| Commit message (Collapse) | Author | Files | Lines |
|---|
|
preprocesssor output.
|
|
nothing but markers for utils/mkstack.pl... and we removed the code that
generated more macros from these markers in 2014.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
line numbering and new lines.
|
|
|
|
|
|
listed in <openssl/pkcs7.h> and OpenSSL doc/man3/d2i_X509.pod
|
|
It is already referenced by one other manual page.
All these functions are listed in <openssl/pkcs7.h>
and in OpenSSL doc/man3/d2i_X509.pod.
|
|
It is already referenced from some other manuals.
All these functions are listed in <openssl/pkcs12.h>
and in OpenSSL doc/man3/d2i_X509.pod.
|
|
found in OpenSSL doc/man3/d2i_X509.pod.
Add STANDARDS references.
|
|
|
|
Simplify one-line description.
List each function with the correct header file.
Use the same parameter names as in ASN1_item_d2i(3).
Point to ASN1_item_d2i(3) for details.
Sort the text.
Add some useful cross references.
|
|
|
|
error messages, instead of libssl error strings. This gives us messages
like:
certificate verification failed: certificate has expired
Instead of:
14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
This also lets us always enable peer verification since the no verification
case is now handled via the callback.
Tested by tedu@
ok beck@
|
|
|
|
unintentionally changed during the CBS/CBB rewrite.
Issue reported by jeremy@ due to failing ruby tests.
Analysis and near identical diff from Kazuki Yamaguchi <k at rhe.jp>.
|
|
|
|
at the end of the buffer.
Issue identified by and diff from Kazuki Yamaguchi <k at rhe.jp>.
|
|
to the end of the buffer.
|
|
related to X.509 with .Vt such that they can be searched for.
|
|
found in OpenSSL doc/man3/d2i_X509.pod.
Simplify one-line description.
Use the same parameter names as in ASN1_item_d2i(3).
Point to ASN1_item_d2i(3) for details.
Add a STANDRADS reference regarding PKCS#8 PrivateKeyInfo.
Mention d2i_PrivateKey_bio(3) and d2i_PrivateKey_fp(3)
in the DESCRIPTION and below RETURN VALUES.
Add some missing markup and tweak some wording.
Add some cross references.
|
|
Clarify requirements for o2i_ECPublicKey(3).
Add STANDARDS references for d2i_ECPrivateKey(3) and d2i_EC_PUBKEY(3).
Trim some excessive cross references that are only tangentially
related and add some more relevant ones instead.
|
|
Use the same parameter names as in ASN1_item_d2i(3).
Point to ASN1_item_d2i(3) for details.
Delete lots of rendundant text.
While here, add ten missing functions found in OpenSSL doc/man3/d2i_X509.pod
and fix errors in the prototypes of i2d_ECPKParameters_bio(3)
and i2d_ECPKParameters_fp(3).
|
|
Add STANDARDS references.
Add cross references to manual pages documenting conversion functions
that are used by the functions documented here.
Mark up the names of custom ASN.1 datatypes that are defined in
standards with .Vt, allowing to search for them.
Do not mark up basic ASN.1 data types. They stand out by being ALL
CAPS anyway, and searching for them would be pointless.
|
|
- add four missing functions found in OpenSSL doc/man3/d2i_X509.pod
- simplify .Nd
- drop needless extra include line
- use the same parameter names as in ASN1_item_d2i(3)
- point to ASN1_item_d2i(3) for details
- sort the text and simplify the wording
More work is needed on STANDARDS references.
|
|
ASN1_item_d2i(3) manual page from it. Enough text remains to keep
Stephen Henson's Copyright.
The eight functions documented in this new page are listed in
<openssl/asn1.h> and in Symbols.list, so they are public even though
OpenSSL does not document them. They are very important because
hundreds of documented, much-used public interface functions are
trivial wrappers around them, sharing their complicated semantics
and their copious CAVEATS and BUGS.
The plan is for the many pages documenting the wrappers to become
very concise, to focus on the few type-dependent specifics, and to
point to this new page for the details of the semantics, for the
CAVEATS, and for the BUGS.
While here, write a companion page ASN1_item_new(3) from scratch.
The user interface described in that page scares the hell out of
me, and i think people writing code to handle ASN.1 ought to be
aware of that dangerous user interface design, or they will sooner
or later get trapped.
|
|
|
|
|
|
are listed in <openssl/x509v3.h> and in OpenSSL doc/man3/X509_dup.pod.
OpenSSL documentation specifies the wrong header file.
I consider the quotation from
http://www-03.ibm.com/security/library/wp_pki0730.shtml
fair use because
(1) it is a very brief extract from a long text,
(2) no other source of information is available,
(3) it is quoted for the purpose of education and research,
(4) republishing happens in a not-for-profit context.
I'm not including the URI into the manual page because large corporate
websites are notorious for changing URIs during each spring cleaning.
|
|
documenting the dubious RFC 3280 PrivateKeyUsagePeriod extension.
Both functions are listed in <openssl/x509v3.h>
and in OpenSSL doc/man3/X509_dup.pod.
OpenSSL documentation specifies the wrong header file.
|
|
ok jca@
|
|
These four functions are listed in <openssl/x509v3.h>
and in OpenSSL doc/man3/X509_dup.pod.
OpenSSL documentation specifies the wrong header file.
|
|
All four functions are listed in <openssl/x509v3.h>
and in OpenSSL doc/man3/X509_dup.pod.
OpenSSL documentation specifies the wrong header file.
|
|
Both functions are listed in <openssl/x509v3.h>
and in OpenSSL doc/man3/X509_dup.pod.
OpenSSL documentation specifies the wrong header file.
|
|
i particularly like these fourteen functions, but they are all listed
in <openssl/x509v3.h> and in OpenSSL doc/man3/X509_dup.pod.
OpenSSL documentation specifies the wrong header file.
|
|
These functions are listed in <openssl/x509v3.h>
and in OpenSSL doc/man3/X509_dup.pod.
OpenSSL documentation specifies the wrong header file.
|
|
the important point of how to distinguish CA certificates from end
entity certificates. Both functions are listed in <openssl/x509v3.h>
and in OpenSSL doc/man3/X509_dup.pod.
OpenSSL documentation specifies the wrong header file.
|
|
All functions documented here are listed in <openssl/x509v3.h>
and in OpenSSL doc/man3/X509_dup.pod.
OpenSSL documentation specifies the wrong header file.
|
|
Both functions are listed in <openssl/x509v3.h>
and in OpenSSL doc/man3/X509_dup.pod.
OpenSSL documentation specifies the wrong header file.
|
|
Thanks to otto@ for making me aware of it.
If people know newer documents that are similarly readable and
interesting, please speak up. I hate sending people to the STANDARDS
only for more information. On the one hand, that's torture, and
on the other hand, if i read Gutmann correctly, the standards
sometimes provide bad advice, and often none at all.
|
|
Name structures weren't already complicated enough, see X509_NAME_new(3).
All these functions are listed in <openssl/x509v3.h>
and in OpenSSL doc/man3/X509_dup.pod.
OpenSSL documentation specifies the wrong header file.
|
|
|
|
reported by @rhenium on GitHub
ok jsing@
|
|
scratch. All these functions are listed in <openssl/pkcs12.h> and
in OpenSSL doc/man3/X509_dup.pod. As usual, OpenSSL documentation
specifies the wrong header file.
Note that PKCS#12 documentation is still scanty at best.
For example, out of 19 public functions handling PKCS12 objects,
five are now documented, and this commit documents the first two
out of 24 public functions handling PKCS12_SAFEBAG objects.
|
