diff options
Diffstat (limited to 'lib')
20 files changed, 198 insertions, 124 deletions
diff --git a/lib/libcrypto/man/ASN1_STRING_TABLE_add.3 b/lib/libcrypto/man/ASN1_STRING_TABLE_add.3 index cf5741e987b..c4ae6c9bfa1 100644 --- a/lib/libcrypto/man/ASN1_STRING_TABLE_add.3 +++ b/lib/libcrypto/man/ASN1_STRING_TABLE_add.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ASN1_STRING_TABLE_add.3,v 1.3 2018/03/22 16:06:33 schwarze Exp $ +.\" $OpenBSD: ASN1_STRING_TABLE_add.3,v 1.4 2019/06/14 13:59:32 schwarze Exp $ .\" OpenSSL ASN1_STRING_TABLE_add.pod 7b608d08 Jul 27 01:18:50 2017 +0800 .\" .\" Copyright (c) 2017 Ingo Schwarze <schwarze@openbsd.org> @@ -15,7 +15,7 @@ .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" -.Dd $Mdocdate: March 22 2018 $ +.Dd $Mdocdate: June 14 2019 $ .Dt ASN1_STRING_TABLE_ADD 3 .Os .Sh NAME @@ -75,8 +75,11 @@ The function .Fn ASN1_STRING_TABLE_cleanup removes and frees all entries except the predefined ones. .Sh RETURN VALUES +The .Fn ASN1_STRING_TABLE_add -returns 1 on success or 0 if an error occurred. +function returns 1 if successful; otherwise 0 is returned +and an error code can be retrieved with +.Xr ERR_get_error 3 . .Pp .Fn ASN1_STRING_TABLE_get returns a valid @@ -86,7 +89,6 @@ structure or if nothing is found. .Sh SEE ALSO .Xr ASN1_OBJECT_new 3 , -.Xr ERR_get_error 3 , .Xr OBJ_nid2obj 3 .Sh HISTORY .Fn ASN1_STRING_TABLE_add , diff --git a/lib/libcrypto/man/ASN1_STRING_length.3 b/lib/libcrypto/man/ASN1_STRING_length.3 index 2e5ffe924d6..d4f510ea37a 100644 --- a/lib/libcrypto/man/ASN1_STRING_length.3 +++ b/lib/libcrypto/man/ASN1_STRING_length.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ASN1_STRING_length.3,v 1.18 2019/06/06 01:06:58 schwarze Exp $ +.\" $OpenBSD: ASN1_STRING_length.3,v 1.19 2019/06/14 13:59:32 schwarze Exp $ .\" full merge up to: OpenSSL 4a56d2a3 Feb 25 16:49:27 2018 +0300 .\" .\" This file is a derived work. @@ -66,7 +66,7 @@ .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED .\" OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: June 6 2019 $ +.Dd $Mdocdate: June 14 2019 $ .Dt ASN1_STRING_LENGTH 3 .Os .Sh NAME @@ -287,9 +287,16 @@ or a negative number if an error occurred. .Fn ASN1_STRING_type returns an integer constant, for example .Dv V_ASN1_OCTET_STRING . +.Pp +In some cases of failure of +.Fn ASN1_STRING_dup , +.Fn ASN1_STRING_set , +and +.Fn ASN1_STRING_to_UTF8 , +the reason can be determined with +.Xr ERR_get_error 3 . .Sh SEE ALSO -.Xr ASN1_STRING_new 3 , -.Xr ERR_get_error 3 +.Xr ASN1_STRING_new 3 .Sh HISTORY .Fn ASN1_STRING_cmp , .Fn ASN1_STRING_dup , diff --git a/lib/libcrypto/man/ASN1_STRING_new.3 b/lib/libcrypto/man/ASN1_STRING_new.3 index b12d936fefc..46325f3968b 100644 --- a/lib/libcrypto/man/ASN1_STRING_new.3 +++ b/lib/libcrypto/man/ASN1_STRING_new.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ASN1_STRING_new.3,v 1.16 2019/06/06 01:06:58 schwarze Exp $ +.\" $OpenBSD: ASN1_STRING_new.3,v 1.17 2019/06/14 13:59:32 schwarze Exp $ .\" OpenSSL 99d63d46 Tue Mar 24 07:52:24 2015 -0400 .\" .\" Copyright (c) 2017 Ingo Schwarze <schwarze@openbsd.org> @@ -15,7 +15,7 @@ .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" -.Dd $Mdocdate: June 6 2019 $ +.Dd $Mdocdate: June 14 2019 $ .Dt ASN1_STRING_NEW 3 .Os .Sh NAME @@ -184,7 +184,7 @@ and which ASN.1 type it represents. .El .Pp All the -.Fa *_free +.Fn *_free functions free .Fa a including any data contained in it. @@ -195,12 +195,13 @@ is a pointer, no action occurs. .Sh RETURN VALUES All the -.Fa *_new +.Fn *_new functions return the new .Vt ASN1_STRING -object or +object if successful; otherwise .Dv NULL -if an error occurs. +is returned and an error code can be retrieved with +.Xr ERR_get_error 3 . .Sh SEE ALSO .Xr ASN1_INTEGER_get 3 , .Xr ASN1_STRING_length 3 , @@ -210,7 +211,6 @@ if an error occurs. .Xr ASN1_TYPE_get 3 , .Xr d2i_ASN1_OBJECT 3 , .Xr d2i_ASN1_OCTET_STRING 3 , -.Xr ERR_get_error 3 , .Xr X509_cmp_time 3 , .Xr X509_EXTENSION_get_object 3 , .Xr X509_get_ext_by_OBJ 3 , diff --git a/lib/libcrypto/man/ASN1_item_new.3 b/lib/libcrypto/man/ASN1_item_new.3 index 259deaca56b..d45be112f11 100644 --- a/lib/libcrypto/man/ASN1_item_new.3 +++ b/lib/libcrypto/man/ASN1_item_new.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ASN1_item_new.3,v 1.4 2018/03/22 21:08:22 schwarze Exp $ +.\" $OpenBSD: ASN1_item_new.3,v 1.5 2019/06/14 13:59:32 schwarze Exp $ .\" .\" Copyright (c) 2016, 2018 Ingo Schwarze <schwarze@openbsd.org> .\" @@ -14,7 +14,7 @@ .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" -.Dd $Mdocdate: March 22 2018 $ +.Dd $Mdocdate: June 14 2019 $ .Dt ASN1_ITEM_NEW 3 .Os .Sh NAME @@ -96,12 +96,14 @@ does not return a pointer at all, but a value cast to .Vt ASN1_VALUE * . .Sh RETURN VALUES +The .Fn ASN1_item_new -returns the new +function returns the new .Vt ASN1_VALUE -object or +object if successful; otherwise .Dv NULL -if an error occurs. +is returned and an error code can be retrieved with +.Xr ERR_get_error 3 . .Sh SEE ALSO .Xr ASN1_item_d2i 3 , .Xr ASN1_TYPE_new 3 , diff --git a/lib/libcrypto/man/OBJ_nid2obj.3 b/lib/libcrypto/man/OBJ_nid2obj.3 index ad743b06a0c..26acea5c58c 100644 --- a/lib/libcrypto/man/OBJ_nid2obj.3 +++ b/lib/libcrypto/man/OBJ_nid2obj.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: OBJ_nid2obj.3,v 1.13 2019/06/06 01:06:58 schwarze Exp $ +.\" $OpenBSD: OBJ_nid2obj.3,v 1.14 2019/06/14 13:59:32 schwarze Exp $ .\" OpenSSL c264592d May 14 11:28:00 2006 +0000 .\" .\" This file is a derived work. @@ -66,7 +66,7 @@ .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED .\" OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: June 6 2019 $ +.Dd $Mdocdate: June 14 2019 $ .Dt OBJ_NID2OBJ 3 .Os .Sh NAME @@ -340,6 +340,20 @@ on error. returns the new NID or .Dv NID_undef if an error occurs. +.Pp +In some cases of failure of +.Fn OBJ_nid2obj , +.Fn OBJ_nid2ln , +.Fn OBJ_nid2sn , +.Fn OBJ_txt2nid , +.Fn OBJ_txt2obj , +.Fn OBJ_obj2txt , +.Fn OBJ_dup , +.Fn OBJ_create , +and +.Fn i2t_ASN1_OBJECT , +the reason can be determined with +.Xr ERR_get_error 3 . .Sh EXAMPLES Create an object for .Sy commonName : @@ -369,8 +383,7 @@ obj = OBJ_txt2obj("1.2.3.4", 1); .Ed .Sh SEE ALSO .Xr ASN1_OBJECT_new 3 , -.Xr d2i_ASN1_OBJECT 3 , -.Xr ERR_get_error 3 +.Xr d2i_ASN1_OBJECT 3 .Sh HISTORY .Fn OBJ_nid2obj , .Fn OBJ_nid2ln , diff --git a/lib/libcrypto/man/PEM_write_bio_PKCS7_stream.3 b/lib/libcrypto/man/PEM_write_bio_PKCS7_stream.3 index 30bab9f0f71..91a1a5cd5e7 100644 --- a/lib/libcrypto/man/PEM_write_bio_PKCS7_stream.3 +++ b/lib/libcrypto/man/PEM_write_bio_PKCS7_stream.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: PEM_write_bio_PKCS7_stream.3,v 1.8 2018/03/23 04:34:23 schwarze Exp $ +.\" $OpenBSD: PEM_write_bio_PKCS7_stream.3,v 1.9 2019/06/14 13:59:32 schwarze Exp $ .\" OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400 .\" .\" This file was written by Dr. Stephen Henson <steve@openssl.org>. @@ -48,7 +48,7 @@ .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED .\" OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: March 23 2018 $ +.Dd $Mdocdate: June 14 2019 $ .Dt PEM_WRITE_BIO_PKCS7_STREAM 3 .Os .Sh NAME @@ -74,11 +74,11 @@ This function is effectively a version of .Xr PEM_write_bio_PKCS7 3 supporting streaming. .Sh RETURN VALUES -.Fn PEM_write_bio_PKCS7_stream -returns 1 for success or 0 for failure. +Upon successful completion, 1 is returned; +otherwise 0 is returned and an error code can be retrieved with +.Xr ERR_get_error 3 . .Sh SEE ALSO .Xr BIO_new 3 , -.Xr ERR_get_error 3 , .Xr i2d_PKCS7_bio_stream 3 , .Xr PEM_write_PKCS7 3 , .Xr PKCS7_new 3 , diff --git a/lib/libcrypto/man/PKCS12_newpass.3 b/lib/libcrypto/man/PKCS12_newpass.3 index b8e56124eb1..b5642c96ea4 100644 --- a/lib/libcrypto/man/PKCS12_newpass.3 +++ b/lib/libcrypto/man/PKCS12_newpass.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: PKCS12_newpass.3,v 1.3 2019/06/06 01:06:58 schwarze Exp $ +.\" $OpenBSD: PKCS12_newpass.3,v 1.4 2019/06/14 13:59:32 schwarze Exp $ .\" OpenSSL c95a8b4e May 5 14:26:26 2016 +0100 .\" .\" This file was written by Jeffrey Walton <noloader@gmail.com>. @@ -48,7 +48,7 @@ .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED .\" OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: June 6 2019 $ +.Dd $Mdocdate: June 14 2019 $ .Dt PKCS12_NEWPASS 3 .Os .Sh NAME @@ -92,12 +92,8 @@ the function will fail with a MAC verification error. In rare cases, the PKCS#12 structure does not contain a MAC: in this case it will usually fail with a decryption padding error. .Sh RETURN VALUES -.Fn PKCS12_newpass -returns 1 on success or 0 on failure. -.Pp -Applications can retrieve the most recent error from -.Fn PKCS12_newpass -with +Upon successful completion, 1 is returned; +otherwise 0 is returned and an error code can be retrieved with .Xr ERR_get_error 3 . .Sh EXAMPLES This example loads a PKCS#12 file, changes its password, @@ -147,7 +143,6 @@ int main(int argc, char **argv) } .Ed .Sh SEE ALSO -.Xr ERR_get_error 3 , .Xr PKCS12_create 3 , .Xr PKCS12_new 3 .Sh HISTORY diff --git a/lib/libcrypto/man/PKCS7_sign_add_signer.3 b/lib/libcrypto/man/PKCS7_sign_add_signer.3 index 6dad880d454..41d57c2c266 100644 --- a/lib/libcrypto/man/PKCS7_sign_add_signer.3 +++ b/lib/libcrypto/man/PKCS7_sign_add_signer.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: PKCS7_sign_add_signer.3,v 1.9 2019/06/06 01:06:59 schwarze Exp $ +.\" $OpenBSD: PKCS7_sign_add_signer.3,v 1.10 2019/06/14 13:59:32 schwarze Exp $ .\" OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400 .\" .\" This file was written by Dr. Stephen Henson <steve@openssl.org>. @@ -49,7 +49,7 @@ .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED .\" OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: June 6 2019 $ +.Dd $Mdocdate: June 14 2019 $ .Dt PKCS7_SIGN_ADD_SIGNER 3 .Os .Sh NAME @@ -170,8 +170,9 @@ returns an internal pointer to the structure just added or .Dv NULL if an error occurs. +In some cases of failure, the reason can be determined with +.Xr ERR_get_error 3 . .Sh SEE ALSO -.Xr ERR_get_error 3 , .Xr EVP_DigestInit 3 , .Xr PKCS7_new 3 , .Xr PKCS7_sign 3 diff --git a/lib/libcrypto/man/SMIME_write_PKCS7.3 b/lib/libcrypto/man/SMIME_write_PKCS7.3 index a0a15763a1b..8baf6689a69 100644 --- a/lib/libcrypto/man/SMIME_write_PKCS7.3 +++ b/lib/libcrypto/man/SMIME_write_PKCS7.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: SMIME_write_PKCS7.3,v 1.5 2018/03/22 16:06:33 schwarze Exp $ +.\" $OpenBSD: SMIME_write_PKCS7.3,v 1.6 2019/06/14 13:59:32 schwarze Exp $ .\" OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400 .\" .\" This file was written by Dr. Stephen Henson <steve@openssl.org>. @@ -49,7 +49,7 @@ .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED .\" OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: March 22 2018 $ +.Dd $Mdocdate: June 14 2019 $ .Dt SMIME_WRITE_PKCS7 3 .Os .Sh NAME @@ -127,10 +127,10 @@ indefinite length constructed encoding except in the case of signed data with detached content where the content is absent and DER format is used. .Sh RETURN VALUES -.Fn SMIME_write_PKCS7 -returns 1 for success or 0 for failure. +Upon successful completion, 1 is returned; +otherwise 0 is returned and an error code can be retrieved with +.Xr ERR_get_error 3 . .Sh SEE ALSO -.Xr ERR_get_error 3 , .Xr i2d_PKCS7_bio_stream 3 , .Xr PEM_write_PKCS7 3 , .Xr PKCS7_new 3 , diff --git a/lib/libcrypto/man/X509V3_get_d2i.3 b/lib/libcrypto/man/X509V3_get_d2i.3 index 768b2aebcdf..70a36530ba5 100644 --- a/lib/libcrypto/man/X509V3_get_d2i.3 +++ b/lib/libcrypto/man/X509V3_get_d2i.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: X509V3_get_d2i.3,v 1.15 2019/06/06 01:06:59 schwarze Exp $ +.\" $OpenBSD: X509V3_get_d2i.3,v 1.16 2019/06/14 13:59:32 schwarze Exp $ .\" full merge up to: OpenSSL ff7fbfd5 Nov 2 11:52:01 2015 +0000 .\" selective merge up to: OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400 .\" @@ -49,7 +49,7 @@ .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED .\" OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: June 6 2019 $ +.Dd $Mdocdate: June 14 2019 $ .Dt X509V3_GET_D2I 3 .Os .Sh NAME @@ -368,24 +368,35 @@ RFC 5280. .It Hold Instruction Code Ta Dv NID_hold_instruction_code .El .Sh RETURN VALUES -.Fn X509V3_get_d2i +.Fn X509V3_get_d2i , +.Fn X509V3_EXT_d2i , +.Fn X509_get_ext_d2i , +.Fn X509_CRL_get_ext_d2i , and -.Fn X509V3_EXT_d2i +.Fn X509_REVOKED_get_ext_d2i return a pointer to an extension specific structure or .Dv NULL if an error occurs. .Pp +.Fn X509V3_add1_i2d , +.Fn X509_add1_ext_i2d , +.Fn X509_CRL_add1_ext_i2d , +and +.Fn X509_REVOKED_add1_ext_i2d +return 1 if the operation is successful, 0 if it fails due to a +non-fatal error (extension not found, already exists, cannot be encoded), +or -1 due to a fatal error such as a memory allocation failure. +In some cases of failure, the reason can be determined with +.Xr ERR_get_error 3 . +.Pp +The .Fn X509V3_EXT_i2d -returns a pointer to an +function returns a pointer to an .Vt X509_EXTENSION -structure or +structure if successful; otherwise .Dv NULL -if an error occurs. -.Pp -.Fn X509V3_add1_i2d -returns 1 if the operation is successful, 0 if it fails due to a -non-fatal error (extension not found, already exists, cannot be encoded), -or -1 due to a fatal error such as a memory allocation failure. +is returned and an error code can be retrieved with +.Xr ERR_get_error 3 . .Pp .Fn X509_get0_extensions , .Fn X509_CRL_get0_extensions , @@ -397,7 +408,6 @@ if no extensions are present. .Sh SEE ALSO .Xr d2i_X509 3 , .Xr d2i_X509_EXTENSION 3 , -.Xr ERR_get_error 3 , .Xr X509_CRL_get0_by_serial 3 , .Xr X509_CRL_new 3 , .Xr X509_EXTENSION_new 3 , diff --git a/lib/libcrypto/man/X509_CRL_get0_by_serial.3 b/lib/libcrypto/man/X509_CRL_get0_by_serial.3 index 4e04395f2ac..14eb82493d3 100644 --- a/lib/libcrypto/man/X509_CRL_get0_by_serial.3 +++ b/lib/libcrypto/man/X509_CRL_get0_by_serial.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: X509_CRL_get0_by_serial.3,v 1.9 2019/06/06 01:06:59 schwarze Exp $ +.\" $OpenBSD: X509_CRL_get0_by_serial.3,v 1.10 2019/06/14 13:59:32 schwarze Exp $ .\" OpenSSL X509_CRL_get0_by_serial.pod cdd6c8c5 Mar 20 12:29:37 2017 +0100 .\" .\" This file was written by Dr. Stephen Henson <steve@openssl.org>. @@ -48,7 +48,7 @@ .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED .\" OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: June 6 2019 $ +.Dd $Mdocdate: June 14 2019 $ .Dt X509_CRL_GET0_BY_SERIAL 3 .Os .Sh NAME @@ -142,16 +142,20 @@ has the reason .Qq removeFromCRL , in which case 2 is returned. .Pp +The .Fn X509_CRL_add0_revoked -and +function returns 1 if successful; +otherwise 0 is returned and an error code can be retrieved with +.Xr ERR_get_error 3 . +.Pp .Fn X509_CRL_sort -return 1 for success or 0 for failure. +returns 1 for success or 0 for failure. +The current implementation cannot fail. .Pp .Fn X509_CRL_get_REVOKED returns a STACK of revoked entries. .Sh SEE ALSO .Xr d2i_X509_CRL 3 , -.Xr ERR_get_error 3 , .Xr X509_CRL_get_ext 3 , .Xr X509_CRL_get_issuer 3 , .Xr X509_CRL_get_version 3 , diff --git a/lib/libcrypto/man/X509_NAME_ENTRY_get_object.3 b/lib/libcrypto/man/X509_NAME_ENTRY_get_object.3 index d2cb9baa3c1..aab40c2aa5b 100644 --- a/lib/libcrypto/man/X509_NAME_ENTRY_get_object.3 +++ b/lib/libcrypto/man/X509_NAME_ENTRY_get_object.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: X509_NAME_ENTRY_get_object.3,v 1.12 2018/05/19 21:25:51 schwarze Exp $ +.\" $OpenBSD: X509_NAME_ENTRY_get_object.3,v 1.13 2019/06/14 13:59:32 schwarze Exp $ .\" full merge up to: OpenSSL aebb9aac Jul 19 09:27:53 2016 -0400 .\" selective merge up to: OpenSSL 61f805c1 Jan 16 01:01:46 2018 +0800 .\" @@ -67,7 +67,7 @@ .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED .\" OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: May 19 2018 $ +.Dd $Mdocdate: June 14 2019 $ .Dt X509_NAME_ENTRY_GET_OBJECT 3 .Os .Sh NAME @@ -223,16 +223,14 @@ but in the case of the field type must be set first so the relevant field information can be looked up internally. .Sh RETURN VALUES -.Fn X509_NAME_ENTRY_new , -.Fn X509_NAME_ENTRY_create_by_txt , -.Fn X509_NAME_ENTRY_create_by_NID , -and -.Fn X509_NAME_ENTRY_create_by_OBJ -return a valid +The +.Fn X509_NAME_ENTRY_new +function returns a valid .Vt X509_NAME_ENTRY -structure on success or +structure if successful; otherwise .Dv NULL -if an error occurred. +is returned and an error code can be retrieved with +.Xr ERR_get_error 3 . .Pp .Fn X509_NAME_ENTRY_get_object returns a valid @@ -248,12 +246,29 @@ structure if it is set or .Dv NULL if an error occurred. .Pp +The .Fn X509_NAME_ENTRY_set_object -and +function returns 1 if successful; +otherwise 0 is returned and an error code can be retrieved with +.Xr ERR_get_error 3 . +.Pp .Fn X509_NAME_ENTRY_set_data return 1 on success or 0 on error. +In some cases of failure, the reason can be determined with +.Xr ERR_get_error 3 . +.Pp +.Fn X509_NAME_ENTRY_create_by_txt , +.Fn X509_NAME_ENTRY_create_by_NID , +and +.Fn X509_NAME_ENTRY_create_by_OBJ +return a valid +.Vt X509_NAME_ENTRY +structure on success or +.Dv NULL +if an error occurred. +In some cases of failure, the reason can be determined with +.Xr ERR_get_error 3 . .Sh SEE ALSO -.Xr ERR_get_error 3 , .Xr OBJ_nid2obj 3 , .Xr X509_NAME_add_entry 3 , .Xr X509_NAME_get_entry 3 , diff --git a/lib/libcrypto/man/X509_NAME_add_entry_by_txt.3 b/lib/libcrypto/man/X509_NAME_add_entry_by_txt.3 index 0638e15b8d0..56e1564a63c 100644 --- a/lib/libcrypto/man/X509_NAME_add_entry_by_txt.3 +++ b/lib/libcrypto/man/X509_NAME_add_entry_by_txt.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: X509_NAME_add_entry_by_txt.3,v 1.13 2019/06/06 01:06:59 schwarze Exp $ +.\" $OpenBSD: X509_NAME_add_entry_by_txt.3,v 1.14 2019/06/14 13:59:32 schwarze Exp $ .\" OpenSSL aebb9aac Jul 19 09:27:53 2016 -0400 .\" .\" This file was written by Dr. Stephen Henson <steve@openssl.org>. @@ -49,7 +49,7 @@ .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED .\" OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: June 6 2019 $ +.Dd $Mdocdate: June 14 2019 $ .Dt X509_NAME_ADD_ENTRY_BY_TXT 3 .Os .Sh NAME @@ -229,6 +229,9 @@ returns either the deleted structure or .Dv NULL if an error occurred. +.Pp +In some cases of failure, the reason can be determined with +.Xr ERR_get_error 3 . .Sh EXAMPLES Create an .Vt X509_NAME @@ -252,7 +255,6 @@ if (!X509_NAME_add_entry_by_txt(nm, "CN", MBSTRING_ASC, .Ed .Sh SEE ALSO .Xr d2i_X509_NAME 3 , -.Xr ERR_get_error 3 , .Xr X509_NAME_ENTRY_get_object 3 , .Xr X509_NAME_get_index_by_NID 3 , .Xr X509_NAME_new 3 diff --git a/lib/libcrypto/man/X509_NAME_get_index_by_NID.3 b/lib/libcrypto/man/X509_NAME_get_index_by_NID.3 index d950563363c..ce0247b2020 100644 --- a/lib/libcrypto/man/X509_NAME_get_index_by_NID.3 +++ b/lib/libcrypto/man/X509_NAME_get_index_by_NID.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: X509_NAME_get_index_by_NID.3,v 1.11 2019/06/06 01:06:59 schwarze Exp $ +.\" $OpenBSD: X509_NAME_get_index_by_NID.3,v 1.12 2019/06/14 13:59:32 schwarze Exp $ .\" OpenSSL aebb9aac Jul 19 09:27:53 2016 -0400 .\" .\" This file was written by Dr. Stephen Henson <steve@openssl.org>. @@ -49,7 +49,7 @@ .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED .\" OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: June 6 2019 $ +.Dd $Mdocdate: June 14 2019 $ .Dt X509_NAME_GET_INDEX_BY_NID 3 .Os .Sh NAME @@ -119,14 +119,6 @@ after .Fa lastpos . .Fa lastpos should initially be set to -1. -If there are no more entries, -1 is returned. -If -.Fa nid -is invalid (doesn't correspond to a valid OID), -2 is returned. -.Pp -.Fn X509_NAME_entry_count -returns the total number of entries in -.Fa name . .Pp .Fn X509_NAME_get_entry retrieves the @@ -140,7 +132,6 @@ Acceptable values for run from 0 to .Fn X509_NAME_entry_count name - 1. -The value returned is an internal pointer which must not be freed. .Pp .Fn X509_NAME_get_text_by_NID and @@ -151,21 +142,16 @@ which matches .Fa nid or .Fa obj . -If no such entry exists, -1 is returned. At most .Fa len bytes will be written and the text written to .Fa buf will be NUL terminated. -The length of the output string written is returned excluding the -terminating NUL. If .Fa buf is -.Dv NULL -then the amount of space needed in -.Fa buf -(excluding the final NUL) is returned. +.Dv NULL , +nothing is written, but the return value is calculated as usual. .Pp All relevant .Dv NID_* @@ -185,19 +171,34 @@ is not .Dv NULL . .Sh RETURN VALUES .Fn X509_NAME_get_index_by_NID -and +returns the index of the next matching entry, -1 if not found, or -2 if the +.Fa nid +does not correspond to a valid OID. +.Pp .Fn X509_NAME_get_index_by_OBJ -return the index of the next matching entry or -1 if not found. +returns the index of the next matching entry or -1 if not found. .Pp .Fn X509_NAME_entry_count -returns the total number of entries. +returns the total number of entries in +.Fa name . .Pp .Fn X509_NAME_get_entry -returns an -.Vt X509_NAME -pointer to the requested entry or +returns an internal pointer which must not be freed by the caller or .Dv NULL if the index is invalid. +.Pp +.Fn X509_NAME_get_text_by_NID +and +.Fn X509_NAME_get_text_by_OBJ +return the length of the output string written, not counting the +terminating NUL, or -1 if no match is found. +.Pp +In some cases of failure of +.Fn X509_NAME_get_index_by_NID +and +.Fn X509_NAME_get_text_by_NID , +the reason can be determined with +.Xr ERR_get_error 3 . .Sh EXAMPLES Process all entries: .Bd -literal @@ -225,7 +226,6 @@ for (;;) { .Ed .Sh SEE ALSO .Xr d2i_X509_NAME 3 , -.Xr ERR_get_error 3 , .Xr X509_NAME_ENTRY_get_object 3 , .Xr X509_NAME_new 3 .Sh HISTORY diff --git a/lib/libcrypto/man/X509_REVOKED_new.3 b/lib/libcrypto/man/X509_REVOKED_new.3 index fbb5a630d75..af130ee41ad 100644 --- a/lib/libcrypto/man/X509_REVOKED_new.3 +++ b/lib/libcrypto/man/X509_REVOKED_new.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: X509_REVOKED_new.3,v 1.10 2019/06/06 01:06:59 schwarze Exp $ +.\" $OpenBSD: X509_REVOKED_new.3,v 1.11 2019/06/14 13:59:32 schwarze Exp $ .\" full merge up to: .\" OpenSSL man3/X509_CRL_get0_by_serial cdd6c8c5 Mar 20 12:29:37 2017 +0100 .\" @@ -66,7 +66,7 @@ .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED .\" OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: June 6 2019 $ +.Dd $Mdocdate: June 14 2019 $ .Dt X509_REVOKED_NEW 3 .Os .Sh NAME @@ -146,14 +146,23 @@ The supplied .Fa tm pointer is not used internally so it should be freed up after use. .Sh RETURN VALUES +The .Fn X509_REVOKED_new -and +function returns the new +.Vt X509_REVOKED +object if successful; otherwise +.Dv NULL +is returned and an error code can be retrieved with +.Xr ERR_get_error 3 . +.Pp .Fn X509_REVOKED_dup return the new .Vt X509_REVOKED object or .Dv NULL if an error occurs. +In some cases of failure, the reason can be determined with +.Xr ERR_get_error 3 . .Pp .Fn X509_REVOKED_get0_serialNumber returns an internal pointer to the serial number of @@ -167,9 +176,10 @@ returns an internal pointer to the revocation date of and .Fn X509_REVOKED_set_revocationDate return 1 for success or 0 for failure. +In some cases of failure, the reason can be determined with +.Xr ERR_get_error 3 . .Sh SEE ALSO .Xr d2i_X509_CRL 3 , -.Xr ERR_get_error 3 , .Xr PEM_read_X509_CRL 3 , .Xr X509_CRL_get0_by_serial 3 , .Xr X509_CRL_new 3 , diff --git a/lib/libcrypto/man/X509_get_pubkey.3 b/lib/libcrypto/man/X509_get_pubkey.3 index bbbf16149f0..62367d8b0db 100644 --- a/lib/libcrypto/man/X509_get_pubkey.3 +++ b/lib/libcrypto/man/X509_get_pubkey.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: X509_get_pubkey.3,v 1.6 2019/06/06 01:06:59 schwarze Exp $ +.\" $OpenBSD: X509_get_pubkey.3,v 1.7 2019/06/14 13:59:32 schwarze Exp $ .\" selective merge up to: OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400 .\" .\" This file was written by Dr. Stephen Henson <steve@openssl.org>. @@ -48,7 +48,7 @@ .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED .\" OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: June 6 2019 $ +.Dd $Mdocdate: June 14 2019 $ .Dt X509_GET_PUBKEY 3 .Os .Sh NAME @@ -144,9 +144,17 @@ if an error occurred. and .Fn X509_REQ_set_pubkey return 1 for success or 0 for failure. +.Pp +In some cases of failure of +.Fn X509_get0_pubkey , +.Fn X509_set_pubkey , +.Fn X509_REQ_get_pubkey , +and +.Fn X509_REQ_set_pubkey , +the reason can be determined with +.Xr ERR_get_error 3 . .Sh SEE ALSO .Xr d2i_X509 3 , -.Xr ERR_get_error 3 , .Xr X509_CRL_get0_by_serial 3 , .Xr X509_NAME_add_entry_by_txt 3 , .Xr X509_NAME_ENTRY_get_object 3 , diff --git a/lib/libcrypto/man/X509_get_serialNumber.3 b/lib/libcrypto/man/X509_get_serialNumber.3 index b8d540dcf26..f40b7ca7697 100644 --- a/lib/libcrypto/man/X509_get_serialNumber.3 +++ b/lib/libcrypto/man/X509_get_serialNumber.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: X509_get_serialNumber.3,v 1.3 2018/03/27 17:35:50 schwarze Exp $ +.\" $OpenBSD: X509_get_serialNumber.3,v 1.4 2019/06/14 13:59:32 schwarze Exp $ .\" OpenSSL bb9ad09e Jun 6 00:43:05 2016 -0400 .\" .\" This file was written by Dr. Stephen Henson <steve@openssl.org>. @@ -48,7 +48,7 @@ .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED .\" OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: March 27 2018 $ +.Dd $Mdocdate: June 14 2019 $ .Dt X509_GET_SERIALNUMBER 3 .Os .Sh NAME @@ -91,10 +91,11 @@ returns an structure. .Pp .Fn X509_set_serialNumber -returns 1 for success and 0 for failure. +returns 1 for success or 0 for failure. +In some cases of failure, the reason can be determined with +.Xr ERR_get_error 3 . .Sh SEE ALSO .Xr d2i_X509 3 , -.Xr ERR_get_error 3 , .Xr X509_CRL_get0_by_serial 3 , .Xr X509_get_pubkey 3 , .Xr X509_NAME_add_entry_by_txt 3 , diff --git a/lib/libcrypto/man/X509_get_subject_name.3 b/lib/libcrypto/man/X509_get_subject_name.3 index 6baad51d6fd..33bc5de24d8 100644 --- a/lib/libcrypto/man/X509_get_subject_name.3 +++ b/lib/libcrypto/man/X509_get_subject_name.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: X509_get_subject_name.3,v 1.8 2019/06/06 01:06:59 schwarze Exp $ +.\" $OpenBSD: X509_get_subject_name.3,v 1.9 2019/06/14 13:59:32 schwarze Exp $ .\" OpenSSL 0ad69cd6 Jun 14 23:02:16 2016 +0200 .\" .\" This file was written by Dr. Stephen Henson <steve@openssl.org>. @@ -48,7 +48,7 @@ .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED .\" OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: June 6 2019 $ +.Dd $Mdocdate: June 14 2019 $ .Dt X509_GET_SUBJECT_NAME 3 .Os .Sh NAME @@ -154,9 +154,10 @@ object. and .Fn X509_CRL_set_issuer_name return 1 for success or 0 for failure. +In some cases of failure, the reason can be determined with +.Xr ERR_get_error 3 . .Sh SEE ALSO .Xr d2i_X509_NAME 3 , -.Xr ERR_get_error 3 , .Xr X509_CRL_get0_by_serial 3 , .Xr X509_CRL_new 3 , .Xr X509_get_pubkey 3 , diff --git a/lib/libcrypto/man/X509_get_version.3 b/lib/libcrypto/man/X509_get_version.3 index 6beebe02048..05d42e23b7b 100644 --- a/lib/libcrypto/man/X509_get_version.3 +++ b/lib/libcrypto/man/X509_get_version.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: X509_get_version.3,v 1.6 2019/06/06 01:06:59 schwarze Exp $ +.\" $OpenBSD: X509_get_version.3,v 1.7 2019/06/14 13:59:32 schwarze Exp $ .\" OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400 .\" .\" This file was written by Dr. Stephen Henson <steve@openssl.org>. @@ -48,7 +48,7 @@ .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED .\" OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: June 6 2019 $ +.Dd $Mdocdate: June 14 2019 $ .Dt X509_GET_VERSION 3 .Os .Sh NAME @@ -133,9 +133,10 @@ return the numerical value of the version field. and .Fn X509_CRL_set_version return 1 for success or 0 for failure. +In some cases of failure, the reason can be determined with +.Xr ERR_get_error 3 . .Sh SEE ALSO .Xr d2i_X509 3 , -.Xr ERR_get_error 3 , .Xr X509_CRL_get0_by_serial 3 , .Xr X509_CRL_new 3 , .Xr X509_get_pubkey 3 , diff --git a/lib/libcrypto/man/X509_sign.3 b/lib/libcrypto/man/X509_sign.3 index b882afa1267..ca4c5192b25 100644 --- a/lib/libcrypto/man/X509_sign.3 +++ b/lib/libcrypto/man/X509_sign.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: X509_sign.3,v 1.7 2019/06/06 17:41:43 schwarze Exp $ +.\" $OpenBSD: X509_sign.3,v 1.8 2019/06/14 13:59:32 schwarze Exp $ .\" OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400 .\" .\" This file was written by Dr. Stephen Henson <steve@openssl.org>. @@ -48,7 +48,7 @@ .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED .\" OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: June 6 2019 $ +.Dd $Mdocdate: June 14 2019 $ .Dt X509_SIGN 3 .Os .Sh NAME @@ -174,9 +174,11 @@ and return 1 if the signature is valid or 0 if the signature check fails. If the signature could not be checked at all because it was invalid or some other error occurred, then -1 is returned. +.Pp +In some cases of failure, the reason can be determined with +.Xr ERR_get_error 3 . .Sh SEE ALSO .Xr d2i_X509 3 , -.Xr ERR_get_error 3 , .Xr EVP_DigestInit 3 , .Xr X509_CRL_get0_by_serial 3 , .Xr X509_CRL_new 3 , |