import X509_PUBKEY_new(3) from OpenSSL

2 files changed, 275 insertions, 1 deletions

diff --git a/lib/libcrypto/man/Makefile b/lib/libcrypto/man/Makefile
index c8eb806169c..8491e94fa00 100644
--- a/lib/libcrypto/man/Makefile
+++ b/lib/libcrypto/man/Makefile
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.62 2016/12/04 20:51:47 schwarze Exp $
+# $OpenBSD: Makefile,v 1.63 2016/12/05 12:50:07 schwarze Exp $
 
 .include <bsd.own.mk>
 
@@ -179,6 +179,7 @@ MAN=	\
 	X509_NAME_add_entry_by_txt.3 \
 	X509_NAME_get_index_by_NID.3 \
 	X509_NAME_print_ex.3 \
+	X509_PUBKEY_new.3 \
 	X509_STORE_CTX_get_error.3 \
 	X509_STORE_CTX_get_ex_new_index.3 \
 	X509_STORE_CTX_new.3 \
diff --git a/lib/libcrypto/man/X509_PUBKEY_new.3 b/lib/libcrypto/man/X509_PUBKEY_new.3
new file mode 100644
index 00000000000..59dc2fbf7a4
--- /dev/null
+++ b/lib/libcrypto/man/X509_PUBKEY_new.3
@@ -0,0 +1,273 @@
+.\"	$OpenBSD: X509_PUBKEY_new.3,v 1.1 2016/12/05 12:50:07 schwarze Exp $
+.\"	OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400
+.\"
+.\" This file was written by Dr. Stephen Henson <steve@openssl.org>.
+.\" Copyright (c) 2016 The OpenSSL Project.  All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\"
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\"
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in
+.\"    the documentation and/or other materials provided with the
+.\"    distribution.
+.\"
+.\" 3. All advertising materials mentioning features or use of this
+.\"    software must display the following acknowledgment:
+.\"    "This product includes software developed by the OpenSSL Project
+.\"    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+.\"
+.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+.\"    endorse or promote products derived from this software without
+.\"    prior written permission. For written permission, please contact
+.\"    openssl-core@openssl.org.
+.\"
+.\" 5. Products derived from this software may not be called "OpenSSL"
+.\"    nor may "OpenSSL" appear in their names without prior written
+.\"    permission of the OpenSSL Project.
+.\"
+.\" 6. Redistributions of any form whatsoever must retain the following
+.\"    acknowledgment:
+.\"    "This product includes software developed by the OpenSSL Project
+.\"    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+.\" PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+.\" OF THE POSSIBILITY OF SUCH DAMAGE.
+.\"
+.Dd $Mdocdate: December 5 2016 $
+.Dt X509_PUBKEY_NEW 3
+.Os
+.Sh NAME
+.Nm X509_PUBKEY_new ,
+.Nm X509_PUBKEY_free ,
+.Nm X509_PUBKEY_set ,
+.Nm X509_PUBKEY_get ,
+.Nm d2i_PUBKEY ,
+.Nm i2d_PUBKEY ,
+.Nm d2i_PUBKEY_bio ,
+.Nm d2i_PUBKEY_fp ,
+.Nm i2d_PUBKEY_fp ,
+.Nm i2d_PUBKEY_bio ,
+.Nm X509_PUBKEY_set0_param ,
+.Nm X509_PUBKEY_get0_param
+.Nd SubjectPublicKeyInfo public key functions
+.Sh SYNOPSIS
+.In openssl/x509.h
+.Ft X509_PUBKEY *
+.Fn X509_PUBKEY_new void
+.Ft void
+.Fo X509_PUBKEY_free
+.Fa "X509_PUBKEY *a"
+.Fc
+.Ft int
+.Fo X509_PUBKEY_set
+.Fa "X509_PUBKEY **x"
+.Fa "EVP_PKEY *pkey"
+.Fc
+.Ft EVP_PKEY *
+.Fo X509_PUBKEY_get
+.Fa "X509_PUBKEY *key"
+.Fc
+.Ft EVP_PKEY *
+.Fo d2i_PUBKEY
+.Fa "EVP_PKEY **a"
+.Fa "const unsigned char **pp"
+.Fa "long length"
+.Fc
+.Ft int
+.Fo i2d_PUBKEY
+.Fa "EVP_PKEY *a"
+.Fa "unsigned char **pp"
+.Fc
+.Ft EVP_PKEY *
+.Fo d2i_PUBKEY_bio
+.Fa "BIO *bp"
+.Fa "EVP_PKEY **a"
+.Fc
+.Ft EVP_PKEY *
+.Fo d2i_PUBKEY_fp
+.Fa "FILE *fp"
+.Fa "EVP_PKEY **a"
+.Fc
+.Ft int
+.Fo i2d_PUBKEY_fp
+.Fa "FILE *fp"
+.Fa "EVP_PKEY *pkey"
+.Fc
+.Ft int
+.Fo i2d_PUBKEY_bio
+.Fa "BIO *bp"
+.Fa "EVP_PKEY *pkey"
+.Fc
+.Ft int
+.Fo X509_PUBKEY_set0_param
+.Fa "X509_PUBKEY *pub"
+.Fa "ASN1_OBJECT *aobj"
+.Fa "int ptype"
+.Fa "void *pval"
+.Fa "unsigned char *penc"
+.Fa "int penclen"
+.Fc
+.Ft int
+.Fo X509_PUBKEY_get0_param
+.Fa "ASN1_OBJECT **ppkalg"
+.Fa "const unsigned char **pk"
+.Fa "int *ppklen"
+.Fa "X509_ALGOR **pa"
+.Fa "X509_PUBKEY *pub"
+.Fc
+.Sh DESCRIPTION
+The
+.Vt X509_PUBKEY
+structure represents the ASN.1
+.Sy SubjectPublicKeyInfo
+structure defined in RFC 5280 and used in certificates and certificate
+requests.
+.Pp
+.Fn X509_PUBKEY_new
+allocates and initializes an
+.Vt X509_PUBKEY
+structure.
+.Pp
+.Fn X509_PUBKEY_free
+frees up the
+.Vt X509_PUBKEY
+structure
+.Fa a .
+If
+.Fa a
+is a
+.Dv NULL
+pointer, nothing is done.
+.Pp
+.Fn X509_PUBKEY_set
+sets the public key in
+.Pf * Fa x
+to the public key contained in the
+.Vt EVP_PKEY
+structure
+.Fa pkey .
+If
+.Pf * Fa x
+is not
+.Dv NULL ,
+any existing public key structure will be freed.
+.Pp
+.Fn X509_PUBKEY_get
+returns the public key contained in
+.Fa key .
+The reference
+count on the returned key is incremented so it must be freed using
+.Xr EVP_PKEY_free
+after use.
+.Pp
+.Fn d2i_PUBKEY
+and
+.Fn i2d_PUBKEY
+decode and encode an
+.Vt EVP_PKEY
+structure using
+.Sy SubjectPublicKeyInfo
+format.
+They otherwise follow the conventions of other ASN.1 functions such as
+.Xr d2i_X509 3 .
+.Pp
+.Fn d2i_PUBKEY_bio ,
+.Fn d2i_PUBKEY_fp ,
+.Fn i2d_PUBKEY_bio
+and
+.Fn i2d_PUBKEY_fp
+are similar to
+.Fn d2i_PUBKEY
+and
+.Fn i2d_PUBKEY
+except they decode or encode using a
+.Vt BIO
+or
+.Vt FILE
+pointer.
+.Pp
+.Fn X509_PUBKEY_set0_param
+sets the public key parameters of
+.Fa pub .
+The OID associated with the algorithm is set to
+.Fa aobj .
+The type of the algorithm parameters is set to
+.Fa ptype
+using the structure
+.Fa pval .
+The encoding of the public key itself is set to the
+.Fa penclen
+bytes contained in buffer
+.Fa penc .
+On success ownership of all the supplied parameters is passed to
+.Fa pub
+so they must not be freed after the call.
+.Pp
+.Fn X509_PUBKEY_get0_param
+retrieves the public key parameters from
+.Fa pub ,
+.Pf * Fa ppkalg
+is set to the associated OID and the encoding consists of
+.Pf * Fa ppklen
+bytes at
+.Pf * Fa pk ,
+.Pf * Fa pa
+is set to the associated AlgorithmIdentifier for the public key.
+If the value of any of these parameters is not required,
+it can be set to
+.Dv NULL .
+All of the retrieved pointers are internal and must not be freed after
+the call.
+.Pp
+The
+.Vt X509_PUBKEY
+functions can be used to encode and decode public keys in a standard
+format.
+.Pp
+In many cases applications will not call the
+.Vt X509_PUBKEY
+functions directly: they will instead call wrapper functions such as
+.Xr X509_get0_pubkey 3 .
+.Sh RETURN VALUES
+If the allocation fails,
+.Fn X509_PUBKEY_new
+returns
+.Dv NULL
+and sets an error code that can be obtained by
+.Xr ERR_get_error 3 .
+.Pp
+Otherwise it returns a pointer to the newly allocated structure.
+.Pp
+.Fn X509_PUBKEY_get0
+and
+.Fn X509_PUBKEY_get
+return a pointer to an
+.Vt EVP_PKEY
+structure or
+.Dv NULL
+if an error occurs.
+.Pp
+.Fn X509_PUBKEY_set ,
+.Fn X509_PUBKEY_set0_param
+and
+.Fn X509_PUBKEY_get0_param
+return 1 for success and 0 if an error occurred.
+.Sh SEE ALSO
+.Xr d2i_X509 3 ,
+.Xr ERR_get_error 3 ,
+.Xr X509_get_pubkey 3