1 files changed, 0 insertions, 180 deletions
diff --git a/src/lib/libcrypto/man/X509_ATTRIBUTE_new.3 b/src/lib/libcrypto/man/X509_ATTRIBUTE_new.3
deleted file mode 100644
index cc2b27d4c0..0000000000
--- a/src/lib/libcrypto/man/X509_ATTRIBUTE_new.3
+++ /dev/null
@@ -1,180 +0,0 @@
-.\" $OpenBSD: X509_ATTRIBUTE_new.3,v 1.18 2024/09/02 07:57:27 tb Exp $
-.\"
-.\" Copyright (c) 2016, 2021 Ingo Schwarze <schwarze@openbsd.org>
-.\"
-.\" Permission to use, copy, modify, and distribute this software for any
-.\" purpose with or without fee is hereby granted, provided that the above
-.\" copyright notice and this permission notice appear in all copies.
-.\"
-.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
-.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
-.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
-.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
-.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
-.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
-.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-.\"
-.Dd $Mdocdate: September 2 2024 $
-.Dt X509_ATTRIBUTE_NEW 3
-.Os
-.Sh NAME
-.Nm X509_ATTRIBUTE_new ,
-.Nm X509_ATTRIBUTE_create ,
-.Nm X509_ATTRIBUTE_dup ,
-.Nm X509_ATTRIBUTE_free
-.\" In the following line, "X.501" and "Attribute" are not typos.
-.\" The "Attribute" type is defined in X.501, not in X.509.
-.\" The type is called "Attribute" with capital "A", not "attribute".
-.Nd generic X.501 Attribute
-.Sh SYNOPSIS
-.In openssl/x509.h
-.Ft X509_ATTRIBUTE *
-.Fn X509_ATTRIBUTE_new void
-.Ft X509_ATTRIBUTE *
-.Fn X509_ATTRIBUTE_create "int nid" "int type" "void *value"
-.Ft X509_ATTRIBUTE *
-.Fn X509_ATTRIBUTE_dup "X509_ATTRIBUTE *attr"
-.Ft void
-.Fn X509_ATTRIBUTE_free "X509_ATTRIBUTE *attr"
-.Sh DESCRIPTION
-In the X.501 standard, an
-.Vt Attribute
-is the fundamental ASN.1 data type used to represent any kind of
-property of any kind of directory entry.
-In OpenSSL, very few objects use it directly, most notably the
-.Vt X509_REQ_INFO
-object used for PKCS#10 certification requests described in
-.Xr X509_REQ_new 3 ,
-the
-.Vt PKCS8_PRIV_KEY_INFO
-object used for PKCS#8 private key information described in
-.Xr PKCS8_PRIV_KEY_INFO_new 3 ,
-and the
-.Vt PKCS12_SAFEBAG
-container object described in
-.Xr PKCS12_SAFEBAG_new 3 .
-.Pp
-.Fn X509_ATTRIBUTE_new
-allocates and initializes an empty
-.Vt X509_ATTRIBUTE
-object.
-.Pp
-.Fn X509_ATTRIBUTE_create
-allocates a new multi-valued
-.Vt X509_ATTRIBUTE
-object of the type
-.Fa nid
-and initializes its set of values
-to contain one new ASN.1 ANY object with the given
-.Fa value
-and
-.Fa type .
-The
-.Fa type
-usually is one of the
-.Dv V_ASN1_*
-constants defined in
-.In openssl/asn1.h ;
-it is stored without validating it.
-If the function succeeds, ownership of the
-.Fa value
-is transferred to the new
-.Vt X509_ATTRIBUTE
-object.
-.Pp
-Be careful to not confuse the type of the attribute
-and the type of the value.
-.Pp
-.Fn X509_ATTRIBUTE_dup
-creates a deep copy of
-.Fa attr .
-.Pp
-.Fn X509_ATTRIBUTE_free
-frees
-.Fa attr .
-.Sh RETURN VALUES
-.Fn X509_ATTRIBUTE_new ,
-.Fn X509_ATTRIBUTE_create ,
-and
-.Fn X509_ATTRIBUTE_dup
-return the new
-.Vt X509_ATTRIBUTE
-object or
-.Dv NULL
-if an error occurs.
-.Pp
-In particular, these functions fail if memory allocation fails.
-.Fn X509_ATTRIBUTE_create
-also fails if
-.Xr OBJ_nid2obj 3
-fails on
-.Fa nid .
-.Sh SEE ALSO
-.Xr d2i_X509_ATTRIBUTE 3 ,
-.Xr OBJ_nid2obj 3 ,
-.Xr PKCS12_SAFEBAG_new 3 ,
-.Xr PKCS7_add_attribute 3 ,
-.Xr PKCS8_pkey_get0_attrs 3 ,
-.Xr PKCS8_PRIV_KEY_INFO_new 3 ,
-.Xr X509_ATTRIBUTE_get0_object 3 ,
-.Xr X509_ATTRIBUTE_set1_object 3 ,
-.Xr X509_EXTENSION_new 3 ,
-.Xr X509_new 3 ,
-.Xr X509_REQ_add1_attr 3 ,
-.Xr X509_REQ_new 3
-.Sh STANDARDS
-.Bl -ohang
-.It Xo
-For the general definition of the
-.Vt Attribute
-data type:
-.Xc
-ITU-T Recommendation X.501, also known as ISO/IEC 9594-2:
-Information Technology \(en Open Systems Interconnection \(en
-The Directory: Models, section 8.2: Overall structure
-.It For the specific definition in the context of certification requests:
-RFC 2986: PKCS #10: Certification Request Syntax Specification,
-section 4.1: CertificationRequestInfo
-.It For the specific use in the context of private key information:
-RFC 5208: Public-Key Cryptography Standards (PKCS) #8:
-Private-Key Information Syntax Specification
-.It For the specific definition in the context of PFX:
-RFC 7292: PKCS #12: Personal Information Exchange Syntax,
-section 4.2: The SafeBag Type
-.El
-.Sh HISTORY
-.Fn X509_ATTRIBUTE_new
-and
-.Fn X509_ATTRIBUTE_free
-first appeared in SSLeay 0.5.1 and have been available since
-.Ox 2.4 .
-.Pp
-.Fn X509_ATTRIBUTE_create
-and
-.Fn X509_ATTRIBUTE_dup
-first appeared in SSLeay 0.9.1 and have been available since
-.Ox 2.6 .
-.Sh BUGS
-A data type designed to hold arbitrary data is an oxymoron.
-.Pp
-While it may occasionally be useful for abstract syntax specification
-or for generic container objects, using it for the representation
-of specific data in a specific data structure feels like dubious
-design.
-.Pp
-Having two distinct data types to hold arbitrary data \(en
-in this case,
-.Vt X509_ATTRIBUTE
-on the X.501 language level and
-.Vt X509_EXTENSION
-as described in
-.Xr X509_EXTENSION_new 3
-on the X.509 language level \(en feels even more questionable,
-in particular considering that Attributes in certification requests
-can be used to ask for Extensions in certificates.
-.Pp
-At the very least, the direct use of the low-level generic
-.Vt X509_ATTRIBUTE
-type in specific data types like certification requests or private
-key information looks like a layering violation and appears to put
-type safety into jeopardy.

diff --git a/src/lib/libcrypto/man/X509_ATTRIBUTE_new.3 b/src/lib/libcrypto/man/X509_ATTRIBUTE_new.3 deleted file mode 100644 index cc2b27d4c0..0000000000 --- a/src/lib/libcrypto/man/X509_ATTRIBUTE_new.3 +++ /dev/null
@@ -1,180 +0,0 @@
1	.\" $OpenBSD: X509_ATTRIBUTE_new.3,v 1.18 2024/09/02 07:57:27 tb Exp $
2	.\"
3	.\" Copyright (c) 2016, 2021 Ingo Schwarze <schwarze@openbsd.org>
4	.\"
5	.\" Permission to use, copy, modify, and distribute this software for any
6	.\" purpose with or without fee is hereby granted, provided that the above
7	.\" copyright notice and this permission notice appear in all copies.
8	.\"
9	.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10	.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11	.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12	.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13	.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14	.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15	.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16	.\"
17	.Dd $Mdocdate: September 2 2024 $
18	.Dt X509_ATTRIBUTE_NEW 3
19	.Os
20	.Sh NAME
21	.Nm X509_ATTRIBUTE_new ,
22	.Nm X509_ATTRIBUTE_create ,
23	.Nm X509_ATTRIBUTE_dup ,
24	.Nm X509_ATTRIBUTE_free
25	.\" In the following line, "X.501" and "Attribute" are not typos.
26	.\" The "Attribute" type is defined in X.501, not in X.509.
27	.\" The type is called "Attribute" with capital "A", not "attribute".
28	.Nd generic X.501 Attribute
29	.Sh SYNOPSIS
30	.In openssl/x509.h
31	.Ft X509_ATTRIBUTE *
32	.Fn X509_ATTRIBUTE_new void
33	.Ft X509_ATTRIBUTE *
34	.Fn X509_ATTRIBUTE_create "int nid" "int type" "void *value"
35	.Ft X509_ATTRIBUTE *
36	.Fn X509_ATTRIBUTE_dup "X509_ATTRIBUTE *attr"
37	.Ft void
38	.Fn X509_ATTRIBUTE_free "X509_ATTRIBUTE *attr"
39	.Sh DESCRIPTION
40	In the X.501 standard, an
41	.Vt Attribute
42	is the fundamental ASN.1 data type used to represent any kind of
43	property of any kind of directory entry.
44	In OpenSSL, very few objects use it directly, most notably the
45	.Vt X509_REQ_INFO
46	object used for PKCS#10 certification requests described in
47	.Xr X509_REQ_new 3 ,
48	the
49	.Vt PKCS8_PRIV_KEY_INFO
50	object used for PKCS#8 private key information described in
51	.Xr PKCS8_PRIV_KEY_INFO_new 3 ,
52	and the
53	.Vt PKCS12_SAFEBAG
54	container object described in
55	.Xr PKCS12_SAFEBAG_new 3 .
56	.Pp
57	.Fn X509_ATTRIBUTE_new
58	allocates and initializes an empty
59	.Vt X509_ATTRIBUTE
60	object.
61	.Pp
62	.Fn X509_ATTRIBUTE_create
63	allocates a new multi-valued
64	.Vt X509_ATTRIBUTE
65	object of the type
66	.Fa nid
67	and initializes its set of values
68	to contain one new ASN.1 ANY object with the given
69	.Fa value
70	and
71	.Fa type .
72	The
73	.Fa type
74	usually is one of the
75	.Dv V_ASN1_*
76	constants defined in
77	.In openssl/asn1.h ;
78	it is stored without validating it.
79	If the function succeeds, ownership of the
80	.Fa value
81	is transferred to the new
82	.Vt X509_ATTRIBUTE
83	object.
84	.Pp
85	Be careful to not confuse the type of the attribute
86	and the type of the value.
87	.Pp
88	.Fn X509_ATTRIBUTE_dup
89	creates a deep copy of
90	.Fa attr .
91	.Pp
92	.Fn X509_ATTRIBUTE_free
93	frees
94	.Fa attr .
95	.Sh RETURN VALUES
96	.Fn X509_ATTRIBUTE_new ,
97	.Fn X509_ATTRIBUTE_create ,
98	and
99	.Fn X509_ATTRIBUTE_dup
100	return the new
101	.Vt X509_ATTRIBUTE
102	object or
103	.Dv NULL
104	if an error occurs.
105	.Pp
106	In particular, these functions fail if memory allocation fails.
107	.Fn X509_ATTRIBUTE_create
108	also fails if
109	.Xr OBJ_nid2obj 3
110	fails on
111	.Fa nid .
112	.Sh SEE ALSO
113	.Xr d2i_X509_ATTRIBUTE 3 ,
114	.Xr OBJ_nid2obj 3 ,
115	.Xr PKCS12_SAFEBAG_new 3 ,
116	.Xr PKCS7_add_attribute 3 ,
117	.Xr PKCS8_pkey_get0_attrs 3 ,
118	.Xr PKCS8_PRIV_KEY_INFO_new 3 ,
119	.Xr X509_ATTRIBUTE_get0_object 3 ,
120	.Xr X509_ATTRIBUTE_set1_object 3 ,
121	.Xr X509_EXTENSION_new 3 ,
122	.Xr X509_new 3 ,
123	.Xr X509_REQ_add1_attr 3 ,
124	.Xr X509_REQ_new 3
125	.Sh STANDARDS
126	.Bl -ohang
127	.It Xo
128	For the general definition of the
129	.Vt Attribute
130	data type:
131	.Xc
132	ITU-T Recommendation X.501, also known as ISO/IEC 9594-2:
133	Information Technology \(en Open Systems Interconnection \(en
134	The Directory: Models, section 8.2: Overall structure
135	.It For the specific definition in the context of certification requests:
136	RFC 2986: PKCS #10: Certification Request Syntax Specification,
137	section 4.1: CertificationRequestInfo
138	.It For the specific use in the context of private key information:
139	RFC 5208: Public-Key Cryptography Standards (PKCS) #8:
140	Private-Key Information Syntax Specification
141	.It For the specific definition in the context of PFX:
142	RFC 7292: PKCS #12: Personal Information Exchange Syntax,
143	section 4.2: The SafeBag Type
144	.El
145	.Sh HISTORY
146	.Fn X509_ATTRIBUTE_new
147	and
148	.Fn X509_ATTRIBUTE_free
149	first appeared in SSLeay 0.5.1 and have been available since
150	.Ox 2.4 .
151	.Pp
152	.Fn X509_ATTRIBUTE_create
153	and
154	.Fn X509_ATTRIBUTE_dup
155	first appeared in SSLeay 0.9.1 and have been available since
156	.Ox 2.6 .
157	.Sh BUGS
158	A data type designed to hold arbitrary data is an oxymoron.
159	.Pp
160	While it may occasionally be useful for abstract syntax specification
161	or for generic container objects, using it for the representation
162	of specific data in a specific data structure feels like dubious
163	design.
164	.Pp
165	Having two distinct data types to hold arbitrary data \(en
166	in this case,
167	.Vt X509_ATTRIBUTE
168	on the X.501 language level and
169	.Vt X509_EXTENSION
170	as described in
171	.Xr X509_EXTENSION_new 3
172	on the X.509 language level \(en feels even more questionable,
173	in particular considering that Attributes in certification requests
174	can be used to ask for Extensions in certificates.
175	.Pp
176	At the very least, the direct use of the low-level generic
177	.Vt X509_ATTRIBUTE
178	type in specific data types like certification requests or private
179	key information looks like a layering violation and appears to put
180	type safety into jeopardy.