1 files changed, 285 insertions, 36 deletions
diff --git a/src/lib/libcrypto/man/crypto.3 b/src/lib/libcrypto/man/crypto.3
index 6e98f643de..598eb30504 100644
--- a/src/lib/libcrypto/man/crypto.3
+++ b/src/lib/libcrypto/man/crypto.3
@@ -1,7 +1,24 @@
-.\"     $OpenBSD: crypto.3,v 1.25 2020/06/24 17:00:38 schwarze Exp $
+.\"     $OpenBSD: crypto.3,v 1.26 2021/12/09 15:11:48 schwarze Exp $
 .\"     OpenSSL a9c85cea Nov 11 09:33:55 2016 +0100
 .\"
-.\" This file was written by Ulf Moeller <ulf@openssl.org> and
+.\" This file is a derived work.
+.\" The changes are covered by the following Copyright and license:
+.\"
+.\" Copyright (c) 2021 Ingo Schwarze <schwarze@openbsd.org>
+.\"
+.\" Permission to use, copy, modify, and distribute this software for any
+.\" purpose with or without fee is hereby granted, provided that the above
+.\" copyright notice and this permission notice appear in all copies.
+.\"
+.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+.\"
+.\" The original file was written by Ulf Moeller <ulf@openssl.org> and
 .\" Dr. Stephen Henson <steve@openssl.org>.
 .\" Copyright (c) 2000, 2002 The OpenSSL Project.  All rights reserved.
 .\"
@@ -49,7 +66,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: June 24 2020 $
+.Dd $Mdocdate: December 9 2021 $
 .Dt CRYPTO 3
 .Os
 .Sh NAME
@@ -139,43 +156,275 @@ include
 .Xr lh_new 3 ,
 and
 .Xr STACK_OF 3 .
+.Sh NAMING CONVENTIONS
+Elements used in the names of API functions include the following:
+.Bl -tag -width Ds
+.It add0
+See
+.Dq set0
+below.
+.It add1
+See
+.Dq set1
+below.
+.It BIO
+basic input and/or output abstraction:
+The function manipulates objects of the idiosyncratic OpenSSL
+.Vt BIO
+object type.
+See
+.Xr BIO_new 3 .
+.It bio
+The function uses a
+.Vt BIO
+object for input or output.
+In many cases, simpler variants of the function are available
+that operate directly on
+.In stdio.h
+.Vt FILE
+objects or directly in RAM, usually using byte arrays.
+.It BIO_f_
+filter BIO:
+The function returns a pointer to a static built-in object that,
+when passed to
+.Xr BIO_new 3 ,
+results in the creation of a BIO object that can write data to
+and/or read data from another
+.Vt BIO
+object.
+.It BIO_s_
+source and/or sink BIO:
+The function returns a pointer to a static built-in object that,
+when passed to
+.Xr BIO_new 3 ,
+results in the creation of a BIO object
+that can write data to an external destination
+and/or read data from an external source,
+for example a file descriptor or object, a memory buffer, or the network.
+.It BN
+big number:
+The function operates on
+.Vt BIGNUM
+objects representing integer numbers of variable, almost unlimited size.
+See
+.Xr BN_new 3 .
+.It cb
+callback:
+The function takes or returns a function pointer
+that is called by API functions from inside the library.
+The function pointed to may be defined by the application program.
+In some cases, API functions with
+.Dq cb
+in their name may return function pointers to internal functions
+defined inside the library that are not API functions.
+The element
+.Dq cb
+is also used in the names of some function pointer datatypes
+declared with
+.Sy typedef .
+In a small number of cases, the all caps form
+.Dq CB
+is used with the same meaning.
+.It CTX
+context:
+The function operates on a wrapper object around another object.
+The purposes and properties of such
+.Dq CTX
+wrapper objects vary wildly depending on the objects in question.
+A few function names use the lower case form
+.Dq ctx
+in the same sense.
+.It d2i
+DER to internal:
+The function decodes input conforming to ASN.1 basic encoding rules (BER)
+and either stores the result in an existing object
+or in a newly allocated object.
+The latter is usually preferable because
+creating a new object is more robust and less error prone.
+In spite of the name, the input usually does not need to conform to ASN.1
+distinguished encoding rules (DER), which are more restrictive than BER.
+.It EVP
+digital EnVeloPe library:
+See
+.Xr evp 3 .
+.It ex
+This name element is used for two completely unrelated purposes.
 .Pp
-Some of the newer functions follow a naming convention using the numbers
+extended version:
-.Sq 0
+The function is similar to an older function without the
-and
+.Dq ex
-.Sq 1 .
+in its name, but takes one or more additional arguments
-For example consider the names of these functions:
+in order to make it more versatile.
+In several cases, the older version is now deprecated.
 .Pp
-.Ft int
+extra data:
-.Fo X509_CRL_add0_revoked
+Some object types support storing additional, application-specific data
-.Fa "X509_CRL *crl"
+inside objects in addition to the data the object is designed to hold.
-.Fa "X509_REVOKED *rev"
+The function sets, retrieves, or prepares for using such extra data.
-.Fc
+Related function names usually contain
-.br
+.Dq ex_data
-.Ft int
+or
-.Fo X509_add1_trust_object
+.Dq ex_new_index .
-.Fa "X509 *x"
+See
-.Fa "ASN1_OBJECT *obj"
+.Xr CRYPTO_set_ex_data 3 .
-.Fc
+.It fp
+file pointer:
+The function takes a
+.Vt FILE *
+argument.
+Usually, the function is a variant of another function taking a
+.Vt BIO *
+argument instead.
+.It i2d
+internal to DER:
+The function encodes an object passed as an argument
+according to ASN.1 distinguished encoding rules (DER).
+There are a few rare excpetions of functions that have
+.Dq i2d
+in their name but produce output anyway
+that only conforms to ASN.1 basic encoding rules (BER) and not to DER.
+.It get0
+The function returns an internal pointer
+owned by the object passed as an argument.
+The returned pointer must not be freed by the calling code.
+It will be freed automatically
+when the object owning the pointer will be freed.
+.It get1
+The function returns a copy of a sub-object
+of an object passed as an argument.
+The caller is responsible for freeing the returned object
+when it is no longer needed.
 .Pp
-The
+If the object type is reference counted, usually the reference count
-.Sq 0
+is incremented instead of copying the object.
-version uses the supplied structure pointer directly in the parent and
+Consequently, modifying the returned object may still impact all
-it will be freed up when the parent is freed.
+objects containing references to it.
-In the above example
+The caller is responsible for freeing the returned object
-.Fa crl
+when it is no longer needed; for reference-counted objects still
-would be freed but
+referenced elsewhere, this will merely decrement the reference count.
-.Fa rev
+.It get
-would not.
+Functions containing
+.Dq get
+in their name without a following digit may behave in
+.Dq get0
+or, more rarely, in
+.Dq get1
+style.
+To find out which is the case, refer to the individual manual pages.
+.It lh
+linear hash:
+The function manipulates a dynamic hash table.
+See
+.Xr lh_new 3 .
+.It md
+message digest.
+Some function names use the all caps form
+.Dq MD
+in the same sense.
+.It meth
+The function manipulates an object holding a function table.
+Usually, such function tables allow the application program
+to implement additional cryptographic or I/O algorithms
+and to use them with the same high-level API functions as the
+algorithms provided by the library itself, or to replace the
+implementations of algorithms provided by the library with
+custom implementations provided by the application program.
+Some API functions use the name elements
+.Dq method
+or
+.Dq METHOD
+in the same sense.
+See also the
+.Dq cb
+entry in the present list.
+.It ndef
+indefinite length form:
+The function encodes according to ASN.1 basic encoding rules (BER)
+using the indefinite length form.
+Even if the function name also includes
+.Dq i2d ,
+the output does not conform to ASN.1 distinguished encoding rules (DER).
+See
+.Xr ASN1_item_ndef_i2d 3 .
+Some function names contain the all caps version
+.Dq NDEF
+with the same meaning.
+.It nid
+numerical identifier:
+A non-standard, LibreSSL-specific
+.Vt int
+number associated with an ASN.1 object identifier.
+In several cases, the all caps form
+.Dq NID
+is used in the same sense.
+See
+.Xr OBJ_nid2obj 3 .
+.It obj
+This name element and its all caps form
+.Dq OBJ
+usually refer to ASN.1 object identifiers represented by the
+.Vt ASN1_OBJECT
+data type.
+See
+.Xr ASN1_OBJECT_new 3 .
+.It PKEY
+In most cases, this name element and its lower case form
+.Dq pkey
+mean
+.Dq private key ,
+but for both forms, there are some cases where they mean
+.Dq public key
+instead.
+.It set0
+The function transfers ownership of a pointer passed as an argument
+to an object passed as another argument,
+by storing the pointer inside the object.
+The transferred pointer must not be freed by the calling code.
+It will be freed automatically
+when the object now owning the pointer will be freed.
+.It set1
+The function copies the content of one object passed as an argument
+into another object also passed as an argument.
+When the calling code no longer needs the copied object,
+it can free that object.
 .Pp
-The
+In some cases, if the object to be copied is reference counted,
-.Sq 1
+the function does not actually copy the object but merely increments
-function uses a copy of the supplied structure pointer (or in some cases
+its reference count and stores the pointer to it in the other object.
-increases its link count) in the parent and so both
+When the calling code no longer needs its original pointer to
-.Pf ( Fa x
+the now inner object, it can free the original pointer, thus
-and
+decrementing the reference count of the inner object
-.Fa obj
+and transferring ownership of the inner object to the outer object.
-above) should be freed up.
+The inner object will then be freed automatically
+when the outer object is freed later on.
+.It set
+Functions containing
+.Dq set
+in their name without a following digit may behave in
+.Dq set0
+or, more rarely, in
+.Dq set1
+style.
+To find out which is the case, refer to the individual manual pages.
+.It sk
+stack:
+The function manipulates a variable-sized array of pointers
+in the idiosyncratic style described in
+.Xr OPENSSL_sk_new 3 .
+.It TS
+X.509 time-stamp protocol:
+See
+.Xr TS_REQ_new 3 .
+.It up_ref
+The function increments the reference count of the argument by one.
+Only a minority of object types support reference counting.
+For those that do, if the reference count is greater than one,
+the corresponding
+.Dq free
+function reverses the effect of one call to the
+.Dq up_ref
+function rather than freeing the object.
+.El
 .Sh SEE ALSO
 .Xr openssl 1 ,
 .Xr ssl 3

diff --git a/src/lib/libcrypto/man/crypto.3 b/src/lib/libcrypto/man/crypto.3 index 6e98f643de..598eb30504 100644 --- a/src/lib/libcrypto/man/crypto.3 +++ b/src/lib/libcrypto/man/crypto.3
@@ -1,7 +1,24 @@
1	.\" $OpenBSD: crypto.3,v 1.25 2020/06/24 17:00:38 schwarze Exp $	1	.\" $OpenBSD: crypto.3,v 1.26 2021/12/09 15:11:48 schwarze Exp $
2	.\" OpenSSL a9c85cea Nov 11 09:33:55 2016 +0100	2	.\" OpenSSL a9c85cea Nov 11 09:33:55 2016 +0100
3	.\"	3	.\"
4	.\" This file was written by Ulf Moeller <ulf@openssl.org> and	4	.\" This file is a derived work.
		5	.\" The changes are covered by the following Copyright and license:
		6	.\"
		7	.\" Copyright (c) 2021 Ingo Schwarze <schwarze@openbsd.org>
		8	.\"
		9	.\" Permission to use, copy, modify, and distribute this software for any
		10	.\" purpose with or without fee is hereby granted, provided that the above
		11	.\" copyright notice and this permission notice appear in all copies.
		12	.\"
		13	.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
		14	.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
		15	.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
		16	.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
		17	.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
		18	.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
		19	.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
		20	.\"
		21	.\" The original file was written by Ulf Moeller <ulf@openssl.org> and
5	.\" Dr. Stephen Henson <steve@openssl.org>.	22	.\" Dr. Stephen Henson <steve@openssl.org>.
6	.\" Copyright (c) 2000, 2002 The OpenSSL Project. All rights reserved.	23	.\" Copyright (c) 2000, 2002 The OpenSSL Project. All rights reserved.
7	.\"	24	.\"
@@ -49,7 +66,7 @@
49	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED	66	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50	.\" OF THE POSSIBILITY OF SUCH DAMAGE.	67	.\" OF THE POSSIBILITY OF SUCH DAMAGE.
51	.\"	68	.\"
52	.Dd $Mdocdate: June 24 2020 $	69	.Dd $Mdocdate: December 9 2021 $
53	.Dt CRYPTO 3	70	.Dt CRYPTO 3
54	.Os	71	.Os
55	.Sh NAME	72	.Sh NAME
@@ -139,43 +156,275 @@ include
139	.Xr lh_new 3 ,	156	.Xr lh_new 3 ,
140	and	157	and
141	.Xr STACK_OF 3 .	158	.Xr STACK_OF 3 .
		159	.Sh NAMING CONVENTIONS
		160	Elements used in the names of API functions include the following:
		161	.Bl -tag -width Ds
		162	.It add0
		163	See
		164	.Dq set0
		165	below.
		166	.It add1
		167	See
		168	.Dq set1
		169	below.
		170	.It BIO
		171	basic input and/or output abstraction:
		172	The function manipulates objects of the idiosyncratic OpenSSL
		173	.Vt BIO
		174	object type.
		175	See
		176	.Xr BIO_new 3 .
		177	.It bio
		178	The function uses a
		179	.Vt BIO
		180	object for input or output.
		181	In many cases, simpler variants of the function are available
		182	that operate directly on
		183	.In stdio.h
		184	.Vt FILE
		185	objects or directly in RAM, usually using byte arrays.
		186	.It BIO_f_
		187	filter BIO:
		188	The function returns a pointer to a static built-in object that,
		189	when passed to
		190	.Xr BIO_new 3 ,
		191	results in the creation of a BIO object that can write data to
		192	and/or read data from another
		193	.Vt BIO
		194	object.
		195	.It BIO_s_
		196	source and/or sink BIO:
		197	The function returns a pointer to a static built-in object that,
		198	when passed to
		199	.Xr BIO_new 3 ,
		200	results in the creation of a BIO object
		201	that can write data to an external destination
		202	and/or read data from an external source,
		203	for example a file descriptor or object, a memory buffer, or the network.
		204	.It BN
		205	big number:
		206	The function operates on
		207	.Vt BIGNUM
		208	objects representing integer numbers of variable, almost unlimited size.
		209	See
		210	.Xr BN_new 3 .
		211	.It cb
		212	callback:
		213	The function takes or returns a function pointer
		214	that is called by API functions from inside the library.
		215	The function pointed to may be defined by the application program.
		216	In some cases, API functions with
		217	.Dq cb
		218	in their name may return function pointers to internal functions
		219	defined inside the library that are not API functions.
		220	The element
		221	.Dq cb
		222	is also used in the names of some function pointer datatypes
		223	declared with
		224	.Sy typedef .
		225	In a small number of cases, the all caps form
		226	.Dq CB
		227	is used with the same meaning.
		228	.It CTX
		229	context:
		230	The function operates on a wrapper object around another object.
		231	The purposes and properties of such
		232	.Dq CTX
		233	wrapper objects vary wildly depending on the objects in question.
		234	A few function names use the lower case form
		235	.Dq ctx
		236	in the same sense.
		237	.It d2i
		238	DER to internal:
		239	The function decodes input conforming to ASN.1 basic encoding rules (BER)
		240	and either stores the result in an existing object
		241	or in a newly allocated object.
		242	The latter is usually preferable because
		243	creating a new object is more robust and less error prone.
		244	In spite of the name, the input usually does not need to conform to ASN.1
		245	distinguished encoding rules (DER), which are more restrictive than BER.
		246	.It EVP
		247	digital EnVeloPe library:
		248	See
		249	.Xr evp 3 .
		250	.It ex
		251	This name element is used for two completely unrelated purposes.
142	.Pp	252	.Pp
143	Some of the newer functions follow a naming convention using the numbers	253	extended version:
144	.Sq 0	254	The function is similar to an older function without the
145	and	255	.Dq ex
146	.Sq 1 .	256	in its name, but takes one or more additional arguments
147	For example consider the names of these functions:	257	in order to make it more versatile.
		258	In several cases, the older version is now deprecated.
148	.Pp	259	.Pp
149	.Ft int	260	extra data:
150	.Fo X509_CRL_add0_revoked	261	Some object types support storing additional, application-specific data
151	.Fa "X509_CRL *crl"	262	inside objects in addition to the data the object is designed to hold.
152	.Fa "X509_REVOKED *rev"	263	The function sets, retrieves, or prepares for using such extra data.
153	.Fc	264	Related function names usually contain
154	.br	265	.Dq ex_data
155	.Ft int	266	or
156	.Fo X509_add1_trust_object	267	.Dq ex_new_index .
157	.Fa "X509 *x"	268	See
158	.Fa "ASN1_OBJECT *obj"	269	.Xr CRYPTO_set_ex_data 3 .
159	.Fc	270	.It fp
		271	file pointer:
		272	The function takes a
		273	.Vt FILE *
		274	argument.
		275	Usually, the function is a variant of another function taking a
		276	.Vt BIO *
		277	argument instead.
		278	.It i2d
		279	internal to DER:
		280	The function encodes an object passed as an argument
		281	according to ASN.1 distinguished encoding rules (DER).
		282	There are a few rare excpetions of functions that have
		283	.Dq i2d
		284	in their name but produce output anyway
		285	that only conforms to ASN.1 basic encoding rules (BER) and not to DER.
		286	.It get0
		287	The function returns an internal pointer
		288	owned by the object passed as an argument.
		289	The returned pointer must not be freed by the calling code.
		290	It will be freed automatically
		291	when the object owning the pointer will be freed.
		292	.It get1
		293	The function returns a copy of a sub-object
		294	of an object passed as an argument.
		295	The caller is responsible for freeing the returned object
		296	when it is no longer needed.
160	.Pp	297	.Pp
161	The	298	If the object type is reference counted, usually the reference count
162	.Sq 0	299	is incremented instead of copying the object.
163	version uses the supplied structure pointer directly in the parent and	300	Consequently, modifying the returned object may still impact all
164	it will be freed up when the parent is freed.	301	objects containing references to it.
165	In the above example	302	The caller is responsible for freeing the returned object
166	.Fa crl	303	when it is no longer needed; for reference-counted objects still
167	would be freed but	304	referenced elsewhere, this will merely decrement the reference count.
168	.Fa rev	305	.It get
169	would not.	306	Functions containing
		307	.Dq get
		308	in their name without a following digit may behave in
		309	.Dq get0
		310	or, more rarely, in
		311	.Dq get1
		312	style.
		313	To find out which is the case, refer to the individual manual pages.
		314	.It lh
		315	linear hash:
		316	The function manipulates a dynamic hash table.
		317	See
		318	.Xr lh_new 3 .
		319	.It md
		320	message digest.
		321	Some function names use the all caps form
		322	.Dq MD
		323	in the same sense.
		324	.It meth
		325	The function manipulates an object holding a function table.
		326	Usually, such function tables allow the application program
		327	to implement additional cryptographic or I/O algorithms
		328	and to use them with the same high-level API functions as the
		329	algorithms provided by the library itself, or to replace the
		330	implementations of algorithms provided by the library with
		331	custom implementations provided by the application program.
		332	Some API functions use the name elements
		333	.Dq method
		334	or
		335	.Dq METHOD
		336	in the same sense.
		337	See also the
		338	.Dq cb
		339	entry in the present list.
		340	.It ndef
		341	indefinite length form:
		342	The function encodes according to ASN.1 basic encoding rules (BER)
		343	using the indefinite length form.
		344	Even if the function name also includes
		345	.Dq i2d ,
		346	the output does not conform to ASN.1 distinguished encoding rules (DER).
		347	See
		348	.Xr ASN1_item_ndef_i2d 3 .
		349	Some function names contain the all caps version
		350	.Dq NDEF
		351	with the same meaning.
		352	.It nid
		353	numerical identifier:
		354	A non-standard, LibreSSL-specific
		355	.Vt int
		356	number associated with an ASN.1 object identifier.
		357	In several cases, the all caps form
		358	.Dq NID
		359	is used in the same sense.
		360	See
		361	.Xr OBJ_nid2obj 3 .
		362	.It obj
		363	This name element and its all caps form
		364	.Dq OBJ
		365	usually refer to ASN.1 object identifiers represented by the
		366	.Vt ASN1_OBJECT
		367	data type.
		368	See
		369	.Xr ASN1_OBJECT_new 3 .
		370	.It PKEY
		371	In most cases, this name element and its lower case form
		372	.Dq pkey
		373	mean
		374	.Dq private key ,
		375	but for both forms, there are some cases where they mean
		376	.Dq public key
		377	instead.
		378	.It set0
		379	The function transfers ownership of a pointer passed as an argument
		380	to an object passed as another argument,
		381	by storing the pointer inside the object.
		382	The transferred pointer must not be freed by the calling code.
		383	It will be freed automatically
		384	when the object now owning the pointer will be freed.
		385	.It set1
		386	The function copies the content of one object passed as an argument
		387	into another object also passed as an argument.
		388	When the calling code no longer needs the copied object,
		389	it can free that object.
170	.Pp	390	.Pp
171	The	391	In some cases, if the object to be copied is reference counted,
172	.Sq 1	392	the function does not actually copy the object but merely increments
173	function uses a copy of the supplied structure pointer (or in some cases	393	its reference count and stores the pointer to it in the other object.
174	increases its link count) in the parent and so both	394	When the calling code no longer needs its original pointer to
175	.Pf ( Fa x	395	the now inner object, it can free the original pointer, thus
176	and	396	decrementing the reference count of the inner object
177	.Fa obj	397	and transferring ownership of the inner object to the outer object.
178	above) should be freed up.	398	The inner object will then be freed automatically
		399	when the outer object is freed later on.
		400	.It set
		401	Functions containing
		402	.Dq set
		403	in their name without a following digit may behave in
		404	.Dq set0
		405	or, more rarely, in
		406	.Dq set1
		407	style.
		408	To find out which is the case, refer to the individual manual pages.
		409	.It sk
		410	stack:
		411	The function manipulates a variable-sized array of pointers
		412	in the idiosyncratic style described in
		413	.Xr OPENSSL_sk_new 3 .
		414	.It TS
		415	X.509 time-stamp protocol:
		416	See
		417	.Xr TS_REQ_new 3 .
		418	.It up_ref
		419	The function increments the reference count of the argument by one.
		420	Only a minority of object types support reference counting.
		421	For those that do, if the reference count is greater than one,
		422	the corresponding
		423	.Dq free
		424	function reverses the effect of one call to the
		425	.Dq up_ref
		426	function rather than freeing the object.
		427	.El
179	.Sh SEE ALSO	428	.Sh SEE ALSO
180	.Xr openssl 1 ,	429	.Xr openssl 1 ,
181	.Xr ssl 3	430	.Xr ssl 3