From: Dr. Stephen Henson Date: Wed, 9 Oct 2002 17:14:41 +0000 (+0000) Subject: New documentation from main trunk. X-Git-Tag: OpenSSL_0_9_7-beta4~135 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=104117c5e7fc2e745b73ac096f91b05965f3b176;p=oweals%2Fopenssl.git New documentation from main trunk. --- diff --git a/doc/crypto/PKCS12_create.pod b/doc/crypto/PKCS12_create.pod index 439dd4339d..48f3bb8cb8 100644 --- a/doc/crypto/PKCS12_create.pod +++ b/doc/crypto/PKCS12_create.pod @@ -46,24 +46,6 @@ export grade software which could use signing only keys of arbitrary size but had restrictions on the permissible sizes of keys which could be used for encryption. -=head1 NEW FUNCTIONALITY IN OPENSSL 0.9.8 - -Some additional functionality was added to PKCS12_create() in OpenSSL -0.9.8. These extensions are detailed below. - -If a certificate contains an B or B then this will be -used for the corresponding B or B in the -PKCS12 structure. - -Either B, B or both can be B to indicate that no key or -certficate is required. In previous versions both hasves to be present or -a fatal error is returned. - -B or B can be set to -1 indicating that no encryption -should be used. - -B can be set to -1 and the MAC will then be omitted entirely. - =head1 SEE ALSO L diff --git a/doc/crypto/crypto.pod b/doc/crypto/crypto.pod index c12eec1409..7a527992bb 100644 --- a/doc/crypto/crypto.pod +++ b/doc/crypto/crypto.pod @@ -62,6 +62,22 @@ L =back +=head1 NOTES + +Some of the newer functions follow a naming convention using the numbers +B<0> and B<1>. For example the functions: + + int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev); + int X509_add1_trust_object(X509 *x, ASN1_OBJECT *obj); + +The B<0> version uses the supplied structure pointer directly +in the parent and it will be freed up when the parent is freed. +In the above example B would be freed but B would not. + +The B<1> function uses a copy of the supplied structure pointer +(or in some cases increases its link count) in the parent and +so both (B and B above) should be freed up. + =head1 SEE ALSO L, L diff --git a/doc/crypto/d2i_DHparams.pod b/doc/crypto/d2i_DHparams.pod index a6d1743d39..1e98aebeca 100644 --- a/doc/crypto/d2i_DHparams.pod +++ b/doc/crypto/d2i_DHparams.pod @@ -2,7 +2,7 @@ =head1 NAME -d2i_DHparams, i2d_DHparams - ... +d2i_DHparams, i2d_DHparams - PKCS#3 DH parameter functions. =head1 SYNOPSIS @@ -13,18 +13,18 @@ d2i_DHparams, i2d_DHparams - ... =head1 DESCRIPTION -... +These functions decode and encode PKCS#3 DH parameters using the +DHparameter structure described in PKCS#3. -=head1 RETURN VALUES - -... +Othewise these behave in a similar way to d2i_X509() and i2d_X509() +described in the L manual page. =head1 SEE ALSO -... +L =head1 HISTORY -... +TBA =cut diff --git a/doc/crypto/d2i_RSAPublicKey.pod b/doc/crypto/d2i_RSAPublicKey.pod index ff4d0d57db..7c71bcbf3d 100644 --- a/doc/crypto/d2i_RSAPublicKey.pod +++ b/doc/crypto/d2i_RSAPublicKey.pod @@ -2,7 +2,9 @@ =head1 NAME -d2i_RSAPublicKey, i2d_RSAPublicKey, d2i_RSAPrivateKey, i2d_RSAPrivateKey, i2d_Netscape_RSA, d2i_Netscape_RSA - ... +d2i_RSAPublicKey, i2d_RSAPublicKey, d2i_RSAPrivateKey, i2d_RSAPrivateKey, +d2i_RSA_PUBKEY, i2d_RSA_PUBKEY, i2d_Netscape_RSA, +d2i_Netscape_RSA - RSA public and private key encoding functions. =head1 SYNOPSIS @@ -12,6 +14,10 @@ d2i_RSAPublicKey, i2d_RSAPublicKey, d2i_RSAPrivateKey, i2d_RSAPrivateKey, i2d_Ne int i2d_RSAPublicKey(RSA *a, unsigned char **pp); + RSA * d2i_RSA_PUBKEY(RSA **a, unsigned char **pp, long length); + + int i2d_RSA_PUBKEY(RSA *a, unsigned char **pp); + RSA * d2i_RSAPrivateKey(RSA **a, unsigned char **pp, long length); int i2d_RSAPrivateKey(RSA *a, unsigned char **pp); @@ -22,18 +28,39 @@ d2i_RSAPublicKey, i2d_RSAPublicKey, d2i_RSAPrivateKey, i2d_RSAPrivateKey, i2d_Ne =head1 DESCRIPTION -... +d2i_RSAPublicKey() and i2d_RSAPublicKey() decode and encode a PKCS#1 RSAPublicKey +structure. + +d2i_RSA_PUKEY() and i2d_RSA_PUKEY() decode and encode an RSA public key using a +SubjectPublicKeyInfo (certificate public key) structure. + +d2i_RSAPrivateKey(), i2d_RSAPrivateKey() decode and encode a PKCS#1 RSAPrivateKey +structure. + +d2i_Netscape_RSA(), i2d_Netscape_RSA() decode and encode an RSA private key in +NET format. + +The usage of all of these functions is similar to the d2i_X509() and +i2d_X509() described in the L manual page. + +=head1 NOTES + +The B structure passed to the private key encoding functions should have +all the PKCS#1 private key components present. -=head1 RETURN VALUES +The data encoded by the private key functions is unencrypted and therefore +offers no private key security. -... +The NET format functions are present to provide compatibility with certain very +old software. This format has some severe security weaknesses and should be +avoided if possible. =head1 SEE ALSO -... +L =head1 HISTORY -... +TBA =cut