From 281172858344f625c73e08f7af61073307e2d0b0 Mon Sep 17 00:00:00 2001 From: miod <> Date: Thu, 10 Jul 2014 13:18:56 +0000 Subject: Features introduce in OpenSSL 0.9.8 do not deserve their own section. Instead, fold their description in the main documentation, and update the history section to mention them as well. --- src/lib/libcrypto/doc/PKCS12_create.pod | 40 ++++++++++++------------- src/lib/libssl/src/doc/crypto/PKCS12_create.pod | 40 ++++++++++++------------- 2 files changed, 38 insertions(+), 42 deletions(-) (limited to 'src') diff --git a/src/lib/libcrypto/doc/PKCS12_create.pod b/src/lib/libcrypto/doc/PKCS12_create.pod index 382193ec95..12fbd20b8a 100644 --- a/src/lib/libcrypto/doc/PKCS12_create.pod +++ b/src/lib/libcrypto/doc/PKCS12_create.pod @@ -8,8 +8,9 @@ PKCS12_create - create a PKCS#12 structure #include - PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert, STACK_OF(X509) *ca, - int nid_key, int nid_cert, int iter, int mac_iter, int keytype); + PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, + X509 *cert, STACK_OF(X509) *ca, int nid_key, int nid_cert, + int iter, int mac_iter, int keytype); =head1 DESCRIPTION @@ -17,12 +18,19 @@ PKCS12_create() creates a PKCS#12 structure. B is the passphrase to use. B is the B to use for the supplied certifictate and key. B is the private key to include in -the structure and B its corresponding certificates. B, if not B -is an optional set of certificates to also include in the structure. +the structure and B its corresponding certificates. B is an optional +set of certificates to also include in the structure. +Either B, B or both can be B to indicate that no key or +certficate is required. B and B are the encryption algorithms that should be used -for the key and certificate respectively. B is the encryption algorithm -iteration count to use and B is the MAC iteration count to use. +for the key and certificate respectively. If either B or B +is set to -1, no encryption will be used. + +B is the encryption algorithm iteration count to use and B is +the MAC iteration count to use. If B is set to -1, the MAC will be +omitted entirely. + B is the type of key. =head1 NOTES @@ -46,30 +54,20 @@ for old export grade software which could use signing only keys of arbitrary size but had restrictions on the permissible sizes of keys which could be used for encryption. -=head1 NEW FUNCTIONALITY IN OPENSSL 0.9.8 - -Some additional functionality was added to PKCS12_create() in OpenSSL -0.9.8. These extensions are detailed below. - If a certificate contains an B or B then this will be used for the corresponding B or B in the PKCS12 structure. -Either B, B or both can be B to indicate that no key or -certficate is required. In previous versions both had to be present or -a fatal error is returned. - -B or B can be set to -1 indicating that no encryption -should be used. - -B can be set to -1 and the MAC will then be omitted entirely. - =head1 SEE ALSO L =head1 HISTORY -PKCS12_create was added in OpenSSL 0.9.3 +PKCS12_create was added in OpenSSL 0.9.3. + +Before OpenSSL 0.9.8, neither B nor B were allowed to be B, +and a value of B<-1> was not allowed for B, B and +B. =cut diff --git a/src/lib/libssl/src/doc/crypto/PKCS12_create.pod b/src/lib/libssl/src/doc/crypto/PKCS12_create.pod index 382193ec95..12fbd20b8a 100644 --- a/src/lib/libssl/src/doc/crypto/PKCS12_create.pod +++ b/src/lib/libssl/src/doc/crypto/PKCS12_create.pod @@ -8,8 +8,9 @@ PKCS12_create - create a PKCS#12 structure #include - PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert, STACK_OF(X509) *ca, - int nid_key, int nid_cert, int iter, int mac_iter, int keytype); + PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, + X509 *cert, STACK_OF(X509) *ca, int nid_key, int nid_cert, + int iter, int mac_iter, int keytype); =head1 DESCRIPTION @@ -17,12 +18,19 @@ PKCS12_create() creates a PKCS#12 structure. B is the passphrase to use. B is the B to use for the supplied certifictate and key. B is the private key to include in -the structure and B its corresponding certificates. B, if not B -is an optional set of certificates to also include in the structure. +the structure and B its corresponding certificates. B is an optional +set of certificates to also include in the structure. +Either B, B or both can be B to indicate that no key or +certficate is required. B and B are the encryption algorithms that should be used -for the key and certificate respectively. B is the encryption algorithm -iteration count to use and B is the MAC iteration count to use. +for the key and certificate respectively. If either B or B +is set to -1, no encryption will be used. + +B is the encryption algorithm iteration count to use and B is +the MAC iteration count to use. If B is set to -1, the MAC will be +omitted entirely. + B is the type of key. =head1 NOTES @@ -46,30 +54,20 @@ for old export grade software which could use signing only keys of arbitrary size but had restrictions on the permissible sizes of keys which could be used for encryption. -=head1 NEW FUNCTIONALITY IN OPENSSL 0.9.8 - -Some additional functionality was added to PKCS12_create() in OpenSSL -0.9.8. These extensions are detailed below. - If a certificate contains an B or B then this will be used for the corresponding B or B in the PKCS12 structure. -Either B, B or both can be B to indicate that no key or -certficate is required. In previous versions both had to be present or -a fatal error is returned. - -B or B can be set to -1 indicating that no encryption -should be used. - -B can be set to -1 and the MAC will then be omitted entirely. - =head1 SEE ALSO L =head1 HISTORY -PKCS12_create was added in OpenSSL 0.9.3 +PKCS12_create was added in OpenSSL 0.9.3. + +Before OpenSSL 0.9.8, neither B nor B were allowed to be B, +and a value of B<-1> was not allowed for B, B and +B. =cut -- cgit v1.2.3-55-g6feb