Write new manual pages d2i_X509_ATTRIBUTE(3) and d2i_X509_EXTENSION(3)

from scratch.  All six functions are listed in <openssl/x509.h>
and in OpenSSL doc/man3/d2i_X509.pod.

6 files changed, 176 insertions, 7 deletions

diff --git a/lib/libcrypto/man/Makefile b/lib/libcrypto/man/Makefile
index b9a647c38e0..49990dff8d0 100644
--- a/lib/libcrypto/man/Makefile
+++ b/lib/libcrypto/man/Makefile
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.106 2016/12/28 00:55:05 schwarze Exp $
+# $OpenBSD: Makefile,v 1.107 2016/12/28 13:45:30 schwarze Exp $
 
 .include <bsd.own.mk>
 
@@ -243,7 +243,9 @@ MAN=	\
 	d2i_TS_REQ.3 \
 	d2i_X509.3 \
 	d2i_X509_ALGOR.3 \
+	d2i_X509_ATTRIBUTE.3 \
 	d2i_X509_CRL.3 \
+	d2i_X509_EXTENSION.3 \
 	d2i_X509_NAME.3 \
 	d2i_X509_REQ.3 \
 	d2i_X509_SIG.3 \
diff --git a/lib/libcrypto/man/X509V3_get_d2i.3 b/lib/libcrypto/man/X509V3_get_d2i.3
index e7c0abea891..a0edc899340 100644
--- a/lib/libcrypto/man/X509V3_get_d2i.3
+++ b/lib/libcrypto/man/X509V3_get_d2i.3
@@ -1,4 +1,4 @@
-.\"	$OpenBSD: X509V3_get_d2i.3,v 1.4 2016/12/15 15:21:07 schwarze Exp $
+.\"	$OpenBSD: X509V3_get_d2i.3,v 1.5 2016/12/28 13:45:30 schwarze Exp $
 .\"	OpenSSL 047dd81e Jul 4 23:03:17 2014 +0100
 .\"
 .\" This file was written by Dr. Stephen Henson <steve@openssl.org>.
@@ -48,7 +48,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: December 15 2016 $
+.Dd $Mdocdate: December 28 2016 $
 .Dt X509V3_GET_D2I 3
 .Os
 .Sh NAME
@@ -365,6 +365,7 @@ non-fatal error (extension not found, already exists, cannot be encoded),
 or -1 due to a fatal error such as a memory allocation failure.
 .Sh SEE ALSO
 .Xr d2i_X509 3 ,
+.Xr d2i_X509_EXTENSION 3 ,
 .Xr ERR_get_error 3 ,
 .Xr X509_CRL_get0_by_serial 3 ,
 .Xr X509_EXTENSION_new 3 ,
diff --git a/lib/libcrypto/man/X509_ATTRIBUTE_new.3 b/lib/libcrypto/man/X509_ATTRIBUTE_new.3
index 49aa238da7f..f0568e196db 100644
--- a/lib/libcrypto/man/X509_ATTRIBUTE_new.3
+++ b/lib/libcrypto/man/X509_ATTRIBUTE_new.3
@@ -1,4 +1,4 @@
-.\"	$OpenBSD: X509_ATTRIBUTE_new.3,v 1.2 2016/12/22 16:05:22 schwarze Exp $
+.\"	$OpenBSD: X509_ATTRIBUTE_new.3,v 1.3 2016/12/28 13:45:30 schwarze Exp $
 .\"
 .\" Copyright (c) 2016 Ingo Schwarze <schwarze@openbsd.org>
 .\"
@@ -14,7 +14,7 @@
 .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 .\"
-.Dd $Mdocdate: December 22 2016 $
+.Dd $Mdocdate: December 28 2016 $
 .Dt X509_ATTRIBUTE_NEW 3
 .Os
 .Sh NAME
@@ -61,6 +61,7 @@ object or
 .Dv NULL
 if an error occurs.
 .Sh SEE ALSO
+.Xr d2i_X509_ATTRIBUTE 3 ,
 .Xr PKCS12_SAFEBAG_new 3 ,
 .Xr PKCS8_PRIV_KEY_INFO_new 3 ,
 .Xr X509_EXTENSION_new 3 ,
diff --git a/lib/libcrypto/man/X509_EXTENSION_set_object.3 b/lib/libcrypto/man/X509_EXTENSION_set_object.3
index 850be6e66b8..f0df3392b8e 100644
--- a/lib/libcrypto/man/X509_EXTENSION_set_object.3
+++ b/lib/libcrypto/man/X509_EXTENSION_set_object.3
@@ -1,4 +1,4 @@
-.\"	$OpenBSD: X509_EXTENSION_set_object.3,v 1.5 2016/12/25 22:15:10 schwarze Exp $
+.\"	$OpenBSD: X509_EXTENSION_set_object.3,v 1.6 2016/12/28 13:45:30 schwarze Exp $
 .\"	OpenSSL bb9ad09e Jun 6 00:43:05 2016 -0400
 .\"
 .\" This file is a derived work.
@@ -65,7 +65,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: December 25 2016 $
+.Dd $Mdocdate: December 28 2016 $
 .Dt X509_EXTENSION_SET_OBJECT 3
 .Os
 .Sh NAME
@@ -79,6 +79,8 @@
 .Nm X509_EXTENSION_get_object ,
 .Nm X509_EXTENSION_get_critical ,
 .Nm X509_EXTENSION_get_data
+.\" In the next line, the capital "E" is not a typo.
+.\" The ASN.1 structure is called "Extension", not "extension".
 .Nd create, change, and inspect X.509 Extension objects
 .Sh SYNOPSIS
 .In openssl/x509.h
@@ -269,6 +271,7 @@ pointer.
 .Xr ACCESS_DESCRIPTION_new 3 ,
 .Xr AUTHORITY_KEYID_new 3 ,
 .Xr BASIC_CONSTRAINTS_new 3 ,
+.Xr d2i_X509_EXTENSION 3 ,
 .Xr DIST_POINT_new 3 ,
 .Xr EXTENDED_KEY_USAGE_new 3 ,
 .Xr NAME_CONSTRAINTS_new 3 ,
diff --git a/lib/libcrypto/man/d2i_X509_ATTRIBUTE.3 b/lib/libcrypto/man/d2i_X509_ATTRIBUTE.3
new file mode 100644
index 00000000000..c8a17571e2f
--- /dev/null
+++ b/lib/libcrypto/man/d2i_X509_ATTRIBUTE.3
@@ -0,0 +1,70 @@
+.\"	$OpenBSD: d2i_X509_ATTRIBUTE.3,v 1.1 2016/12/28 13:45:30 schwarze Exp $
+.\"
+.\" Copyright (c) 2016 Ingo Schwarze <schwarze@openbsd.org>
+.\"
+.\" Permission to use, copy, modify, and distribute this software for any
+.\" purpose with or without fee is hereby granted, provided that the above
+.\" copyright notice and this permission notice appear in all copies.
+.\"
+.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+.\"
+.Dd $Mdocdate: December 28 2016 $
+.Dt D2I_X509_ATTRIBUTE 3
+.Os
+.Sh NAME
+.Nm d2i_X509_ATTRIBUTE ,
+.Nm i2d_X509_ATTRIBUTE
+.\" In the following line, "X.501" and "Attribute" are not typos.
+.\" The "Attribute" type is defined in X.501, not in X.509.
+.\" The type in called "Attribute" with capital "A", not "attribute".
+.Nd decode and encode generic X.501 Attribute
+.Sh SYNOPSIS
+.In openssl/x509.h
+.Ft X509_ATTRIBUTE *
+.Fo d2i_X509_ATTRIBUTE
+.Fa "X509_ATTRIBUTE **val_out"
+.Fa "const unsigned char **der_in"
+.Fa "long length"
+.Fc
+.Ft int
+.Fo i2d_X509_ATTRIBUTE
+.Fa "X509_ATTRIBUTE *val_in"
+.Fa "unsigned char **der_out"
+.Fc
+.Sh DESCRIPTION
+.Fn d2i_X509_ATTRIBUTE
+and
+.Fn i2d_X509_ATTRIBUTE
+decode and encode a generic ASN.1
+.Vt Attribute
+structure defined in X.501 section 8.2.
+For details about the semantics, examples, caveats, and bugs, see
+.Xr ASN1_item_d2i 3 .
+.Sh RETURN VALUES
+.Fn d2i_X509_ATTRIBUTE
+returns an
+.Vt X509_ATTRIBUTE
+object or
+.Dv NULL
+if an error occurs.
+.Pp
+.Fn i2d_X509_ATTRIBUTE
+returns the number of bytes successfully encoded or a negative value
+if an error occurs.
+.Sh SEE ALSO
+.Xr ASN1_item_d2i 3 ,
+.Xr d2i_PKCS12 3 ,
+.Xr d2i_PKCS8_PRIV_KEY_INFO 3 ,
+.Xr d2i_X509_EXTENSION 3 ,
+.Xr d2i_X509_REQ 3 ,
+.Xr X509_ATTRIBUTE_new 3
+.Sh STANDARDS
+ITU-T Recommendation X.501, also known as ISO/IEC 9594-2: Information
+Technology  Open Systems Interconnection  The Directory: Models,
+section 8.2: Overall structure
diff --git a/lib/libcrypto/man/d2i_X509_EXTENSION.3 b/lib/libcrypto/man/d2i_X509_EXTENSION.3
new file mode 100644
index 00000000000..8b31e2c667d
--- /dev/null
+++ b/lib/libcrypto/man/d2i_X509_EXTENSION.3
@@ -0,0 +1,92 @@
+.\"	$OpenBSD: d2i_X509_EXTENSION.3,v 1.1 2016/12/28 13:45:30 schwarze Exp $
+.\"
+.\" Copyright (c) 2016 Ingo Schwarze <schwarze@openbsd.org>
+.\"
+.\" Permission to use, copy, modify, and distribute this software for any
+.\" purpose with or without fee is hereby granted, provided that the above
+.\" copyright notice and this permission notice appear in all copies.
+.\"
+.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+.\"
+.Dd $Mdocdate: December 28 2016 $
+.Dt D2I_X509_EXTENSION 3
+.Os
+.Sh NAME
+.Nm d2i_X509_EXTENSION ,
+.Nm i2d_X509_EXTENSION ,
+.Nm d2i_X509_EXTENSIONS ,
+.Nm i2d_X509_EXTENSIONS
+.\" In the next line, the capital "E" is not a typo.
+.\" The ASN.1 structure is called "Extensions", not "extensions".
+.Nd decode and encode X.509 Extensions
+.Sh SYNOPSIS
+.In openssl/x509.h
+.Ft X509_EXTENSION *
+.Fo d2i_X509_EXTENSION
+.Fa "X509_EXTENSION **val_out"
+.Fa "const unsigned char **der_in"
+.Fa "long length"
+.Fc
+.Ft int
+.Fo i2d_X509_EXTENSION
+.Fa "X509_EXTENSION *val_in"
+.Fa "unsigned char **der_out"
+.Fc
+.Ft X509_EXTENSIONS *
+.Fo d2i_X509_EXTENSIONS
+.Fa "X509_EXTENSIONS **val_out"
+.Fa "const unsigned char **der_in"
+.Fa "long length"
+.Fc
+.Ft int
+.Fo i2d_X509_EXTENSIONS
+.Fa "X509_EXTENSIONS *val_in"
+.Fa "unsigned char **der_out"
+.Fc
+.Sh DESCRIPTION
+.Fn d2i_X509_EXTENSION
+and
+.Fn i2d_X509_EXTENSION
+decode and encode an ASN.1
+.Vt Extension
+structure defined in RFC 5280 section 4.1.
+.Pp
+.Fn d2i_X509_EXTENSIONS
+and
+.Fn i2d_X509_EXTENSIONS
+decode and encode an ASN.1
+.Vt Extensions
+structure defined in RFC 5280 section 4.1,
+which is a SEQUENCE OF
+.Vt Extension .
+.Sh RETURN VALUES
+.Fn d2i_X509_EXTENSION
+and
+.Fn d2i_X509_EXTENSIONS
+return an
+.Vt X509_EXTENSION
+or
+.Vt X509_EXTENSIONS
+object, respectively, or
+.Dv NULL
+if an error occurs.
+.Pp
+.Fn i2d_X509_EXTENSION
+and
+.Fn i2d_X509_EXTENSIONS
+return the number of bytes successfully encoded or a negative value
+if an error occurs.
+.Sh SEE ALSO
+.Xr ASN1_item_d2i 3 ,
+.Xr X509_EXTENSION_new 3 ,
+.Xr X509V3_get_d2i 3 ,
+.Xr X509v3_get_ext_by_NID 3
+.Sh STANDARDS
+RFC 5280: Internet X.509 Public Key Infrastructure Certificate and
+Certificate Revocation List (CRL) Profile