diff options
author | Damian Hobson-Garcia <dhobsong@igel.co.jp> | 2021-05-13 11:53:59 +0900 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2024-04-24 14:05:32 +0100 |
commit | 7dcee34c8f921ad65277e9a75fca4a7337fbed6d (patch) | |
tree | 199b3280d344f059004f29c144bfc9364f3bc13b /doc | |
parent | 0339382abad578ccb3989799ea2fb99dfb2d099b (diff) |
Add RFC 5755 attribute certificate support
Add support for attribute certificates (v2) as described
in RFC 5755 profile.
Attribute certificates provide a mechanism to manage authorization
information separately from the identity information provided by
public key certificates.
This initial patch adds the ASN.1 definitions
and I/O API. Accessor functions for the certificate fields
will be added in subsequent patches.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15857)
Diffstat (limited to 'doc')
-rw-r--r-- | doc/man3/PEM_read_bio_PrivateKey.pod | 12 | ||||
-rw-r--r-- | doc/man3/X509_dup.pod | 13 | ||||
-rw-r--r-- | doc/man3/d2i_X509.pod | 6 |
3 files changed, 31 insertions, 0 deletions
diff --git a/doc/man3/PEM_read_bio_PrivateKey.pod b/doc/man3/PEM_read_bio_PrivateKey.pod index ac93920add..6e521b268f 100644 --- a/doc/man3/PEM_read_bio_PrivateKey.pod +++ b/doc/man3/PEM_read_bio_PrivateKey.pod @@ -26,6 +26,8 @@ PEM_write_bio_Parameters, PEM_read_bio_DSAparams, PEM_read_DSAparams, PEM_write_bio_DSAparams, PEM_write_DSAparams, PEM_read_bio_DHparams, PEM_read_DHparams, PEM_write_bio_DHparams, PEM_write_DHparams, PEM_read_bio_X509, PEM_read_X509, PEM_write_bio_X509, PEM_write_X509, +PEM_read_bio_X509_ACERT, PEM_read_X509_ACERT, +PEM_write_bio_X509_ACERT, PEM_write_X509_ACERT, PEM_read_bio_X509_AUX, PEM_read_X509_AUX, PEM_write_bio_X509_AUX, PEM_write_X509_AUX, PEM_read_bio_X509_REQ, PEM_read_X509_REQ, PEM_write_bio_X509_REQ, PEM_write_X509_REQ, PEM_write_bio_X509_REQ_NEW, @@ -108,6 +110,13 @@ PEM_write_bio_PKCS7, PEM_write_PKCS7 - PEM routines int PEM_write_bio_X509(BIO *bp, X509 *x); int PEM_write_X509(FILE *fp, X509 *x); + X509_ACERT *PEM_read_bio_X509_ACERT(BIO *bp, X509_ACERT **x, + pem_password_cb *cb, void *u); + X509_ACERT *PEM_read_X509_ACERT(FILE *fp, X509_ACERT **x, + pem_password_cb *cb, void *u); + int PEM_write_bio_X509_ACERT(BIO *bp, X509_ACERT *x); + int PEM_write_X509_ACERT(FILE *fp, X509_ACERT *x); + X509 *PEM_read_bio_X509_AUX(BIO *bp, X509 **x, pem_password_cb *cb, void *u); X509 *PEM_read_X509_AUX(FILE *fp, X509 **x, pem_password_cb *cb, void *u); int PEM_write_bio_X509_AUX(BIO *bp, X509 *x); @@ -287,6 +296,9 @@ The B<X509> functions process an X509 certificate using an X509 structure. They will also process a trusted X509 certificate but any trust settings are discarded. +The B<X509_ACERT> functions process an X509 attribute certificate using +an X509_ACERT structure. + The B<X509_AUX> functions process a trusted X509 certificate using an X509 structure. diff --git a/doc/man3/X509_dup.pod b/doc/man3/X509_dup.pod index 86a259f025..621427e3fb 100644 --- a/doc/man3/X509_dup.pod +++ b/doc/man3/X509_dup.pod @@ -171,6 +171,10 @@ OSSL_CRMF_PKIPUBLICATIONINFO_new, OSSL_CRMF_SINGLEPUBINFO_free, OSSL_CRMF_SINGLEPUBINFO_it, OSSL_CRMF_SINGLEPUBINFO_new, +OSSL_ISSUER_SERIAL_free, +OSSL_ISSUER_SERIAL_new, +OSSL_OBJECT_DIGEST_INFO_free, +OSSL_OBJECT_DIGEST_INFO_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, @@ -265,6 +269,15 @@ TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, +X509_ACERT_dup, +X509_ACERT_free, +X509_ACERT_it, +X509_ACERT_new, +X509_ACERT_INFO_free, +X509_ACERT_INFO_it, +X509_ACERT_INFO_new, +X509_ACERT_ISSUER_V2FORM_free, +X509_ACERT_ISSUER_V2FORM_new, X509_ALGOR_free, X509_ALGOR_it, X509_ALGOR_new, diff --git a/doc/man3/d2i_X509.pod b/doc/man3/d2i_X509.pod index 00efb60358..6c4464deb4 100644 --- a/doc/man3/d2i_X509.pod +++ b/doc/man3/d2i_X509.pod @@ -157,6 +157,9 @@ d2i_USERNOTICE, d2i_X509, d2i_X509_bio, d2i_X509_fp, +d2i_X509_ACERT, +d2i_X509_ACERT_bio, +d2i_X509_ACERT_fp, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, @@ -331,6 +334,9 @@ i2d_USERNOTICE, i2d_X509, i2d_X509_bio, i2d_X509_fp, +i2d_X509_ACERT, +i2d_X509_ACERT_bio, +i2d_X509_ACERT_fp, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, |