summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorIngo Schwarze <schwarze@cvs.openbsd.org>2021-07-19 13:16:44 +0000
committerIngo Schwarze <schwarze@cvs.openbsd.org>2021-07-19 13:16:44 +0000
commit2d5eeed46f4b2ee054ae8b312c35d3c7e439a9cb (patch)
tree8e8308cf9ad447eb487f0b633c71f362d04bbb4e
parentedc672741dadbc85403aa883c4abe46584067e7b (diff)
document X509_CRL_print(3) and X509_CRL_print_fp(3)
-rw-r--r--lib/libcrypto/man/Makefile3
-rw-r--r--lib/libcrypto/man/X509_CRL_new.35
-rw-r--r--lib/libcrypto/man/X509_CRL_print.3113
-rw-r--r--lib/libcrypto/man/X509_REVOKED_new.35
-rw-r--r--lib/libcrypto/man/X509_print_ex.35
5 files changed, 124 insertions, 7 deletions
diff --git a/lib/libcrypto/man/Makefile b/lib/libcrypto/man/Makefile
index 7a1747f2917..23a46ed3182 100644
--- a/lib/libcrypto/man/Makefile
+++ b/lib/libcrypto/man/Makefile
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.181 2021/07/12 15:56:54 schwarze Exp $
+# $OpenBSD: Makefile,v 1.182 2021/07/19 13:16:43 schwarze Exp $
.include <bsd.own.mk>
@@ -280,6 +280,7 @@ MAN= \
X509_CINF_new.3 \
X509_CRL_get0_by_serial.3 \
X509_CRL_new.3 \
+ X509_CRL_print.3 \
X509_EXTENSION_set_object.3 \
X509_INFO_new.3 \
X509_LOOKUP_hash_dir.3 \
diff --git a/lib/libcrypto/man/X509_CRL_new.3 b/lib/libcrypto/man/X509_CRL_new.3
index 13124697439..d6a43f17416 100644
--- a/lib/libcrypto/man/X509_CRL_new.3
+++ b/lib/libcrypto/man/X509_CRL_new.3
@@ -1,4 +1,4 @@
-.\" $OpenBSD: X509_CRL_new.3,v 1.10 2019/08/20 13:27:19 schwarze Exp $
+.\" $OpenBSD: X509_CRL_new.3,v 1.11 2021/07/19 13:16:43 schwarze Exp $
.\"
.\" Copyright (c) 2016, 2018 Ingo Schwarze <schwarze@openbsd.org>
.\"
@@ -14,7 +14,7 @@
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\"
-.Dd $Mdocdate: August 20 2019 $
+.Dd $Mdocdate: July 19 2021 $
.Dt X509_CRL_NEW 3
.Os
.Sh NAME
@@ -112,6 +112,7 @@ returns 1 on success or 0 on error.
.Xr X509_CRL_get_issuer 3 ,
.Xr X509_CRL_get_version 3 ,
.Xr X509_CRL_match 3 ,
+.Xr X509_CRL_print 3 ,
.Xr X509_CRL_sign 3 ,
.Xr X509_EXTENSION_new 3 ,
.Xr X509_INFO_new 3 ,
diff --git a/lib/libcrypto/man/X509_CRL_print.3 b/lib/libcrypto/man/X509_CRL_print.3
new file mode 100644
index 00000000000..2f4832f0e72
--- /dev/null
+++ b/lib/libcrypto/man/X509_CRL_print.3
@@ -0,0 +1,113 @@
+.\" $OpenBSD: X509_CRL_print.3,v 1.1 2021/07/19 13:16:43 schwarze Exp $
+.\"
+.\" Copyright (c) 2021 Ingo Schwarze <schwarze@openbsd.org>
+.\"
+.\" Permission to use, copy, modify, and distribute this software for any
+.\" purpose with or without fee is hereby granted, provided that the above
+.\" copyright notice and this permission notice appear in all copies.
+.\"
+.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+.\"
+.Dd $Mdocdate: July 19 2021 $
+.Dt X509_CRL_PRINT 3
+.Os
+.Sh NAME
+.Nm X509_CRL_print ,
+.Nm X509_CRL_print_fp
+.Nd pretty-print a certificate revocation list
+.Sh SYNOPSIS
+.In openssl/x509.h
+.Ft int
+.Fo X509_CRL_print
+.Fa "BIO *bio"
+.Fa "X509_CRL *crl"
+.Fc
+.Ft int
+.Fo X509_CRL_print_fp
+.Fa "FILE *fp"
+.Fa "X509_CRL *crl"
+.Fc
+.Sh DESCRIPTION
+.Fn X509_CRL_print
+prints information contained in
+.Fa crl
+to
+.Fa bio
+in human-readable form, in the following order:
+.Bl -bullet
+.It
+The certificate revocation list version number as defined by
+the standard, followed in parentheses by the value contained
+in the version field in hexadecimal notation.
+See
+.Xr X509_CRL_get_version 3
+for details.
+.It
+The name of the signature algorithm is printed with
+.Xr X509_signature_print 3 .
+.It
+The issuer name as returned by
+.Xr X509_CRL_get_issuer 3 .
+.It
+The times of the last and next updates as returned by
+.Xr X509_CRL_get0_lastUpdate 3
+and
+.Xr X509_CRL_get0_nextUpdate 3
+are printed with
+.Xr ASN1_TIME_print 3 .
+.It
+All X.509 extensions directly contained
+in the certificate revocation list object
+.Fa crl
+are printed with
+.Xr X509V3_extensions_print 3 .
+.It
+Information about revoked certificates is retrieved with
+.Xr X509_CRL_get_REVOKED 3 ,
+and for each revoked certificate, the following is printed:
+.Bl -bullet
+.It
+The serial number of the certificate is printed with
+.Xr i2a_ASN1_INTEGER 3 .
+.It
+The revocation date is printed with
+.Xr ASN1_TIME_print 3 .
+.It
+All X.509 extensions contained in the revocation entry are printed with
+.Xr X509V3_extensions_print 3 .
+.El
+.It
+The signature of
+.Fa crl
+is printed with
+.Xr X509_signature_print 3 .
+.El
+.Pp
+.Fn X509_CRL_print_fp
+is similar to
+.Fn X509_CRL_print
+except that it prints to
+.Fa fp .
+.Sh RETURN VALUES
+These functions are intended to return 1 for success and 0 for error.
+.Sh SEE ALSO
+.Xr BIO_new 3 ,
+.Xr X509_CRL_new 3 ,
+.Xr X509_print_ex 3 ,
+.Xr X509_REVOKED_new 3
+.Sh HISTORY
+These functions first appeared in OpenSSL 0.9.2 and have been available since
+.Ox 2.6 .
+.Sh BUGS
+Most I/O errors are silently ignored.
+Even if the information printed is incomplete, these functions may
+return 1 anyway.
+.Pp
+If the version number is invalid, no information from the CRL is printed
+and the functions fail.
diff --git a/lib/libcrypto/man/X509_REVOKED_new.3 b/lib/libcrypto/man/X509_REVOKED_new.3
index af130ee41ad..c1a50d1c9af 100644
--- a/lib/libcrypto/man/X509_REVOKED_new.3
+++ b/lib/libcrypto/man/X509_REVOKED_new.3
@@ -1,4 +1,4 @@
-.\" $OpenBSD: X509_REVOKED_new.3,v 1.11 2019/06/14 13:59:32 schwarze Exp $
+.\" $OpenBSD: X509_REVOKED_new.3,v 1.12 2021/07/19 13:16:43 schwarze Exp $
.\" full merge up to:
.\" OpenSSL man3/X509_CRL_get0_by_serial cdd6c8c5 Mar 20 12:29:37 2017 +0100
.\"
@@ -66,7 +66,7 @@
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
.\" OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.Dd $Mdocdate: June 14 2019 $
+.Dd $Mdocdate: July 19 2021 $
.Dt X509_REVOKED_NEW 3
.Os
.Sh NAME
@@ -183,6 +183,7 @@ In some cases of failure, the reason can be determined with
.Xr PEM_read_X509_CRL 3 ,
.Xr X509_CRL_get0_by_serial 3 ,
.Xr X509_CRL_new 3 ,
+.Xr X509_CRL_print 3 ,
.Xr X509_EXTENSION_new 3 ,
.Xr X509_REVOKED_get_ext 3 ,
.Xr X509_REVOKED_get_ext_d2i 3
diff --git a/lib/libcrypto/man/X509_print_ex.3 b/lib/libcrypto/man/X509_print_ex.3
index 19373e07549..c313d349305 100644
--- a/lib/libcrypto/man/X509_print_ex.3
+++ b/lib/libcrypto/man/X509_print_ex.3
@@ -1,4 +1,4 @@
-.\" $OpenBSD: X509_print_ex.3,v 1.1 2021/07/12 15:56:54 schwarze Exp $
+.\" $OpenBSD: X509_print_ex.3,v 1.2 2021/07/19 13:16:43 schwarze Exp $
.\"
.\" Copyright (c) 2021 Ingo Schwarze <schwarze@openbsd.org>
.\"
@@ -14,7 +14,7 @@
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\"
-.Dd $Mdocdate: July 12 2021 $
+.Dd $Mdocdate: July 19 2021 $
.Dt X509_PRINT_EX 3
.Os
.Sh NAME
@@ -251,6 +251,7 @@ always returns 1 and silently ignores write errors.
.Sh SEE ALSO
.Xr BIO_new 3 ,
.Xr X509_CERT_AUX_new 3 ,
+.Xr X509_CRL_print 3 ,
.Xr X509_new 3
.Sh HISTORY
.Fn X509_print