summaryrefslogtreecommitdiff
path: root/src (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Expand DECLARE_ASN1_ITEM - no change to preprocessor output.jsing2016-12-271-3/+3
|
* Expand DECLARE_ASN1_ITEM macros - no change to preprocessor output.jsing2016-12-271-3/+3
|
* Expand DECLARE_ASN1_ITEM macros - no change in preprocessor output.jsing2016-12-272-12/+12
|
* remove a stray comment line that might cause confusionschwarze2016-12-271-2/+1
|
* Expand DECLARE_ASN1_* macros. No change in preprocessor output, excludingjsing2016-12-271-20/+92
| | | | line numbering and new lines.
* minor fixes;jmc2016-12-272-7/+7
|
* Typo, "more then" -> "more than"jca2016-12-261-2/+2
|
* also document the weird i2d_PKCS7_NDEF(3)schwarze2016-12-261-1/+14
| | | | listed in <openssl/pkcs7.h> and OpenSSL doc/man3/d2i_X509.pod
* Write the missing d2i_PKCS7(3) manual page from scratch.schwarze2016-12-262-1/+316
| | | | | | It is already referenced by one other manual page. All these functions are listed in <openssl/pkcs7.h> and in OpenSSL doc/man3/d2i_X509.pod.
* Write the missing d2i_PKCS12(3) manual page from scratch.schwarze2016-12-262-1/+188
| | | | | | It is already referenced from some other manuals. All these functions are listed in <openssl/pkcs12.h> and in OpenSSL doc/man3/d2i_X509.pod.
* Document d2i_RSA_PSS_PARAMS(3) and i2d_RSA_PSS_PARAMS(3)schwarze2016-12-261-6/+60
| | | | | found in OpenSSL doc/man3/d2i_X509.pod. Add STANDARDS references.
* add eight missing functions found in OpenSSL doc/man3/d2i_X509.podschwarze2016-12-261-2/+78
|
* Basic cleanup:schwarze2016-12-261-80/+102
| | | | | | | | | Simplify one-line description. List each function with the correct header file. Use the same parameter names as in ASN1_item_d2i(3). Point to ASN1_item_d2i(3) for details. Sort the text. Add some useful cross references.
* Restore two frees that were unintentionally lost during recent refactoring.jsing2016-12-261-1/+4
|
* Hook up a certificate verify callback so that we can set user friendlyjsing2016-12-262-8/+31
| | | | | | | | | | | | | | | | | | error messages, instead of libssl error strings. This gives us messages like: certificate verification failed: certificate has expired Instead of: 14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed This also lets us always enable peer verification since the no verification case is now handled via the callback. Tested by tedu@ ok beck@
* describe what happens for val_out == NULL and for der_out == NULLschwarze2016-12-261-3/+26
|
* Restore previous ASN.1 encoding for the peer certificate - this wasjsing2016-12-261-7/+5
| | | | | | | | unintentionally changed during the CBS/CBB rewrite. Issue reported by jeremy@ due to failing ruby tests. Analysis and near identical diff from Kazuki Yamaguchi <k at rhe.jp>.
* Extend regress to include a peer certificate in the session.jsing2016-12-261-58/+134
|
* Restore previous behaviour of incrementing the pointer so that it pointsjsing2016-12-261-1/+2
| | | | | | at the end of the buffer. Issue identified by and diff from Kazuki Yamaguchi <k at rhe.jp>.
* Ensure that after an i2d_SSL_SESSION() call, the passed pointer now pointsjsing2016-12-261-8/+9
| | | | to the end of the buffer.
* Consistently mark up various ASN.1 type names defined in standardsschwarze2016-12-2548-315/+481
| | | | related to X.509 with .Vt such that they can be searched for.
* Add missing functions d2i_PublicKey(3) and i2d_PublicKey(3)schwarze2016-12-251-35/+113
| | | | | | | | | | | | found in OpenSSL doc/man3/d2i_X509.pod. Simplify one-line description. Use the same parameter names as in ASN1_item_d2i(3). Point to ASN1_item_d2i(3) for details. Add a STANDRADS reference regarding PKCS#8 PrivateKeyInfo. Mention d2i_PrivateKey_bio(3) and d2i_PrivateKey_fp(3) in the DESCRIPTION and below RETURN VALUES. Add some missing markup and tweak some wording. Add some cross references.
* Correct the DESCRIPTION of ECParameters_dup(3).schwarze2016-12-251-11/+59
| | | | | | | Clarify requirements for o2i_ECPublicKey(3). Add STANDARDS references for d2i_ECPrivateKey(3) and d2i_EC_PUBKEY(3). Trim some excessive cross references that are only tangentially related and add some more relevant ones instead.
* Basic cleanup to prepare for content improvements:schwarze2016-12-251-171/+172
| | | | | | | | | | Use the same parameter names as in ASN1_item_d2i(3). Point to ASN1_item_d2i(3) for details. Delete lots of rendundant text. While here, add ten missing functions found in OpenSSL doc/man3/d2i_X509.pod and fix errors in the prototypes of i2d_ECPKParameters_bio(3) and i2d_ECPKParameters_fp(3).
* Clarify what DSAparams_dup(3) does.schwarze2016-12-251-19/+47
| | | | | | | | | | Add STANDARDS references. Add cross references to manual pages documenting conversion functions that are used by the functions documented here. Mark up the names of custom ASN.1 datatypes that are defined in standards with .Vt, allowing to search for them. Do not mark up basic ASN.1 data types. They stand out by being ALL CAPS anyway, and searching for them would be pointless.
* First example of how to fix the d2i_*() manuals:schwarze2016-12-241-98/+123
| | | | | | | | | | | - add four missing functions found in OpenSSL doc/man3/d2i_X509.pod - simplify .Nd - drop needless extra include line - use the same parameter names as in ASN1_item_d2i(3) - point to ASN1_item_d2i(3) for details - sort the text and simplify the wording More work is needed on STANDARDS references.
* Very carefully tweak OpenSSL doc/man3/d2i_X509.pod and create a newschwarze2016-12-243-1/+514
| | | | | | | | | | | | | | | | | | | | | | | ASN1_item_d2i(3) manual page from it. Enough text remains to keep Stephen Henson's Copyright. The eight functions documented in this new page are listed in <openssl/asn1.h> and in Symbols.list, so they are public even though OpenSSL does not document them. They are very important because hundreds of documented, much-used public interface functions are trivial wrappers around them, sharing their complicated semantics and their copious CAVEATS and BUGS. The plan is for the many pages documenting the wrappers to become very concise, to focus on the few type-dependent specifics, and to point to this new page for the details of the semantics, for the CAVEATS, and for the BUGS. While here, write a companion page ASN1_item_new(3) from scratch. The user interface described in that page scares the hell out of me, and i think people writing code to handle ASN.1 ought to be aware of that dangerous user interface design, or they will sooner or later get trapped.
* minor fixes;jmc2016-12-241-6/+6
|
* sprinkle some cross references to newly written x509v3 manual pagesschwarze2016-12-246-12/+32
|
* Write new SXNET_new(3) manual page from scratch. All four functionsschwarze2016-12-242-1/+93
| | | | | | | | | | | | | | | | are listed in <openssl/x509v3.h> and in OpenSSL doc/man3/X509_dup.pod. OpenSSL documentation specifies the wrong header file. I consider the quotation from http://www-03.ibm.com/security/library/wp_pki0730.shtml fair use because (1) it is a very brief extract from a long text, (2) no other source of information is available, (3) it is quoted for the purpose of education and research, (4) republishing happens in a not-for-profit context. I'm not including the URI into the manual page because large corporate websites are notorious for changing URIs during each spring cleaning.
* Write new PKEY_USAGE_PERIOD_new(3) manual page from scratch,schwarze2016-12-232-1/+67
| | | | | | | documenting the dubious RFC 3280 PrivateKeyUsagePeriod extension. Both functions are listed in <openssl/x509v3.h> and in OpenSSL doc/man3/X509_dup.pod. OpenSSL documentation specifies the wrong header file.
* Move __BEGIN_HIDDEN_DECLS out of the middle of a function declaration.patrick2016-12-231-3/+3
| | | | ok jca@
* Write RFC 3820 manual page PROXY_POLICY_new(3) from scratch.schwarze2016-12-232-1/+91
| | | | | | These four functions are listed in <openssl/x509v3.h> and in OpenSSL doc/man3/X509_dup.pod. OpenSSL documentation specifies the wrong header file.
* Write ACCESS_DESCRIPTION_new(3) manual page from scratch.schwarze2016-12-232-1/+142
| | | | | | All four functions are listed in <openssl/x509v3.h> and in OpenSSL doc/man3/X509_dup.pod. OpenSSL documentation specifies the wrong header file.
* Write new EXTENDED_KEY_USAGE_new(3) manual page from scratch.schwarze2016-12-232-1/+76
| | | | | | Both functions are listed in <openssl/x509v3.h> and in OpenSSL doc/man3/X509_dup.pod. OpenSSL documentation specifies the wrong header file.
* Write new POLICYINFO_new(3) manual page from scratch; i can't say thatschwarze2016-12-232-1/+189
| | | | | | i particularly like these fourteen functions, but they are all listed in <openssl/x509v3.h> and in OpenSSL doc/man3/X509_dup.pod. OpenSSL documentation specifies the wrong header file.
* Write new NAME_CONSTRAINTS_new(3) manual page from scratch.schwarze2016-12-232-1/+89
| | | | | | These functions are listed in <openssl/x509v3.h> and in OpenSSL doc/man3/X509_dup.pod. OpenSSL documentation specifies the wrong header file.
* Write new BASIC_CONSTRAINTS_new(3) manual from scratch, explainingschwarze2016-12-232-1/+81
| | | | | | | the important point of how to distinguish CA certificates from end entity certificates. Both functions are listed in <openssl/x509v3.h> and in OpenSSL doc/man3/X509_dup.pod. OpenSSL documentation specifies the wrong header file.
* Write new DIST_POINT_new(3) manual page from scratch.schwarze2016-12-232-1/+135
| | | | | | All functions documented here are listed in <openssl/x509v3.h> and in OpenSSL doc/man3/X509_dup.pod. OpenSSL documentation specifies the wrong header file.
* Write new AUTHORITY_KEYID_new(3) manual page from scratch.schwarze2016-12-232-1/+67
| | | | | | Both functions are listed in <openssl/x509v3.h> and in OpenSSL doc/man3/X509_dup.pod. OpenSSL documentation specifies the wrong header file.
* Link to Peter Gutmann's classic "X.509 Style Guide".schwarze2016-12-231-2/+11
| | | | | | | | | | Thanks to otto@ for making me aware of it. If people know newer documents that are similarly readable and interesting, please speak up. I hate sending people to the STANDARDS only for more information. On the one hand, that's torture, and on the other hand, if i read Gutmann correctly, the standards sometimes provide bad advice, and often none at all.
* Write GENERAL_NAME_new(3) manual page from scratch - as if plain X.501schwarze2016-12-232-1/+138
| | | | | | | Name structures weren't already complicated enough, see X509_NAME_new(3). All these functions are listed in <openssl/x509v3.h> and in OpenSSL doc/man3/X509_dup.pod. OpenSSL documentation specifies the wrong header file.
* no more bn_dump(3);jmc2016-12-221-3/+2
|
* OBJ_obj2txt() should return the total amount of space requiredinoguchi2016-12-221-5/+1
| | | | | reported by @rhenium on GitHub ok jsing@
* Write new manual pages PKCS12_new(3) and PKCS12_SAFEBAG_new(3) fromschwarze2016-12-224-6/+195
| | | | | | | | | | | scratch. All these functions are listed in <openssl/pkcs12.h> and in OpenSSL doc/man3/X509_dup.pod. As usual, OpenSSL documentation specifies the wrong header file. Note that PKCS#12 documentation is still scanty at best. For example, out of 19 public functions handling PKCS12 objects, five are now documented, and this commit documents the first two out of 24 public functions handling PKCS12_SAFEBAG objects.
* spelling fix;jmc2016-12-221-2/+2
|
* Write X509_SIG_new(3) manual page from scratch. Both functions areschwarze2016-12-222-1/+61
| | | | | listed in <openssl/x509.h> and in OpenSSL doc/man3/X509_dup.pod. OpenSSL documentation specifies the wrong header file.
* reference X509_new(3) instead of x509(3)schwarze2016-12-221-3/+3
|
* Delete the x509(3) manual page and merge what little content remainedschwarze2016-12-223-136/+27
| | | | into X509_new(3). Add information about STANDARDS.
* Stop installing the bn_dump(3) manual page.schwarze2016-12-221-2/+1
| | | | The functions documented there are no longer public.
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-24 18:48:52 +0000