| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
| |
for associating X.501 Attributes with private keys
|
| |
|
|
| |
describing five functions to change arrays of X.501 Attribute objects
|
| | |
|
| |
|
|
| |
documenting five X.501 Attribute read accessors
|
| |
|
|
|
|
| |
After tb@'s commit x509/x509_lu.c rev. 1.33, it is no longer necessary
to talk about X509_LU_* constants as return values from these functions.
Feedback and OK from tb@.
|
| |
|
|
| |
documenting five X.501 Attribute write accessors
|
| |
|
|
| |
and the three functions related to the global mask
|
| |
|
|
| |
also documenting ASN1_mbstring_ncopy(3)
|
| |
|
|
| |
documenting the four X.501 Attribute read accessors
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
is becoming excessively long, into a new page X509_VERIFY_PARAM_new(3);
no content change
|
| |
|
|
| |
else in libcrypto's manuals and headers).
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
and OPENSSL_EC_EXPLICIT_CURVE
from OpenSSL commit 146ca72c Feb 19 14:35:43 2015 +0000
after tb@ changed the default from 0 to OPENSSL_EC_NAMED_CURVE
in ec/ec_lib.c rev. 1.41,
which is the same default that OpenSSL uses since 1.1.0.
While merging, drop the description of the pre-1.1.0 behaviour.
It seems irrelevant to me because tb@ found no application in Debian
codesearch using OPENSSL_EC_EXPLICIT_CURVE. A former devious default
that was probably never relied upon by anyone does not need to be
documented.
|
| |
|
|
|
|
|
|
|
| |
branch, which is still under a free license.
While here, also merge a few other improvements, mostly regarding
EC_GROUP_get_order(3) and EC_GROUP_get_cofactor(3); in particular,
some statements below RETURN VALUES were outright wrong.
This patch includes a few minor tweaks and an addition to HISTORY by me.
Feedback and OK tb@.
|
| |
|
|
|
|
|
| |
and BN_lebin2bn(3) from the OpenSSL 1.1.1 branch,
which is still under a free license.
While here, tweak a number of details for clarity.
OK tb@
|
| |
|
|
| |
automatically initializes itself. OK tb@
|
| |
|
|
|
|
|
|
| |
BN_rand_range()
From OpenSSL 1.1.1l
ok beck jsing
|
| |
|
|
| |
forgotten in earlier commits
|
| |
|
|
| |
using input from tb@, and OK tb@ on an earlier version
|
| |
|
|
|
| |
as intentionally undocumented because it is trivial and unused in the wild;
OK tb@
|
| |
|
|
|
|
|
|
|
| |
and X509_get_default_cert_file_env(3).
LibreSSL itself does not call getenv(3), but a few application programs
including epic5, fetchmail, fossil, slic3r call these functions, so in
case programmers find them in existing code, telling them what they do
seems useful.
|
| |
|
|
|
|
|
| |
Put it into this page because this is the code actually using it.
Despite its name and include file, it is unrelated to X.509
and unrelated to certificates: it is just the default directory
containing the library configuration file, openssl.cnf(5).
|
| |
|
|
|
|
| |
* document the X509_OBJECT output parameter
* more precision regarding return values
* clarify relationship with X509_LOOKUP_ctrl(3) for the dir lookup method
|
| | |
|
| | |
|
| |
|
|
| |
and add a new manual page X509_LOOKUP_new(3)
|
| |
|
|
|
|
|
|
|
| |
the lie that *ptree is set upon success - in some cases of success,
it is set to NULL, whereas in some cases of failure, a non-trivial
tree may be returned.
beck@ pointed out that statements related to *ptree were scattered
all over the place, and this patch works for him.
|
| |
|
|
|
| |
X509_policy_check(3) never returns 2.
If validation succeeds, it always returns 1.
|
| |
|
|
|
|
|
| |
OpenSSL 1.1.1 branch, which is still under a free license, tweaked
by me.
While here, garbage collect the weird BUGS section.
|
| | |
|
| | |
|
| |
|
|
| |
and X509_STORE_CTX_get_explicit_policy(3)
|
| | |
|
| |
|
|
| |
refering to child object names defined in the standard
|
| |
|
|
|
|
| |
description of the *pexplicit_policy output argument and make it
less technical, and drop the mention of the expected_policy_set
because the library provides no accessor function for it.
|
| | |
|
| | |
|
| |
|
|
| |
documenting the X509_POLICY_TREE object and its sub-objects
|
| |
|
|
|
| |
and X509_STORE_CTX_purpose_inherit(3). These functions look deceptively
simple on first sight, but their semantics is surprisingly complicated.
|
| |
|
|
|
| |
documenting ten functions related to X509_TRUST objects,
trust identifiers, and trust indices.
|
| |
|
|
|
|
| |
intentionally undocumented because it uses MD5 only and is
unused in real-world code according to codesearch.debian.net.
No objection from tb@.
|
| | |
|
| |
|
|
| |
been defined or user-supplied checking functions may have been installed
|
| |
|
|
| |
related to X509_PURPOSE objects, purpose identifiers, and purpose indices
|
