1 files changed, 180 insertions, 0 deletions
diff --git a/src/lib/libcrypto/man/CMS_get0_SignerInfos.3 b/src/lib/libcrypto/man/CMS_get0_SignerInfos.3
new file mode 100644
index 0000000000..b9c8fee366
--- /dev/null
+++ b/src/lib/libcrypto/man/CMS_get0_SignerInfos.3
@@ -0,0 +1,180 @@
+.\" $OpenBSD: CMS_get0_SignerInfos.3,v 1.3 2019/08/10 23:41:22 schwarze Exp $
+.\" full merge up to: OpenSSL 83cf7abf May 29 13:07:08 2018 +0100
+.\"
+.\" This file was written by Dr. Stephen Henson <steve@openssl.org>.
+.\" Copyright (c) 2008, 2013 The OpenSSL Project.  All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\"
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\"
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in
+.\"    the documentation and/or other materials provided with the
+.\"    distribution.
+.\"
+.\" 3. All advertising materials mentioning features or use of this
+.\"    software must display the following acknowledgment:
+.\"    "This product includes software developed by the OpenSSL Project
+.\"    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+.\"
+.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+.\"    endorse or promote products derived from this software without
+.\"    prior written permission. For written permission, please contact
+.\"    openssl-core@openssl.org.
+.\"
+.\" 5. Products derived from this software may not be called "OpenSSL"
+.\"    nor may "OpenSSL" appear in their names without prior written
+.\"    permission of the OpenSSL Project.
+.\"
+.\" 6. Redistributions of any form whatsoever must retain the following
+.\"    acknowledgment:
+.\"    "This product includes software developed by the OpenSSL Project
+.\"    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+.\" PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+.\" OF THE POSSIBILITY OF SUCH DAMAGE.
+.\"
+.Dd $Mdocdate: August 10 2019 $
+.Dt CMS_GET0_SIGNERINFOS 3
+.Os
+.Sh NAME
+.Nm CMS_get0_SignerInfos ,
+.Nm CMS_SignerInfo_get0_signer_id ,
+.Nm CMS_SignerInfo_get0_signature ,
+.Nm CMS_SignerInfo_cert_cmp ,
+.Nm CMS_SignerInfo_set1_signer_cert
+.Nd CMS signedData signer functions
+.Sh SYNOPSIS
+.In openssl/cms.h
+.Ft STACK_OF(CMS_SignerInfo) *
+.Fo CMS_get0_SignerInfos
+.Fa "CMS_ContentInfo *cms"
+.Fc
+.Ft int
+.Fo CMS_SignerInfo_get0_signer_id
+.Fa "CMS_SignerInfo *si"
+.Fa "ASN1_OCTET_STRING **keyid"
+.Fa "X509_NAME **issuer"
+.Fa "ASN1_INTEGER **sno"
+.Fc
+.Ft ASN1_OCTET_STRING *
+.Fo CMS_SignerInfo_get0_signature
+.Fa "CMS_SignerInfo *si"
+.Fc
+.Ft int
+.Fo CMS_SignerInfo_cert_cmp
+.Fa "CMS_SignerInfo *si"
+.Fa "X509 *cert"
+.Fc
+.Ft void
+.Fo CMS_SignerInfo_set1_signer_cert
+.Fa "CMS_SignerInfo *si"
+.Fa "X509 *signer"
+.Fc
+.Sh DESCRIPTION
+The function
+.Fn CMS_get0_SignerInfos
+returns all the
+.Vt CMS_SignerInfo
+structures associated with a CMS signedData structure.
+.Pp
+.Fn CMS_SignerInfo_get0_signer_id
+retrieves the certificate signer identifier associated with a specific
+.Vt CMS_SignerInfo
+structure
+.Fa si .
+Either the keyidentifier will be set in
+.Fa keyid
+or
+.Em both
+issuer name and serial number in
+.Fa issuer
+and
+.Fa sno .
+.Pp
+.Fn CMS_SignerInfo_get0_signature
+retrieves the signature associated with
+.Fa si
+in a pointer to an
+.Vt ASN1_OCTET_STRING
+structure.
+This pointer returned corresponds to the internal signature value of
+.Fa si
+so it may be read or modified.
+.Pp
+.Fn CMS_SignerInfo_cert_cmp
+compares the certificate
+.Fa cert
+against the signer identifier
+.Fa si .
+It returns zero if the comparison is successful or non-zero if not.
+.Pp
+.Fn CMS_SignerInfo_set1_signer_cert
+sets the signers certificate of
+.Fa si
+to
+.Fa signer .
+.Pp
+The main purpose of these functions is to enable an application to
+lookup signers certificates using any appropriate technique when the
+simpler method of
+.Xr CMS_verify 3
+is not appropriate.
+.Pp
+In typical usage an application will retrieve all
+.Vt CMS_SignerInfo
+structures using
+.Fn CMS_get0_SignerInfos
+and retrieve the identifier information using CMS.
+It will then obtain the signer certificate by some unspecified means
+(or return and error if it cannot be found) and set it using
+.Fn CMS_SignerInfo_set1_signer_cert .
+.Pp
+Once all signer certificates have been set,
+.Xr CMS_verify 3
+can be used.
+.Pp
+Although
+.Fn CMS_get0_SignerInfos
+can return
+.Dv NULL
+if an error occurs
+.Em or
+if there are no signers, this is not a problem in practice because the
+only error which can occur is if the
+.Fa cms
+structure is not of type signedData due to application error.
+.Sh RETURN VALUES
+.Fn CMS_get0_SignerInfos
+returns all
+.Vt CMS_SignerInfo
+structures, or
+.Dv NULL
+if there are no signers or an error occurs.
+.Pp
+.Fn CMS_SignerInfo_get0_signer_id
+returns 1 for success or 0 for failure.
+.Pp
+.Fn CMS_SignerInfo_cert_cmp
+returns 0 for a successful comparison or non-zero otherwise.
+.Pp
+Any error can be obtained from
+.Xr ERR_get_error 3 .
+.Sh SEE ALSO
+.Xr CMS_verify 3
+.Sh HISTORY
+These functions were first was added to OpenSSL 0.9.8.

diff --git a/src/lib/libcrypto/man/CMS_get0_SignerInfos.3 b/src/lib/libcrypto/man/CMS_get0_SignerInfos.3 new file mode 100644 index 0000000000..b9c8fee366 --- /dev/null +++ b/src/lib/libcrypto/man/CMS_get0_SignerInfos.3
@@ -0,0 +1,180 @@
	1	.\" $OpenBSD: CMS_get0_SignerInfos.3,v 1.3 2019/08/10 23:41:22 schwarze Exp $
	2	.\" full merge up to: OpenSSL 83cf7abf May 29 13:07:08 2018 +0100
	3	.\"
	4	.\" This file was written by Dr. Stephen Henson <steve@openssl.org>.
	5	.\" Copyright (c) 2008, 2013 The OpenSSL Project. All rights reserved.
	6	.\"
	7	.\" Redistribution and use in source and binary forms, with or without
	8	.\" modification, are permitted provided that the following conditions
	9	.\" are met:
	10	.\"
	11	.\" 1. Redistributions of source code must retain the above copyright
	12	.\" notice, this list of conditions and the following disclaimer.
	13	.\"
	14	.\" 2. Redistributions in binary form must reproduce the above copyright
	15	.\" notice, this list of conditions and the following disclaimer in
	16	.\" the documentation and/or other materials provided with the
	17	.\" distribution.
	18	.\"
	19	.\" 3. All advertising materials mentioning features or use of this
	20	.\" software must display the following acknowledgment:
	21	.\" "This product includes software developed by the OpenSSL Project
	22	.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
	23	.\"
	24	.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
	25	.\" endorse or promote products derived from this software without
	26	.\" prior written permission. For written permission, please contact
	27	.\" openssl-core@openssl.org.
	28	.\"
	29	.\" 5. Products derived from this software may not be called "OpenSSL"
	30	.\" nor may "OpenSSL" appear in their names without prior written
	31	.\" permission of the OpenSSL Project.
	32	.\"
	33	.\" 6. Redistributions of any form whatsoever must retain the following
	34	.\" acknowledgment:
	35	.\" "This product includes software developed by the OpenSSL Project
	36	.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)"
	37	.\"
	38	.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
	39	.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
	40	.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
	41	.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
	42	.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
	43	.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
	44	.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
	45	.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
	46	.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
	47	.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
	48	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
	49	.\" OF THE POSSIBILITY OF SUCH DAMAGE.
	50	.\"
	51	.Dd $Mdocdate: August 10 2019 $
	52	.Dt CMS_GET0_SIGNERINFOS 3
	53	.Os
	54	.Sh NAME
	55	.Nm CMS_get0_SignerInfos ,
	56	.Nm CMS_SignerInfo_get0_signer_id ,
	57	.Nm CMS_SignerInfo_get0_signature ,
	58	.Nm CMS_SignerInfo_cert_cmp ,
	59	.Nm CMS_SignerInfo_set1_signer_cert
	60	.Nd CMS signedData signer functions
	61	.Sh SYNOPSIS
	62	.In openssl/cms.h
	63	.Ft STACK_OF(CMS_SignerInfo) *
	64	.Fo CMS_get0_SignerInfos
	65	.Fa "CMS_ContentInfo *cms"
	66	.Fc
	67	.Ft int
	68	.Fo CMS_SignerInfo_get0_signer_id
	69	.Fa "CMS_SignerInfo *si"
	70	.Fa "ASN1_OCTET_STRING **keyid"
	71	.Fa "X509_NAME **issuer"
	72	.Fa "ASN1_INTEGER **sno"
	73	.Fc
	74	.Ft ASN1_OCTET_STRING *
	75	.Fo CMS_SignerInfo_get0_signature
	76	.Fa "CMS_SignerInfo *si"
	77	.Fc
	78	.Ft int
	79	.Fo CMS_SignerInfo_cert_cmp
	80	.Fa "CMS_SignerInfo *si"
	81	.Fa "X509 *cert"
	82	.Fc
	83	.Ft void
	84	.Fo CMS_SignerInfo_set1_signer_cert
	85	.Fa "CMS_SignerInfo *si"
	86	.Fa "X509 *signer"
	87	.Fc
	88	.Sh DESCRIPTION
	89	The function
	90	.Fn CMS_get0_SignerInfos
	91	returns all the
	92	.Vt CMS_SignerInfo
	93	structures associated with a CMS signedData structure.
	94	.Pp
	95	.Fn CMS_SignerInfo_get0_signer_id
	96	retrieves the certificate signer identifier associated with a specific
	97	.Vt CMS_SignerInfo
	98	structure
	99	.Fa si .
	100	Either the keyidentifier will be set in
	101	.Fa keyid
	102	or
	103	.Em both
	104	issuer name and serial number in
	105	.Fa issuer
	106	and
	107	.Fa sno .
	108	.Pp
	109	.Fn CMS_SignerInfo_get0_signature
	110	retrieves the signature associated with
	111	.Fa si
	112	in a pointer to an
	113	.Vt ASN1_OCTET_STRING
	114	structure.
	115	This pointer returned corresponds to the internal signature value of
	116	.Fa si
	117	so it may be read or modified.
	118	.Pp
	119	.Fn CMS_SignerInfo_cert_cmp
	120	compares the certificate
	121	.Fa cert
	122	against the signer identifier
	123	.Fa si .
	124	It returns zero if the comparison is successful or non-zero if not.
	125	.Pp
	126	.Fn CMS_SignerInfo_set1_signer_cert
	127	sets the signers certificate of
	128	.Fa si
	129	to
	130	.Fa signer .
	131	.Pp
	132	The main purpose of these functions is to enable an application to
	133	lookup signers certificates using any appropriate technique when the
	134	simpler method of
	135	.Xr CMS_verify 3
	136	is not appropriate.
	137	.Pp
	138	In typical usage an application will retrieve all
	139	.Vt CMS_SignerInfo
	140	structures using
	141	.Fn CMS_get0_SignerInfos
	142	and retrieve the identifier information using CMS.
	143	It will then obtain the signer certificate by some unspecified means
	144	(or return and error if it cannot be found) and set it using
	145	.Fn CMS_SignerInfo_set1_signer_cert .
	146	.Pp
	147	Once all signer certificates have been set,
	148	.Xr CMS_verify 3
	149	can be used.
	150	.Pp
	151	Although
	152	.Fn CMS_get0_SignerInfos
	153	can return
	154	.Dv NULL
	155	if an error occurs
	156	.Em or
	157	if there are no signers, this is not a problem in practice because the
	158	only error which can occur is if the
	159	.Fa cms
	160	structure is not of type signedData due to application error.
	161	.Sh RETURN VALUES
	162	.Fn CMS_get0_SignerInfos
	163	returns all
	164	.Vt CMS_SignerInfo
	165	structures, or
	166	.Dv NULL
	167	if there are no signers or an error occurs.
	168	.Pp
	169	.Fn CMS_SignerInfo_get0_signer_id
	170	returns 1 for success or 0 for failure.
	171	.Pp
	172	.Fn CMS_SignerInfo_cert_cmp
	173	returns 0 for a successful comparison or non-zero otherwise.
	174	.Pp
	175	Any error can be obtained from
	176	.Xr ERR_get_error 3 .
	177	.Sh SEE ALSO
	178	.Xr CMS_verify 3
	179	.Sh HISTORY
	180	These functions were first was added to OpenSSL 0.9.8.