Write new X509_CINF_new(3) manual page from scratch. These functions

are listed in <openssl/x509.h> and in OpenSSL doc/man3/X509_dup.pod.
Note that the OpenSSL documentation specifies the wrong header file.

2 files changed, 99 insertions, 1 deletions

diff --git a/lib/libcrypto/man/Makefile b/lib/libcrypto/man/Makefile
index 59cf7e6bce6..186ca5229e0 100644
--- a/lib/libcrypto/man/Makefile
+++ b/lib/libcrypto/man/Makefile
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.79 2016/12/14 15:04:13 schwarze Exp $
+# $OpenBSD: Makefile,v 1.80 2016/12/16 09:17:59 schwarze Exp $
 
 .include <bsd.own.mk>
 
@@ -177,6 +177,7 @@ MAN=	\
 	UI_new.3 \
 	X509V3_get_d2i.3 \
 	X509_ALGOR_dup.3 \
+	X509_CINF_new.3 \
 	X509_CRL_get0_by_serial.3 \
 	X509_EXTENSION_set_object.3 \
 	X509_LOOKUP_hash_dir.3 \
diff --git a/lib/libcrypto/man/X509_CINF_new.3 b/lib/libcrypto/man/X509_CINF_new.3
new file mode 100644
index 00000000000..fdfc4c8c7b5
--- /dev/null
+++ b/lib/libcrypto/man/X509_CINF_new.3
@@ -0,0 +1,97 @@
+.\"	$OpenBSD: X509_CINF_new.3,v 1.1 2016/12/16 09:17:59 schwarze Exp $
+.\"
+.\" Copyright (c) 2016 Ingo Schwarze <schwarze@openbsd.org>
+.\"
+.\" Permission to use, copy, modify, and distribute this software for any
+.\" purpose with or without fee is hereby granted, provided that the above
+.\" copyright notice and this permission notice appear in all copies.
+.\"
+.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+.\"
+.Dd $Mdocdate: December 16 2016 $
+.Dt X509_CINF_NEW 3
+.Os
+.Sh NAME
+.Nm X509_CINF_new ,
+.Nm X509_CINF_free ,
+.Nm X509_VAL_new ,
+.Nm X509_VAL_free ,
+.Nm X509_CERT_AUX_new ,
+.Nm X509_CERT_AUX_free
+.Nd X.509 certificate information objects
+.Sh SYNOPSIS
+.In openssl/x509.h
+.Ft X509_CINF *
+.Fn X509_CINF_new void
+.Ft void
+.Fn X509_CINF_free "X509_CINF *inf"
+.Ft X509_VAL *
+.Fn X509_VAL_new void
+.Ft void
+.Fn X509_VAL_free "X509_VAL *val"
+.Ft X509_CERT_AUX *
+.Fn X509_CERT_AUX_new void
+.Ft void
+.Fn X509_CERT_AUX_free "X509_CERT_AUX *aux"
+.Sh DESCRIPTION
+.Fn X509_CINF_new
+allocates and initializes an empty
+.Vt X509_CINF
+object, representing an ASN.1 TBSCertificate structure
+defined in RFC 5280 section 4.1.
+It is used inside the
+.Vt X509
+object and holds the main information contained in the X.509
+certificate including subject, public key, issuer, serial number,
+validity period, and extensions.
+.Fn X509_CINF_free
+frees
+.Fa inf .
+.Pp
+.Fn X509_VAL_new
+allocates and initializes an empty
+.Vt X509_VAL
+object, representing an ASN.1 Validity structure
+defined in RFC 5280 section 4.1.
+It is used inside the
+.Vt X509_CINF
+object and holds the validity period of the certificate.
+.Fn X509_VAL_free
+frees
+.Fa val .
+.Pp
+.Fn X509_CERT_AUX_new
+allocates and initializes an empty
+.Vt X509_CERT_AUX
+structure.
+It can be used inside an
+.Vt X509
+object to hold optional non-standard auxiliary data appended to a
+certificate, for example friendly alias names and trust data.
+.Fn X509_CERT_AUX_free
+frees
+.Fa aux .
+.Sh RETURN VALUES
+.Fn X509_CINF_new ,
+.Fn X509_VAL_new ,
+and
+.Fn X509_CERT_AUX_new
+return the new
+.Vt X509_CINF ,
+.Vt X509_VAL ,
+or
+.Vt X509_CERT_AUX
+object, respectively, or
+.Dv NULL
+if an error occurs.
+.Sh SEE ALSO
+.Xr X509_new 3
+.Sh STANDARDS
+RFC 5280: Internet X.509 Public Key Infrastructure Certificate and
+Certificate Revocation List (CRL) Profile