| Commit message (Collapse) | Author | Files | Lines |
|---|
|
Use the same parameter names as in ASN1_item_d2i(3).
Point to ASN1_item_d2i(3) for details.
Delete lots of rendundant text.
While here, add ten missing functions found in OpenSSL doc/man3/d2i_X509.pod
and fix errors in the prototypes of i2d_ECPKParameters_bio(3)
and i2d_ECPKParameters_fp(3).
|
|
Add STANDARDS references.
Add cross references to manual pages documenting conversion functions
that are used by the functions documented here.
Mark up the names of custom ASN.1 datatypes that are defined in
standards with .Vt, allowing to search for them.
Do not mark up basic ASN.1 data types. They stand out by being ALL
CAPS anyway, and searching for them would be pointless.
|
|
- add four missing functions found in OpenSSL doc/man3/d2i_X509.pod
- simplify .Nd
- drop needless extra include line
- use the same parameter names as in ASN1_item_d2i(3)
- point to ASN1_item_d2i(3) for details
- sort the text and simplify the wording
More work is needed on STANDARDS references.
|
|
ASN1_item_d2i(3) manual page from it. Enough text remains to keep
Stephen Henson's Copyright.
The eight functions documented in this new page are listed in
<openssl/asn1.h> and in Symbols.list, so they are public even though
OpenSSL does not document them. They are very important because
hundreds of documented, much-used public interface functions are
trivial wrappers around them, sharing their complicated semantics
and their copious CAVEATS and BUGS.
The plan is for the many pages documenting the wrappers to become
very concise, to focus on the few type-dependent specifics, and to
point to this new page for the details of the semantics, for the
CAVEATS, and for the BUGS.
While here, write a companion page ASN1_item_new(3) from scratch.
The user interface described in that page scares the hell out of
me, and i think people writing code to handle ASN.1 ought to be
aware of that dangerous user interface design, or they will sooner
or later get trapped.
|
|
|
|
|
|
are listed in <openssl/x509v3.h> and in OpenSSL doc/man3/X509_dup.pod.
OpenSSL documentation specifies the wrong header file.
I consider the quotation from
http://www-03.ibm.com/security/library/wp_pki0730.shtml
fair use because
(1) it is a very brief extract from a long text,
(2) no other source of information is available,
(3) it is quoted for the purpose of education and research,
(4) republishing happens in a not-for-profit context.
I'm not including the URI into the manual page because large corporate
websites are notorious for changing URIs during each spring cleaning.
|
|
documenting the dubious RFC 3280 PrivateKeyUsagePeriod extension.
Both functions are listed in <openssl/x509v3.h>
and in OpenSSL doc/man3/X509_dup.pod.
OpenSSL documentation specifies the wrong header file.
|
|
ok jca@
|
|
These four functions are listed in <openssl/x509v3.h>
and in OpenSSL doc/man3/X509_dup.pod.
OpenSSL documentation specifies the wrong header file.
|
|
All four functions are listed in <openssl/x509v3.h>
and in OpenSSL doc/man3/X509_dup.pod.
OpenSSL documentation specifies the wrong header file.
|
|
Both functions are listed in <openssl/x509v3.h>
and in OpenSSL doc/man3/X509_dup.pod.
OpenSSL documentation specifies the wrong header file.
|
|
i particularly like these fourteen functions, but they are all listed
in <openssl/x509v3.h> and in OpenSSL doc/man3/X509_dup.pod.
OpenSSL documentation specifies the wrong header file.
|
|
These functions are listed in <openssl/x509v3.h>
and in OpenSSL doc/man3/X509_dup.pod.
OpenSSL documentation specifies the wrong header file.
|
|
the important point of how to distinguish CA certificates from end
entity certificates. Both functions are listed in <openssl/x509v3.h>
and in OpenSSL doc/man3/X509_dup.pod.
OpenSSL documentation specifies the wrong header file.
|
|
All functions documented here are listed in <openssl/x509v3.h>
and in OpenSSL doc/man3/X509_dup.pod.
OpenSSL documentation specifies the wrong header file.
|
|
Both functions are listed in <openssl/x509v3.h>
and in OpenSSL doc/man3/X509_dup.pod.
OpenSSL documentation specifies the wrong header file.
|
|
Thanks to otto@ for making me aware of it.
If people know newer documents that are similarly readable and
interesting, please speak up. I hate sending people to the STANDARDS
only for more information. On the one hand, that's torture, and
on the other hand, if i read Gutmann correctly, the standards
sometimes provide bad advice, and often none at all.
|
|
Name structures weren't already complicated enough, see X509_NAME_new(3).
All these functions are listed in <openssl/x509v3.h>
and in OpenSSL doc/man3/X509_dup.pod.
OpenSSL documentation specifies the wrong header file.
|
|
|
|
reported by @rhenium on GitHub
ok jsing@
|
|
scratch. All these functions are listed in <openssl/pkcs12.h> and
in OpenSSL doc/man3/X509_dup.pod. As usual, OpenSSL documentation
specifies the wrong header file.
Note that PKCS#12 documentation is still scanty at best.
For example, out of 19 public functions handling PKCS12 objects,
five are now documented, and this commit documents the first two
out of 24 public functions handling PKCS12_SAFEBAG objects.
|
|
|
|
listed in <openssl/x509.h> and in OpenSSL doc/man3/X509_dup.pod.
OpenSSL documentation specifies the wrong header file.
|
|
|
|
into X509_new(3). Add information about STANDARDS.
|
|
The functions documented there are no longer public.
|
|
Both functions are listed in <openssl/x509.h>
and in OpenSSL doc/man3/X509_dup.pod.
Note that OpenSSL documentation specifies the wrong header file.
|
|
buffer overreads
helpful nitpicking and ok tb@ miod@
|
|
not really being used.
ok beck.
|
|
|
|
changes to libssl non-opaque structs.
|
|
for future work.
Discussed with beck@
|
|
Testing of an earlier revision by naddy@.
ok beck@
|
|
|
|
Move the "internal" BN functions from bn.h to bn_lcl.h and stop exporting
the bn_* symbols. These are documented as only being intended for internal
use, so why they were placed in a public header is beyond me...
This hides 363 previously exported symbols, most of which exist in headers
that are not installed and were never intended to be public. This also
removes a few crusty old things that should have died long ago (like
_ossl_old_des_read_pw). But don't worry... there are still 3451 symbols
exported from the library.
With input and testing from inoguchi@.
ok beck@ inoguchi@
|
|
that were recently added but not intended to be made public at this stage.
Discussed with beck@
|
|
|
|
while we're at it.
Note for the nostalgic, since "wais" is still an alias in /etc/services
it will continue to work..
ok deraadt@ millert@ krw@
|
|
commit 0b742f93ea7882a447f6523ac56a6f847d9f8e92
Author: Finn Hakansson <finn_hakansson@yahoo.com>
Date: Thu Dec 15 12:58:19 2016 -0500
|
|
Same diff from inoguchi@
|
|
ok doug@
|
|
ok beck@
|
|
Both functions are listed in <openssl/x509.h>
and in OpenSSL doc/man3/X509_dup.pod.
OpenSSL documentation specifies the wrong header file.
The design and use of this data type feels horrific.
If you understand PKCS#8 or PKCS#10 and can explain why this was
designed as it is, your contribution to this manual page is welcome.
|
|
These four functions are listed in <openssl/x509.h>
and in OpenSSL doc/man3/X509_dup.pod.
OpenSSL documentation specifies the wrong header file.
|
|
adding appropriate #ifdef's around declarations.
ok millert@ (with a tweak I will commit separately)
|
|
|
|
X509_REVOKED_set_serialNumber(3) and X509_REVOKED_set_revocationDate(3)
into this new page. Replace irrelevant cross references with
relevant cross references to X509_CRL* pages.
|
|
are listed in <openssl/x509.h> and in OpenSSL doc/man3/X509_dup.pod.
Note that the OpenSSL documentation specifies the wrong header file.
Link to all pages dealing with X509_CRL objects.
|
|
are listed in <openssl/x509.h> and in OpenSSL doc/man3/X509_dup.pod.
Note that the OpenSSL documentation specifies the wrong header file.
|
