME_add_entry(X509_NAME *name,X509_NAME_ENTRY *ne, int loc, int set);
+ X509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name, int loc);
 =head1 DESCRIPTION
diff --git a/src/lib/libcrypto/doc/X509_NAME_get_index_by_NID.pod b/src/lib/libcrypto/doc/X509_NAME_get_index_by_NID.pod
index 333323d734..3b1f9ff43b 100644
--- a/src/lib/libcrypto/doc/X509_NAME_get_index_by_NID.pod
+++ b/src/lib/libcrypto/doc/X509_NAME_get_index_by_NID.pod
@@ -8,14 +8,16 @@ X509_NAME lookup and enumeration functions
 =head1 SYNOPSIS
-int X509_NAME_get_index_by_NID(X509_NAME *name,int nid,int lastpos);
+ #include <openssl/x509.h>
-int X509_NAME_get_index_by_OBJ(X509_NAME *name,ASN1_OBJECT *obj, int lastpos);
-int X509_NAME_entry_count(X509_NAME *name);
+ int X509_NAME_get_index_by_NID(X509_NAME *name,int nid,int lastpos);
-X509_NAME_ENTRY *X509_NAME_get_entry(X509_NAME *name, int loc);
+ int X509_NAME_get_index_by_OBJ(X509_NAME *name,ASN1_OBJECT *obj, int lastpos);
-int X509_NAME_get_text_by_NID(X509_NAME *name, int nid, char *buf,int len);
+ int X509_NAME_entry_count(X509_NAME *name);
-int X509_NAME_get_text_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, char *buf,int len);
+ X509_NAME_ENTRY *X509_NAME_get_entry(X509_NAME *name, int loc);
+ int X509_NAME_get_text_by_NID(X509_NAME *name, int nid, char *buf,int len);
+ int X509_NAME_get_text_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, char *buf,int len);
 =head1 DESCRIPTION
diff --git a/src/lib/libcrypto/doc/X509_STORE_CTX_get_error.pod b/src/lib/libcrypto/doc/X509_STORE_CTX_get_error.pod
new file mode 100644
index 0000000000..a883f6c097
--- /dev/null
+++ b/src/lib/libcrypto/doc/X509_STORE_CTX_get_error.pod
@@ -0,0 +1,303 @@
+=pod
+=head1 NAME
+X509_STORE_CTX_get_error, X509_STORE_CTX_set_error, X509_STORE_CTX_get_error_depth, X509_STORE_CTX_get_current_cert, X509_STORE_CTX_get1_chain, X509_verify_cert_error_string - get or set certificate verification status information
+=head1 SYNOPSIS
+ #include <openssl/x509.h>
+ #include <openssl/x509_vfy.h>
+ int    X509_STORE_CTX_get_error(X509_STORE_CTX *ctx);
+ void   X509_STORE_CTX_set_error(X509_STORE_CTX *ctx,int s);
+ int    X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx);
+ X509 * X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx);
+ STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *ctx);
+ const char *X509_verify_cert_error_string(long n);
+=head1 DESCRIPTION
+These functions are typically called after X509_verify_cert() has indicated
+an error or in a verification callback to determine the nature of an error.
+X509_STORE_CTX_get_error() returns the error code of B<ctx>, see
+the B<ERROR CODES> section for a full description of all error codes.
+X509_STORE_CTX_set_error() sets the error code of B<ctx> to B<s>. For example
+it might be used in a verification callback to set an error based on additional
+checks.
+X509_STORE_CTX_get_error_depth() returns the B<depth> of the error. This is a
+non-negative integer representing where in the certificate chain the error
+occurred. If it is zero it occured in the end entity certificate, one if
+it is the certificate which signed the end entity certificate and so on.
+X509_STORE_CTX_get_current_cert() returns the certificate in B<ctx> which
+caused the error or B<NULL> if no certificate is relevant.
+X509_STORE_CTX_get1_chain() returns a complete validate chain if a previous
+call to X509_verify_cert() is successful. If the call to X509_verify_cert()
+is B<not> successful the returned chain may be incomplete or invalid. The
+returned chain persists after the B<ctx> structure is freed, when it is
+no longer needed it should be free up using:
+  sk_X509_pop_free(chain, X509_free);
+X509_verify_cert_error_string() returns a human readable error string for
+verification error B<n>.
+=head1 RETURN VALUES
+X509_STORE_CTX_get_error() returns B<X509_V_OK> or an error code.
+X509_STORE_CTX_get_error_depth() returns a non-negative error depth.
+X509_STORE_CTX_get_current_cert() returns the cerificate which caused the
+error or B<NULL> if no certificate is relevant to the error.
+X509_verify_cert_error_string() returns a human readable error string for
+verification error B<n>.
+=head1 ERROR CODES
+A list of error codes and messages is shown below.  Some of the
+error codes are defined but currently never returned: these are described as
+"unused".
+=over 4
+=item B<X509_V_OK: ok>
+the operation was successful.
+=item B<X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: unable to get issuer certificate>
+the issuer certificate could not be found: this occurs if the issuer certificate
+of an untrusted certificate cannot be found.
+=item B<X509_V_ERR_UNABLE_TO_GET_CRL: unable to get certificate CRL>
+the CRL of a certificate could not be found.
+=item B<X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE: unable to decrypt certificate's signature>
+the certificate signature could not be decrypted. This means that the actual
+signature value could not be determined rather than it not matching the
+expected value, this is only meaningful for RSA keys.
+=item B<X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE: unable to decrypt CRL's signature>
+the CRL signature could not be decrypted: this means that the actual signature
+value could not be determined rather than it not matching the expected value.
+Unused.
+=item B<X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY: unable to decode issuer public key>
+the public key in the certificate SubjectPublicKeyInfo could not be read.
+=item B<X509_V_ERR_CERT_SIGNATURE_FAILURE: certificate signature failure>
+the signature of the certificate is invalid.
+=item B<X509_V_ERR_CRL_SIGNATURE_FAILURE: CRL signature failure>
+the signature of the certificate is invalid.
+=item B<X509_V_ERR_CERT_NOT_YET_VALID: certificate is not yet valid>
+the certificate is not yet valid: the notBefore date is after the current time.
+=item B<X509_V_ERR_CERT_HAS_EXPIRED: certificate has expired>
+the certificate has expired: that is the notAfter date is before the current time.
+=item B<X509_V_ERR_CRL_NOT_YET_VALID: CRL is not yet valid>
+the CRL is not yet valid.
+=item B<X509_V_ERR_CRL_HAS_EXPIRED: CRL has expired>
+the CRL has expired.
+=item B<X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD: format error in certificate's notBefore field>
+the certificate notBefore field contains an invalid time.
+=item B<X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD: format error in certificate's notAfter field>
+the certificate notAfter field contains an invalid time.
+=item B<X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD: format error in CRL's lastUpdate field>
+the CRL lastUpdate field contains an invalid time.
+=item B<X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD: format error in CRL's nextUpdate field>
+the CRL nextUpdate field contains an invalid time.
+=item B<X509_V_ERR_OUT_OF_MEM: out of memory>
+an error occurred trying to allocate memory. This should never happen.
+=item B<X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: self signed certificate>
+the passed certificate is self signed and the same certificate cannot be found
+in the list of trusted certificates.
+=item B<X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN: self signed certificate in certificate chain>
+the certificate chain could be built up using the untrusted certificates but
+the root could not be found locally.
+=item B<X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY: unable to get local issuer certificate>
+the issuer certificate of a locally looked up certificate could not be found.
+This normally means the list of trusted certificates is not complete.
+=item B<X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE: unable to verify the first certificate>
+no signatures could be verified because the chain contains only one certificate
+and it is not self signed.
+=item B<X509_V_ERR_CERT_CHAIN_TOO_LONG: certificate chain too long>
+the certificate chain length is greater than the supplied maximum depth. Unused.
+=item B<X509_V_ERR_CERT_REVOKED: certificate revoked>
+the certificate has been revoked.
+=item B<X509_V_ERR_INVALID_CA: invalid CA certificate>
+a CA certificate is invalid. Either it is not a CA or its extensions are not
+consistent with the supplied purpose.
+=item B<X509_V_ERR_PATH_LENGTH_EXCEEDED: path length constraint exceeded>
+the basicConstraints pathlength parameter has been exceeded.
+=item B<X509_V_ERR_INVALID_PURPOSE: unsupported certificate purpose>
+the supplied certificate cannot be used for the specified purpose.
+=item B<X509_V_ERR_CERT_UNTRUSTED: certificate not trusted>
+the root CA is not marked as trusted for the specified purpose.
+=item B<X509_V_ERR_CERT_REJECTED: certificate rejected>
+the root CA is marked to reject the specified purpose.
+=item B<X509_V_ERR_SUBJECT_ISSUER_MISMATCH: subject issuer mismatch>
+the current candidate issuer certificate was rejected because its subject name
+did not match the issuer name of the current certificate. This is only set
+if issuer check debugging is enabled it is used for status notification and
+is B<not> in itself an error.
+=item B<X509_V_ERR_AKID_SKID_MISMATCH: authority and subject key identifier mismatch>
+the current candidate issuer certificate was rejected because its subject key
+identifier was present and did not match the authority key identifier current
+certificate. This is only set if issuer check debugging is enabled it is used
+for status notification and is B<not> in itself an error.
+=item B<X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH: authority and issuer serial number mismatch>
+the current candidate issuer certificate was rejected because its issuer name
+and serial number was present and did not match the authority key identifier of
+the current certificate. This is only set if issuer check debugging is enabled
+it is used for status notification and is B<not> in itself an error.
+=item B<X509_V_ERR_KEYUSAGE_NO_CERTSIGN:key usage does not include certificate signing>
+the current candidate issuer certificate was rejected because its keyUsage
+extension does not permit certificate signing. This is only set if issuer check
+debugging is enabled it is used for status notification and is B<not> in itself
+an error.
+=item B<X509_V_ERR_INVALID_EXTENSION: invalid or inconsistent certificate extension>
+A certificate extension had an invalid value (for example an incorrect
+encoding) or some value inconsistent with other extensions.
+=item B<X509_V_ERR_INVALID_POLICY_EXTENSION: invalid or inconsistent certificate policy extension>
+A certificate policies extension had an invalid value (for example an incorrect
+encoding) or some value inconsistent with other extensions. This error only
+occurs if policy processing is enabled.
+=item B<X509_V_ERR_NO_EXPLICIT_POLICY: no explicit policy>
+The verification flags were set to require and explicit policy but none was
+present.
+=item B<X509_V_ERR_DIFFERENT_CRL_SCOPE: Different CRL scope>
+The only CRLs that could be found did not match the scope of the certificate.
+=item B<X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE: Unsupported extension feature>
+Some feature of a certificate extension is not supported. Unused.
+=item B<X509_V_ERR_PERMITTED_VIOLATION: permitted subtree violation>
+A name constraint violation occured in the permitted subtrees.
+=item B<X509_V_ERR_EXCLUDED_VIOLATION: excluded subtree violation>
+A name constraint violation occured in the excluded subtrees.
+=item B<X509_V_ERR_SUBTREE_MINMAX: name constraints minimum and maximum not supported>
+A certificate name constraints extension included a minimum or maximum field:
+this is not supported.
+=item B<X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE: unsupported name constraint type>
+An unsupported name constraint type was encountered. OpenSSL currently only
+supports directory name, DNS name, email and URI types.
+=item B<X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX: unsupported or invalid name constraint syntax>
+The format of the name constraint is not recognised: for example an email
+address format of a form not mentioned in RFC3280. This could be caused by
+a garbage extension or some new feature not currently supported.
+=item B<X509_V_ERR_CRL_PATH_VALIDATION_ERROR: CRL path validation error>
+An error occured when attempting to verify the CRL path. This error can only
+happen if extended CRL checking is enabled.
+=item B<X509_V_ERR_APPLICATION_VERIFICATION: application verification failure>
+an application specific error. This will never be returned unless explicitly
+set by an application.
+=head1 NOTES
+The above functions should be used instead of directly referencing the fields
+in the B<X509_VERIFY_CTX> structure.
+In versions of OpenSSL before 1.0 the current certificate returned by
+X509_STORE_CTX_get_current_cert() was never B<NULL>. Applications should
+check the return value before printing out any debugging information relating
+to the current certificate.
+If an unrecognised error code is passed to X509_verify_cert_error_string() the
+numerical value of the unknown code is returned in a static buffer. This is not
+thread safe but will never happen unless an invalid code is passed.
+=head1 SEE ALSO
+L<X509_verify_cert(3)|X509_verify_cert(3)>
+=head1 HISTORY
+TBA
+=cut
diff --git a/src/lib/libcrypto/doc/X509_STORE_CTX_get_ex_new_index.pod b/src/lib/libcrypto/doc/X509_STORE_CTX_get_ex_new_index.pod
new file mode 100644
index 0000000000..8d6b9dda47
--- /dev/null
+++ b/src/lib/libcrypto/doc/X509_STORE_CTX_get_ex_new_index.pod
@@ -0,0 +1,41 @@
+=pod
+=head1 NAME
+X509_STORE_CTX_get_ex_new_index, X509_STORE_CTX_set_ex_data, X509_STORE_CTX_get_ex_data - add application specific data to X509_STORE_CTX structures
+=head1 SYNOPSIS
+ #include <openssl/x509_vfy.h>
+ int X509_STORE_CTX_get_ex_new_index(long argl, void *argp,
+                CRYPTO_EX_new *new_func,
+                CRYPTO_EX_dup *dup_func,
+                CRYPTO_EX_free *free_func);
+ int X509_STORE_CTX_set_ex_data(X509_STORE_CTX *d, int idx, void *arg);
+ char *X509_STORE_CTX_get_ex_data(X509_STORE_CTX *d, int idx);
+=head1 DESCRIPTION
+These functions handle application specific data in X509_STORE_CTX structures.
+Their usage is identical to that of RSA_get_ex_new_index(), RSA_set_ex_data()
+and RSA_get_ex_data() as described in L<RSA_get_ex_new_index(3)>.
+=head1 NOTES
+This mechanism is used internally by the B<ssl> library to store the B<SSL>
+structure associated with a verification operation in an B<X509_STORE_CTX>
+structure. 
+=head1 SEE ALSO
+L<RSA_get_ex_new_index(3)|RSA_get_ex_new_index(3)>
+=head1 HISTORY
+X509_STORE_CTX_get_ex_new_index(), X509_STORE_CTX_set_ex_data() and
+X509_STORE_CTX_get_ex_data() are available since OpenSSL 0.9.5.
+=cut
diff --git a/src/lib/libcrypto/doc/X509_STORE_CTX_new.pod b/src/lib/libcrypto/doc/X509_STORE_CTX_new.pod
new file mode 100644
index 0000000000..b17888f149
--- /dev/null
+++ b/src/lib/libcrypto/doc/X509_STORE_CTX_new.pod
@@ -0,0 +1,122 @@
+=pod
+=head1 NAME
+X509_STORE_CTX_new, X509_STORE_CTX_cleanup, X509_STORE_CTX_free, X509_STORE_CTX_init, X509_STORE_CTX_trusted_stack, X509_STORE_CTX_set_cert, X509_STORE_CTX_set_chain, X509_STORE_CTX_set0_crls, X509_STORE_CTX_get0_param, X509_STORE_CTX_set0_param, X509_STORE_CTX_set_default - X509_STORE_CTX initialisation
+=head1 SYNOPSIS
+ #include <openssl/x509_vfy.h>
+ X509_STORE_CTX *X509_STORE_CTX_new(void);
+ void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx);
+ void X509_STORE_CTX_free(X509_STORE_CTX *ctx);
+ int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store,
+                         X509 *x509, STACK_OF(X509) *chain);
+ void X509_STORE_CTX_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk);
+ void   X509_STORE_CTX_set_cert(X509_STORE_CTX *ctx,X509 *x);
+ void   X509_STORE_CTX_set_chain(X509_STORE_CTX *ctx,STACK_OF(X509) *sk);
+ void   X509_STORE_CTX_set0_crls(X509_STORE_CTX *ctx, STACK_OF(X509_CRL) *sk);
+ X509_VERIFY_PARAM *X509_STORE_CTX_get0_param(X509_STORE_CTX *ctx);
+ void X509_STORE_CTX_set0_param(X509_STORE_CTX *ctx, X509_VERIFY_PARAM *param);
+ int X509_STORE_CTX_set_default(X509_STORE_CTX *ctx, const char *name);
+=head1 DESCRIPTION
+These functions initialise an B<X509_STORE_CTX> structure for subsequent use
+by X509_verify_cert().
+X509_STORE_CTX_new() returns a newly initialised B<X509_STORE_CTX> structure.
+X509_STORE_CTX_cleanup() internally cleans up an B<X509_STORE_CTX> structure.
+The context can then be reused with an new call to X509_STORE_CTX_init().
+X509_STORE_CTX_free() completely frees up B<ctx>. After this call B<ctx>
+is no longer valid.
+X509_STORE_CTX_init() sets up B<ctx> for a subsequent verification operation.
+The trusted certificate store is set to B<store>, the end entity certificate
+to be verified is set to B<x509> and a set of additional certificates (which
+will be untrusted but may be used to build the chain) in B<chain>. Any or
+all of the B<store>, B<x509> and B<chain> parameters can be B<NULL>.
+X509_STORE_CTX_trusted_stack() sets the set of trusted certificates of B<ctx>
+to B<sk>. This is an alternative way of specifying trusted certificates 
+instead of using an B<X509_STORE>.
+X509_STORE_CTX_set_cert() sets the certificate to be vertified in B<ctx> to
+B<x>.
+X509_STORE_CTX_set_chain() sets the additional certificate chain used by B<ctx>
+to B<sk>.
+X509_STORE_CTX_set0_crls() sets a set of CRLs to use to aid certificate
+verification to B<sk>. These CRLs will only be used if CRL verification is
+enabled in the associated B<X509_VERIFY_PARAM> structure. This might be
+used where additional "useful" CRLs are supplied as part of a protocol,
+for example in a PKCS#7 structure.
+X509_VERIFY_PARAM *X509_STORE_CTX_get0_param() retrieves an intenal pointer
+to the verification parameters associated with B<ctx>.
+X509_STORE_CTX_set0_param() sets the intenal verification parameter pointer
+to B<param>. After this call B<param> should not be used.
+X509_STORE_CTX_set_default() looks up and sets the default verification
+method to B<name>. This uses the function X509_VERIFY_PARAM_lookup() to
+find an appropriate set of parameters from B<name>.
+=head1 NOTES
+The certificates and CRLs in a store are used internally and should B<not>
+be freed up until after the associated B<X509_STORE_CTX> is freed. Legacy
+applications might implicitly use an B<X509_STORE_CTX> like this:
+  X509_STORE_CTX ctx;
+  X509_STORE_CTX_init(&ctx, store, cert, chain);
+this is B<not> recommended in new applications they should instead do:
+  X509_STORE_CTX *ctx;
+  ctx = X509_STORE_CTX_new();
+  if (ctx == NULL)
+        /* Bad error */
+  X509_STORE_CTX_init(ctx, store, cert, chain);
+=head1 BUGS
+The certificates and CRLs in a context are used internally and should B<not>
+be freed up until after the associated B<X509_STORE_CTX> is freed. Copies
+should be made or reference counts increased instead.
+=head1 RETURN VALUES
+X509_STORE_CTX_new() returns an newly allocates context or B<NULL> is an
+error occurred.
+X509_STORE_CTX_init() returns 1 for success or 0 if an error occurred.
+X509_STORE_CTX_get0_param() returns a pointer to an B<X509_VERIFY_PARAM>
+structure or B<NULL> if an error occurred.
+X509_STORE_CTX_cleanup(), X509_STORE_CTX_free(), X509_STORE_CTX_trusted_stack(),
+X509_STORE_CTX_set_cert(), X509_STORE_CTX_set_chain(),
+X509_STORE_CTX_set0_crls() and X509_STORE_CTX_set0_param() do not return
+values.
+X509_STORE_CTX_set_default() returns 1 for success or 0 if an error occurred.
+=head1 SEE ALSO
+L<X509_verify_cert(3)|X509_verify_cert(3)>
+L<X509_VERIFY_PARAM_set_flags(3)|X509_VERIFY_PARAM_set_flags(3)>
+=head1 HISTORY
+X509_STORE_CTX_set0_crls() was first added to OpenSSL 1.0.0
+=cut
diff --git a/src/lib/libcrypto/doc/X509_STORE_CTX_set_verify_cb.pod b/src/lib/libcrypto/doc/X509_STORE_CTX_set_verify_cb.pod
new file mode 100644
index 0000000000..b9787a6ca6
--- /dev/null
+++ b/src/lib/libcrypto/doc/X509_STORE_CTX_set_verify_cb.pod
@@ -0,0 +1,161 @@
+=pod
+=head1 NAME
+X509_STORE_CTX_set_verify_cb - set verification callback
+=head1 SYNOPSIS
+ #include <openssl/x509_vfy.h>
+ void X509_STORE_CTX_set_verify_cb(X509_STORE_CTX *ctx,
+                                int (*verify_cb)(int ok, X509_STORE_CTX *ctx));
+=head1 DESCRIPTION
+X509_STORE_CTX_set_verify_cb() sets the verification callback of B<ctx> to
+B<verify_cb> overwriting any existing callback.
+The verification callback can be used to customise the operation of certificate
+verification, either by overriding error conditions or logging errors for
+debugging purposes.
+However a verification callback is B<not> essential and the default operation
+is often sufficient.
+The B<ok> parameter to the callback indicates the value the callback should
+return to retain the default behaviour. If it is zero then and error condition
+is indicated. If it is 1 then no error occurred. If the flag
+B<X509_V_FLAG_NOTIFY_POLICY> is set then B<ok> is set to 2 to indicate the
+policy checking is complete.
+The B<ctx> parameter to the callback is the B<X509_STORE_CTX> structure that
+is performing the verification operation. A callback can examine this
+structure and receive additional information about the error, for example
+by calling X509_STORE_CTX_get_current_cert(). Additional application data can
+be passed to the callback via the B<ex_data> mechanism.
+=head1 WARNING
+In general a verification callback should B<NOT> unconditionally return 1 in
+all circumstances because this will allow verification to succeed no matter
+what the error. This effectively removes all security from the application
+because B<any> certificate (including untrusted generated ones) will be
+accepted.
+=head1 NOTES
+The verification callback can be set and inherited from the parent structure
+performing the operation. In some cases (such as S/MIME verification) the
+B<X509_STORE_CTX> structure is created and destroyed internally and the
+only way to set a custom verification callback is by inheriting it from the
+associated B<X509_STORE>.
+=head1 RETURN VALUES
+X509_STORE_CTX_set_verify_cb() does not return a value.
+=head1 EXAMPLES
+Default callback operation:
+ int verify_callback(int ok, X509_STORE_CTX *ctx)
+        {
+        return ok;
+        }
+Simple example, suppose a certificate in the chain is expired and we wish
+to continue after this error:
+ int verify_callback(int ok, X509_STORE_CTX *ctx)
+        {
+        /* Tolerate certificate expiration */
+        if (X509_STORE_CTX_get_error(ctx) == X509_V_ERR_CERT_HAS_EXPIRED)
+                        return 1;
+        /* Otherwise don't override */
+        return ok;
+        }
+More complex example, we don't wish to continue after B<any> certificate has
+expired just one specific case:
+ int verify_callback(int ok, X509_STORE_CTX *ctx)
+        {
+        int err = X509_STORE_CTX_get_error(ctx);
+        X509 *err_cert = X509_STORE_CTX_get_current_cert(ctx);
+        if (err == X509_V_ERR_CERT_HAS_EXPIRED)
+                {
+                if (check_is_acceptable_expired_cert(err_cert)
+                        return 1;
+                }
+        return ok;
+        }
+Full featured logging callback. In this case the B<bio_err> is assumed to be
+a global logging B<BIO>, an alternative would to store a BIO in B<ctx> using
+B<ex_data>.
+        
+ int verify_callback(int ok, X509_STORE_CTX *ctx)
+        {
+        X509 *err_cert;
+        int err,depth;
+        err_cert = X509_STORE_CTX_get_current_cert(ctx);
+        err =   X509_STORE_CTX_get_error(ctx);
+        depth = X509_STORE_CTX_get_error_depth(ctx);
+        BIO_printf(bio_err,"depth=%d ",depth);
+        if (err_cert)
+                {
+                X509_NAME_print_ex(bio_err, X509_get_subject_name(err_cert),
+                                        0, XN_FLAG_ONELINE);
+                BIO_puts(bio_err, "\n");
+                }
+        else
+                BIO_puts(bio_err, "<no cert>\n");
+        if (!ok)
+                BIO_printf(bio_err,"verify error:num=%d:%s\n",err,
+                        X509_verify_cert_error_string(err));
+        switch (err)
+                {
+        case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
+                BIO_puts(bio_err,"issuer= ");
+                X509_NAME_print_ex(bio_err, X509_get_issuer_name(err_cert),
+                                        0, XN_FLAG_ONELINE);
+                BIO_puts(bio_err, "\n");
+                break;
+        case X509_V_ERR_CERT_NOT_YET_VALID:
+        case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
+                BIO_printf(bio_err,"notBefore=");
+                ASN1_TIME_print(bio_err,X509_get_notBefore(err_cert));
+                BIO_printf(bio_err,"\n");
+                break;
+        case X509_V_ERR_CERT_HAS_EXPIRED:
+        case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
+                BIO_printf(bio_err,"notAfter=");
+                ASN1_TIME_print(bio_err,X509_get_notAfter(err_cert));
+                BIO_printf(bio_err,"\n");
+                break;
+        case X509_V_ERR_NO_EXPLICIT_POLICY:
+                policies_print(bio_err, ctx);
+                break;
+                }
+        if (err == X509_V_OK && ok == 2)
+                /* print out policies */
+        BIO_printf(bio_err,"verify return:%d\n",ok);
+        return(ok);
+        }
+=head1 SEE ALSO
+L<X509_STORE_CTX_get_error(3)|X509_STORE_CTX_get_error(3)>
+L<X509_STORE_set_verify_cb_func(3)|X509_STORE_set_verify_cb_func(3)>
+L<X509_STORE_CTX_get_ex_new_index(3)|X509_STORE_CTX_get_ex_new_index(3)>
+=head1 HISTORY
+X509_STORE_CTX_set_verify_cb() is available in all versions of SSLeay and
+OpenSSL.
+=cut
diff --git a/src/lib/libcrypto/doc/X509_STORE_set_verify_cb_func.pod b/src/lib/libcrypto/doc/X509_STORE_set_verify_cb_func.pod
new file mode 100644
index 0000000000..29e3bbe3bc
--- /dev/null
+++ b/src/lib/libcrypto/doc/X509_STORE_set_verify_cb_func.pod
@@ -0,0 +1,54 @@
+=pod
+=head1 NAME
+X509_STORE_set_verify_cb_func, X509_STORE_set_verify_cb - set verification callback
+=head1 SYNOPSIS
+ #include <openssl/x509_vfy.h>
+ void X509_STORE_set_verify_cb(X509_STORE *st,
+                                int (*verify_cb)(int ok, X509_STORE_CTX *ctx));
+ void X509_STORE_set_verify_cb_func(X509_STORE *st,
+                                int (*verify_cb)(int ok, X509_STORE_CTX *ctx));
+=head1 DESCRIPTION
+X509_STORE_set_verify_cb() sets the verification callback of B<ctx> to
+B<verify_cb> overwriting any existing callback.
+X509_STORE_set_verify_cb_func() also sets the verification callback but it
+is implemented as a macro.
+=head1 NOTES
+The verification callback from an B<X509_STORE> is inherited by 
+the corresponding B<X509_STORE_CTX> structure when it is initialized. This can
+be used to set the verification callback when the B<X509_STORE_CTX> is 
+otherwise inaccessible (for example during S/MIME verification).
+=head1 BUGS
+The macro version of this function was the only one available before 
+OpenSSL 1.0.0.
+=head1 RETURN VALUES
+X509_STORE_set_verify_cb() and X509_STORE_set_verify_cb_func() do not return
+a value.
+=head1 SEE ALSO
+L<X509_STORE_CTX_set_verify_cb(3)|X509_STORE_CTX_set_verify_cb(3)>
+L<CMS_verify(3)|CMS_verify(3)>
+=head1 HISTORY
+X509_STORE_set_verify_cb_func() is available in all versions of SSLeay and
+OpenSSL.
+X509_STORE_set_verify_cb() was added to OpenSSL 1.0.0.
+=cut
diff --git a/src/lib/libcrypto/doc/X509_VERIFY_PARAM_set_flags.pod b/src/lib/libcrypto/doc/X509_VERIFY_PARAM_set_flags.pod
new file mode 100644
index 0000000000..b68eece033
--- /dev/null
+++ b/src/lib/libcrypto/doc/X509_VERIFY_PARAM_set_flags.pod
@@ -0,0 +1,171 @@
+=pod
+=head1 NAME
+X509_VERIFY_PARAM_set_flags, X509_VERIFY_PARAM_clear_flags, X509_VERIFY_PARAM_get_flags, X509_VERIFY_PARAM_set_purpose, X509_VERIFY_PARAM_set_trust, X509_VERIFY_PARAM_set_depth, X509_VERIFY_PARAM_get_depth, X509_VERIFY_PARAM_set_time, X509_VERIFY_PARAM_add0_policy, X509_VERIFY_PARAM_set1_policies - X509 verification parameters 
+=head1 SYNOPSIS
+ #include <openssl/x509_vfy.h>
+ int X509_VERIFY_PARAM_set_flags(X509_VERIFY_PARAM *param, unsigned long flags);
+ int X509_VERIFY_PARAM_clear_flags(X509_VERIFY_PARAM *param,
+                                                        unsigned long flags);
+ unsigned long X509_VERIFY_PARAM_get_flags(X509_VERIFY_PARAM *param);
+ int X509_VERIFY_PARAM_set_purpose(X509_VERIFY_PARAM *param, int purpose);
+ int X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *param, int trust);
+ void X509_VERIFY_PARAM_set_time(X509_VERIFY_PARAM *param, time_t t);
+ int X509_VERIFY_PARAM_add0_policy(X509_VERIFY_PARAM *param,
+                                                ASN1_OBJECT *policy);
+ int X509_VERIFY_PARAM_set1_policies(X509_VERIFY_PARAM *param, 
+                                        STACK_OF(ASN1_OBJECT) *policies);
+ void X509_VERIFY_PARAM_set_depth(X509_VERIFY_PARAM *param, int depth);
+ int X509_VERIFY_PARAM_get_depth(const X509_VERIFY_PARAM *param);
+=head1 DESCRIPTION
+These functions manipulate the B<X509_VERIFY_PARAM> structure associated with
+a certificate verification operation. 
+The X509_VERIFY_PARAM_set_flags() function sets the flags in B<param> by oring
+it with B<flags>. See the B<VERIFICATION FLAGS> section for a complete
+description of values the B<flags> parameter can take.
+X509_VERIFY_PARAM_get_flags() returns the flags in B<param>.
+X509_VERIFY_PARAM_clear_flags() clears the flags B<flags> in B<param>.
+X509_VERIFY_PARAM_set_purpose() sets the verification purpose in B<param>
+to B<purpose>. This determines the acceptable purpose of the certificate
+chain, for example SSL client or SSL server.
+X509_VERIFY_PARAM_set_trust() sets the trust setting in B<param> to 
+B<trust>.
+X509_VERIFY_PARAM_set_time() sets the verification time in B<param> to
+B<t>. Normally the current time is used.
+X509_VERIFY_PARAM_add0_policy() enables policy checking (it is disabled
+by default) and adds B<policy> to the acceptable policy set.
+X509_VERIFY_PARAM_set1_policies() enables policy checking (it is disabled
+by default) and sets the acceptable policy set to B<policies>. Any existing
+policy set is cleared. The B<policies> parameter can be B<NULL> to clear
+an existing policy set.
+X509_VERIFY_PARAM_set_depth() sets the maximum verification depth to B<depth>.
+That is the maximum number of untrusted CA certificates that can appear in a
+chain.
+=head1 RETURN VALUES
+X509_VERIFY_PARAM_set_flags(), X509_VERIFY_PARAM_clear_flags(), 
+X509_VERIFY_PARAM_set_purpose(), X509_VERIFY_PARAM_set_trust(),
+X509_VERIFY_PARAM_add0_policy() and X509_VERIFY_PARAM_set1_policies() return 1
+for success and 0 for failure. 
+X509_VERIFY_PARAM_get_flags() returns the current verification flags.
+X509_VERIFY_PARAM_set_time() and X509_VERIFY_PARAM_set_depth() do not return
+values.
+X509_VERIFY_PARAM_get_depth() returns the current verification depth.
+=head1 VERIFICATION FLAGS
+The verification flags consists of zero or more of the following flags
+ored together.
+B<X509_V_FLAG_CRL_CHECK> enables CRL checking for the certificate chain leaf
+certificate. An error occurs if a suitable CRL cannot be found. 
+B<X509_V_FLAG_CRL_CHECK_ALL> enables CRL checking for the entire certificate
+chain.
+B<X509_V_FLAG_IGNORE_CRITICAL> disabled critical extension checking. By default
+any unhandled critical extensions in certificates or (if checked) CRLs results
+in a fatal error. If this flag is set unhandled critical extensions are
+ignored. B<WARNING> setting this option for anything other than debugging
+purposes can be a security risk. Finer control over which extensions are
+supported can be performed in the verification callback.
+THe B<X509_V_FLAG_X509_STRICT> flag disables workarounds for some broken
+certificates and makes the verification strictly apply B<X509> rules.
+B<X509_V_FLAG_ALLOW_PROXY_CERTS> enables proxy certificate verification.
+B<X509_V_FLAG_POLICY_CHECK> enables certificate policy checking, by default
+no policy checking is peformed. Additional information is sent to the 
+verification callback relating to policy checking.
+B<X509_V_FLAG_EXPLICIT_POLICY>, B<X509_V_FLAG_INHIBIT_ANY> and
+B<X509_V_FLAG_INHIBIT_MAP> set the B<require explicit policy>, B<inhibit any
+policy> and B<inhibit policy mapping> flags respectively as defined in
+B<RFC3280>. Policy checking is automatically enabled if any of these flags
+are set.
+If B<X509_V_FLAG_NOTIFY_POLICY> is set and the policy checking is successful
+a special status code is set to the verification callback. This permits it
+to examine the valid policy tree and perform additional checks or simply
+log it for debugging purposes.
+By default some addtional features such as indirect CRLs and CRLs signed by
+different keys are disabled. If B<X509_V_FLAG_EXTENDED_CRL_SUPPORT> is set
+they are enabled.
+If B<X509_V_FLAG_USE_DELTAS> ise set delta CRLs (if present) are used to
+determine certificate status. If not set deltas are ignored.
+B<X509_V_FLAG_CHECK_SS_SIGNATURE> enables checking of the root CA self signed
+cerificate signature. By default this check is disabled because it doesn't
+add any additional security but in some cases applications might want to
+check the signature anyway. A side effect of not checking the root CA
+signature is that disabled or unsupported message digests on the root CA
+are not treated as fatal errors.
+The B<X509_V_FLAG_CB_ISSUER_CHECK> flag enables debugging of certificate
+issuer checks. It is B<not> needed unless you are logging certificate
+verification. If this flag is set then additional status codes will be sent
+to the verification callback and it B<must> be prepared to handle such cases
+without assuming they are hard errors.
+=head1 NOTES
+The above functions should be used to manipulate verification parameters
+instead of legacy functions which work in specific structures such as
+X509_STORE_CTX_set_flags().
+=head1 BUGS
+Delta CRL checking is currently primitive. Only a single delta can be used and
+(partly due to limitations of B<X509_STORE>) constructed CRLs are not 
+maintained.
+If CRLs checking is enable CRLs are expected to be available in the
+corresponding B<X509_STORE> structure. No attempt is made to download
+CRLs from the CRL distribution points extension.
+=head1 EXAMPLE
+Enable CRL checking when performing certificate verification during SSL 
+connections associated with an B<SSL_CTX> structure B<ctx>:
+  X509_VERIFY_PARAM *param;
+  param = X509_VERIFY_PARAM_new();
+  X509_VERIFY_PARAM_set_flags(param, X509_V_FLAG_CRL_CHECK);
+  SSL_CTX_set1_param(ctx, param);
+  X509_VERIFY_PARAM_free(param);
+=head1 SEE ALSO
+L<X509_verify_cert(3)|X509_verify_cert(3)>
+=head1 HISTORY
+TBA
+=cut
diff --git a/src/lib/libcrypto/doc/X509_new.pod b/src/lib/libcrypto/doc/X509_new.pod
index fd5fc65ce1..d38872335f 100644
--- a/src/lib/libcrypto/doc/X509_new.pod
+++ b/src/lib/libcrypto/doc/X509_new.pod
@@ -6,6 +6,8 @@ X509_new, X509_free - X509 certificate ASN1 allocation functions
 =head1 SYNOPSIS
+ #include <openssl/x509.h>
 X509 *X509_new(void);
 void X509_free(X509 *a);
diff --git a/src/lib/libcrypto/doc/X509_verify_cert.pod b/src/lib/libcrypto/doc/X509_verify_cert.pod
new file mode 100644
index 0000000000..5253bdcd70
--- /dev/null
+++ b/src/lib/libcrypto/doc/X509_verify_cert.pod
@@ -0,0 +1,53 @@
+=pod
+=head1 NAME
+X509_verify_cert - discover and verify X509 certificte chain
+=head1 SYNOPSIS
+ #include <openssl/x509.h>
+ int X509_verify_cert(X509_STORE_CTX *ctx);
+=head1 DESCRIPTION
+The X509_verify_cert() function attempts to discover and validate a
+certificate chain based on parameters in B<ctx>. A complete description of
+the process is contained in the L<verify(1)|verify(1)> manual page.
+=head1 RETURN VALUES
+If a complete chain can be built and validated this function returns 1,
+otherwise it return zero, in exceptional circumstances it can also
+return a negative code.
+If the function fails additional error information can be obtained by
+examining B<ctx> using, for example X509_STORE_CTX_get_error().
+=head1 NOTES
+Applications rarely call this function directly but it is used by
+OpenSSL internally for certificate validation, in both the S/MIME and
+SSL/TLS code.
+The negative return value from X509_verify_cert() can only occur if no
+certificate is set in B<ctx> (due to a programming error) or if a retry
+operation is requested during internal lookups (which never happens with
+standard lookup methods). It is however recommended that application check
+for <= 0 return value on error.
+=head1 BUGS
+This function uses the header B<x509.h> as opposed to most chain verification
+functiosn which use B<x509_vfy.h>.
+=head1 SEE ALSO
+L<X509_STORE_CTX_get_error(3)|X509_STORE_CTX_get_error(3)>
+=head1 HISTORY
+X509_verify_cert() is available in all versions of SSLeay and OpenSSL.
+=cut
diff --git a/src/lib/libcrypto/doc/d2i_X509.pod b/src/lib/libcrypto/doc/d2i_X509.pod
index 5bfa18afbb..298ec54a4c 100644
--- a/src/lib/libcrypto/doc/d2i_X509.pod
+++ b/src/lib/libcrypto/doc/d2i_X509.pod
@@ -15,8 +15,8 @@ i2d_X509_fp - X509 encode and decode functions
 X509 *d2i_X509_bio(BIO *bp, X509 **x);
 X509 *d2i_X509_fp(FILE *fp, X509 **x);
- int i2d_X509_bio(X509 *x, BIO *bp);
+ int i2d_X509_bio(BIO *bp, X509 *x);
- int i2d_X509_fp(X509 *x, FILE *fp);
+ int i2d_X509_fp(FILE *fp, X509 *x);
 =head1 DESCRIPTION
@@ -212,11 +212,11 @@ d2i_X509(), d2i_X509_bio() and d2i_X509_fp() return a valid B<X509> structure
 or B<NULL> if an error occurs. The error code that can be obtained by
 L<ERR_get_error(3)|ERR_get_error(3)>. 
-i2d_X509(), i2d_X509_bio() and i2d_X509_fp() return a the number of bytes
+i2d_X509() returns the number of bytes successfully encoded or a negative
-successfully encoded or a negative value if an error occurs. The error code
+value if an error occurs. The error code can be obtained by
-can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>. 
+L<ERR_get_error(3)|ERR_get_error(3)>. 
-i2d_X509_bio() and i2d_X509_fp() returns 1 for success and 0 if an error 
+i2d_X509_bio() and i2d_X509_fp() return 1 for success and 0 if an error 
 occurs The error code can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>. 
 =head1 SEE ALSO
diff --git a/src/lib/libcrypto/doc/d2i_X509_CRL.pod b/src/lib/libcrypto/doc/d2i_X509_CRL.pod
index e7295a5d61..224f9e082b 100644
--- a/src/lib/libcrypto/doc/d2i_X509_CRL.pod
+++ b/src/lib/libcrypto/doc/d2i_X509_CRL.pod
@@ -15,8 +15,8 @@ i2d_X509_CRL_bio, i2d_X509_CRL_fp - PKCS#10 certificate request functions.
 X509_CRL *d2i_X509_CRL_bio(BIO *bp, X509_CRL **x);
 X509_CRL *d2i_X509_CRL_fp(FILE *fp, X509_CRL **x);
- int i2d_X509_CRL_bio(X509_CRL *x, BIO *bp);
+ int i2d_X509_CRL_bio(BIO *bp, X509_CRL *x);
- int i2d_X509_CRL_fp(X509_CRL *x, FILE *fp);
+ int i2d_X509_CRL_fp(FILE *fp, X509_CRL *x);
 =head1 DESCRIPTION
diff --git a/src/lib/libcrypto/doc/d2i_X509_REQ.pod b/src/lib/libcrypto/doc/d2i_X509_REQ.pod
index ae32a3891d..91c0c1974b 100644
--- a/src/lib/libcrypto/doc/d2i_X509_REQ.pod
+++ b/src/lib/libcrypto/doc/d2i_X509_REQ.pod
@@ -15,8 +15,8 @@ i2d_X509_REQ_bio, i2d_X509_REQ_fp - PKCS#10 certificate request functions.
 X509_REQ *d2i_X509_REQ_bio(BIO *bp, X509_REQ **x);
 X509_REQ *d2i_X509_REQ_fp(FILE *fp, X509_REQ **x);
- int i2d_X509_REQ_bio(X509_REQ *x, BIO *bp);
+ int i2d_X509_REQ_bio(BIO *bp, X509_REQ *x);
- int i2d_X509_REQ_fp(X509_REQ *x, FILE *fp);
+ int i2d_X509_REQ_fp(FILE *fp, X509_REQ *x);
 =head1 DESCRIPTION
diff --git a/src/lib/libcrypto/doc/i2d_CMS_bio_stream.pod b/src/lib/libcrypto/doc/i2d_CMS_bio_stream.pod
new file mode 100644
index 0000000000..558bdd0812
--- /dev/null
+++ b/src/lib/libcrypto/doc/i2d_CMS_bio_stream.pod
@@ -0,0 +1,44 @@
+=pod
+=head1 NAME
+ i2d_CMS_bio_stream - output CMS_ContentInfo structure in BER format.
+=head1 SYNOPSIS
+ #include <openssl/cms.h>
+ int i2d_CMS_bio_stream(BIO *out, CMS_ContentInfo *cms, BIO *data, int flags);
+=head1 DESCRIPTION
+i2d_CMS_bio_stream() outputs a CMS_ContentInfo structure in BER format.
+It is otherwise identical to the function SMIME_write_CMS().
+=head1 NOTES
+This function is effectively a version of the i2d_CMS_bio() supporting
+streaming.
+=head1 BUGS
+The prefix "i2d" is arguably wrong because the function outputs BER format.
+=head1 RETURN VALUES
+i2d_CMS_bio_stream() returns 1 for success or 0 for failure.
+=head1 SEE ALSO
+L<ERR_get_error(3)|ERR_get_error(3)>, L<CMS_sign(3)|CMS_sign(3)>,
+L<CMS_verify(3)|CMS_verify(3)>, L<CMS_encrypt(3)|CMS_encrypt(3)>
+L<CMS_decrypt(3)|CMS_decrypt(3)>,
+L<SMIME_write_CMS(3)|SMIME_write_CMS(3)>,
+L<PEM_write_bio_CMS_stream(3)|PEM_write_bio_CMS_stream(3)>
+=head1 HISTORY
+i2d_CMS_bio_stream() was added to OpenSSL 1.0.0
+=cut
diff --git a/src/lib/libcrypto/doc/i2d_PKCS7_bio_stream.pod b/src/lib/libcrypto/doc/i2d_PKCS7_bio_stream.pod
new file mode 100644
index 0000000000..dc4d884c59
--- /dev/null
+++ b/src/lib/libcrypto/doc/i2d_PKCS7_bio_stream.pod
@@ -0,0 +1,44 @@
+=pod
+=head1 NAME
+i2d_PKCS7_bio_stream - output PKCS7 structure in BER format.
+=head1 SYNOPSIS
+ #include <openssl/pkcs7.h>
+ int i2d_PKCS7_bio_stream(BIO *out, PKCS7 *p7, BIO *data, int flags);
+=head1 DESCRIPTION
+i2d_PKCS7_bio_stream() outputs a PKCS7 structure in BER format.
+It is otherwise identical to the function SMIME_write_PKCS7().
+=head1 NOTES
+This function is effectively a version of the d2i_PKCS7_bio() supporting
+streaming.
+=head1 BUGS
+The prefix "d2i" is arguably wrong because the function outputs BER format.
+=head1 RETURN VALUES
+i2d_PKCS7_bio_stream() returns 1 for success or 0 for failure.
+=head1 SEE ALSO
+L<ERR_get_error(3)|ERR_get_error(3)>, L<PKCS7_sign(3)|PKCS7_sign(3)>,
+L<PKCS7_verify(3)|PKCS7_verify(3)>, L<PKCS7_encrypt(3)|PKCS7_encrypt(3)>
+L<PKCS7_decrypt(3)|PKCS7_decrypt(3)>,
+L<SMIME_write_PKCS7(3)|SMIME_write_PKCS7(3)>,
+L<PEM_write_bio_PKCS7_stream(3)|PEM_write_bio_PKCS7_stream(3)>
+=head1 HISTORY
+i2d_PKCS7_bio_stream() was added to OpenSSL 1.0.0
+=cut