diff options
author | Ingo Schwarze <schwarze@cvs.openbsd.org> | 2016-12-14 15:04:14 +0000 |
---|---|---|
committer | Ingo Schwarze <schwarze@cvs.openbsd.org> | 2016-12-14 15:04:14 +0000 |
commit | e8561c1abed9e4f21028e7f27a63f34493099e55 (patch) | |
tree | abad17d70791d664dbd526c65e045591a2b8a0a5 | |
parent | f930a0fa32b418ab80ed22b00ffb283a59efb400 (diff) |
Write X509_NAME_new(3) manual from scratch. Both functions are
listed in <openssl/x509.h> and in OpenSSL doc/man3/X509_dup.pod.
Note that the OpenSSL documentation specifies the wrong header file.
-rw-r--r-- | lib/libcrypto/man/Makefile | 3 | ||||
-rw-r--r-- | lib/libcrypto/man/X509_NAME_new.3 | 81 |
2 files changed, 83 insertions, 1 deletions
diff --git a/lib/libcrypto/man/Makefile b/lib/libcrypto/man/Makefile index 426b3c4c9b6..59cf7e6bce6 100644 --- a/lib/libcrypto/man/Makefile +++ b/lib/libcrypto/man/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.78 2016/12/14 02:03:50 schwarze Exp $ +# $OpenBSD: Makefile,v 1.79 2016/12/14 15:04:13 schwarze Exp $ .include <bsd.own.mk> @@ -183,6 +183,7 @@ MAN= \ X509_NAME_ENTRY_get_object.3 \ X509_NAME_add_entry_by_txt.3 \ X509_NAME_get_index_by_NID.3 \ + X509_NAME_new.3 \ X509_NAME_print_ex.3 \ X509_PUBKEY_new.3 \ X509_STORE_CTX_get_error.3 \ diff --git a/lib/libcrypto/man/X509_NAME_new.3 b/lib/libcrypto/man/X509_NAME_new.3 new file mode 100644 index 00000000000..56a23f975de --- /dev/null +++ b/lib/libcrypto/man/X509_NAME_new.3 @@ -0,0 +1,81 @@ +.\" $OpenBSD: X509_NAME_new.3,v 1.1 2016/12/14 15:04:13 schwarze Exp $ +.\" +.\" Copyright (c) 2016 Ingo Schwarze <schwarze@openbsd.org> +.\" +.\" Permission to use, copy, modify, and distribute this software for any +.\" purpose with or without fee is hereby granted, provided that the above +.\" copyright notice and this permission notice appear in all copies. +.\" +.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES +.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF +.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR +.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES +.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN +.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF +.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. +.\" +.Dd $Mdocdate: December 14 2016 $ +.Dt X509_NAME_NEW 3 +.Os +.Sh NAME +.Nm X509_NAME_new , +.Nm X509_NAME_free +.\" In the following line, "X.501" and "Name" are not typos. +.\" The "Name" type is defined in X.501, not in X.509. +.\" The type in called "Name" with capital "N", not "name". +.Nd X.501 Name object +.Sh SYNOPSIS +.In openssl/x509.h +.Ft X509_NAME * +.Fn X509_NAME_new void +.Ft void +.Fn X509_NAME_free "X509_NAME *name" +.Sh DESCRIPTION +An X.501 Name is an ordered sequence of relative distinguished names. +A relative distinguished name is a set of key-value pairs; see +.Xr X509_NAME_ENTRY_new 3 +for details. +.Pp +Various X.509 structures contain X.501 Name substructures. +They are for example used for the issuers of certificates and +certificate revocation lists and for the subjects of certificates +and certificate requests. +.Pp +.Fn X509_NAME_new +allocates and initializes an empty +.Vt X509_NAME +object, representing an ASN.1 Name structure +defined in RFC 5280 section 4.1.2.4. +Data can be added to such objects with the functions described in +.Xr X509_NAME_add_entry_by_txt 3 , +and they can be inspected with the functions described in +.Xr X509_NAME_get_index_by_NID 3 . +.Pp +.Fn X509_NAME_free +frees +.Fa name +and all the +.Vt X509_NAME_ENTRY +objects contained in it. +.Sh RETURN VALUES +.Fn X509_NAME_new +returns a new +.Vt X509_NAME +object or +.Dv NULL +if an error occurred. +.Sh SEE ALSO +.Xr d2i_X509_NAME 3 , +.Xr SSL_load_client_CA_file 3 , +.Xr X509_get_subject_name 3 , +.Xr X509_NAME_add_entry_by_txt 3 , +.Xr X509_NAME_ENTRY_new 3 , +.Xr X509_NAME_get_index_by_NID 3 , +.Xr X509_NAME_print_ex 3 +.Sh STANDARDS +RFC 5280: Internet X.509 Public Key Infrastructure Certificate and +Certificate Revocation List (CRL) Profile +.Pp +ITU-T Recommendation X.501, also known as ISO/IEC 9594-2: +Information Technology \(en Open Systems Interconnection \(en +The Directory: Models, section 9: Names |