1 files changed, 98 insertions, 5 deletions
diff --git a/src/lib/libcrypto/man/d2i_X509.3 b/src/lib/libcrypto/man/d2i_X509.3
index 1b716d2fbb..1ade0a42a8 100644
--- a/src/lib/libcrypto/man/d2i_X509.3
+++ b/src/lib/libcrypto/man/d2i_X509.3
@@ -1,7 +1,24 @@
-.\"     $OpenBSD: d2i_X509.3,v 1.5 2016/12/28 03:35:32 schwarze Exp $
+.\"     $OpenBSD: d2i_X509.3,v 1.6 2016/12/28 03:56:35 schwarze Exp $
 .\"     OpenSSL 94480b57 Sep 12 23:34:41 2009 +0000
 .\"
-.\" This file was written by Dr. Stephen Henson <steve@openssl.org>.
+.\" This file is a derived work.
+.\" The changes are covered by the following Copyright and license:
+.\"
+.\" Copyright (c) 2016 Ingo Schwarze <schwarze@openbsd.org>
+.\"
+.\" Permission to use, copy, modify, and distribute this software for any
+.\" purpose with or without fee is hereby granted, provided that the above
+.\" copyright notice and this permission notice appear in all copies.
+.\"
+.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+.\"
+.\" The original file was written by Dr. Stephen Henson <steve@openssl.org>.
 .\" Copyright (c) 2002, 2003, 2005, 2009, 2016 The OpenSSL Project.
 .\" All rights reserved.
 .\"
@@ -60,7 +77,13 @@
 .Nm i2d_X509_bio ,
 .Nm i2d_X509_fp ,
 .Nm d2i_X509_AUX ,
-.Nm i2d_X509_AUX
+.Nm i2d_X509_AUX ,
+.Nm d2i_X509_CERT_AUX ,
+.Nm i2d_X509_CERT_AUX ,
+.Nm d2i_X509_CINF ,
+.Nm i2d_X509_CINF ,
+.Nm d2i_X509_VAL ,
+.Nm i2d_X509_VAL
 .Nd decode and encode X.509 certificates
 .Sh SYNOPSIS
 .In openssl/x509.h
@@ -106,6 +129,39 @@
 .Fa "X509 *val_in"
 .Fa "unsigned char **der_out"
 .Fc
+.Ft X509_CERT_AUX *
+.Fo d2i_X509_CERT_AUX
+.Fa "X509_CERT_AUX **val_out"
+.Fa "const unsigned char **der_in"
+.Fa "long length"
+.Fc
+.Ft int
+.Fo i2d_X509_CERT_AUX
+.Fa "X509_CERT_AUX *val_in"
+.Fa "unsigned char **der_out"
+.Fc
+.Ft X509_CINF *
+.Fo d2i_X509_CINF
+.Fa "X509_CINF **val_out"
+.Fa "const unsigned char **der_in"
+.Fa "long length"
+.Fc
+.Ft int
+.Fo i2d_X509_CINF
+.Fa "X509_CINF *val_in"
+.Fa "unsigned char **der_out"
+.Fc
+.Ft X509_VAL *
+.Fo d2i_X509_VAL
+.Fa "X509_VAL **val_out"
+.Fa "const unsigned char **der_in"
+.Fa "long length"
+.Fc
+.Ft int
+.Fo i2d_X509_VAL
+.Fa "X509_VAL *val_in"
+.Fa "unsigned char **der_out"
+.Fc
 .Sh DESCRIPTION
 These functions decode and encode X.509 certificates
 and some of their substructures.
@@ -145,6 +201,26 @@ but the encoded output contains both the certificate and any auxiliary
 trust information.
 This is used by the PEM routines to write TRUSTED CERTIFICATE objects.
 Note that this is a non-standard OpenSSL-specific data format.
+.Pp
+.Fn d2i_X509_CERT_AUX
+and
+.Fn i2d_X509_CERT_AUX
+decode and encode optional non-standard auxiliary data appended to
+a certificate, for example friendly alias names and trust data.
+.Pp
+.Fn d2i_X509_CINF
+and
+.Fn i2d_X509_CINF
+decode and encode an ASN.1
+.Vt TBSCertificate
+structure defined in RFC 5280 section 4.1.
+.Pp
+.Fn d2i_X509_VAL
+and
+.Fn i2d_X509_VAL
+decode and encode an ASN.1
+.Vt Validity
+structure defined in RFC 5280 section 4.1.
 .Sh RETURN VALUES
 .Fn d2i_X509 ,
 .Fn d2i_X509_bio ,
@@ -157,9 +233,25 @@ structure or
 .Dv NULL
 if an error occurs.
 .Pp
-.Fn i2d_X509
+.Fn d2i_X509_CERT_AUX ,
+.Fn d2i_X509_CINF ,
 and
-.Fn i2d_X509_AUX
+.Fn d2i_X509_VAL
+return an
+.Vt X509_CERT_AUX ,
+.Vt X509_CINF ,
+or
+.Vt X509_VAL
+object, respectively, or
+.Dv NULL
+if an error occurs.
+.Pp
+.Fn i2d_X509 ,
+.Fn i2d_X509_AUX ,
+.Fn i2d_X509_CERT_AUX ,
+.Fn i2d_X509_CINF ,
+and
+.Fn i2d_X509_VAL
 return the number of bytes successfully encoded or a negative value
 if an error occurs.
 .Pp
@@ -172,6 +264,7 @@ For all functions, the error code can be obtained by
 .Xr ERR_get_error 3 .
 .Sh SEE ALSO
 .Xr ASN1_item_d2i 3 ,
+.Xr X509_CINF_new 3 ,
 .Xr X509_new 3
 .Sh STANDARDS
 RFC 5280: Internet X.509 Public Key Infrastructure Certificate and

diff --git a/src/lib/libcrypto/man/d2i_X509.3 b/src/lib/libcrypto/man/d2i_X509.3 index 1b716d2fbb..1ade0a42a8 100644 --- a/src/lib/libcrypto/man/d2i_X509.3 +++ b/src/lib/libcrypto/man/d2i_X509.3
@@ -1,7 +1,24 @@
1	.\" $OpenBSD: d2i_X509.3,v 1.5 2016/12/28 03:35:32 schwarze Exp $	1	.\" $OpenBSD: d2i_X509.3,v 1.6 2016/12/28 03:56:35 schwarze Exp $
2	.\" OpenSSL 94480b57 Sep 12 23:34:41 2009 +0000	2	.\" OpenSSL 94480b57 Sep 12 23:34:41 2009 +0000
3	.\"	3	.\"
4	.\" This file was written by Dr. Stephen Henson <steve@openssl.org>.	4	.\" This file is a derived work.
		5	.\" The changes are covered by the following Copyright and license:
		6	.\"
		7	.\" Copyright (c) 2016 Ingo Schwarze <schwarze@openbsd.org>
		8	.\"
		9	.\" Permission to use, copy, modify, and distribute this software for any
		10	.\" purpose with or without fee is hereby granted, provided that the above
		11	.\" copyright notice and this permission notice appear in all copies.
		12	.\"
		13	.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
		14	.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
		15	.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
		16	.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
		17	.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
		18	.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
		19	.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
		20	.\"
		21	.\" The original file was written by Dr. Stephen Henson <steve@openssl.org>.
5	.\" Copyright (c) 2002, 2003, 2005, 2009, 2016 The OpenSSL Project.	22	.\" Copyright (c) 2002, 2003, 2005, 2009, 2016 The OpenSSL Project.
6	.\" All rights reserved.	23	.\" All rights reserved.
7	.\"	24	.\"
@@ -60,7 +77,13 @@
60	.Nm i2d_X509_bio ,	77	.Nm i2d_X509_bio ,
61	.Nm i2d_X509_fp ,	78	.Nm i2d_X509_fp ,
62	.Nm d2i_X509_AUX ,	79	.Nm d2i_X509_AUX ,
63	.Nm i2d_X509_AUX	80	.Nm i2d_X509_AUX ,
		81	.Nm d2i_X509_CERT_AUX ,
		82	.Nm i2d_X509_CERT_AUX ,
		83	.Nm d2i_X509_CINF ,
		84	.Nm i2d_X509_CINF ,
		85	.Nm d2i_X509_VAL ,
		86	.Nm i2d_X509_VAL
64	.Nd decode and encode X.509 certificates	87	.Nd decode and encode X.509 certificates
65	.Sh SYNOPSIS	88	.Sh SYNOPSIS
66	.In openssl/x509.h	89	.In openssl/x509.h
@@ -106,6 +129,39 @@
106	.Fa "X509 *val_in"	129	.Fa "X509 *val_in"
107	.Fa "unsigned char **der_out"	130	.Fa "unsigned char **der_out"
108	.Fc	131	.Fc
		132	.Ft X509_CERT_AUX *
		133	.Fo d2i_X509_CERT_AUX
		134	.Fa "X509_CERT_AUX **val_out"
		135	.Fa "const unsigned char **der_in"
		136	.Fa "long length"
		137	.Fc
		138	.Ft int
		139	.Fo i2d_X509_CERT_AUX
		140	.Fa "X509_CERT_AUX *val_in"
		141	.Fa "unsigned char **der_out"
		142	.Fc
		143	.Ft X509_CINF *
		144	.Fo d2i_X509_CINF
		145	.Fa "X509_CINF **val_out"
		146	.Fa "const unsigned char **der_in"
		147	.Fa "long length"
		148	.Fc
		149	.Ft int
		150	.Fo i2d_X509_CINF
		151	.Fa "X509_CINF *val_in"
		152	.Fa "unsigned char **der_out"
		153	.Fc
		154	.Ft X509_VAL *
		155	.Fo d2i_X509_VAL
		156	.Fa "X509_VAL **val_out"
		157	.Fa "const unsigned char **der_in"
		158	.Fa "long length"
		159	.Fc
		160	.Ft int
		161	.Fo i2d_X509_VAL
		162	.Fa "X509_VAL *val_in"
		163	.Fa "unsigned char **der_out"
		164	.Fc
109	.Sh DESCRIPTION	165	.Sh DESCRIPTION
110	These functions decode and encode X.509 certificates	166	These functions decode and encode X.509 certificates
111	and some of their substructures.	167	and some of their substructures.
@@ -145,6 +201,26 @@ but the encoded output contains both the certificate and any auxiliary
145	trust information.	201	trust information.
146	This is used by the PEM routines to write TRUSTED CERTIFICATE objects.	202	This is used by the PEM routines to write TRUSTED CERTIFICATE objects.
147	Note that this is a non-standard OpenSSL-specific data format.	203	Note that this is a non-standard OpenSSL-specific data format.
		204	.Pp
		205	.Fn d2i_X509_CERT_AUX
		206	and
		207	.Fn i2d_X509_CERT_AUX
		208	decode and encode optional non-standard auxiliary data appended to
		209	a certificate, for example friendly alias names and trust data.
		210	.Pp
		211	.Fn d2i_X509_CINF
		212	and
		213	.Fn i2d_X509_CINF
		214	decode and encode an ASN.1
		215	.Vt TBSCertificate
		216	structure defined in RFC 5280 section 4.1.
		217	.Pp
		218	.Fn d2i_X509_VAL
		219	and
		220	.Fn i2d_X509_VAL
		221	decode and encode an ASN.1
		222	.Vt Validity
		223	structure defined in RFC 5280 section 4.1.
148	.Sh RETURN VALUES	224	.Sh RETURN VALUES
149	.Fn d2i_X509 ,	225	.Fn d2i_X509 ,
150	.Fn d2i_X509_bio ,	226	.Fn d2i_X509_bio ,
@@ -157,9 +233,25 @@ structure or
157	.Dv NULL	233	.Dv NULL
158	if an error occurs.	234	if an error occurs.
159	.Pp	235	.Pp
160	.Fn i2d_X509	236	.Fn d2i_X509_CERT_AUX ,
		237	.Fn d2i_X509_CINF ,
161	and	238	and
162	.Fn i2d_X509_AUX	239	.Fn d2i_X509_VAL
		240	return an
		241	.Vt X509_CERT_AUX ,
		242	.Vt X509_CINF ,
		243	or
		244	.Vt X509_VAL
		245	object, respectively, or
		246	.Dv NULL
		247	if an error occurs.
		248	.Pp
		249	.Fn i2d_X509 ,
		250	.Fn i2d_X509_AUX ,
		251	.Fn i2d_X509_CERT_AUX ,
		252	.Fn i2d_X509_CINF ,
		253	and
		254	.Fn i2d_X509_VAL
163	return the number of bytes successfully encoded or a negative value	255	return the number of bytes successfully encoded or a negative value
164	if an error occurs.	256	if an error occurs.
165	.Pp	257	.Pp
@@ -172,6 +264,7 @@ For all functions, the error code can be obtained by
172	.Xr ERR_get_error 3 .	264	.Xr ERR_get_error 3 .
173	.Sh SEE ALSO	265	.Sh SEE ALSO
174	.Xr ASN1_item_d2i 3 ,	266	.Xr ASN1_item_d2i 3 ,
		267	.Xr X509_CINF_new 3 ,
175	.Xr X509_new 3	268	.Xr X509_new 3
176	.Sh STANDARDS	269	.Sh STANDARDS
177	RFC 5280: Internet X.509 Public Key Infrastructure Certificate and	270	RFC 5280: Internet X.509 Public Key Infrastructure Certificate and