| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
|
|
|
| |
Not documented by OpenSSL, but listed in <openssl/x509_vfy.h>
and referenced from X509_LOOKUP_hash_dir(3), and clearly more
important than the latter. Fixes three dead links reported by jmc@.
Most of the information from SSL_CTX_load_verify_locations(3) should
probably be moved here, but not all, since the SSL page also talks
about SSL servers and clients and the like. As i'm not completely
sure regarding the boundaries, i'm leaving that as it is for now.
|
| |
|
|
|
|
| |
All 36 functions listed in <openssl/asn1.h>
and in OpenSSL doc/man3/d2i_X509.pod,
six of them with wrong prototypes.
|
| |
|
|
|
|
|
|
| |
All four functions are listed in <openssl/asn1.h>
and in OpenSSL doc/man3/d2i_X509.pod.
Note that in the OpenSSL documentation,
three of the four prototypes are incorrect.
|
| |
|
|
|
|
|
|
|
|
|
| |
Both functions are listed in <openssl/asn1.h>
and in OpenSSL doc/man3/d2i_X509.pod.
After reading the code, i'm not amused. You wouldn't think that
it might take eight stack levels to decode a constant sixteen bit
value that does not even allow a single content octet, or would
you? Nota bene, this is an average of four stack levels for each
non-zero bit decoded... :-(
|
| |
|
|
|
| |
encoding functions from scratch. All 46 functions are listed
in OpenSSL doc/man3/d2i_X509.pod.
|
| |
|
|
|
| |
from scratch. All six functions are listed in <openssl/x509.h>
and in OpenSSL doc/man3/d2i_X509.pod.
|
| |
|
|
|
| |
These six function are listed in <openssl/x509.h>
and in OpenSSL doc/man3/d2i_X509.pod.
|
| |
|
|
|
| |
from scratch. All these functions are listed in <openssl/ocsp.h>
and in OpenSSL doc/man3/d2i_X509.pod.
|
| |
|
|
|
| |
from scratch. All functions listed in <openssl/ts.h>
and in OpenSSL doc/man3/s2i_X509.pod.
|
| |
|
|
|
|
| |
It is already referenced by one other manual page.
All these functions are listed in <openssl/pkcs7.h>
and in OpenSSL doc/man3/d2i_X509.pod.
|
| |
|
|
|
|
| |
It is already referenced from some other manuals.
All these functions are listed in <openssl/pkcs12.h>
and in OpenSSL doc/man3/d2i_X509.pod.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
ASN1_item_d2i(3) manual page from it. Enough text remains to keep
Stephen Henson's Copyright.
The eight functions documented in this new page are listed in
<openssl/asn1.h> and in Symbols.list, so they are public even though
OpenSSL does not document them. They are very important because
hundreds of documented, much-used public interface functions are
trivial wrappers around them, sharing their complicated semantics
and their copious CAVEATS and BUGS.
The plan is for the many pages documenting the wrappers to become
very concise, to focus on the few type-dependent specifics, and to
point to this new page for the details of the semantics, for the
CAVEATS, and for the BUGS.
While here, write a companion page ASN1_item_new(3) from scratch.
The user interface described in that page scares the hell out of
me, and i think people writing code to handle ASN.1 ought to be
aware of that dangerous user interface design, or they will sooner
or later get trapped.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
are listed in <openssl/x509v3.h> and in OpenSSL doc/man3/X509_dup.pod.
OpenSSL documentation specifies the wrong header file.
I consider the quotation from
http://www-03.ibm.com/security/library/wp_pki0730.shtml
fair use because
(1) it is a very brief extract from a long text,
(2) no other source of information is available,
(3) it is quoted for the purpose of education and research,
(4) republishing happens in a not-for-profit context.
I'm not including the URI into the manual page because large corporate
websites are notorious for changing URIs during each spring cleaning.
|
| |
|
|
|
|
|
| |
documenting the dubious RFC 3280 PrivateKeyUsagePeriod extension.
Both functions are listed in <openssl/x509v3.h>
and in OpenSSL doc/man3/X509_dup.pod.
OpenSSL documentation specifies the wrong header file.
|
| |
|
|
|
|
| |
These four functions are listed in <openssl/x509v3.h>
and in OpenSSL doc/man3/X509_dup.pod.
OpenSSL documentation specifies the wrong header file.
|
| |
|
|
|
|
| |
All four functions are listed in <openssl/x509v3.h>
and in OpenSSL doc/man3/X509_dup.pod.
OpenSSL documentation specifies the wrong header file.
|
| |
|
|
|
|
| |
Both functions are listed in <openssl/x509v3.h>
and in OpenSSL doc/man3/X509_dup.pod.
OpenSSL documentation specifies the wrong header file.
|
| |
|
|
|
|
| |
i particularly like these fourteen functions, but they are all listed
in <openssl/x509v3.h> and in OpenSSL doc/man3/X509_dup.pod.
OpenSSL documentation specifies the wrong header file.
|
| |
|
|
|
|
| |
These functions are listed in <openssl/x509v3.h>
and in OpenSSL doc/man3/X509_dup.pod.
OpenSSL documentation specifies the wrong header file.
|
| |
|
|
|
|
|
| |
the important point of how to distinguish CA certificates from end
entity certificates. Both functions are listed in <openssl/x509v3.h>
and in OpenSSL doc/man3/X509_dup.pod.
OpenSSL documentation specifies the wrong header file.
|
| |
|
|
|
|
| |
All functions documented here are listed in <openssl/x509v3.h>
and in OpenSSL doc/man3/X509_dup.pod.
OpenSSL documentation specifies the wrong header file.
|
| |
|
|
|
|
| |
Both functions are listed in <openssl/x509v3.h>
and in OpenSSL doc/man3/X509_dup.pod.
OpenSSL documentation specifies the wrong header file.
|
| |
|
|
|
|
|
| |
Name structures weren't already complicated enough, see X509_NAME_new(3).
All these functions are listed in <openssl/x509v3.h>
and in OpenSSL doc/man3/X509_dup.pod.
OpenSSL documentation specifies the wrong header file.
|
| |
|
|
|
|
|
|
|
|
|
| |
scratch. All these functions are listed in <openssl/pkcs12.h> and
in OpenSSL doc/man3/X509_dup.pod. As usual, OpenSSL documentation
specifies the wrong header file.
Note that PKCS#12 documentation is still scanty at best.
For example, out of 19 public functions handling PKCS12 objects,
five are now documented, and this commit documents the first two
out of 24 public functions handling PKCS12_SAFEBAG objects.
|
| |
|
|
|
| |
listed in <openssl/x509.h> and in OpenSSL doc/man3/X509_dup.pod.
OpenSSL documentation specifies the wrong header file.
|
| |
|
|
| |
into X509_new(3). Add information about STANDARDS.
|
| |
|
|
| |
The functions documented there are no longer public.
|
| |
|
|
|
|
| |
Both functions are listed in <openssl/x509.h>
and in OpenSSL doc/man3/X509_dup.pod.
Note that OpenSSL documentation specifies the wrong header file.
|
| |
|
|
|
|
|
|
|
|
| |
Both functions are listed in <openssl/x509.h>
and in OpenSSL doc/man3/X509_dup.pod.
OpenSSL documentation specifies the wrong header file.
The design and use of this data type feels horrific.
If you understand PKCS#8 or PKCS#10 and can explain why this was
designed as it is, your contribution to this manual page is welcome.
|
| |
|
|
|
|
| |
These four functions are listed in <openssl/x509.h>
and in OpenSSL doc/man3/X509_dup.pod.
OpenSSL documentation specifies the wrong header file.
|
| |
|
|
|
|
| |
X509_REVOKED_set_serialNumber(3) and X509_REVOKED_set_revocationDate(3)
into this new page. Replace irrelevant cross references with
relevant cross references to X509_CRL* pages.
|
| |
|
|
|
|
|
| |
are listed in <openssl/x509.h> and in OpenSSL doc/man3/X509_dup.pod.
Note that the OpenSSL documentation specifies the wrong header file.
Link to all pages dealing with X509_CRL objects.
|
| |
|
|
|
| |
are listed in <openssl/x509.h> and in OpenSSL doc/man3/X509_dup.pod.
Note that the OpenSSL documentation specifies the wrong header file.
|
| |
|
|
|
| |
listed in <openssl/x509.h> and in OpenSSL doc/man3/X509_dup.pod.
Note that the OpenSSL documentation specifies the wrong header file.
|
| |
|
|
|
|
| |
from scratch. All these functions are listed in <openssl/ts.h>
and in OpenSSL doc/man3/X509_dup.pod.
Note that the OpenSSL documentation specifies the wrong header file.
|
| |
|
|
|
|
| |
are listed in <openssl/rsa.h> and OpenSSL doc/man3/X509_dup.pod.
Note that the OpenSSL documentation specifies the wrong header file.
More could probably be said about PSS, but this is a start...
|
| |
|
|
|
| |
public: listed in <openssl/pkcs7.h> and OpenSSL doc/man3/X509_dup.pod.
Note that the OpenSSL documentation specifies the wrong header file.
|
| |
|
|
|
|
|
|
|
|
|
| |
These two and OCSP_CRLID_free(3) and OCSP_SERVICELOC_free(3) are
public by being in OpenSSL doc/man3/X509_dup.pod.
OCSP_crlID_new(3) and OCSP_url_svcloc_new(3) are related and,
even though completely undocumented in OpenSSL, obviously much
more important.
If you had told me a year ago that i would ever write such text,
i would have called you crazy.
|
| |
|
|
| |
below OpenBSD quality standards, but better than nothing...
|
| |
|
|
|
|
| |
Make sure EC_GROUP_new(3) points to all EC manuals and all EC manuals
point back to EC_GROUP_new(3), and add some other useful links as well.
Change all links to ec(3) to point to EC_GROUP_new(3) instead.
|
| |
|
|
|
| |
In this case, keep the text about individual struct fields
because it contains some actual information.
|
| |
|
|
|
|
|
| |
discard the rest of the text. There is no value in documenting
some of the fields of a structure and then going on to say that the
structure is intended as opaque. Besides, i doubt that we want
such strong marketing of ENGINE support.
|
| |
|
|
|
|
|
| |
discard the rest of the text. There is no value in documenting
some of the fields of a structure and then going on to say that the
structure is intended as opaque. Besides, i doubt that we want
such strong marketing of ENGINE support.
|
| |
|
|
|
|
|
| |
OpenSSL removed bn(3) without replacement, but the introductory
text does seem helpful, and it is good for a sub-library to have a
central page pointing to all other pages and pointed at from all
other pages of the sub-library.
|
| |
|
|
|
|
|
|
|
| |
to functions, so delete the BIO(3) manual page and merge its content
into BIO_new(3) and BIO_push(3).
Sort the content of BIO_new(3) into a logical order
and improve the wording in various ways.
Add the required cross references to BIO_push(3).
|
| | |
|
| | |
|
| |
|
|
| |
since we don't have that function, call the page X509_STORE_set1_param(3)
|
| | |
|
| | |
|
